And welcome to the Friday, February 16, 2024 edition of the Sands and its Storm Center's Stormcast.

My name is Johannes Ulrich.

And today I'm recording from Jacksonville, Florida.

Sentinel 1 has an interesting update on fishing or guest-mission campaigns that are using SMS messages in order to impersonate the United

States Postal Service.

You probably, at least if you're living in the U.S., have seen these SMS messages that claim

to come from the Postal Service.

Very popular, very common here.

In the past, they often have used compromised accounts of business-to-consumer services like Twilio. And we have written in the past about scans looking

for, for example, Twilio configuration files that include credentials. The latest target here appears to be

AWS SNS service. The SNS service or simple notification service also allows the sending

off-SMS messages. This move main part be due to services like Twilio clamping down on mass sending of SMS messages.

They have over the last year, I know with Twilio, because I've used that myself,

implemented a number of measures in order to either apply rate limits or other measures

to limit how many messages you are able to send using their

service.

And this may make these accounts less valuable, which is why they're now moving on to the

AWS SNS service.

And the Linux kernel project is attempting to become more transparent about vulnerabilities.

They're fixing.

They have been criticized in the past for not really labeling properly.

All the vulnerabilities being fixed in various updates.

...