Daily News Update

Daily News Update: Monday, March 10, 2025 (Australia/Melbourne)

Opalsec

Opalsec

3 min read
Daily News Update: Monday, March 10, 2025 (Australia/Melbourne)

This post is an AI-generated summary of News Articles from a handful of publications over the last 24 hours. No credit is taken for the contents of said articles or the accuracy thereof.

audio-thumbnail
Audio Summary: Monday, March 10, 2025 (Australia/Melbourne)
0:00
/143.904

Executive Summary

Recent reports highlight two significant topics in the cybersecurity realm: a wave of phishing scams targeting parking violations across various U.S. cities, and the introduction of a new data transfer tool called Chirp that utilizes audio tones. The phishing campaign has prompted warnings from multiple municipalities, while Chirp offers a novel method for transmitting messages between devices, albeit with some limitations.

Phishing Scams Targeting Parking Violations

Hacker in a parking garage

U.S. cities are currently facing a surge in phishing scams masquerading as texts from municipal parking departments. These messages claim that recipients have unpaid parking invoices, threatening additional daily fines of $35 if not settled promptly.

Key points include:

  • Widespread Alerts: Cities such as Annapolis, Boston, and San Francisco have issued warnings to residents about these scams.
  • Phishing Mechanism: The texts typically include a link that directs users to a fraudulent site mimicking the city's official parking department. For instance, the New York City phishing site is disguised as "nycparkclient.com."
  • Exploiting Trust: Scammers cleverly use an open redirect from Google.com, which bypasses security features in Apple's iMessage that disable links from unknown senders. This makes it easier for users to fall victim to the scam.
  • Data Theft Risks: Once on the phishing site, users are prompted to enter personal information, which can lead to identity theft and financial fraud.
  • Red Flags: A notable indicator of the scam is the incorrect placement of the dollar sign after the amount owed, suggesting the scam's origin is outside the U.S.

Residents are advised to be cautious of unsolicited texts and to report any suspicious messages.

Bleeping Computer | "US cities warn of wave of unpaid parking phishing texts"

Introduction of Chirp Tool for Data Transfer

Sound waves

A new open-source tool named Chirp has been developed to transmit data between devices using audio tones. This innovative approach allows for the transfer of messages through sound frequencies.

Highlights of the Chirp tool include:

  • How It Works: Chirp encodes each character into specific sound frequencies, which can then be captured by other devices running the tool.
  • Limitations: The tool is not without its challenges. It stops listening for incoming messages while transmitting, which can lead to lost data. Additionally, it currently lacks error correction, making it susceptible to high error rates in noisy environments.
  • Historical Context: While the concept of data transmission via sound isn't new, with similar methods existing for over a decade, Chirp aims to provide a fun and engaging way to send messages.
  • Future Developments: The developer, known as solst/ICE, plans to explore the use of hypersonic sounds for even stealthier communications.

Chirp is available both as an online application and a downloadable app on GitHub, ensuring user privacy by processing all functions client-side without server interaction.

Bleeping Computer | "New Chirp tool uses audio tones to transfer data between devices"

Metadata

  • Keywords: phishing scams, parking violations, Chirp tool, data transfer, cybersecurity, audio tones, identity theft, municipal alerts

Read more