Jeff Stone – WindowsTechs.com

Offense will win some battles, but cyber defense will win the war

Posted on January 10, 2022 by Jeff Stone

We are years into a ransomware epidemic with no clear end in sight. Policymakers and security researchers are now using combative efforts to “impose cost” on hackers. Sanctions, hacking back, infrastructure disruption, indictments and other offensive activities all have a negative impact on cybercriminals. But to have real, long-term impact on these nefarious activities, organizations and governments need to more actively consider the ways that defense can impose costs too: Robust, consistent and well-funded cyber defenses cost adversaries time, effort and the likelihood of success. Defense, and investment in mandatory cybersecurity requirements, is how we will solve the fundamental problems at the heart of the ransomware epidemic. Since early 2021, law enforcement and U.S. military activities against cybercrime threat actors, specifically those responsible for ransomware attacks against critical infrastructure, have increased dramatically. The White House also announced this year the creation of a ransomware task force, and dozens of nations […]

The post Offense will win some battles, but cyber defense will win the war appeared first on CyberScoop.

Continue reading Offense will win some battles, but cyber defense will win the war→

Alleged FIN7 scammer Denys Iarmak is set to plead guilty

Posted on November 16, 2021 by Jeff Stone

An alleged member of the FIN7 hacking group is set to plead guilty, admitting to a role in a criminal organization that used front companies and array of fraud techniques to steal more than $1 billion from victims worldwide, CyberScoop has learned. Attorneys for Denys Iarmak, a Ukrainian national, have notified a federal court in Washington state that Iarmak intends to change his plea after he declared himself not guilty at a May 2020 arraignment hearing. While one defense counselor said Iarmak could change his mind before his next hearing, scheduled for Nov. 22, attorneys have agreed in principle to a plea deal with the U.S. Department of Justice. “That’s what’s most likely,” said defense attorney Michael Craig Nance, who is representing Iarmak in the Western District of Washington. “It’s not final until a person stands in court and says they’re guilty.” Iarmk was initially charged with a range of […]

The post Alleged FIN7 scammer Denys Iarmak is set to plead guilty appeared first on CyberScoop.

Continue reading Alleged FIN7 scammer Denys Iarmak is set to plead guilty→

Aleksandr Zhukov, self-described ‘king of fraud,’ is sentenced to 10 years

Posted on November 10, 2021 by Jeff Stone

A Russian man who once described himself as the “king of fraud” for his role in orchestrating a multimillion dollar crime spree was sentenced Wednesday to 10 years in prison. Aleksandr Zhukov, 41, was convicted in May of defrauding U.S. advertising companies out of $7 million in part by using networks of hacked computers, or botnets, to artificially inflate web traffic. Working with a small network of cybercriminals, Zhukov directed bot traffic to inauthentic websites, charging marketing companies to run advertisements on websites that attracted little, if any, real visitors. Two of Zhukov’s associates have pleaded guilty to involvement in the 3ve scheme, also known as Methbot, while six others have faced charges for the alleged roles in the effort. “Sitting at his computer keyboard in Bulgaria and Russia, Zhukov boldly devised and carried out an elaborate multi-million-dollar fraud against the digital advertising industry, and victimized thousands of companies across […]

The post Aleksandr Zhukov, self-described ‘king of fraud,’ is sentenced to 10 years appeared first on CyberScoop.

Continue reading Aleksandr Zhukov, self-described ‘king of fraud,’ is sentenced to 10 years→

Sergey Pavlovich, wanted by US on hacking-related charges since 2008, was ‘surprised’ by Russian arrest

Posted on November 5, 2021 by Jeff Stone

The accused cybercriminal was in the restaurant of the hotel where he was staying in St. Petersburg when two Russian police officers arrived. Sergey Pavlovich, an admitted former scammer charged in the U.S. for his alleged role with a forum where thieves bought and sold stolen credit card numbers, was taken into custody on Nov. 1. Exiting the Grand Hotel Emerald, an upscale establishment just blocks away from the Neva River, Pavlovich now says he was “surprised” to be under arrest. After years of living openly in Russia and writing a book about his exploits, the 38-year-old suddenly found himself behind bars in a police station, locked up on what he says was a warrant issued by Interpol. They also appeared while Pavlovich was eating a meal of Kiev chicken cutlet and beer, he told CyberScoop. Police waited until he finished eating to take him to jail, he now claims, […]

The post Sergey Pavlovich, wanted by US on hacking-related charges since 2008, was ‘surprised’ by Russian arrest appeared first on CyberScoop.

Continue reading Sergey Pavlovich, wanted by US on hacking-related charges since 2008, was ‘surprised’ by Russian arrest→

US charges alleged extortionist, HeheStreams operator with demanding $150K from MLB

Posted on October 29, 2021 by Jeff Stone

U.S. prosecutors have charged a 30-year-old man with attempting to extort Major League Baseball and broadcasting illegal game streams after he allegedly breached the league’s website. Attorneys from the Southern District of New York charged Joshua Streit with running HeheStreams.com, a website that allowed users to stream games from the MLB, National Hockey League, National Basketball Association and the National Football League for a fee, according to a complaint. The site attracted a sizable following on social media and discussion forums like Reddit, where fans congregated to praise the cheap prices HeheStreams offered in comparison to the leagues’ official streaming services, the Wall Street Journal reported. In March 2021, prosecutors say, Streit contacted MLB personnel to complain about “a lack of gratitude” after he alerted the organization about a “network vulnerability.” Streit allegedly requested $150,000 from the MLB in exchange for his apparent disclosure. An MLB executive responded to Streit […]

The post US charges alleged extortionist, HeheStreams operator with demanding $150K from MLB appeared first on CyberScoop.

Continue reading US charges alleged extortionist, HeheStreams operator with demanding $150K from MLB→

Secondary Infektion, a Russian disinformation outfit, impersonated Swedish lawmaker

Posted on October 27, 2021 by Jeff Stone

A suspected Russian disinformation campaign used manipulated images and fabricated internet personas to promote false narratives online in an effort to sow mistrust in Sweden and Europe, according to new findings. The propaganda effort known as Secondary Infektion is “highly likely” behind an effort that involved a photoshopped screenshot meant to appear as if it originated on the website of Sweden’s Riksdag, the national legislature, the threat intelligence company Recorded Future said in a report published Tuesday. Secondary Infektion is an operation dating back at least two years, with researchers blaming the suspected Russian outfit for forging documents, stirring outrage via social media and generating negative sentiment around the North Atlantic Treaty Organization in countries such as Ukraine. Researchers have pointed to Secondary Infektion as an example of political warfare that uses digital means to try to destabilize foreign governments. In the latest case, Recorded Future investigators observed an account […]

The post Secondary Infektion, a Russian disinformation outfit, impersonated Swedish lawmaker appeared first on CyberScoop.

Continue reading Secondary Infektion, a Russian disinformation outfit, impersonated Swedish lawmaker→

Iranian state media blames hack for apparent fuel shortage, the latest incident to draw attention

Posted on October 26, 2021 by Jeff Stone

Iranian officials say a cyberattack has forced the temporary closure of a government system that manages fuel subsidies, rendering it difficult for many citizens to refuel their cars. While specific details of the incident remain unclear, Iranian state broadcasters cited an unnamed government official who said malicious cyber activity was responsible for the outages. Oil Ministry officials conducted an “emergency meeting” to resolve the issue, while Associated Press journalists observed long lines of motorists dealing with gas shortages at fuel stations in Tehran. The “semiofficial” news agency ISNA reported that fuel pumps would state the message “cyberattack 64411” upon trying to purchase gas, the Associated Press reported. The same number, 64411, also appeared in a July cyber incident that affected Iranian rail systems, a matter that the security firm Check Point attributed to Indra, a hacking group that identifies itself as an Iranian government resistance group. The 64411 number reportedly […]

The post Iranian state media blames hack for apparent fuel shortage, the latest incident to draw attention appeared first on CyberScoop.

Continue reading Iranian state media blames hack for apparent fuel shortage, the latest incident to draw attention→

Russian spies compromised 14 tech providers, aiming to ‘piggyback’ on customer access, Microsoft says

Posted on October 25, 2021 by Jeff Stone

Suspected Russian spies who exploited a federal contractor to breach nine U.S. government agencies last year have continued targeting technology supply chains, aiming to compromise 140 technology service providers in recent months, according to Microsoft. The Russian nation-state hacking group Nobelium — also known as Cozy Bear — has since May 2021 sought to infiltrate technology resellers, cloud software companies and managed services providers in an attempt to “piggyback” on those firms’ access to other customers, Tom Burt, corporate vice president of customer security and trust, said in an Oct. 24 advisory. The group’s goal, Burt suggested, is to more effectively impersonate an organization in order to breach its clients and partners, a similar tactic that the spies used when they breached U.S. agencies in 2020 by masquerading as SolarWinds. “We continue to investigate, but to date we believe as many as 14 of these resellers and service providers have […]

The post Russian spies compromised 14 tech providers, aiming to ‘piggyback’ on customer access, Microsoft says appeared first on CyberScoop.

Continue reading Russian spies compromised 14 tech providers, aiming to ‘piggyback’ on customer access, Microsoft says→

Candy corn producer says ransomware incident ‘not likely’ to sour Halloween supplies

Posted on October 20, 2021 by Jeff Stone

A major U.S. candy-maker says it’s returning to service after a ransomware incident in which intruders interrupted operations at some facilities just weeks before Halloween. Chicago-based Ferrara Candy — the parent company of Lemonheads, Atomic Fireballs, Keebler and others — said attackers hit the firm with ransomware on Oct. 9, encrypting systems. Specific details about the breach are sparse, though Ferrara says the incident is not likely to affect Halloween candy supplies, as much of the trick-or-treating inventory had already shipped to retailers prior to the hack. Ferrara also produces Bach’s candy corn. Law enforcement is investigating the matter, and outside experts continue to help restore systems, the company said. “We have resumed production in select manufacturing facilities, and we are shipping from all our distribution centers across the country, near to capacity,” Ferrara said in an Oct. 19 statement. “We are also now working to process all orders in […]

The post Candy corn producer says ransomware incident ‘not likely’ to sour Halloween supplies appeared first on CyberScoop.

Continue reading Candy corn producer says ransomware incident ‘not likely’ to sour Halloween supplies→