Jeff Stone – Page 8 – WindowsTechs.com

FBI alert on Egregor ransomware highlighted affiliate cybercrime model

Posted on March 31, 2021 by Jeff Stone

An emerging strain of ransomware that was the subject of a recent FBI report is relying on an extortion technique in which attackers publish stolen data to a public website in the event that a victim organization refuses to meet hackers’ demands. The Federal Bureau of Investigation in January warned that the gang behind the Egregor ransomware, first detected in September 2020, would compromise a victim’s network, then order a victim to print a physical copy of a ransom note spelling out a demand to pay a specific fee, otherwise risk their stolen data being made public. French and Ukrainian police took action against hackers who used the Egregor malware in February, reportedly arresting “several” suspects. In its advisory, the bureau said that attackers can rent Egregor as a ransomware-as-a-service malware, and that it relies on other hacking tools as part of an affiliate model. Egregor frequently comes packaged with […]

The post FBI alert on Egregor ransomware highlighted affiliate cybercrime model appeared first on CyberScoop.

Continue reading FBI alert on Egregor ransomware highlighted affiliate cybercrime model→

Federal advisories detail bitcoin payments to ransomware gangs, urgency of threat

Posted on March 24, 2021 by Jeff Stone

Ransomware victims paid attackers at least $144.35 million in bitcoin between 2013 and 2019, according to a recent Federal Bureau of Investigation bulletin that likely fails to account for millions of dollars. The figure, published in a Feb. 4 advisory from the bureau, is based on the financial losses than ransomware victims reported to U.S. law enforcement over a six-year span in which digital extortion evolved from a rare corporate annoyance to a global black market. Victimized organizations often do not report ransomware payments to the FBI, and hackers in recent months have demanded tens of millions of dollars from breached firms. U.S. insurers similarly have tried to gather information about the frequency, size and severity of digital crime sprees. FBI officials publicized the figure as part of a National Cyber Investigative Joint Task Force fact sheet aimed at raising awareness about the ideal prevention and responses practices to ransomware. […]

The post Federal advisories detail bitcoin payments to ransomware gangs, urgency of threat appeared first on CyberScoop.

Continue reading Federal advisories detail bitcoin payments to ransomware gangs, urgency of threat→

More than $4 billion in cybercrime losses reported to FBI in 2020

Posted on March 17, 2021 by Jeff Stone

American victims reported $4.2 billion in losses as a result of cybercrime and internet fraud to the FBI in 2020, a roughly 20% uptick in the money known to be lost to scammers in 2019, the bureau said in a new report. The FBI’s Internet Crime Complaint Center, the organization through which U.S. citizens and businesses report financial losses from hackers, said in its annual report released Wednesday that it received an average of more than 2,000 complaints per day through 2020. The uptick in crime reporting — the bureau says it received an average of 1,200 complaints per day in 2019 — is driven largely by business email compromise (BEC), ransomware attacks and widespread technology support scams, in which fraudsters impersonate customer support representatives from tech firms or financial institutions, only to dupe victims into sending wire transfers. BEC scams were the cause of more than 19,000 complaints in […]

The post More than $4 billion in cybercrime losses reported to FBI in 2020 appeared first on CyberScoop.

Continue reading More than $4 billion in cybercrime losses reported to FBI in 2020→

Questions about Clubhouse security, privacy just keep adding up

Posted on March 2, 2021 by Jeff Stone

For an invite-only social media app, Clubhouse sure seems to be dealing with a lot of data protection issues. The app, where users congregate in “rooms” for audio-only conversations, has attracted more than 10 million reported downloads, with a range of big names signing up. With that sudden prominence, though, researchers and frustrated users have articulated concerns about a number of security issues in the app, catapulting Clubhouse into a club of startups that dealt with an influx of interest before ironing out major security issues, a group that includes Zoom and established social media companies. Former Clubhouse users complained on Twitter and to Mashable on Tuesday about the difficulty of deleting their account, an issue that contributed to safety concerns for people who would be at risk if they mixed their personal and professional lives. Sex workers, for instance, have historically encountered abuse, harassment and employment discrimination in instances […]

The post Questions about Clubhouse security, privacy just keep adding up appeared first on CyberScoop.

Continue reading Questions about Clubhouse security, privacy just keep adding up→

Plane-maker Bombardier discloses breach after stolen data surfaces

Posted on February 24, 2021 by Jeff Stone

Hackers have exposed data about employees, customers and suppliers of Bombardier, a Canadian plane manufacturer, in what appears to be the latest ripple effect from a larger security incident humming through the private sector in North America. A forensic analysis revealed that “confidential” information originating at Bombardier was stolen in a recent incident, the company said Tuesday. The Montreal-based Bombardier, which reported $16 billion in revenue in 2018, did not specify exactly what happened or when, though it did say the breach was the result of a “vulnerability affecting a third-party file-transfer application.” “The ongoing investigation indicates that the unauthorized access was limited solely to data stored on the specific servers,” the company said. “Manufacturing and customer support operations have not been impacted or interrupted.” The Bombardier news appears to be a reference to Accellion, an IT services provider victimized last year in an incident that is continuing to have […]

The post Plane-maker Bombardier discloses breach after stolen data surfaces appeared first on CyberScoop.

Continue reading Plane-maker Bombardier discloses breach after stolen data surfaces→

FireEye IDs hacking group suspected in Accellion, Kroger breach

Posted on February 22, 2021 by Jeff Stone

Security investigators have identified the hacking group suspected to be behind a data breach of an IT firm that has affected a number of corporations, law firms and other organizations in recent months. Accellion, a software firm that provides file transfer services to more than 3,000 clients, on Monday said that UNC2546, a “criminal” attacker, had exploited multiple vulnerabilities in Accellion software to install malware. The group appeared to infiltrate an Accellion tool to gather information from Accellion clients, then contact victims, threatening to publish their stolen data. Mandiant, the incident response arm of the security vendor FireEye, made the determination that UNC3546 was behind the incident. The breach at Accellion, uncovered on Dec. 23, involved an attacker leveraging a zero-day vulnerability to break into the Palo Alto-based cloud company’s secure file transfer application, or FTA. “The motivation of UNC2546 was not immediately apparent, but starting in late January 2021, […]

The post FireEye IDs hacking group suspected in Accellion, Kroger breach appeared first on CyberScoop.

Continue reading FireEye IDs hacking group suspected in Accellion, Kroger breach→

France blames Sandworm, a notorious Russian group, for breach that leveraged IT provider

Posted on February 16, 2021 by Jeff Stone

A notorious group of hackers known as Sandworm breached multiple French IT firms and web hosting companies as part of an apparent espionage operation dating back to 2017, France’s national cybersecurity agency said on Monday. France’s Agence nationale de la sécurité des systèmes d’information (ANSSI) issued a report detailing how attackers exploited an IT resource monitoring tool called Centreon, built by a company of the same name, to infiltrate other organizations. While ANSSI did not specifically blame Russia, its report detailed how Sandworm, a hacking group affiliated with the Russian military agency GRU, spent three years from 2017 through 2020 hidden in some networks. The report also did not specify how attackers may have used that access, though security experts told Wired magazine that the group’s mere involvement in such an effort is enough to cause concern. Investigators previously blamed Sandworm for the 2017 NotPetya attack on Ukraine, a 2015 […]

The post France blames Sandworm, a notorious Russian group, for breach that leveraged IT provider appeared first on CyberScoop.

Continue reading France blames Sandworm, a notorious Russian group, for breach that leveraged IT provider→

Ex-government officials urge US to take action to avoid another SolarWinds-style hack

Posted on February 10, 2021 by Jeff Stone

The U.S. government requires dramatic updates to its current approach toward cybersecurity if Americans want to avoid the kind of cyber-espionage campaigns that have recently rocked the national security establishment, a panel of security practitioners told Congress Wednesday. During testimony in front of the House Homeland Security Committee, Gordon likened the state of data protection in the U.S. to the stock market crash of 1929, which triggered the Great Depression. The government responded to reckless behavior on Wall Street by creating oversight in the form of the U.S. Securities and Exchange Commission and requiring regular financial filings from publicly-listed companies. Recent events in cyberspace — such as an alleged Russian espionage campaign involving the federal contractor SolarWinds and a Feb. 5 hack at a Florida water treatment facility — are proof that the U.S. faces a similar moment of reckoning in 2021, Gordon said. “We need to stop pretending like […]

The post Ex-government officials urge US to take action to avoid another SolarWinds-style hack appeared first on CyberScoop.

Continue reading Ex-government officials urge US to take action to avoid another SolarWinds-style hack→

Ransomware hackers launder bitcoin through just a handful of locations, researchers find

Posted on January 26, 2021 by Jeff Stone

It’s starting to look like the ransomware industry is developing its own version of the 1%, where a small number of players enjoy most of the wealth. Cybercrime investigators have suggested the spiraling trend of increasingly large ransomware cash demands and attack frequency is not the work of a large number of criminals, but instead the result of a specialized black market economy in which hackers will different skill-sets collaborate on a breach, then split the proceeds. A relatively small number of attack groups actually seem to make up most of that black market economy, offering their malicious software on a rental basis and then taking a sizable chunk of the profits and relying on money laundering to cover their tracks. Researchers now are tracking more of this activity via the blockchain, an accessible ledger through which public bitcoin transactions are recorded. When ransomware victims pay attackers to unlock their systems to decrypt their […]

The post Ransomware hackers launder bitcoin through just a handful of locations, researchers find appeared first on CyberScoop.

Continue reading Ransomware hackers launder bitcoin through just a handful of locations, researchers find→

Russian man tied to illicit hosting service Deer.io pleads guilty

Posted on January 22, 2021 by Jeff Stone

A Russian computer security researcher has pleaded guilty to hacking-related charges in connection with U.S. law enforcement action against an internet marketplace where buyers purchased access to stolen personal data. Kirill Firsov, a Russian national, acknowledged his involvement with Deer.io, an illicit web hosting service that enabled scammers to operate independent web stores where they sold access to hacked web accounts and other services. The U.S. Department of Justice shuttered the website in March 2020, weeks after Firsov was arrested at John F. Kennedy airport in New York City. Firsov admitted his role in running Deer.io when he was apprehended at the airport, the plea deal states. He now faces up to 10 years in prison. Deer.io claimed to have more than 24,000 active websites with sales exceeding $17 million, the Justice Department said last year. Various sites hosted through the Deer.io platform offered Americans’ personal information, access to breached […]

The post Russian man tied to illicit hosting service Deer.io pleads guilty appeared first on CyberScoop.

Continue reading Russian man tied to illicit hosting service Deer.io pleads guilty→