Joe Warminsky – Page 5 – WindowsTechs.com

Forescout acquires medical IoT security company CyberMDX

Posted on February 1, 2022 by Joe Warminsky

Silicon Valley cybersecurity company Forescout Technologies said Tuesday that it is acquiring CyberMDX, a medical-device security company known for its research into potential cyberthreats against health care technology. CyberMDX is a natural fit for Forescout, which focuses on securing connected devices and operational technology (OT) for large organizations — including what the industry calls the Internet of Medical Things (IoMT). Terms of the deal were not disclosed. “Cybersecurity for IoMT, much like cybersecurity for OT devices, requires specific expertise and technologies,” Forescout CEO Wael Mohamed said. “We are pleased to have the CyberMDX team join Forescout as we continue delivering new capabilities on our market-leading platform and grow our R&D center.” Research by CyberMDX has been responsible for shedding light on critical vulnerabilities in widely used medical imaging devices, patient monitors, anesthesia machines and infusion pumps. Forescout’s platform specializes in “device intelligence and network fabric technology,” or finding and classifying […]

The post Forescout acquires medical IoT security company CyberMDX appeared first on CyberScoop.

Continue reading Forescout acquires medical IoT security company CyberMDX→

Researchers detail Russia-linked group’s cyber-espionage tactics in Ukraine

Posted on January 31, 2022 by Joe Warminsky

Researchers at Symantec say they have identified some of the specific tactics used by a Russia-linked hacking operation that Ukraine’s government outed in November of last year. The cyber-espionage group, commonly labeled as Gamaredon or Armageddon, is known for using phishing emails to try to install remote access tools on victims’ computers, with the goal of exfiltrating data. Symantec’s Threat Hunter Team published a blog post Monday explaining how the spies used infected Microsoft Word attachments in mid-2021 to implant backdoor files allowing for the delivery of more malware. The researchers don’t specify who was targeted in their case study. The goal is to highlight the tactics, techniques and procedures (TTP) in question, especially if the Russia-Ukraine conflict boils over in the coming weeks, they say. “We do not expect to see reemergence of these TTPs until just prior or during active conflict,” the team told CyberScoop. As tensions between […]

The post Researchers detail Russia-linked group’s cyber-espionage tactics in Ukraine appeared first on CyberScoop.

Continue reading Researchers detail Russia-linked group’s cyber-espionage tactics in Ukraine→

Co-operator of DeepDotWeb sentenced to more than 8 years for money laundering

Posted on January 26, 2022 by Joe Warminsky

A money laundering scheme related to dark web markets has earned an Israeli citizen more than eight years in federal prison, the U.S. Department of Justice said Wednesday. Tal Prihar and co-defendant Michael Phan laundered millions of dollars in kickback payments they received as operators of DeepDotWeb, a website that connected internet users with dark web marketplaces. Prihar pleaded guilty to the money laundering charges in March. Phan is currently undergoing extradition proceedings in Israel, the DOJ said. Prosecutors said the DeepDotWeb (DDW) operators had received more than 8,000 bitcoins — about $8.4 million at the time of the transactions — since October 2013. DeepDotWeb was seized by the feds in April 2019. “To conceal the nature and source of these illegal kickback payments, Prihar transferred the payments from his DDW bitcoin wallet to other bitcoin accounts and to bank accounts he controlled in the names of shell companies,” the […]

The post Co-operator of DeepDotWeb sentenced to more than 8 years for money laundering appeared first on CyberScoop.

Continue reading Co-operator of DeepDotWeb sentenced to more than 8 years for money laundering→

Dark Overlord collaborator gets 3 years in prison for buying and selling stolen identities

Posted on January 26, 2022 by Joe Warminsky

An associate of the Dark Overlord hacking group has been sentenced to three years in prison for his role in possessing and selling more than 1,700 stolen identities on the dark web, federal prosecutors announced Wednesday. Slava Dmitriev, a 29-year-old Canadian citizen who was apprehended in Greece in September 2020, pleaded guilty in August 2021 to fraud charges. Prosecutors said he used the handle “GoldenAce” to buy and sell stolen identities on the dark web marketplace AlphaBay in 2016 and 2017. Those deals sometimes included contact with the Dark Overlord, a notorious cyber-extortion crew. “This defendant profited off buying and selling people’s stolen identities, including victims in this district,” said U.S. Attorney Kurt Erskine, referring to the Atlanta-based Northern District of Georgia, where Dmitriev was sentenced. The stolen data included names, dates of birth, Social Security numbers and other personally identifiable information, prosecutors said. Dmitriev was accused of providing the […]

The post Dark Overlord collaborator gets 3 years in prison for buying and selling stolen identities appeared first on CyberScoop.

Continue reading Dark Overlord collaborator gets 3 years in prison for buying and selling stolen identities→

Trellix, McAfee, FireEye, Mandiant: What’s next for four big names in cyber

Posted on January 25, 2022 by Joe Warminsky

On Jan. 19, the private equity firm that bought FireEye and McAfee Enterprise announced that the two acquisitions would “emerge” to form Trellix, a cybersecurity business with 5,000 employees and 40,000 customers. The goal is to offer “an integrated security platform designed to protect customers across endpoints, infrastructure, applications, and in the cloud,” Trellix officials said. The move also represents some disintegration, too, as it becomes the latest milestone in a shakeup involving some of the industry’s biggest names. The private equity firm — Silicon Valley-based Symphony Technology Group (STG) — finished its $4 billion acquisition of McAfee Enterprise in July, then bought much of FireEye in a deal that closed in October for $1.2 billion. With those two units forming Trellix, here’s where things stand for the relevant pieces: Trellix Bryan Palma, a FireEye executive vice president, is the new company’s CEO. In a Jan. 19 blog post, he […]

The post Trellix, McAfee, FireEye, Mandiant: What’s next for four big names in cyber appeared first on CyberScoop.

Continue reading Trellix, McAfee, FireEye, Mandiant: What’s next for four big names in cyber→

Assange permitted to file U.K. Supreme Court appeal in extradition case

Posted on January 24, 2022 by Joe Warminsky

A British court ruled Monday that WikiLeaks founder Julian Assange can ask the country’s Supreme Court to block his extradition to the United States, where he’s accused of violating the Espionage Act and collaborating in criminal hacking activity. The High Court said there is a single “point of law” allowing Assange’s case to proceed. The U.K.’s Supreme Court has not decided whether it will take the case, and there is no guarantee that it will, but Monday’s ruling essentially buys Assange more time. The point of law has to do with the timing of when U.K. judges received and considered assurances from the U.S. about how Assange would be treated once on U.S. soil, according to the BBC. U.S. officials had said Assange would not be sent to a supermax prison or be held in long solitary confinement, but the question is whether those assurances came at the right time […]

The post Assange permitted to file U.K. Supreme Court appeal in extradition case appeared first on CyberScoop.

Continue reading Assange permitted to file U.K. Supreme Court appeal in extradition case→

Suspicious withdrawals were indeed a ‘security incident,’ $30M stolen, Crypto.com says

Posted on January 20, 2022 by Joe Warminsky

Crypto.com has confirmed that more than $30 million in cryptocurrency was stolen from some of its users earlier in the week, ending several days of confusion over what exactly happened during what the company is labeling a “security incident.” The hack affected the wallets of 483 users, with the thieves aiming for 4,836.26 in ether (about $15 million), 443.93 in bitcoin (roughly $18 million) and approximately “$66,200 in other currencies,” Crypto.com said in a report Thursday. All of those funds have been restored, the company said. “No customers experienced a loss of funds,” the report said. “In the majority of cases we prevented the unauthorized withdrawal, and in all other cases customers were fully reimbursed.” Crypto.com did not specify who the crooks might be, or where the attack originated. But in describing the incident, it pointed to a now-remediated soft spot in its user authentication process. Risk monitoring systems had […]

The post Suspicious withdrawals were indeed a ‘security incident,’ $30M stolen, Crypto.com says appeared first on CyberScoop.

Continue reading Suspicious withdrawals were indeed a ‘security incident,’ $30M stolen, Crypto.com says→

QR codes can eat your lunch, FBI warns

Posted on January 18, 2022 by Joe Warminsky

QR codes are among the few “winners” of the coronavirus pandemic, the joke goes, because restaurants and other businesses have deployed them in far greater numbers over the past few years, in an effort to make more interactions contactless. The FBI is warning, however, that scammers love them, too. The bureau’s Internet Crime Complaint Center (IC3), issued a general alert Tuesday about “malicious” QR codes that reroute unsuspecting consumers to the world of cybercrime. “[C]ybercriminals are taking advantage of this technology by directing QR code scans to malicious sites to steal victim data, embedding malware to gain access to the victim’s device, and redirecting payment for cybercriminal use,” the announcement says. The FBI’s warning is the latest in a long string of advisories from cybersecurity researchers or government agencies about the threat posed by QR codes. Last week, Ars Technica reported on fake QR codes on fake QR codes that were […]

The post QR codes can eat your lunch, FBI warns appeared first on CyberScoop.

Continue reading QR codes can eat your lunch, FBI warns→

Russia’s FSB announces sting against members of REvil cybercrime gang

Posted on January 14, 2022 by Joe Warminsky

The Russian government said Friday that it raided multiple addresses tied to members of the REvil ransomware gang, making arrests and seizing hard cash, cryptocurrency, computers and cars. The Federal Security Service, or FSB, said it executed the sting at locations in Moscow, St. Petersburg and elsewhere. The operation came at the request of the United States, the FSB said. The FBI did not immediately respond Friday morning to requests for comment. “Representatives of the competent US authorities were informed about the results of the operation,” the FSB said, according to a translation of its news release. The U.S. has reportedly passed along to Russia the names of hackers within its borders who have been behind active attacks on America, hoping it would lead to a Russian crackdown. Russian President Vladimir Putin said last summer that his country had agreed to enter into “consultations” on cybersecurity with the U.S., but […]

The post Russia’s FSB announces sting against members of REvil cybercrime gang appeared first on CyberScoop.

Continue reading Russia’s FSB announces sting against members of REvil cybercrime gang→

After Joker’s Stash shutdown, the market for stolen financial data looks a lot different

Posted on December 20, 2021 by Joe Warminsky

The closure of the Joker’s Stash cybercrime forum put a lasting dent in the overall market for stolen payment-card data on the dark web, researchers say, amid other factors complicating business for crooks aiming to trade in illicit credit or debit card information. From mid-2020 to mid-2021, the value of the “carding” market fell to $1.4 billion, compared $1.9 billion during the same period a year earlier, according to cybersecurity company Group-IB, which attributes the shrinkage largely to the disappearance of Joker’s Stash. The FBI and Interpol disrupted the market’s digital infrastructure in December 2020, and by February 2021, it had shut down. The site hosted data dumps from all over the globe, including U.S. restaurant patrons and Indian bank customers. Criminal groups like the gang known as FIN7 knew they would find customers on the forum. (Those customers quickly scattered to myriad other sites.) While the market shift happened, […]

The post After Joker’s Stash shutdown, the market for stolen financial data looks a lot different appeared first on CyberScoop.

Continue reading After Joker’s Stash shutdown, the market for stolen financial data looks a lot different→