Sean Lyngaas – Page 26 – WindowsTechs.com

Joker’s Stash claims 3 million cards stolen from Dickey’s Barbecue

Posted on October 15, 2020 by Sean Lyngaas

Joker’s Stash, one of the most notorious web forums for stolen credit card data, has claimed a new scalp. Sellers on the site this week claimed to be offering 3 million payment card numbers used at Dickey’s Barbecue Pit, a U.S. fast-food chain, researchers at intelligence firm Gemini Advisory said Thursday. More than 100 of the barbecue joint’s locations were affected by the breach, and the data is being sold for a median price of $17 per card, according to the research. The data from Dickey’s Barbecue Pit customers appears to have been compromised between July 2019 and August 2020, according to Gemini Advisory. Numerous restaurant and hospitality chains have been hit by scammers in recent years because of the personal financial data they collect. “Given the widespread nature of the breach, the exposure may be linked to a breach of the single central processor, which was leveraged by over a quarter of all […]

The post Joker’s Stash claims 3 million cards stolen from Dickey’s Barbecue appeared first on CyberScoop.

Continue reading Joker’s Stash claims 3 million cards stolen from Dickey’s Barbecue→

US, European authorities carry out sweeping crackdown on prolific QQAAZZ cybercriminal group

Posted on October 15, 2020 by Sean Lyngaas

U.S. and European law enforcement have embarked on a coordinated crackdown on an Eastern European cybercriminal group accused of trying to launder tens of millions of dollars stolen from victims. Fourteen people have been charged for allegedly laundering money for QQAAZZ, as the group is known, the U.S. Justice Department announced Thursday. Meanwhile, houses were raided across Europe, a number of arrests were made in Latvia and a cryptocurrency mining operation was seized in Bulgaria. It’s the most significant law enforcement offensive to date against QQAAZZ, whose members are allegedly from Bulgaria, Latvia, Georgia, Romania and elsewhere. The network has allegedly operated hundreds of bank accounts throughout the world to launder money stolen by criminal hackers, sometimes converting it to cryptocurrency. They stand accused of hawking their “bank drops service” on Russia-speaking cybercriminals forums. “The criminal gangs behind some of the world’s most harmful malware families are among those cybercriminal groups […]

The post US, European authorities carry out sweeping crackdown on prolific QQAAZZ cybercriminal group appeared first on CyberScoop.

Continue reading US, European authorities carry out sweeping crackdown on prolific QQAAZZ cybercriminal group→

After blows from Cyber Command and Microsoft, TrickBot lives on

Posted on October 14, 2020 by Sean Lyngaas

Disrupting a well-oiled botnet, or network of compromised computers used to launch attacks, isn’t easy. It’s little surprise, then, that in the days after U.S. Cyber Command and Microsoft took aim at TrickBot, one of the world’s largest botnets, parts of the zombie computer army still appear to be active. The goal of the distinct operations carried out in recent weeks was to wound a vast, malicious network that Russian-speaking criminals had used to infect victims with ransomware. Cyber Command, the offensive hacking unit within the U.S. Department of Defense, attacked the botnet’s infrastructure. In a separate action, Microsoft carried out a court order to disable some of TrickBot’s U.S.-based computer activity. The latter move appears to have taken large chunks of the botnet’s U.S.-based servers offline, forcing TrickBot’s puppet masters to reconfigure some of their operations, and seemed to give some organizations a reprieve to shore up digital defenses. The dual actions sought to curb the ability of a criminal network to deploy ransomware on state […]

The post After blows from Cyber Command and Microsoft, TrickBot lives on appeared first on CyberScoop.

Continue reading After blows from Cyber Command and Microsoft, TrickBot lives on→

Norway says Russian hackers carried out breach at parliament

Posted on October 13, 2020 by Sean Lyngaas

Russian state-sponsored hackers were behind a breach of the Norwegian parliament in August in which attackers stole data from lawmakers’ email accounts, Norwegian officials alleged on Tuesday. “This is a very serious incident, affecting our most important democratic institution,” Norway Foreign Affairs Minister Ine Eriksen Søreide said in a statement. “Based on the information the government has, it is our view that Russia is responsible for these activities.” The incident, and the suggestion of foreign political interference, has been a topic of significant contention for Norwegian national security officials. Among the victims of the breach were members of the opposition Labour Party and the Centre Party, according to local media reports. The Russian Embassy in Washington, D.C., did not immediately respond to a request for comment on Tuesday on the accusation. The Russian Embassy in Oslo balked at the allegations, calling them “unacceptable” and “destructive for bilateral relations.” Norway is a […]

The post Norway says Russian hackers carried out breach at parliament appeared first on CyberScoop.

Continue reading Norway says Russian hackers carried out breach at parliament→

How middlemen are giving ransomware gangs more attack options

Posted on October 12, 2020 by Sean Lyngaas

The last six months have seen damaging ransomware attacks on two multibillion-dollar IT firms, Conduent and Cognizant, with clients all over the world. The incidents locked computers across the companies, cut into revenue and required days, if not weeks, of clean up. A report published Monday by consulting giant Accenture warns that the kind of criminal groups behind those attacks have more options than ever for accessing corporate networks thanks to a thriving market for outsourced hacking. Accenture researchers are tracking more the 25 regular “network access sellers,” or people who specialize in breaching an organization’s networks and handing off that access to the highest bidder. The access sellers have frequented the same underground forums as the people involved with prolific strains of ransomware like NetWalker and Maze, the latter which was used against Cognizant. “Network access selling has progressed from a niche underground offering throughout 2017 to a central pillar of criminal underground […]

The post How middlemen are giving ransomware gangs more attack options appeared first on CyberScoop.

Continue reading How middlemen are giving ransomware gangs more attack options→

Foreign hackers are targeting federal, state and local IT networks, feds warn

Posted on October 10, 2020 by Sean Lyngaas

Foreign government-linked hackers have been exploiting old software vulnerabilities in an effort to access federal, state and local computer networks in ongoing activity, the FBI and the U.S. Cybersecurity and Infrastructure Security Agency warned Friday. The federal advisory, which did not point the finger at a particular foreign government, said that the malicious cyber activity had in some cases “resulted in unauthorized access to elections support systems.” However, FBI and CISA officials said there was “no evidence to date that integrity of elections data has been compromised.” “Although it does not appear these targets are being selected because of their proximity to elections information, there may be some risk to elections information housed on government networks,” the FBI and CISA advisory said. “Elections support systems” are typically IT infrastructure, like email servers, that local government officials use for a range of business, whether related to an election or not. Those systems are […]

The post Foreign hackers are targeting federal, state and local IT networks, feds warn appeared first on CyberScoop.

Continue reading Foreign hackers are targeting federal, state and local IT networks, feds warn→

Twitter to limit politicians’ premature claims of victory, remove calls for violence

Posted on October 9, 2020 by Sean Lyngaas

With less than a month until Election Day in the U.S., Twitter said it would limit politicians’ ability to claim premature electoral victories, and remove calls for violence or interference in election results. Tweets claiming false victories will be flagged and users will be directed to credible information about the election, the company announced Friday. Any tweet intended to incite electoral interference, whether in the presidential or congressional races, will be removed. The policy change comes amid a contentious election in which President Donald Trump has repeatedly questioned the integrity of the vote and made unfounded claims about fraud. Twitter has been labeling Trump’s tweets about mail-in voting and directing users to factual information, but critics have called on the platform to do more. In the unrest following the killing of George Floyd, an unarmed Black man, in May, Trump tweeted, “when the looting starts, the shooting starts,” a message […]

The post Twitter to limit politicians’ premature claims of victory, remove calls for violence appeared first on CyberScoop.

Continue reading Twitter to limit politicians’ premature claims of victory, remove calls for violence→

Android ransomware authors have a new trick to go with an old shakedown technique

Posted on October 8, 2020 by Sean Lyngaas

Mobile ransomware scams — in which crooks lock your phone and demand money — are nothing new. But they are getting more clever as cybercriminals find new ways to circumvent security. The latest example is a ransomware scheme targeting Android phones that Microsoft made public Thursday. According to the research, the malicious code gets around security checks that Google, which owns Android, has instituted against previous ransomware kits. Instead of abusing a permission feature that controls what apps can do on the phone, as other mobile ransomware scams have, this one triggers an incoming call notice to display the ransom note. It’s “the latest variant of a ransomware family that’s been in the wild for a while but has been evolving non-stop,” Dinesh Venkatesan, a Microsoft researcher, wrote in a blog. Mobile ransomware generally isn’t as profitable as ransomware attacks on PCs or enterprise networks. But Allan Liska, an analyst at threat […]

The post Android ransomware authors have a new trick to go with an old shakedown technique appeared first on CyberScoop.

Continue reading Android ransomware authors have a new trick to go with an old shakedown technique→

Russian-speaking hackers target Russian organizations with industrial spying tools

Posted on October 8, 2020 by Sean Lyngaas

A previously undisclosed, Russian-speaking hacking group has for the last two years been conducting targeted espionage against Russian-speaking organizations, researchers said Thursday. The type of tailored malicious code that Russian security company Kaspersky uncovered is often reserved for spying on diplomats or infiltrating telecom firms rather than corporations, researchers asserted. But these attackers have been stalking unnamed corporations, looking to siphon off certain Microsoft Office and Adobe documents. The discovery adds to a growing body of public reporting on corporate hacking that has often focused on Chinese-speaking hackers. U.S. government officials and security researchers have accused China of economic espionage for years — a charge Beijing denies. In this case, however, the hackers may be pretending to be Chinese but are really Russian speakers, according to Kaspersky. They set up online accounts for communicating with cloud computing infrastructure that “pretend to be of Chinese origin,” the researchers said. To lure their victims, […]

The post Russian-speaking hackers target Russian organizations with industrial spying tools appeared first on CyberScoop.

Continue reading Russian-speaking hackers target Russian organizations with industrial spying tools→