Tim Starks – Page 46 – WindowsTechs.com

European police round up 23 suspected scammers accused of $1.2 million fraud

Posted on August 11, 2021 by Tim Starks

An international police sting netted 23 arrests in three countries of suspects behind a business email compromise scheme that last year turned to capitalizing on COVID-19 fears, Europol announced on Wednesday. Together, the fraudsters are believed to have stolen at least $1.2 million from companies in 20 countries, mainly European and Asian nations, the European Union police agency said. The scheme relied on use of compromised email accounts for advance-payment fraud, Europol said. The suspects created fake emails and websites that resembled those of legitimate companies to trick victims into placing orders with them. They then laundered financial data through Romanian bank accounts to ultimately withdraw money from ATMs. “The fraud was run by an organised crime group which prior to the COVID-19 pandemic already illegally offered other fictitious products for sale online, such as wooden pellets,” Europol’s announcement said. “Last year the criminals changed their modus operandi and started […]

The post European police round up 23 suspected scammers accused of $1.2 million fraud appeared first on CyberScoop.

Continue reading European police round up 23 suspected scammers accused of $1.2 million fraud→

COVID-19 social media disinformation campaign sought to exploit TikTok, Instagram influencers

Posted on August 10, 2021 by Tim Starks

A Russia-based disinformation push about COVID-19 vaccines wasn’t a traditional “influence” campaign, so much as it was partially a campaign on “influencers.” The subsidiary of a U.K.-registered marketing firm behind the effort, named Fazze, tried to spoon-feed popular accounts on Instagram, TikTok and YouTube a package of articles and instructions about the Pfizer vaccine, claiming that it obtained information about fatalities following a hack-and-leak operation. Instead, as Facebook outlined in a Tuesday report detailing the campaign, some of those influencers thought the offer was fishy and exposed it on social media. The campaign against Pfizer that began in May traced its beginnings back to November and December of 2020, with the first leg devoted to bashing the AstraZeneca vaccine. Its primary targets were India and Latin America, but to a smaller extent the United States, Facebook said. Facebook said it removed 243 Instagram accounts and 65 Facebook accounts from Russia […]

The post COVID-19 social media disinformation campaign sought to exploit TikTok, Instagram influencers appeared first on CyberScoop.

Continue reading COVID-19 social media disinformation campaign sought to exploit TikTok, Instagram influencers→

Fintech company Plaid, consumers reach $58M settlement agreement in privacy suit

Posted on August 9, 2021 by Tim Starks

Financial tech company Plaid has reached a $58 million settlement agreement in a lawsuit where customers alleged that the company obtained and used their banking information without permission. Plaid’s service connects customer banking accounts to financial apps like Venmo and Robinhood. The plaintiffs claimed that Plaid misled them and violated their privacy by obtaining data from their financial accounts without consent, getting their bank login information through a deceptive interface meant to look like customers’ own bank login screens and selling their transaction histories. Under the settlement agreement, still subject to court approval, Plaid must also delete some data from its systems, minimize the data it stores, improve disclosures of how it uses data and maintain disclosures and websites about its security practices. “We do not, nor have we ever, sold data,” a Plaid spokesperson said. “We make our role and practices clear, and provide services that give consumers control […]

The post Fintech company Plaid, consumers reach $58M settlement agreement in privacy suit appeared first on CyberScoop.

Continue reading Fintech company Plaid, consumers reach $58M settlement agreement in privacy suit→

Courts order handover of breach forensic reports in trend welcomed by consumers, feared by defendants

Posted on August 4, 2021 by Tim Starks

In the past year, three judges have ordered companies that suffered data breaches to hand over internal forensic reports on how the incident happened — a trend that could lend new insights into incidents where consumers’ personal data is exposed, at the expense of companies that want to keep that information to themselves. In July, a judge ordered the Rutter’s convenience store chain to deliver a forensic report on its data breach to attorneys in a class action suit brought by store customers. It was the kind of decision that could shed light on whether the company neglected cyber defenses leading up to a breach that affected customer credit card data at roughly 70 stores over the course of nine months. A judge ruled in May 2020 that Capital One would need to provide a forensic report to attorneys for customers who sued the bank over a 2019 incident in […]

The post Courts order handover of breach forensic reports in trend welcomed by consumers, feared by defendants appeared first on CyberScoop.

Continue reading Courts order handover of breach forensic reports in trend welcomed by consumers, feared by defendants→

Cyberattack knocks Italian vaccine registration portal offline

Posted on August 3, 2021 by Tim Starks

A cyberattack over the weekend shut down the COVID-19 vaccination registration system for an Italian region that includes the city of Rome, officials there said. Nicola Zingaretti, president of the Lazio region, said in a Facebook post on Monday that the area suffered a “cyber attack of criminal origin,” according to a Google translation. “We do not know who the perpetrators are and their purposes,” he wrote. CNN reported that Lazio received a ransom claim and was hit by a “crypto locker,” according to an unnamed source. Authorities say the incident is the most grave on an Italian government agency ever. The attack won’t interfere with anyone who already has booked a vaccine appointment, but new appointments are temporarily suspended, Zingaretti said. Health and financial data seems safe, he said. “The attack blocked almost all files in the data center,” he wrote. “At the moment the system is shut down […]

The post Cyberattack knocks Italian vaccine registration portal offline appeared first on CyberScoop.

Continue reading Cyberattack knocks Italian vaccine registration portal offline→

Evidence suggests Russia’s SVR is still using ‘WellMess’ malware, despite US warnings

Posted on July 30, 2021 by Tim Starks

President Joe Biden urging Vladimir Putin to crack down on cyberattacks coming from within Russian borders doesn’t seem to have convinced the Kremlin to give it up just yet. RiskIQ said in a report Friday that it uncovered active hacking infrastructure that Western governments attributed last summer to the Russian SVR intelligence agency-linked APT29 or Cozy Bear, which it used at the time to try to steal Covid-19 research. Known as WellMess or WellMail, the malware warranted government alerts in July of 2020 from the U.S., U.K. and Canada. In April, the FBI urged organizations to patch five known vulnerabilities that U.S. officials said were the subject of exploitation by the SVR. RiskIQ identified three dozen command and control servers serving WellMess that the company said were under APT29 control. It focused on the infrastructure after a U.S.-Russia summit where cyberattacks came up. “The activity uncovered was notable given the […]

The post Evidence suggests Russia’s SVR is still using ‘WellMess’ malware, despite US warnings appeared first on CyberScoop.

Continue reading Evidence suggests Russia’s SVR is still using ‘WellMess’ malware, despite US warnings→

Wyden bill would require digital signatures for sensitive court orders

Posted on July 29, 2021 by Tim Starks

Miscreants have leveraged counterfeit court documents to authorize wiretaps on romantic interests or dupe Google into removing embarrassing links from search results, among other instances of fraud, in recent years. Sen. Ron Wyden on Wednesday is unveiling bipartisan legislation to counter that kind of forgery by requiring federal, state and tribal courts to use digital signatures — which rely on encryption technology — for orders that authorize surveillance, domain seizures and online content removal. The legislation, first reported by CyberScoop, also directs the National Institute for Standards and Technology to develop standards for court order digital signatures within two years, for federal courts to test out the technology and then for state and tribal courts to adopt it within four years after the rules are finished. The senator said the bill aims to curb opportunities for fraud by forcing the use of digital signatures, which are rapidly surging in popularity. […]

The post Wyden bill would require digital signatures for sensitive court orders appeared first on CyberScoop.

Continue reading Wyden bill would require digital signatures for sensitive court orders→

Threat intel firms suggest ransomware gang ‘BlackMatter’ has ties to DarkSide, REvil hackers

Posted on July 28, 2021 by Tim Starks

Digital sleuths at cyber threat intelligence firms have found clues that a seemingly new ransomware organization has links to DarkSide and REvil, two gangs that suddenly disappeared shortly after major attacks. From the moment DarkSide vanished following the Colonial Pipeline incident and REvil went dark after locking up JBS and customers of Kaseya, questions swirled about whether a government took them down, whether attackers quit, or whether they simply went underground to rebrand. Flashpoint, Mandiant and Recorded Future on Tuesday and Wednesday said they discovered at least some connection between DarkSide and/or REvil and BlackMatter, a group that emerged last week. “The project has incorporated in itself the best features of DarkSide, REvil, and LockBit,” BlackMatter itself proclaimed, according to Recorded Future. LockBit is another ransomware operation that first appeared in 2019, and all three are thought to operate out of Russia. Exactly what “best features” BlackMatter borrowed from other […]

The post Threat intel firms suggest ransomware gang ‘BlackMatter’ has ties to DarkSide, REvil hackers appeared first on CyberScoop.

Continue reading Threat intel firms suggest ransomware gang ‘BlackMatter’ has ties to DarkSide, REvil hackers→

Biden says ‘shooting war’ could break out with foreign heavyweights over cyberattacks

Posted on July 28, 2021 by Tim Starks

The U.S. is “more likely” to end up in a “real shooting war with a major power” over a cyber incident than other kinds of conflict, President Joe Biden suggested on Tuesday. “We’ve seen how cyber threats, including ransomware attacks, increasingly are able to cause damage and disruption to the real world,” he said at a speech at the Office of the Director of National Intelligence’s National Counterterrorism Center in McLean, Virginia. “And it’s increasing exponentially — the capabilities.” While Biden delivered his speech before intelligence personnel, at least one of his intended recipients appeared to be Russian President Vladimir Putin. The Biden administration has been talking tough about Russia providing safe haven for ransomware gangs believed to be responsible for headline-making attacks on Colonial Pipeline, JBS and Kaseya. Biden has pressed that message to Putin directly as recently as July. Russia has rejected U.S. suggestions of wrongdoing. “I can’t […]

The post Biden says ‘shooting war’ could break out with foreign heavyweights over cyberattacks appeared first on CyberScoop.

Continue reading Biden says ‘shooting war’ could break out with foreign heavyweights over cyberattacks→