Tonya Riley – Page 27 – WindowsTechs.com

Ransomware gang targeting schools, hospitals reinvents itself to avoid scrutiny

Posted on November 29, 2021 by Tonya Riley

An under-the-radar ransomware group that’s been attacking schools, hospitals and other critical infrastructure has tried to cover its tracks by rebranding, according to findings from researchers at Mandiant. Sabbath, a rebrand of the ransomware group Arcane, “is unfortunately not slowing down” in its attacks, Tyler McLellan, principal analyst at Mandiant, said in a statement. “They picked up their pace right into November 2021, when its public shaming portal mysteriously went offline.” Researchers first caught onto Sabbath in October, when it held the data of a Texas school district for school for ransom. Interestingly, the group turned to social media platform Reddit to make its ransom demand. Ransomware gangs often host their own websites where they shame victims and threaten to leak data. Sabbath eventually launched its own victim site, which researchers found nearly identical to that of a formerly active group that went by the name Arcane. The two groups […]

The post Ransomware gang targeting schools, hospitals reinvents itself to avoid scrutiny appeared first on CyberScoop.

Continue reading Ransomware gang targeting schools, hospitals reinvents itself to avoid scrutiny→

‘Shiba Inu’ token scams surge with the virtual currency’s popularity

Posted on November 23, 2021 by Tonya Riley

When the Shiba Inu token, a meme-based virtual currency, hit its highest all-time value in October, it didn’t take long for scammers to seize on the trend for their own benefit. Live YouTube videos promising bogus giveaways of the token have racked up hundreds of thousands of views, while groups on Telegram promoting other frauds have also exploded, according to research shared exclusively with CyberScoop. Many Shiba scams identified by the security firm Tenable all take a nearly identical approach. Accounts live-stream old footage from a June event featuring Jack Dorsey and Elon Musk, a popular name among crypto enthusiasts, with on-screen instructions for users to send an arbitrary amount of currency into a wallet, with the promise of getting twice as much or more in return. Scams have earned $239,000 worth of cryptocurrency since October 20, based on an analysis of online wallet addresses associated with nefarious Shiba Inu-themed pages, […]

The post ‘Shiba Inu’ token scams surge with the virtual currency’s popularity appeared first on CyberScoop.

Continue reading ‘Shiba Inu’ token scams surge with the virtual currency’s popularity→

A new group of cyber mercenaries targets businesses, journalists — including some in Russia

Posted on November 10, 2021 by Tonya Riley

Trend Micro said on Wednesday it has discovered a new Russian-language cyber mercenary group that has been going after targets ranging from Russian businesses to journalists and politicians. Researchers discovered the group after a long-time target of Pawn Storm, a hacking group connected to Russian intelligence, also known as Fancy Bear and APT28, said in March of 2020 that hackers targeted his wife with phishing emails. Trend Micro found that the indicators didn’t match Pawn Storm, and attributed the attacks to another Russian-language group it named Void Balaur. Unlike APT28, Void Balaur appears to be an independent group willing to hack into the emails of targets as diverse as aviation companies in Russia to human rights activists in Uzbekistan, according to Trend Micro. “Their targets are really a mixed bag,” lead researcher Feike Hacquebord said in an interview. “It looks like a lot of different customers are using them and […]

The post A new group of cyber mercenaries targets businesses, journalists — including some in Russia appeared first on CyberScoop.

Continue reading A new group of cyber mercenaries targets businesses, journalists — including some in Russia→

Spyware providers are flocking to international arms fairs to sell to NATO foes

Posted on November 8, 2021 by Tonya Riley

European and Middle Eastern spyware and surveillance firms are marketing intrusion software to adversaries of the U.S., its intelligence allies and NATO, Atlantic Council research published Monday reveals. Looking at more than 200 companies that attended international arms fairs in the past two decades, researchers found that 85% of companies likely selling interception or intrusion technologies marketed these capabilities to governments outside their home country — even when no intelligence relationship existed. Five companies, including Israel-based Cellebrite and Sweden-based Micro Systemation AB, marketed those capabilities to U.S. and NATO adversaries. Neither company immediately responded to requests for comment. The findings coincide with an explosion of surveillance vendors attending international arms trade shows, including the heavily attended Milipol France and the U.K. -based Security and Policing Home Office. The report underscores growing concerns about the threat that spyware companies pose to the United States and its allies. U.S. and European leaders have […]

The post Spyware providers are flocking to international arms fairs to sell to NATO foes appeared first on CyberScoop.

Continue reading Spyware providers are flocking to international arms fairs to sell to NATO foes→

State Department offers $10 million reward for help identifying DarkSide ringleaders

Posted on November 4, 2021 by Tonya Riley

The State Department on Thursday announced a $10 million bounty for information on the location of leaders of the DarkSide ransomware gang, and $5 million for information that leads to the arrest or conviction of any affiliates of the group. DarkSide in May hacked fuel provider Colonial Pipeline, forcing the company to shut down its operations, resulting in panic-buying at gas stations in some areas of the U.S. ahead of Memorial Day weekend. The Justice Department retrieved $2.3 million of the nearly $5 million ransom payment Colonial Pipeline made to the Russian-speaking hackers. “In offering this reward, the United States demonstrates its commitment to protecting ransomware victims around the world from exploitation by cybercriminals,” State Department spokesperson Ned Price said in a statement. “The United States looks to nations who harbor ransomware criminals that are willing to bring justice for those victim businesses and organizations affected by ransomware.” Only the […]

The post State Department offers $10 million reward for help identifying DarkSide ringleaders appeared first on CyberScoop.

Continue reading State Department offers $10 million reward for help identifying DarkSide ringleaders→

Commerce Department blacklists controversial spyware company NSO Group

Posted on November 3, 2021 by Tonya Riley

The Commerce Department Wednesday added two Israeli spyware companies, NSO Group and Candiru, to its entity list of companies that pose a national security and foreign policy risk to the United States. The designation accuses both NSO Group and Candiru of having “developed and supplied spyware to foreign governments that used this tool to maliciously target government officials, journalists, business people, activists, academics, and embassy workers.” Inclusion on the list enacts stringent licensing requirements for exports to designated companies from U.S. businesses. Companies previously included on the list include Chinese firm Huawei, which the U.S. government has flagged as posing a risk to Americans’ data. Also added to the entity list Wednesday were Russia-based Positive Technologies and Singapore-based Computer Security Initiative. The Commerce Department accused the two companies of trafficking “cyber exploits used to gain access to information systems, threatening the privacy and security of individuals and organizations worldwide.” The […]

The post Commerce Department blacklists controversial spyware company NSO Group appeared first on CyberScoop.

Continue reading Commerce Department blacklists controversial spyware company NSO Group→

FTC wants to know when financial data is compromised, will require encryption

Posted on October 28, 2021 by Tonya Riley

The Federal Trade Commission is weighing updating its rules to require financial institutions to report within 30 days any security incidents in which misuse of customer data of at least 1,000 customers likely occurred. The information requested by the FTC under a proposal published Wednesday would include the name and contact information of an affected institution, the type of data involved in the event and the timeframe of the incident. The FTC notes that similar information is required under many state breach reporting laws, and that the FTC does not consider the information requested to be “confidential or proprietary.” The proposal adds to a list of agency actions putting privacy at the center of its enforcement agenda. Requiring breach notifications from financial institutions would give the lead consumer protection agency in the U.S. more information to bolster its oversight of an industry that increasingly is vacuuming up more consumer data. […]

The post FTC wants to know when financial data is compromised, will require encryption appeared first on CyberScoop.

Continue reading FTC wants to know when financial data is compromised, will require encryption→

A Russian-speaking ransomware gang says it hacked the National Rifle Association

Posted on October 27, 2021 by Tonya Riley

A ransomware group known as Grief claimed on Wednesday to have hacked the National Rifle Association, releasing 13 documents allegedly belonging to the organization and threatening to release more if the NRA doesn’t pay an extortion fee of an undisclosed sum. The documents previewed on Grief’s leak site include grant applications and minutes from a meeting. The group claims to possess more documents. However, ransomware actors have been known to exaggerate the amount of data obtained in a hack. CyberScoop has not independently verified the documents. An NRA spokesperson declined to comment when reached by phone. Multiple researchers have said that Grief is affiliated with the Russian ransomware group Evil Corp. Evil Corp.’s involvement could potentially put the NRA at risk of violating U.S. sanctions if it pays the attackers after the Treasury Department sanctioned that gang in 2019. The Justice Department also charged two Evil Corp. members with criminal […]

The post A Russian-speaking ransomware gang says it hacked the National Rifle Association appeared first on CyberScoop.

Continue reading A Russian-speaking ransomware gang says it hacked the National Rifle Association→

Global ‘Operation Dark HunTor’ dark web sting leads to 150 arrests

Posted on October 26, 2021 by Tonya Riley

The U.S. Justice Department and Europol announced Tuesday the arrest of 150 individuals allegedly involved in the sale of illegal drugs and other illicit goods on the dark web. The sweeping campaign, named Operation Dark HunTor, spanned 10 months, three continents, and involved more than 12 international law enforcement agencies. The sting confiscated 200,000 pills in the United States, 90% of which were found to contain counterfeit opiods or other narcotics. U.S. law enforcement made 36 arrests across 13 states and the District of Columbia. Law enforcement seized over $31.6 million in cash and virtual currencies, 45 firearms and 234 kilograms of drugs, including enough fentanyl for more than 4 million lethal doses according to deputy attorney general Lisa Monaco. The number of deaths related to drug overdoses in the U.S. climbed by 29% in 2o20, up to 93,331 people, according to the Centers for Disease Control and Prevention. Opiods […]

The post Global ‘Operation Dark HunTor’ dark web sting leads to 150 arrests appeared first on CyberScoop.

Continue reading Global ‘Operation Dark HunTor’ dark web sting leads to 150 arrests→

Facebook files suit against Ukrainian man who allegedly scraped data about 178 million users

Posted on October 22, 2021 by Tonya Riley

Facebook filed a lawsuit against a Ukrainian man in a federal court Friday for allegedly using third-party services to gather information about 178 million users, then selling that information. Defendant Alexander Solonchenko is accused of using automated tools in 2018 and 2019 to retrieve information about users by looking up their phone numbers through Facebook’s Messenger Contact Importer. Solonchenko in 2020 started advertising the Facebook data for sale on RaidForum, a marketplace for data leaks where he had sold data from other private companies, the lawsuit says. He sold the data in 2021. The social media giant argues that Alexander Solonchenko violated Facebook’s terms of service by “using automated means…or attempt[ing] to access data you don’t have permission to access.” The company now is seeking an injunction preventing Solonchenko from accessing Facebook and its products as well as an injunction that would stop Solonchenko from selling or distributing any data […]

The post Facebook files suit against Ukrainian man who allegedly scraped data about 178 million users appeared first on CyberScoop.

Continue reading Facebook files suit against Ukrainian man who allegedly scraped data about 178 million users→