A Little Sunshine – Page 17

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Posted on March 31, 2022 by BrianKrebs

On Tuesday, KrebsOnSecurity warned that hackers increasingly are using compromised government and police department email accounts to obtain sensitive customer data from mobile providers, ISPs and social media companies. Today, one of the U.S. Senate’s most tech-savvy lawmakers said he was troubled by the report and is now asking technology companies and federal agencies for information about the frequency of such schemes. Continue reading Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill→

A Closer Look at the LAPSUS$ Data Extortion Group

Posted on March 23, 2022 by BrianKrebs

Microsoft and identity management platform Okta both disclosed this week breaches involving LAPSUS$, a relatively new cybercrime group that specializes in stealing data from big companies and threatening to publish the information unless a ransom demand is paid. Here’s a closer look at LAPSUS$, and some of the low-tech but high-impact methods the group uses to gain access to targeted organizations. Continue reading A Closer Look at the LAPSUS$ Data Extortion Group→

Conti Ransomware Group Diaries, Part IV: Cryptocrime

Posted on March 8, 2022 by BrianKrebs

Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. The candid messages revealed how Conti evaded law enforcement and intelligence agencies, what it was like on a typical day at the Conti office, and how Conti secured the digital weaponry used in their attacks. This final post on the Conti conversations explores different schemes that Conti pursued to invest in and steal cryptocurrencies. Continue reading Conti Ransomware Group Diaries, Part IV: Cryptocrime→

Conti Ransomware Group Diaries, Part IV: Cryptocrime

Posted on March 8, 2022 by BrianKrebs

Conti Ransomware Group Diaries, Part III: Weaponry

Posted on March 4, 2022 by BrianKrebs

Part I of this series examined newly-leaked internal chats from the Conti ransomware group, and how the crime gang dealt with its own internal breaches. Part II explored what it’s like to be an employee of Conti’s sprawling organization. Today’s Part III looks at how Conti abused a panoply of popular commercial security services to undermine the security of their targets, as well as how the team’s leaders strategized for the upper hand in ransom negotiations with victims. Continue reading Conti Ransomware Group Diaries, Part III: Weaponry→

Conti Ransomware Group Diaries, Part II: The Office

Posted on March 2, 2022 by BrianKrebs

Earlier this week, a Ukrainian security researcher leaked almost two years’ worth of internal chat logs from Conti, one of the more rapacious and ruthless ransomware gangs in operation today. Tuesday’s story examined how Conti dealt with its own internal breaches and attacks from private security firms and governments. In Part II of this series we’ll explore what it’s like to work for Conti, as described by the Conti employees themselves. Continue reading Conti Ransomware Group Diaries, Part II: The Office→

IRS: Selfies Now Optional, Biometric Data to Be Deleted

Posted on February 22, 2022 by BrianKrebs

The U.S. Internal Revenue Service (IRS) said Monday that taxpayers are no longer required to provide facial scans to create an account online at irs.gov. In lieu of providing biometric data, taxpayers can now opt for a live video interview with ID.me, the privately-held Virginia company that runs the agency’s identity proofing system. The IRS also said any biometric data already shared with ID.me would be permanently deleted over the next few weeks, and any biometric data provided for new signups will be destroyed after an account is created. Continue reading IRS: Selfies Now Optional, Biometric Data to Be Deleted→

Report: Missouri Governor’s Office Responsible for Teacher Data Leak

Posted on February 22, 2022 by BrianKrebs

Missouri Governor Mike Parson made headlines last year when he vowed to criminally prosecute a journalist for reporting a security flaw in a state website that exposed personal information of more than 100,000 teachers. But Missouri prosecutors now say they… Read More » Continue reading Report: Missouri Governor’s Office Responsible for Teacher Data Leak→

Wazawaka Goes Waka Waka

Posted on February 14, 2022 by BrianKrebs

In January, KrebsOnSecurity examined clues left behind by “Wazawaka,” the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. Wazawaka has since “lost his mind” according to his erstwhile colleagues, creating a Twitter account to drop exploit code for a widely-used virtual private networking (VPN) appliance, and publishing bizarre selfie videos taunting security researchers and journalists.

In last month’s story, we explored clues that led from Wazawaka’s multitude of monikers, email addresses, and passwords to a 30-something father in Abakan, Russia named Mikhail Pavlovich Matveev. This post concerns itself with the other half of Wazawaka’s identities not mentioned in the first story, such as how Wazawaka also ran the Babuk ransomware affiliate program, and later became “Orange,” the founder of the ransomware-focused Dark Web forum known as “RAMP.” Continue reading Wazawaka Goes Waka Waka→

IRS To Ditch Biometric Requirement for Online Access

Posted on February 7, 2022 by BrianKrebs

The Internal Revenue Service (IRS) said today it will be transitioning away from requiring biometric data from taxpayers who wish to access their records at the agency’s website. The reversal comes as privacy experts and lawmakers have been pushing the IRS and other federal agencies to find less intrusive methods for validating one’s identity with the U.S. government online. Continue reading IRS To Ditch Biometric Requirement for Online Access→