Flashpoint – Page 3 – WindowsTechs.com

Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code

Posted on April 22, 2022 by BrianKrebs

KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. The logs show LAPSUS$ breached T-Mobile multiple times in March, stealing source code for a range of company projects. T-Mobile says no customer or government information was stolen in the intrusion.

LAPSUS$ is known for stealing data and then demanding a ransom not to publish or sell it. But the leaked chats indicate this mercenary activity was of little interest to the tyrannical teenage leader of LAPSUS$, whose obsession with stealing and leaking proprietary computer source code from the world’s largest tech companies ultimately led to the group’s undoing. Continue reading Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code→

Russian Govt. Continues Carding Shop Crackdown

Posted on February 10, 2022 by BrianKrebs

Russian authorities have arrested six men accused of operating some of the most active online bazaars for selling stolen payment card data. The crackdown — the second closure of major card fraud shops by Russian authorities in as many weeks — comes closely behind Russia’s arrest of 14 alleged affiliates of the REvil ransomware gang, and has many in the cybercrime underground asking who might be next. Continue reading Russian Govt. Continues Carding Shop Crackdown→

Who Wrote the ALPHV/BlackCat Ransomware Strain?

Posted on January 28, 2022 by BrianKrebs

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “BlackCat”), considered to be the first professional cybercrime group to create and use a ransomware strain in the Rust programming language. In this post, we’ll explore some of the clues left behind by the developer who was reputedly hired to code the ransomware variant. Continue reading Who Wrote the ALPHV/BlackCat Ransomware Strain?→

Flashpoint acquires Risk Based Security to help businesses detect emerging cyber risks

Posted on January 13, 2022 by Industry News

Flashpoint announced it has acquired Risk Based Security (RBS), a Richmond, Virginia-based company specializing in vulnerability and data breach intelligence, as well as vendor risk ratings. The integration of RBS’s collections and technology into the … Continue reading Flashpoint acquires Risk Based Security to help businesses detect emerging cyber risks→

Who is the Network Access Broker ‘Wazawaka?’

Posted on January 12, 2022 by BrianKrebs

In a great many ransomware attacks, the criminals who pillage the victim’s network are not the same crooks who gained the initial access to the victim organization. More commonly, the infected PC or stolen VPN credentials the gang used to break in were purchased from a cybercriminal middleman known as an initial access broker. This post examines some of the clues left behind by Wazawaka, the handle chosen by a major access broker in the Russian-speaking cybercrime scene. Continue reading Who is the Network Access Broker ‘Wazawaka?’→

Who Is the Network Access Broker ‘Babam’?

Posted on December 3, 2021 by BrianKrebs

Rarely do cybercriminal gangs that deploy ransomware gain the initial access to the target themselves. More commonly, that access is purchased from a cybercriminal broker who specializes in stealing remote access credentials — such as usernames and passwords needed to remotely connect to the target’s network. In this post we’ll look at the clues left behind by “Babam,” the handle chosen by a cybercriminal who has sold such access to ransomware groups on many occasions over the past few years. Continue reading Who Is the Network Access Broker ‘Babam’?→

Cyware partners with Flashpoint to empower security teams to automate threat response workflows

Posted on November 21, 2021 by Industry News

Cyware announced an expanded partnership with Flashpoint to deliver intelligent automation to security teams. The partnership now features a solution that enables customers to leverage Flashpoint’s intelligence data with Cyware’s Security Orchestration… Continue reading Cyware partners with Flashpoint to empower security teams to automate threat response workflows→

The ‘Groove’ Ransomware Gang Was a Hoax

Posted on November 2, 2021 by BrianKrebs

A number of publications in September warned about the emergence of “Groove,” a new ransomware group that called on competing extortion gangs to unite in attacking U.S. government interests online. It now appears that Groove was all a big hoax designed to toy with security firms and journalists. Continue reading The ‘Groove’ Ransomware Gang Was a Hoax→

Cofense appoints Ronnie Tokazowski as Principal Threat Advisor

Posted on September 21, 2021 by Industry News

Cofense has appointed Ronnie Tokazowski as Principal Threat Advisor. Tokazowski brings to the Cofense team a wealth of firsthand knowledge and research on Business Email Compromise (BEC), which will bolster the company’s mission to support organization… Continue reading Cofense appoints Ronnie Tokazowski as Principal Threat Advisor→

Bitdefender releases REvil decryptor as ransomware gang shows signs of return

Posted on September 16, 2021 by Tim Starks

As law enforcement braces for the revival of the REvil ransomware gang, a cybersecurity firm on Thursday released a free decryption tool for early victims of the criminals. The decryptor, which Bitdefender developed in coordination with an unnamed law enforcement partner, will aid victims hit before July 13. The Romania-based company said it was still in the middle of an investigation with its partner, which agreed to release the decryptor before completing the joint inquiry to help as many victims as possible. Bitdefender has a long history of working with Europol to release tools that help victims of digital extortion sidestep the process of making a payment. “We believe new REvil attacks are imminent after the ransomware gang’s servers and supporting infrastructure recently came back online after a two month hiatus,” Bitdefender wrote in a blog post. According to another cybersecurity firm, Flashpoint, REvil is already fully back in business. […]

The post Bitdefender releases REvil decryptor as ransomware gang shows signs of return appeared first on CyberScoop.

Continue reading Bitdefender releases REvil decryptor as ransomware gang shows signs of return→