Russia Sends Cybersecurity CEO to Jail for 14 Years

The Russian government today handed down a treason conviction and 14-year prison sentence on Iyla Sachkov, the former founder and CEO of one of Russia’s largest cybersecurity firms. Sachkov, 37, has been detained for nearly two years under charges that the Kremlin has kept classified and hidden from public view, and he joins a growing roster of former Russian cybercrime fighters who are now serving hard time for farcical treason convictions. Continue reading Russia Sends Cybersecurity CEO to Jail for 14 Years

3CX Breach Was a Double Supply Chain Compromise

We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accounts on LinkedIn to lure people into opening malware disguised as a job offer; malware targeting Mac and Linux users working at defense and cryptocurrency firms; and software supply-chain attacks nested within earlier supply chain attacks. Continue reading 3CX Breach Was a Double Supply Chain Compromise

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Authorities in the United States and United Kingdom today levied financial sanctions against seven men accused of operating “Trickbot,” a cybercrime-as-a-service platform based in Russia that has enabled countless ransomware attacks and bank account takeovers since its debut in 2016. The U.S. Department of the Treasury says the Trickbot group is associated with Russian intelligence services, and that this alliance led to the targeting of many U.S. companies and government entities. Continue reading U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

The Link Between AWM Proxy & the Glupteba Botnet

On December 7, 2021, Google announced it had sued two Russian men allegedly responsible for operating the Glupteba botnet, a global malware menace that has infected millions of computers over the past decade. That same day, AWM Proxy — a 14-year-old anonymity service that rents hacked PCs to cybercriminals — suddenly went offline. Security experts had long seen a link between Glupteba and AWM Proxy, but new research shows AWM Proxy’s founder is one of the men being sued by Google. Continue reading The Link Between AWM Proxy & the Glupteba Botnet

Microsoft patches actively exploited Windows zero-day (CVE-2021-40449)

On October 2021 Patch Tuesday, Microsoft has fixed 71 CVE-numbered vulnerabilities. Of those, only one was a zero-day exploited in attacks in the wild (CVE-2021-40449) and three were publicly known before the release of the patches. Vulnerabilities of … Continue reading Microsoft patches actively exploited Windows zero-day (CVE-2021-40449)

AMTS appoints Alexander Ivanyuk and David Ellis as new board members

AMTS announced that their members have elected a new board, appointing Alexander Ivanyuk, Senior Director of Product and Technology, at global technology company Acronis, and David Ellis, Vice President of Sales and Corporate Relations at cloud securit… Continue reading AMTS appoints Alexander Ivanyuk and David Ellis as new board members

Microsoft Patch Tuesday, April 2021 Edition

Microsoft today released updates to plug at least 110 security holes in its Windows operating systems and other products. The patches include four security fixes for Microsoft Exchange Server — the same systems that have been besieged by attacks on four separate (and zero-day) bugs in the email software over the past month. Redmond also patched a Windows flaw that is actively being exploited in the wild. Continue reading Microsoft Patch Tuesday, April 2021 Edition

Critical flaw in Rockwell PLCs allows attackers to fiddle with them (CVE-2021-22681)

A critical, easy to exploit vulnerability (CVE-2021-22681) may allow attackers to remotely connect to a number of Rockwell Automation’s programmable logic controllers (PLCs) and to install new (malicious) firmware, alter the device’s config… Continue reading Critical flaw in Rockwell PLCs allows attackers to fiddle with them (CVE-2021-22681)