Ravie Lakshmanan reports: A nascent threat actor known as Crypt Ghouls has been linked to a set of cyber attacks targeting Russian businesses and government agencies with ransomware with the twin goals of disrupting business operations and financial gain. “The group under review has a toolkit that includes utilities such as Mimikatz, XenAllPasswordPro, PingCastle, Localtonet, resocks, AnyDesk,…
Author: Dissent
Sudanese Brothers Arrested in ‘AnonSudan’ Takedown
Brian Krebs reports: The U.S. government on Wednesday announced the arrest and charging of two Sudanese brothers accused of running Anonymous Sudan (a.k.a. AnonSudan), a cybercrime business known for launching powerful distributed denial-of-service (DDoS) attacks against a range of targets, including dozens of hospitals, news websites and cloud providers. The younger brother is facing charges that could land…
FBI Arrests Alabama Man in the January 2024 SEC X Hack that Spiked the Value of Bitcoin
Kelvin Munene Murithi reports: The FBI has arrested Eric Council Jr., 25, of Athens, Alabama, in connection with the January 2024 unauthorized takeover of the U.S. Securities and Exchange Commission’s (SEC) X account, previously known as Twitter. The arrest follows allegations that Council played a key role in a hacking incident that led to a…
Double trouble: DoctorsToYou has not one, but two data security incidents to address
On Wednesday, the RansomHub ransomware group added a listing for DoctorsToYou in New York to their leak site. Their listing included several screencaps that revealed personally identifiable information (PII) and protected health information (PHI). Some of the files specifically showed their name or letterhead. The listing did not indicate how many GB of data RansomHub…
Radiant Capital Halts Lending After $50+ Million Security Breach; Compounded by Ancilia Goof
Coinpaper reports: Radiant Capital paused its lending markets after a cybersecurity breach that resulted in losses of more than $50 million on both the BNB Chain and Arbitrum networks. According to Web3 cybersecurity firm De.Fi Antivirus, the exploit was linked to the “transferFrom” function in Radiant Capital’s smart contracts, which allowed the attacker to drain funds…
Iranian Cyber Actors’ Brute Force and Credential Access Activity Compromises Critical Infrastructure Organizations
From CISA, Alert Code: AA24-290A Summary The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), the National Security Agency (NSA), the Communications Security Establishment Canada (CSE), the Australian Federal Police (AFP), and Australian Signals Directorate’s Australian Cyber Security Centre (ASD’s ACSC) are releasing this joint Cybersecurity Advisory to warn network defenders…