Bill Toulas reports: A financially motivated threat actor is hacking telecommunication service providers and business process outsourcing firms, actively reversing defensive mitigations applied when the breach is detected. The campaign was spotted by Crowdstrike, who says the attacks started in June 2022 and are still ongoing, with the security researchers able to identify five distinct…
Category: Commentaries and Analyses
Paying the Ransom in Response to a Ransomware Attack can Sometimes Backfire
Nolan Goldberg and Margaret Ukwu of Proskauer write: A new study by Hiscox, a privacy and cyber security insurance company, sheds light on additional practical concerns that should be taken into account in that balancing of potential risks and benefits. Hiscox released its sixth annual Cyber Readiness Report 2022. In it, Hiscox raises a number…
After Discovery of Huge Data Breach, Twitter Alternative Hive Goes Offline
Lucas Ropek reports: Not long after Elon Musk took over Twitter and started doing a whole lot of crazy stuff to the platform, the microblogging app Hive Social saw a huge spike in users. Apparently fed up with Elon’s shit, a bunch of people had decided to try out alternative social media sites—and Hive was one of them. Launched back in…
Darknet markets generate millions in revenue selling stolen personal data
Christian Jordan Howell and David Maimon report: …. This trafficking of stolen data between producers, wholesalers, and consumers is enabled by darknet markets, which are websites that resemble ordinary e-commerce websites but are accessible only using special browsers or authorization codes. We found several thousand vendors selling tens of thousands of stolen data products on 30 darknet…
Source: FBI investigating cyberattack of online sportsbooks
David Purdum reports: An investigation into an ongoing cyberattack that impacted thousands of betting accounts at the largest online sportsbooks has been escalated to the FBI, an industry source told ESPN. Some customers, who were compromised and had funds withdrawn out of their personal bank accounts, were struggling to reach DraftKings and FanDuel representatives and…
#StopRansomware: Cuba Ransomware
Joint Cybersecurity Advisory Product ID: AA22-335A December 1, 2022 TLP:CLEAR The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) are releasing this joint CSA to disseminate known Cuba ransomware IOCs and TTPs associated with Cuba ransomware actors identified through FBI investigations, third-party reporting, and open-source reporting. This advisory updates the…