Yesterday, DataBreaches posted an update to a situation involving the threat actor known as “USDoD.” The update was based on a screencapped interaction he reportedly had with a third party that he asked the third party to forward to me. I interpreted his interaction and message to mean that he would not be turning hismelf…
Category: Miscellaneous
Trump campaign reckons with alleged Iranian hack
Shelby Talcott and Ben Smith report: Donald Trump’s campaign says it has been hacked, with some internal communications stolen and leaked to Politico over the last month. The Trump campaign blamed Iran for the hack, and referred to a Microsoft report published Friday that hackers tied to the Iranian government had tried to break into the account…
Cyberattack disrupts 911 service
Dakota Morrissiey reports: A reported cyberattack disrupted 9-1-1 service at dispatch centers in the Highland Lakes and across Central Texas for over five hours on Sunday, Aug. 4. Emergency calls were rerouted during the incident and full service restored by Sunday evening. Marble Falls, Burnet County, and Llano County dispatch centers were among those impacted…
Crypto-wallet service seized for helping ransomware gangs launder stolen funds
Risky Biz News reports: German and US authorities have seized a crypto-wallet service named Cryptonator on charges of money laundering and operating an unlicensed money service business. The service allowed individuals to set up crypto-wallet funds that could receive and send funds from and to any type of blockchain service, effectively operating as a “personal…
Release of Russian hackers believed to be first U.S. prisoner swap of international cybercriminals
There was some great news today that some American political prisoners held by Russia were being released as part of a multi-country prisoner swap. Kevin Collier reports: It’s rare for Russian criminal hackers to land in U.S. prisons and even rarer for them to get out early. But two of the eight Russians released in…
Turning the tables: two gangs’ opsec fails exposed data; good guys deleted it
Yesterday’s Risky Biz News reported that threat intel firm DarkAtlas says it gained access to one of the Rclone data exfil servers used by the Medusa ransomware group. How many times have researchers uncovered exposed data and warned that threat actors might be able to acquire, manipulate, or delete data? In today’s post, we read…