Marco A. De Felice (aka @amvinfe) writes: Embargo is yet another ransomware group emerging in the digital extortion landscape, a group that some industry analysts compare to the much more well-known Alphv group. However, programming similarities do not align with the statements made by a group member during our interview. The program used by Embargo…
Category: Miscellaneous
911 S5 Botnet Dismantled and Its Administrator Arrested in Coordinated International Operation
A court-authorized international law enforcement operation led by the U.S. Justice Department disrupted a botnet used to commit cyber attacks, large-scale fraud, child exploitation, harassment, bomb threats, and export violations. As part of this operation, YunHe Wang, 35, a People’s Republic of China national and St. Kitts and Nevis citizen-by-investment, was arrested on May 24…
Did BreachForums get its domain back because NiceNIC was originally nicer to them than to law enforcement? (UPDATE1)
When the FBI and its law enforcement collaborators seized BreachForums on May 15, a splash screen announced the seizure. But by the next morning, BreachForums seemed to have regained control of their domain. How that happened has yet to be explained by law enforcement. On May 20, DataBreaches reported that a Swiss prosecutor had provided CloudFlare…
Swiss law enforcement actions appear linked to seizure of BreachForums
There have been a few developments likely related to the seizure of BreachForums. As a preview, recall that Kantonspolizei Zürich was one of the cooperating entities in the takedown and that the seizure notice had two avatars behind bars. One avatar was Baphomet, the administrator of the forum. The other was a default avatar that…
TCS Employee Suspended After Reporting a Security Incident, Reddit Post Goes Viral
Purvi Khemani reports: A Reddit user recently shared a troubling experience on the platform. They claimed they were fired from TCS (Tata Consultancy Services) after reporting a security issue. Using the handle @Personal_Stage4690, they posted on the ‘Developers India’ subreddit, saying, “I reported a security incident in tcs where my manager ware (was) making employees…
CISA’s KEV catalog making a positive difference to defenders
Jonathan Greig reports that a CISA resource is having a positive effect at both a federal level as well as for non-governmental organizations: The Cybersecurity and Infrastructure Security Agency (CISA) has run its Known Exploited Vulnerabilities (KEV) catalog for nearly three years and it has quickly become the go-to repository for software and hardware bugs actively being exploited by hackers around the world. Experts…