Karen Hoffman reminds readers of the costs of poor security, reporting, in part: Last month, the U.S. Securities and Exchange Commission (SEC) fined Chase $125 million due to employees’ insecure practices, namely using WhatsApp and personal email accounts to transact official business, thus not adhering to SEC record-keeping requirements. Additionally, under a separate enforcement action,…
Category: Of Note
N.Korean internet downed by suspected cyber attacks -researchers
Josh Smith reports: North Korea’s internet appears to have been hit by a second wave of outages in as many weeks, possibly caused by a distributed denial-of-service (DDoS) attack, researchers said on Wednesday. The latest incident took place for about six hours on Wednesday morning local time, and came a day after North Korea conducted…
DeepDotWeb Administrator Sentenced to 97 Months in Prison for Money Laundering Scheme
Defendants Received Over $8 Million in Kickbacks from Purchases of Contraband on Darknet Marketplaces An Israeli national was sentenced yesterday to 97 months in prison for operating DeepDotWeb (DDW), a website that connected internet users with Darknet marketplaces, where they purchased illegal firearms, malware and hacking tools, stolen financial data, heroin, fentanyl and other illicit…
Canadian Radio-television and Telecommunications Commission (CRTC) investigation targets Dark Web marketplace vendors and administrator
January 26, 2022 – Ottawa-Gatineau – Canadian Radio-television and Telecommunications Commission (CRTC) The CRTC’s Chief Compliance and Enforcement Officer today announced penalties totalling $300,000 to four Canadians for their involvement in the Dark Web marketplace Canadian HeadQuarters (also known as CanadianHQ). The marketplace was taken offline following the execution of warrants by CRTC staff. Before…
HHS Brief: Log4J Vulnerabilities and the Health Sector
The HHS Cybersecurity Program has issued a new brief this week: Log4J Vulnerabilities and the Health Sector You can access it at https://www.hhs.gov/sites/default/files/log4j-vulnerabilities-health-sector.pdf
If you are the threat actor(s) responsible for a Swiss contractor attack, please read this
If anyone knows anything about the attack described below, please contact me via Signal or via email (see the Contact page for both). You can also reach me on Telegram @DissentDoe. And if you are the threat actor and are willing to delete/purge the data, please get in touch. Catalin Cimpanu made me aware of…