Gareth Corfield comments: UK authorities could lawfully copy the FBI and forcibly remove web shells from compromised Microsoft Exchange server deployments – but some members of the British infosec industry are remarkably quiet about whether this would be a good thing. In the middle of last week the American authorities made waves after deleting web shells…
Category: Of Note
Ransomware ‘bull’s eye’ grows, clouding telehealth’s rise in long-term care
Kimberly Mersalas reports: Even as COVID-19 and its emphasis on telehealth have opened providers to greater cybersecurity risks, insurance policies that offer potential protection are becoming more expensive, and in some cases, harder to get. Insurers are issuing 25% to 50% premium increases this year, reflecting a large number of ransomware payouts over the last…
The Incredible Rise of North Korea’s Hacking Army
Ed Caesar reports: Shimomura was a member of the Yamaguchi-gumi, the largest yakuza crime family in Japan. When one of his superiors asked him if he wanted to make a pile of fast money, he naturally said yes. It was May 14, 2016, and Shimomura was living in the city of Nagoya. Thirty-two years old and…
Adversary Dossier: Ryuk Ransomware Anatomy of an Attack in 2021
Vitali Kremez, Al Calleo, and Yelisey Boguslavskiy report: This report illustrates some of the new and existing Tactics, Techniques, and Procedures (TTPs) of the Ryuk ransomware variants that Advintel has witnessed throughout their investigations in 2021. Initial Attack Vector: RDP Brute Force / Other Means of Initial Attack Vector Ryuk operators gain initial access to…
Facebook faces ‘mass action’ lawsuit in Europe over 2019 breach
Natasha Lomas reports: Facebook is to be sued in Europe over the major leak of user data that dates back to 2019 but which only came to light recently after information on more than 533 million accounts was found posted for free download on a hacker forum. Today Digital Rights Ireland (DRI) announced it’s commencing a “mass action” to…
High-level organizer of notorious hacking group FIN7 sentenced to ten years in prison for scheme that compromised tens of millions of debit and credit cards
Seattle – The first high-level manager of the notorious hacking group FIN7 was sentenced today in U.S. District Court in Seattle to ten years in prison, announced Acting U.S. Attorney Tessa A. Gorman. Fedir Hladyr, 35, a Ukranian national, served as a high-level manager and systems administrator for FIN7. He was arrested in Dresden, Germany,…