From Interpol: LYON, FRANCE – A transcontinental police operation against online financial crime has concluded with almost 3,500 arrests and seizures of USD 300 million (approx. EUR 273 million) worth of assets across 34 countries. The six-month Operation HAECHI IV (July-December 2023) targeted seven types of cyber-enabled scams: voice phishing, romance scams, online sextortion, investment…
Category: Of Note
AlphV reacts to law enforcement action by allowing affiliates to attack hospitals, critical infrastructure
In response to the takedown notice on their original leak site and other damage done to their operations as described in the DOJ press release and warrant application that was unsealed today, AlphV posted this: As you all know, the FBI got the keys to our blog, now we’ll tell you how it was. First,…
Comcast Cable Communications notifies 35,879,455 consumers affected by Citrix incident
The timeline from their notification to consumers tells the sad story: Notice of Data Security Incident We are notifying you of a recent data security incident involving your personal information. This notice explains the incident, steps Xfinity has taken to address it, and guidance on what you can do to protect your personal information. What…
Big news from DOJ: Justice Department Disrupts Prolific ALPHV/Blackcat Ransomware Variant
FBI Offers Decryption Tool to Over 500 Victims Around the World, Additional Victims Encouraged to Come Forward The Justice Department announced today a disruption campaign against the Blackcat ransomware group — also known as ALPHV or Noberus — that has targeted the computer networks of more than 1,000 victims and caused harm around the world…
China issues draft contingency plan for data security incidents
Eduardo Baptista reports: China on Friday proposed a four-tier classification to help it respond to data security incidents, highlighting Beijing’s concern with large-scale data leaks and hacking within its borders. The contingency plan comes amid heightened geopolitical tensions with the United States and its allies and follows an incident last year when a hacker claimed…
Opening a Can of Whoop Ads: Detecting and Disrupting a Malvertising Campaign Distributing Backdoors
Ryan Tomcik, Adrian McCabe, Rufus Brown, and Geoff Ackerman write: Earlier this year, Mandiant’s Managed Defense threat hunting team identified an UNC2975 malicious advertising (“malvertising”) campaign promoting malicious websites themed around unclaimed funds. This campaign dates back to at least June 19, 2023, and has abused search engine traffic and leveraged malicious advertisements to affect…