Intel471 writes: When it comes to attributing malicious cyber activity, there are two buckets by which actors generally fall in: “financially-motivated” or “nation-state.” The former is ultimately interested in money, while the latter is more concerned with obtaining or exploiting sensitive information to gain an advantage over a government or commercial entity. For the past…
Exchange Servers Targeted by ‘Epsilon Red’ Malware
Elizabeth Montalbano reports: REvil threat actors may be behind a set of PowerShell scripts developed for encryption and weaponized to exploit vulnerabilities in corporate networks, the ransom note suggests. Threat actors have deployed new ransomware on the back of a set of PowerShell scripts developed for making encryption, exploiting flaws in unpatched Exchange Servers to…
Au: Victoria’s child protection department misled watchdogs after sex offender Alex Jones CRISSP data breach
Josie Taylor and ABC Investigations’ Sarah Curnow report: Victorian child protection authorities misled the state’s privacy watchdog during an investigation of a data breach involving a sex offender and dozens of vulnerable children, telling the Office of the Victorian Information Commissioner it had contacted all affected children when it had not. The state’s commissioner for…
De: Pearl takes online shop offline after cyberattack
Pearl is a German mail-order company that sells electronics and computers, cameras, clothing, jewelry, and games. Now, it’s a mail-order company without an online shop. Spiegel reports (translation): On June 5, 2021, the IT systems of Pearl GmbH were attacked by hackers who had access to servers and virtual machines,” writes the company from Buggingen…
Department of Justice Seizes $2.3 Million in Cryptocurrency Paid to the Ransomware Extortionists Darkside
WASHINGTON – The Department of Justice today announced that it has seized 63.7 bitcoins currently valued at approximately $2.3 million. These funds allegedly represent the proceeds of a May 8, ransom payment to individuals in a group known as DarkSide, which had targeted Colonial Pipeline, resulting in critical infrastructure being taken out of operation. The…
Cybercrime forum advertises alleged database, source code from Russian firm that helped Parler
Tim Starks reports: A seller on a popular cybercrime forum appears to be offering up source code and a database they say belongs to DDoS-Guard, the Russia-based hosting site that helped right-leaning social media company Parler get back online after Amazon Web Services banished it. […] Security vendor Group-IB, which noticed the listing, said that while…