Elizabeth Montalbano reports: A threat actor known for targeting Microsoft cloud environments now is employing the serial console feature on Azure virtual machines (VMs) to hijack the VM to install third-party remote management software within clients’ cloud environments. Tracked as UNC3844 by researchers at Mandiant Intelligence, the threat group is leveraging this attack method to…
A different kind of ransomware demand: Donate to charity to get your data back
A.J. Vicens reports: A new and increasingly active ransomware group that’s attacked nearly 200 organizations in less than two months has a different spin on its extortion efforts: Don’t pay us, pay a charity. So far, this unnamed group that is at least publicly claiming to be driven by anti-capitalist sentiment and its own brand…
‘Fraud is fun’: Teen hacker charged with breaking into DraftKings accounts leading to theft of $600,000
Lukas I. Alpert reports: A boastful teenage hacker has been charged with orchestrating a break-in to the sports betting website DraftKings, which led to $600,000 being drained from hundreds of customer accounts. Joseph Garrison, 18, of Madison, Wis., is accused of using stolen log-in and password combinations he bought on the dark web to hack…
Several Louisiana agencies crippled by network outage
Kenny Kuhn reports: Multiple Louisiana state agencies are experiencing a statewide network outage which is causing issues at their field offices across the state. The network outage has crippled state agencies including The Louisiana Office of Motor Vehicles, the Louisiana Department of Wildlife and Fisheries, the Department of Children and Family Services, and the Department…
Hacker attack Asl Abruzzo, Guarantor: downloading data is a crime
A press release (machine translated) from the Italian data protection regulator, Garante per la Protezione dei Dati Personali: With reference to the recent hacker attack suffered by Asl 1 Abruzzo, the Guarantor for the protection of personal data reminds that anyone who comes into possession or downloads data published on the dark web by criminal…
OH: Buckley King law firm hit by BlackBasta
Ransomware groups often promise to keep everything confidential if their victim pays them. They can’t do that if their chats are not secure and someone is able to shoulder-surf or otherwise get access to the negotiations and any files provided by the attackers as proof — or any bitcoin wallet addresses. If victims think or…