Security News > 2024 > March

A cyberattacker and extortionist of a medical center has pleaded guilty to federal computer fraud and abuse charges in the US. Robert Purbeck, adopting the aliases "Lifelock" and "Studmaster" during his time as a cybercriminal, according to the Department of Justice, stole personal data belonging to more than 132,000 people. In one incident described by the DoJ following his 2021 indictment [PDF], Purbeck was said to have targeted a Florida orthodontist and threatened to sell his child's personal information unless they paid a ransom.

Smaller RaaS groups are trying to recruit new and "Displaced" LockBit and Alphv/BlackCat affiliates by foregoing deposits and paid subscriptions, offering better payout splits, 24/7 support, and other "Perks". RaaS operations usually consist of a core group that develops the ransomware and mantains the underlying infrastructure for its deployment, and affiliates that leverage it after breaking into target systems and networks and give the core group a percentage of the ransom as payment for their services.

The makers of Flipper Zero have responded to the Canadian government's plan to ban the device in the country, arguing that it is wrongfully accused of facilitating car thefts. Flipper Devices, the maker of the portable pen-testing tool, argues that these accusations are ill-informed and Flipper Zero is incapable of stealing cars using keyless entry systems.

In North America, 77 percent of all instances were in the United States, according to the annual State of Stalkerware report. Stalkerware is easily available and can be downloaded from the internet onto a victim's smartphone without their knowledge, enabling whomever put the surveillance app on their partner's or child's devices to spy on their victims while the software remains "Invisible to the user."

Did you know that 79% of organizations are already leveraging Generative AI technologies? Much like the internet defined the 90s and the cloud revolutionized the 2010s, we are now in the era of...

Multiple threat actors are exploiting the recently disclosed security flaws in JetBrains TeamCity software to deploy ransomware, cryptocurrency miners, Cobalt Strike beacons, and a Golang-based...

The Wall Street Journal is reporting on a variety of techniques drivers are using to obscure their license plates so that automatic readers can't identify them and charge tolls properly. Some drivers have power-washed paint off their plates or covered them with a range of household items such as leaf-shaped magnets, Bramwell-Stewart said.

ESET Research has recorded a considerable increase in AceCryptor attacks, with detections tripling between the first and second halves of 2023. In recent months, researchers registered a significant change in how AceCryptor is used, namely that the attackers spreading Rescoms started utilizing AceCryptor, which was not the case beforehand.

An analysis of 100,000+ Windows malware samples has revealed the most prevalent techniques used by malware developers to successfully evade defenses, escalate privileges, execute the malware, and assure its persistence. The analyzed malware samples were most often delivered via malicious email attachments featuring macro-enabled documents, Windows shortcut files, ISO/VHD containers, and MSI installers.

The Feds and friends yesterday issued yet another warning about China's Volt Typhoon gang, this time urging critical infrastructure owners and operators to protect their facilities against destructive cyber attacks that may be brewing. The Tuesday alert - issued by the US Cybersecurity and Infrastructure Security Agency, the National Security Agency, FBI and eight other US and international partners - comes a little more than a month after the same groups from the same Five Eyes nations sounded the alarm on Volt Typhoon compromising "Multiple" critical infrastructure orgs' IT networks in America.