Security News

The cyberextortion attempt that has forced the shutdown of a vital U.S. pipeline was carried out by a criminal gang known as DarkSide that cultivates a Robin Hood image of stealing from corporations and giving a cut to charity, two people close to the investigation said Sunday. Commerce Secretary Gina Raimondo said Sunday that ransomware attacks are "What businesses now have to worry about," and that she will work "Very vigorously" with the Department of Homeland Security to address the problem, calling it a top priority for the administration.

Four Eastern European nationals face 20 years in prison for Racketeer Influenced Corrupt Organization charges after pleading guilty to providing bulletproof hosting services between 2008 and 2015, which were used by cybercriminals to distribute malware to financial entities across the U.S. The individuals, Aleksandr Grichishkin, 34, and Andrei Skvortsov, 34, of Russia; Aleksandr Skorodumov, 33, of Lithuania; and Pavel Stassi, 30, of Estonia, have been accused of renting their wares to cybercriminal clients, who used the infrastructure to disseminate malware such as Zeus, SpyEye, Citadel, and the Blackhole Exploit Kit that were capable of co-opting victim machines into a botnet, and stealing sensitive information. "A key service provided by the defendants was helping their clients to evade detection by law enforcement and continue their crimes uninterrupted; the defendants did so by monitoring sites used to blocklist technical infrastructure used for crime, moving 'flagged' content to new infrastructure, and registering all such infrastructure under false or stolen identities," the DoJ added.

Bad news for lockdown slimmers who've ignored advice about not needing to connect every friggin' appliance in their home to the internet: Talos researchers have sniffed out security flaws allowing attackers to hijack your air fryer. Specifically, Cisco's infosec arm said it had tested and confirmed that the Cosori Smart 5.8-Quart Air Fryer CS158-AF, version 1.1.0, could be exploited by a theoretical fried-chicken-hater.

Bad news for lockdown slimmers who've ignored advice about not needing to connect every friggin' appliance in their home to the internet: Talos researchers have sniffed out security flaws allowing attackers to hijack your air fryer. Specifically, Cisco's infosec arm said it had tested and confirmed that the Cosori Smart 5.8-Quart Air Fryer CS158-AF, version 1.1.0, could be exploited by a theoretical fried-chicken-hater.

The former systems administrator for the FIN7 card-slurping gang has been sentenced to 10 years in a US prison. Fedir Hladyr, 35, pled guilty to one count of conspiracy to commit wire fraud and one count of conspiracy to commit computer hacking last year, and on Friday was sentenced for his role in the theft and resale of over than 20 million customer card records from over 6,500 point-of-sale terminals across the US using the malware dubbed Carbanak.

An academic researcher has analysed more than 100 Computer Misuse Act cases to paint a picture of the sort of computer-enabled criminals who not only plagued Great Britain's digital doings in the 21st Century but were also caught by the plod. The average Computer Misuse Act convict is likely to be a semi- or low-skilled individual, mostly working alone and more likely than not to have no knowledge of his or her victim, James Crawford of Royal Holloway, University of London, found.

An academic researcher has analysed more than 100 Computer Misuse Act cases to paint a picture of the sort of computer-enabled criminals who not only plagued Great Britain's digital doings in the 21st Century but were also caught by the plod. The average Computer Misuse Act convict is likely to be a semi- or low-skilled individual, mostly working alone and more likely than not to have no knowledge of his or her victim, James Crawford of Royal Holloway, University of London, found.

The census happens in any year ending in the digit -1, making 2021 a census year. If you're amongst those who haven't finished off their census submissions yet, but who keep meaning to get around to it, make sure you don't fall prey to fake "Census reminder" notices sent out by cybercriminals!

This prompted a switch in tactics, with the bad guys going into intelligence mode, slowly gathering information about potential targets, and exploiting the pandemic knowledge gap to spearhead increasingly sophisticated attacks. In parallel, sophisticated supply chain attacks moved out of the realm of speculation, into reality, even as organisations grappled with traditional attacks and the growing scourge of ransomware.

The U.S. Department of Justice on Friday announced an indictment against Jean-Francois Eap, the CEO of encrypted messaging company Sky Global, and an associate for wilfully participating in a criminal enterprise to help international drug traffickers avoid law enforcement. Sky ECC is said to have surged in popularity following a similar takedown of Encrochat last July by French and Dutch investigators, with many criminal gangs shifting to the service to carry out criminal acts.