Security News

There has been quite a bit of ransomware news this week, with crypto exchanges being seized for alleged money laundering and researchers providing fascinating reports on the behavior of ransomware operators. For those who want to learn more about the rise of the most prominent ransomware operation at this time, you should definitely give DiMaggio's Unlocking LockBit - a Ransomware Story a read. The US and France also conducted a law enforcement operation where they seized the domain and arrested the operator of the Bizlato crypto exchange for allegedly money laundering crypto proceeds generated from ransomware and illegal drug transaction.

The U.S. Department of Justice on Wednesday announced the arrest of Anatoly Legkodymov, the cofounder of Hong Kong-registered cryptocurrency exchange Bitzlato for allegedly processing $700 million in illicit funds. According to court documents, Bitzlato is said to have advertised itself as a virtual currency exchange with minimal identification requirements for its users, breaking the rules requiring the vetting of customers.

The U.S. Department of Justice arrested and charged Russian national Anatoly Legkodymov, the founder of the Hong Kong-registered cryptocurrency exchange Bitzlato, with helping cybercriminals allegedly launder illegally obtained money. Because of "Deficient know-your-customer procedures, Bitzlato allegedly became a haven for criminal proceeds and funds intended for use in criminal activity," the DOJ said.

Two cryptocurrency exchanges have frozen accounts identified as having been used by North Korea's notorious Lazarus Group. Lazarus Group is identified suspected of being a cybercrime crew run by the government of North Korea and is infamous for the WannaCry ransomware, attacking Sony Pictures and stealing secrets from energy companies.

European cops arrested 15 suspected scammers and shut down a multi-country network of call centers selling fake cryptocurrency that law enforcement said stole upwards of hundreds of million euros from victims. The scammers tricked their victims into investing large sums of money into fake cryptocurrency schemes according to Europol, which became involved in the investigation in June 2022 at the behest of German law enforcement agencies.

We've got one zero-day, but perhaps even bigger than that, we say, "Thanks for the memories, Windows 7 and Windows 8.1, we hardly knew ye." There's one zero-day, which I think is an elevation of privilege, and that applies right from Windows 8.1 all the way to Windows 11 2022H2, the most recent release.

Researchers have discovered cryptographic vulnerabilities in Swiss-based secure messaging application Threema that may have allowed attackers to do things like break authentication or recover users' long-term private keys. The vulnerabilities have been fixed and Threema has since switched to a new communication protocol they designed with the help of external cryptographers.

The threat actors behind the Kinsing cryptojacking operation have been spotted exploiting misconfigured and exposed PostgreSQL servers to obtain initial access to Kubernetes environments. Kinsing has a storied history of targeting containerized environments, often leveraging misconfigured open Docker daemon API ports as well as abusing newly disclosed exploits to drop cryptocurrency mining software.

Without meeting up first to agree on a secret encryption key. Very simply put, RSA has not one key, like a traditional door lock, but two different keys, one for locking the door and the other for unlocking it.

LastPass finally admits: Those crooks who got in? They did steal your password vaults, after all. Actually your passwords were encrypted, but the websites and the web services and an unstated list of other stuff that you stored, well, that *wasn't* encrypted.