Security News

The Feds have sanctioned a Russian national accused of using LockBit, Babuk, and Hive ransomware to extort a law enforcement agency and nonprofit healthcare organization in New Jersey, and the Metropolitan Police Department in Washington DC, among "Numerous" other victim organizations in the US and globally. "From Russia and hiding behind multiple aliases, Matveev is alleged to have used these ransomware strains to encrypt and hold hostage for ransom the data of numerous victims, including hospitals, schools, nonprofits, and law enforcement agencies, like the Metropolitan Police Department in Washington, DC," US Attorney Philip Sellinger said in a statement.

Warrantless searches of US residents' communications by the FBI dropped sharply last year - from about 3.4 million in 2021 to 119,383 in 2022, according to Uncle Sam. For one, the FBI changed the methodology used to calculate the number of Section 702 searches, and says previous years' reports used duplicative counting methods.

Microsoft and Fortra are taking legal and technical actions to thwart cyber-criminals from using the latter company's Cobalt Strike software to distribute malware. The US District Court for the Eastern District of New York on March 31 issued a court order allowing Microsoft and Fortra to take down IP addresses that are hosting cracked versions of Cobalt Strike and seize the domain names.

The US Department of Justice has seized cryptocurrency worth about $112 million from accounts linked to so-called pig butchering investment scams. Judges in Arizona, California and Idaho authorized seizure warrants for six virtual currency accounts that prosecutors say were used to launder proceeds of the various frauds that cost victims millions of dollars after they were socially engineered into investing their savings in dodgy digicash schemes.

Meet the newest member of the crypto rogues' gallery: Ho Wan Kwok, aka Guo Wengui, aka Miles Guo, whom the US Department of Justice on Wednesday arrested over what investigators have described as a "Sprawling and complex scheme to solicit investments in various entities and programs through false statements and representations to hundreds of thousands of Kwok's online followers." One of Guo's operations was called Himalaya Exchange.

The risks you introduce by taking your eyes off the ransomware threat in 2023 to focus on the next, old-is-new-again shiny topic are similar to the risks you would have faced if you started focusing exclusively on ransomware a few years ago, when it was the hot new fear of the day. These include using phishing, searching out improperly-configured RDP servers, looking for unpatched online services on your network, or simply by buying up access credentials from crooks who were in before them.

The White House has ordered all federal government employees to delete TikTok from work devices, over fears the video-sharing app could be used to spy on Americans. TikTok has been downloaded by billions of people around the world, and is particularly popular among young people - but the US government believes that data could be shared with the Chinese government.

The US Department of Justice asked the judge hearing its antitrust case against Google to sanction the search advertising giant for destruction of evidence. The case has since progressed into the discovery phase and now the DoJ contends that Google has ignored its responsibility to preserve evidence relevant to the case.

The US Department of Justice unsealed a 16-count indictment today accusing five Russians, an American citizen, and a lawful permanent US resident of smuggling export-controlled electronics and military ammunition out of the United States for the Russian government. Alexey Brayman, the lawful permanent US resident; and Vadim Yermolenko, the US citizen, were both apprehended in the United States.

Pig butchering is a newish twist on romance scams in which fraudsters build a relationship with their victims and then con them into transferring money into accounts controlled by the crooks. While the court documents remain sealed, we're told that fraudsters tricked five victims in the US between May and August into transferring their money to the seven now-seized domains designed to look like the Singapore International Monetary Exchange.