Security News

The Snatch ransomware crew has listed on its dark-web site the Florida Department of Veterans' Affairs as one of its latest victims - as the Feds warn organizations to be on the lookout for indicators of compromise linked to the extortionist gang. "After data exfiltration often involving direct communications with victims demanding ransom, Snatch threat actors may threaten victims with double extortion, where the victims' data will be posted on Snatch's extortion blog if the ransom goes unpaid," according to a joint advisory issued by the FBI and the US Cybersecurity and Infrastructure Security Agency on Wednesday.

The business offered cash for Bitcoin and vice versa, with Randol collecting a commission on the payouts. Randol provided cryptocurrency exchange services in various ways, including via the post, ATMs, and occasionally in person, prosecutors told a Los Angeles federal court on Tuesday.

It is the first US court to do so, to the delight of the Electronic Frontier Foundation, which along with other advocacy groups has been fighting for years to narrow the scope of border searches. "EFF is thrilled about this decision, given that we have been advocating for a warrant for border searches of electronic devices in the courts and Congress for nearly a decade," said Sophia Cope, senior staff attorney, in a statement Tuesday.

The Feds have sanctioned a Russian national accused of using LockBit, Babuk, and Hive ransomware to extort a law enforcement agency and nonprofit healthcare organization in New Jersey, and the Metropolitan Police Department in Washington DC, among "Numerous" other victim organizations in the US and globally. "From Russia and hiding behind multiple aliases, Matveev is alleged to have used these ransomware strains to encrypt and hold hostage for ransom the data of numerous victims, including hospitals, schools, nonprofits, and law enforcement agencies, like the Metropolitan Police Department in Washington, DC," US Attorney Philip Sellinger said in a statement.

Warrantless searches of US residents' communications by the FBI dropped sharply last year - from about 3.4 million in 2021 to 119,383 in 2022, according to Uncle Sam. For one, the FBI changed the methodology used to calculate the number of Section 702 searches, and says previous years' reports used duplicative counting methods.

Microsoft and Fortra are taking legal and technical actions to thwart cyber-criminals from using the latter company's Cobalt Strike software to distribute malware. The US District Court for the Eastern District of New York on March 31 issued a court order allowing Microsoft and Fortra to take down IP addresses that are hosting cracked versions of Cobalt Strike and seize the domain names.

The US Department of Justice has seized cryptocurrency worth about $112 million from accounts linked to so-called pig butchering investment scams. Judges in Arizona, California and Idaho authorized seizure warrants for six virtual currency accounts that prosecutors say were used to launder proceeds of the various frauds that cost victims millions of dollars after they were socially engineered into investing their savings in dodgy digicash schemes.

Meet the newest member of the crypto rogues' gallery: Ho Wan Kwok, aka Guo Wengui, aka Miles Guo, whom the US Department of Justice on Wednesday arrested over what investigators have described as a "Sprawling and complex scheme to solicit investments in various entities and programs through false statements and representations to hundreds of thousands of Kwok's online followers." One of Guo's operations was called Himalaya Exchange.

The risks you introduce by taking your eyes off the ransomware threat in 2023 to focus on the next, old-is-new-again shiny topic are similar to the risks you would have faced if you started focusing exclusively on ransomware a few years ago, when it was the hot new fear of the day. These include using phishing, searching out improperly-configured RDP servers, looking for unpatched online services on your network, or simply by buying up access credentials from crooks who were in before them.

The White House has ordered all federal government employees to delete TikTok from work devices, over fears the video-sharing app could be used to spy on Americans. TikTok has been downloaded by billions of people around the world, and is particularly popular among young people - but the US government believes that data could be shared with the Chinese government.