Security News
According to Reuters, the REVil ransomware operation was "Hacked and forced offline this week by a multi-country operation". The Colonial ransomware incident was attributed to a cybergang going by DarkSide, a criminal operation that Reuters describes as "Developed by REvil associates."
AnyVision announced the availability of OnPatrol, a tactical surveillance mobile application that protects law enforcement and military personnel by recognizing persons of interest and alerting officers in real-time via their mobile device. "Public trust in the safety and security provided by law enforcement agencies is of paramount importance. AnyVision OnPatrol can help de-escalate potential threats and prevent physical harm by identifying criminals and dangerous individuals in real-time through our Recognition AI technology," said Dieter Joecker, AnyVision's CTO. "It is designed specifically to recognize and check individual faces against a designated watchlist - even when people are in motion, captured in poor lighting, or partially obscured by surrounding people."
NICE announced, as part of its collaboration with Microsoft, that it is extending its certified Capture and Archiving Technology for Teams to law enforcement and criminal justice agencies to support their adoption of Teams for improved collaboration, flexible working and virtual hearings. Using the NICE Capture and Archiving solution for Teams, police departments, prosecutors' offices and courts can now capture and archive all interactions on the Teams platform, including voice, video, chat, and screen and document sharing, for the preservation of evidence and future review.
Taken at face value, these events could be taken to imply that law enforcement has found some way to crack the encryption of bitcoin wallets. Tracing bitcoin wallets is difficult but not beyond the resources of law enforcement.
Europol, the US Department of Justice, and Britain's National Crime Agency have taken down a VPN service they claimed was mainly used by criminals - boasting that they hoovered up "Personal information, logs and statistics" from the site. The DoubleVPN site went dark yesterday after law enforcement agencies swooped on its servers, with a joint public statement this afternoon confirming that the takedown was genuine.
Law enforcement has seized the servers and customer logs for DoubleVPN, a double-encryption service commonly used by threat actors to evade detection while performing malicious activities. DoubleVPN is a Russian-based VPN service that double-encrypts data sent through their service.
It was a good week for law enforcement, with Ukrainian police arresting members of the Clop ransomware gang and the South Korean police arresting computer repairment installing ransomware. The complete source code for the Paradise Ransomware has been released on a hacking forum allowing any would-be cyber criminal to develop their own customized ransomware operation.
Law enforcement agencies from the United States, Germany, the Netherlands, and Romania seized servers used to host Slilpp's marketplace infrastructure and its domain names. Slilpp has been active since 2012 and was used by cybercriminals to sell and buy stolen login credentials for bank, online payment, mobile phone, retailer, and other online accounts.
Exterro announced they have teamed up with Microsoft to deliver a cloud-based digital forensics platform for law enforcement agencies worldwide. Designed to counter rising data volumes, data complexity and resource constraints, the combination of Exterro's Forensic Toolkit Lab on Microsoft Azure delivers exponentially improved forensic readiness, collaboration, and processing of data at scale designed to provide faster time to justice.
The increasingly defiant attacks on law enforcement agencies underscore how little ransomware gangs fear repercussions. Ransomware gangs have been leaking sensitive data from victims for well over a year, but experts said they've not seen such aggressive new tactics used before against police departments.