Security News
LockBit ransomware could be deployed through compromised website links, phishing, credential theft or other methods. Must-read security coverage LockBit website shut down.
LockBitSupp, the individual running the LockBit ransomware-as-a-service operation, has made good on one promise: the LockBit leak site is back online on backup domains, with lists of victims expected to be unveiled in the coming days. Last week, Operation Cronos hit LockBit hard by taking over their leak site and affiliate panel, disrupting part of their infrastructure, and arresting some suspected affiliates.
The U.S. Federal Trade Commission sued tax preparation giant H&R Block over the company's deceptive "Free" online filing advertising and for pressuring people into overpaying for its services. H&R Block employs 70,000 tax pros working in over 12,000 offices worldwide and has reported a revenue of $3.5 billion in 2023.
TL;DR: Your most sensitive data can be removed from the internet with just a few clicks with a 1-year subscription to Incogni Personal Information Removal, and it's available to new users for only $50 through 2/4 11:59 p.m. Pacific. Incogni can help you avoid the lengthy, tedious process of having your data erased from the internet, and a one-year subscription is available to new users for just $49.97 through February 4.
CyberArk has created an online version of 'White Phoenix,' an open-source ransomware decryptor targeting operations using intermittent encryption. The online version has a file size limit of 10MB, so if you're looking to decrypt larger files or virtual machines, the GitHub version is the only way to go.
On January 12, 2024, Microsoft discovered that Russian hackers breached its systems in November 2023 and stole email from their leadership, cybersecurity, and legal teams.Microsoft now explains that the threat actors used residential proxies and "Password spraying" brute-force attacks to target a small number of accounts, with one of these accounts being a "Legacy, non-production test tenant account."
Global crime networks have set up shop in autonomous territories run by armed gangs across Southeast Asia, and are using them to host physical and online casinos that, in concert with crypto exchanges, have led to an explosion of money laundering, cyberfraud, and cybercrime across the region and beyond. The scenario above was outlined on Monday by the United Nations Office on Drugs and Crime in a new report [PDF] titled "Casinos, Money Laundering, Underground Banking, and Transnational Organized Crime in East and Southeast Asia: A Hidden and Accelerating Threat."
Comment In some ways, the ransomware landscape in 2023 remained unchanged from the way it looked in previous years. The industry needs governments to insert themselves into the crisis and take decisive action to stop ransomware from becoming even more out of hand than it already is.
Museum software solutions provider Gallery Systems has disclosed that its ongoing IT outages were caused by a ransomware attack last week. In a customer notification shared with BleepingComputer, Gallery Systems said it suffered a ransomware attack on December 28th, causing the company to take systems offline to prevent further devices from being encrypted.
The source code for Grand Theft Auto 5 was reportedly leaked on Christmas Eve, a little over a year after the Lapsus$ threat actors hacked Rockstar games and stole corporate data. Links to download the source code were shared on numerous channels, including Discord, a dark web website, and a Telegram channel that the hackers previously used to leak stolen Rockstar data.