Security News
Brian Krebs has a detailed post about hackers using fake police data requests to trick companies into handing over data.Virtually all major technology companies serving large numbers of users online have departments that routinely review and process such requests, which are typically granted as long as the proper documents are provided and the request appears to come from an email address connected to an actual police department domain name.
The City of London Police on Friday disclosed that it has charged two of the seven teenagers, a 16-year-old and a 17-year-old, who were arrested last week for their alleged connections to the LAPSUS$ data extortion gang. "Both teenagers have been charged with: three counts of unauthorized access to a computer with intent to impair the reliability of data; one count of fraud by false representation and one count of unauthorized access to a computer with intent to hinder access to data," Detective Inspector Michael O'Sullivan, from the City of London Police, said in a statement.
A] large-scale social engineering and extortion campaign against multiple organizations, with some seeing evidence of destructive elements. More recent campaigns have expanded to include organizations globally spanning a variety of sectors.
The Ukrainian cyberpolice have arrested a group of phishing actors who managed to steal payment card data from at least 70,000 people after luring them to fake mobile service top up sites. According to the announcement from law enforcement, the actors used the stolen information to empty their victims' bank accounts.
Spain's National Police Agency, the Policía Nacional, said last week it dismantled an unnamed cybercriminal organization and arrested eight individuals in connection with a series of SIM swapping attacks that were carried out with the goal of financial fraud. The suspects of the crime ring masqueraded as trustworthy representatives of banks and other organizations and used traditional phishing and smishing techniques to obtain personal information and bank data of victims before draining money from their accounts.
Last summer, the San Francisco police illegally used surveillance cameras at the George Floyd protests. It prohibits city agencies like the SFPD from acquiring, borrowing, or using surveillance technology, without prior approval from the city's Board of Supervisors, following an open process that includes public participation.
Some 15 server infrastructures used by crims to prepare ransomware attacks were seized by cops yesterday as part of an international sting to take down VPNLab.net. The VPN provider's service gave users "Shielded communications and internet access" that was used in "Support of serious criminals acts such as ransomware deployment and other cybercrime activities," Europol said today.
Ukrainian police officers have arrested a ransomware affiliate group responsible for attacking at least 50 companies in the U.S. and Europe. A 36-year-old resident of Ukraine's capital Kiev was identified as the leader of the group, which included his wife and three other acquaintances, the police states.
The AvosLocker ransomware operation provided a free decryptor after learning they encrypted a US government agency. While they provided a decryptor to the police department, the ransomware operation refused to provide a list of stolen files or how they breached the department's network.
The AvosLocker ransomware operation provided a free decryptor after learning they encrypted a US government agency. Last month, a US police department was breached by AvosLocker, who encrypted devices and stole data during the attack.