Security News
The Ragnar Locker ransomware group is warning that they will leak stolen data from victims that contact law enforcement authorities, like the FBI. Ragnar Locker has previously hit prominent companies with ransomware attacks, demanding millions of dollars in ransom payments. In an announcement published on Ragnar Locker's darknet leak site this week, the group is threatening to publish full data of victims who seek the help of law enforcement and investigative agencies following a ransomware attack.
Surveillance tech company sues Police Digital Service over 'flawed' scoring of bids on £18m contract
A company is suing the Police Digital Service over a framework worth up to £18m after losing a bid to provide a mass surveillance platform, claiming police managers broke laws on the awarding of public contracts. Excession Technologies Ltd is suing the organisation formerly known as the Police ICT Company on the grounds that it broke the Defence and Security Public Contracts Regulations after allegedly misunderstanding Excession's platform was capable of doing.
A man who viewed documents online for a controversial London property development and shared them on social media was raided by police after developers claimed there had been a break-in to their systems. The society is a property development firm that wants to build flats over a children's caged ball court in the south London borough, something Hutchinson "Vocally opposes," according to the local paper.
Law enforcement authorities in the Netherlands have arrested two alleged individuals belonging to a Dutch cybercriminal collective who were involved in developing, selling, and renting sophisticated phishing frameworks to other threat actors in what's known as a "Fraud-as-a-Service" operation. Believed to be active since at least 2020, the cybercriminal syndicate has been codenamed "Fraud Family" by cybersecurity firm Group-IB. The frameworks come with phishing kits, tools designed to steal information, and web panels, which allow the fraudsters to interact with the actual phishing site in real time and retrieve the stolen user data.
Authorities in the Netherlands have arrested a 24-year-old believed to be a developer of phishing frameworks for a cybercrime ring named "Fraud Family." According to the Dutch National Police, the man worked together with a 15-year-old accomplice to develop and sell phishing panels that allowed cybercriminals to steal banking credentials from unsuspecting users.
Interpol Secretary General Jürgen Stock urged police agencies and industry partners to work together to prevent what looks like a future ransomware pandemic. "Despite the severity of their crimes, ransomware criminals are continuously adapting their tactics, operating free of borders and with near impunity," Stock said today at the INTERPOL High-Level Forum on Ransomware.
City of London Police is looking to crack down on cybercrime with the purchase of "Next-generation IT services" in the hopes it will beef up the systems supporting Action Fraud and the National Fraud Intelligence Bureau. Action Fraud - founded in 2006 - is the UK's national reporting centre for fraud and cybercrime.
The troika was wanted for allegedly operating a bank-raiding crimeware "Service" known as Gozi, based on zombie malware that used a technique known as HTML injection to trick victims into revealing personal information relating to their on-line banking. But if you can plant malware on the victim's PC, you can use what's known as an MiTB attack, or "Manipulator in the browser".
We have seen a surge in WhatsApp accounts being hacked, if you are sent a text from WhatsApp with a code on it, don't share the code with ANYONE no matter who's asking, or the reason why. We've discussed this scam before on the Naked Security podcast, because it's a good reminder of how cybercriminals use one hijacked social media account to target others.
The city of Tulsa, OK is asking some of its residents to keep a close eye on their personal and financial accounts after the Conti ransomware group leaked some 18,000 city files, mostly police citations, on the dark web. The websites for the city, the Tulsa City Council, the city's police force and Tulsa 311 also were affected in the attack.