Security News

SSNDOB, an online marketplace that sold the names, social security numbers, and dates of birth of approximately 24 million US people, has been taken offline following an international law enforcement operation. The SSNDOB marketplace consisted of multiple sites acting as mirrors of each other to aid in preventing DDoS attacks or law enforcement operations.

Several US federal agencies today revealed that Chinese-backed threat actors have targeted and compromised major telecommunications companies and network service providers to steal credentials and harvest data. "Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting," the advisory explains.

Two two American gun shops, Rainier Arms and Numrich Gun Parts, that operate e-commerce sites have disclosed data breaches resulting from card skimmer infections on their sites. Credit card skimmers are malicious JavaScript code either embedded on the sites or fetched from a remote resource by a seemingly innocuous element, such as a favicon.

European governments and US local governments were the targets of a phishing campaign using malicious Rich Text Format documents designed to exploit a critical Windows zero-day vulnerability known as Follina. BleepingComputer is aware of local governments in at least two US states that were targeted by this phishing campaign.

America's military conducted offensive cyber operations to support Ukraine in its response to Russia's illegal invasion, US Cyber Command chief General Paul Nakasone has said. "The US brings to bear the formidable capabilities of Cyber Command against rogue nation states. Cyberspace is a new domain for warfare."

Several U.S. federal agencies warned organizations today against paying ransom demands made by the Karakurt gang since that will not prevent their stolen data from being sold to others. Karakurt, the data extortion arm of the Conti ransomware gang and cybercrime syndicate, is focused on stealing data from companies since at least June 2021 and forcing them into paying ransoms under the threat of publishing the information online.

New Jersey, was hit by a ransomware attack this week that hobbled its ability to conduct business, and also cut off access to essential data. The attack, which happened on Tuesday, took down email services for county government departments as well as leaving the county clerk's office "Unable to provide most services which are reliant on internet access." Somerset County residents were asked to contact government offices via Gmail addresses set up for various departments, or via phone.

A report published today by U.S. Senator Gary Peters, Chairman of the Senate Homeland Security and Governmental Affairs Committee, says law enforcement and regulatory agencies lack insight into ransomware attacks to fight against them effectively. While ransomware incidents have been increasingly hitting organizations across the country, there's still room to improve reporting of both attacks and ransom payments which would provide the federal government with the data and information it needs to deter this severe threat to national security, Senator Peters added.

US president Biden and South Korea's new president Yoon Suk Yeol have pledged further co-operation in many technologies, including joint efforts to combat North Korea. North Korea stands accused of running many offensive operations online.

Virtualisation in general, and VMWare's product set in particular, is widely used to turn individual physical computers into several "Virtual computers" that share the same physical hardware. These virtual computers, known in the jargon as VMs, realistically pretend to be independent computers in their own right, each one booting and running an operating system of its own, as a physical computer would.