Dateline Moscow and Kyiv: DDos and ransomware.
Ukraine at D+235: Russia resumes drone strikes and nusiance-level cyber ops. (CyberWire) Russia resumes drone strikes (with Iranian-supplied drones) against Ukrainian cities. Ukraine strikes Russian border region. DDoS and ransomware hit targets in Ukraine, Poland, and Bulgaria. The attacks are in the Russian interest, but have not achieved more than a nuisance effect.
Russia-Ukraine war: List of key events, day 236 (Al Jazeera) As the Russia-Ukraine war enters its 236th day, we take a look at the main developments.
Strikes Hit Russian Border Region, a Key Staging Ground for Troops (New York Times) Explosions rocked Belgorod on Sunday, wounding three people, a day after shelling set fire to a fuel depot, Russian officials said.
Ukraine war: Kyiv attacked by 'kamikaze drones', say officials (BBC News) Several people were killed in a wave of attacks across the country, including in the capital.
An explosion, a burst of flames, then screams: ‘kamikaze’ drones rain down on Kyiv (the Guardian) Indiscriminate attacks by Russia on Ukraine’s capital sow terror among civilian population
Waves of suicide drones strike Ukraine's capital, 3 killed (AP NEWS) Waves of explosive-laden suicide drones struck Ukraine's capital Monday, setting buildings ablaze and sending people scurrying for shelter or attempting to shoot down the kamikazes — a week after Russia unleashed its most widespread strikes against the country in months.
Ukrainians' resilience persists despite new Russian barrage (AP NEWS) When massive, coordinated Russian bombardments shook cities and towns across Ukraine a week ago to trigger a new phase in the Kremlin’s war, one strike left a huge crater in a popular Kyiv children’s playground and ripped open a central intersection.
‘Coffins Are Already Coming’: The Toll of Russia’s Chaotic Draft (New York Times) Newly mobilized recruits are already at the front in Ukraine, a growing chorus of reports says, fighting and dying after only days of training.
Russia-Ukraine war live: Russia continuing ‘massive, forced deportations’; Kremlin’s missile stocks diminishing, UK says (the Guardian) US think tank says Putin engaging in ‘ethnic cleansing’ in Ukraine; UK ministry of defence says Russia probably unable to replenish missile stocks
Ukraine: Rockets strike mayor's office in separatist Donetsk (AP NEWS) Pro-Kremlin officials on Sunday blamed Ukraine for a rocket attack that struck the mayor’s office in a key Ukrainian city controlled by the separatists. Separately, Ukrainian officials said Russian rockets struck a city across from the Zaporizhzhia nuclear power plant, injuring six people.
Assailants kill 11 troops and injure 15 at training ground, Russia says (Washington Post) At least 11 people were killed and 15 injured in a shooting Saturday at a military training base in the Belgorod region of Russia, which serves as a staging ground for the war in Ukraine, the Russian Defense Ministry reported.
RUSSIA/UKRAINE : In Moscow and Crimea, Ukrainian saboteurs are a thorn in the FSB's side (Intelligence Online) Blamed by Washington in the assassination of Darya Dugina, and by Moscow in the Kerch Bridge attack, Ukraine's covert units have never attracted so much public attention.
The scale of Russian attacks on Ukraine’s infrastructure, visualized (Washington Post) Ukrainian officials are urging people across the country to conserve energy and warning of a difficult winter after Russia pummeled critical infrastructure.
Russia’s airstrikes, intended to show force, reveal another weakness (Washington Post) On Monday, Russia fired 84 missiles, many at Ukrainian civilian infrastructure targets, causing power outages in many cities. On Tuesday, Russia launched another 28 cruise missiles. And on Thursday, the Ukrainian Armed Forced General Staff said Russia had hit more than 40 settlements since the day before. In all, more than three dozen people were killed.
Iran plans to send missiles, drones to Russia for Ukraine war, officials say (Washington Post) Increased flow of weapons from Iran could help offset steep Russian weapons losses, rebuild supply of precision-guided munitions
Belarus Wavers as Putin Presses It to Join Ukraine War (New York Times) The country’s strongman, Aleksandr Lukashenko, finds himself in a bind. He survives with support from Russia, but entering the fight could be “political suicide.”
The EU is moving toward training thousands of Ukrainian soldiers on its own soil (NPR.org) A plan expected to be approved Monday could make training available for 12,000 Ukrainians in Poland, and another 3,000 in Germany. The move comes as Russia is mobilizing an additional 300,000 troops.
France ramps up war support for Ukraine, rebuilds armories (ABC News) France is pledging air defense missiles to protect Ukrainian cities against drone strikes, and an expanded training program for Ukrainian soldiers
US sending $725 million more in military aid to Ukraine (Military Times) The aid announcement caps a string of commitments from allies this week.
7th Army Training Command balances Ukraine training, Nordic security (Army Times) The U.S. Army’s largest overseas training command is continuing to provide support for Sweden and Finland, who want to join NATO.
Ukraine-Russia war: Putin says direct clash with Nato would lead to 'global catastrophe' (The Telegraph) Vladimir Putin has said any direct clash of Nato troops with Russia would lead to a "global catastrophe".
Putin’s No-Win Trap (Wilson Center) Perhaps never in his twenty-three years as president has Vladimir Putin found himself in such a tight spot as he has today. More than losses in the war against Ukraine, the crumbling of his administration’s well-oiled machinery and leaks in the information bubble have put him on the back foot, unable to claim success with any credibility. The parallels with the late Soviet era are unmissable—but neither do they mean he will not, in the end, find his way to a resolution he can claim as success.
The Thaw on Russia’s Periphery Has Already Started (Foreign Policy) All around a war-weakened Russia, there is a giant geopolitical sucking sound.
Russia Meets Its History (Wilson Center) Those who chose to ignore or failed to learn Russia’s dark history now suffer for it. Many in Russia are currently discovering the hard way that fascination with the “great past” is a surefire way to catastrophe.
The online guide Russians use to escape Putin’s war (Washington Post) This Telegram community is helping Russians plan every detail of their exit
Putin calls his actions in Ukraine 'correct and timely' (AP NEWS) Russian President Vladimir Putin said Friday he expects his mobilization of army reservists for combat in Ukraine to be completed in about two weeks, allowing him to end an unpopular and chaotic call-up meant to counter Ukrainian battlefield gains and solidify his illegal annexation of occupied territory.
The Sources of Russian Misconduct (Foreign Affairs) A diplomat defects from the Kremlin.
‘My son has died’: Russia mourns loss of first drafted soldiers in Ukraine (the Guardian) As newly mobilised men return from the front in coffins, critics complain of aggressive recruiting, low morale and poor training• Russia-Ukraine war latest – live blog
Russia is grabbing men off the street to fight in Ukraine (Washington Post) Police and military officers swooped down on a Moscow business center this past week unannounced. They were looking for men to fight in Ukraine — and they seized nearly every one they saw. Some musicians, rehearsing. A courier there to deliver a parcel. A man from a Moscow service agency, very drunk, in his mid-50s, with a walking disability.
Opinion: Protests in Russia alone won’t topple the Kremlin (The Globe and Mail) Change has to come from within Russia, but it will need to involve elites and law enforcement. Western sanctions and isolating restrictions don’t help with that
Ukraine Deserves the Nobel Peace Prize. Russia Needs It. (Foreign Policy) A Russian human rights group’s award is a down payment on a potentially hopeful future.
How Moscow grabs Ukrainian kids and makes them Russians (AP NEWS) Olga Lopatkina paced around her basement in circles like a trapped animal. For more than a week, the Ukrainian mother had heard nothing from her six adopted children stranded in Mariupol , and she was going out of her mind with worry.
Russian troops kill Ukrainian musician for refusing role in Kherson concert (the Guardian) International condemnation swift after conductor Yuriy Kerpatenko shot dead in his home
New “Prestige” ransomware impacts organizations in Ukraine and Poland (Microsoft Security Threat Intelligence) The Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a novel ransomware campaign targeting organizations in the transportation and related logistics industries in Ukraine and Poland utilizing a previously unidentified ransomware payload.
New ‘Prestige’ ransomware campaign targets Ukraine and Poland (The Record by Recorded Future) Microsoft says the campaign struck transportation and related logistics firms on October 11.
Microsoft says Ukraine, Poland targetted with novel ransomware attack (Reuters) A newly discovered hacking group has attacked transportation and logistics companies in Ukraine and Poland with a novel kind of ransomware, Microsoft said in a blog post on Friday.
New 'Prestige' ransomware targets Ukraine, Poland: Microsoft (Computing) The activity seems to overlap with the victims of FoxBlade or HermeticWiper malware
Mysterious Prestige ransomware targets organizations in Ukraine and Poland (Security Affairs) Microsoft warns that new Prestige ransomware is targeting transportation and logistics organizations in Ukraine and Poland. Microsoft reported that new Prestige ransomware is being used in attacks aimed at transportation and logistics organizations in Ukraine and Poland. The Prestige ransomware first appeared in the threat landscape on October 11 in attacks occurring within an hour […]
Bulgarian Government Hit By Cyberattack Blamed On Russian Hacking Group (RadioFreeEurope/RadioLiberty) The websites of the Bulgarian presidency and several other government ministries were the target of a large-scale cyberattack, the Prosecutor-General’s Office said on October 15, blaming Russian hackers.
'The hell with it': Elon Musk tweets SpaceX will 'keep funding Ukraine govt for free' amid Starlink controversy (CNBC) It was not immediately clear whether Elon Musk was being sarcastic. In response to a tweet about the move, he said, "we should still do good deeds."
Starlink isn't a charity, but the Ukraine war isn't a business opportunity (TechCrunch) What began as seemingly a charitable act has turned into an international disagreement: who should pay for Ukraine's Starlink terminals?
Ongoing US support to Ukraine could prompt Russian cyber escalation in midterms, experts warn (The Hill) With Russia continuing to face setbacks in its war against Ukraine, experts warn Russian President Vladimir Putin may escalate his cyber operations in the November midterms as retaliation for U.S. …
DDoS Attacks on US Airport Websites and Escalating Cyberattacks (InformationWeek) Pro-Russian hacker collective Killnet disrupted the websites of several US airports via DDoS attacks, and critical infrastructure will likely continue to face escalating cyber threats.
Kaspersky Fighting Anti-Russian Sentiment Due to War in Ukraine (Channel Futures) The war in Ukraine has created challenges for Kaspersky because it's based in Moscow, but says it has no ties to the Russian government.
How Nuclear Conflict Could Halt Global Air Traffic (Foreign Policy) Closed Russian airspace isn’t the biggest threat to global aviation—it’s the risk of nuclear weapons use grounding all commercial planes.
“We Need People Who Are Focused on the Mission, Not on Rules and Procedures” (Wilson Center) Local NGOs in Ukraine are much more effective than big international aid organizations like ICRC and UN, so let them access international aid money
Attacks, Threats, and Vulnerabilities
Chinese hackers are scanning state political party headquarters, FBI says (Washington Post) U.S. government warns that Chinese group are probing Democrats, Republicans for vulnerabilities
The voting machine hacking threat you probably haven’t heard about (POLITICO) Modems help election officials report results quickly, but security experts say they’re too dangerous to trust.
Japan police warn of cyberattacks by North Korea's infamous Lazarus hackers (The Japan Times) The North Korean hacker group known is believed to have been involved in the 2017 WannaCry ransomware attack.
Hackers Attack Tata Power IT Systems: All You Need To Know (IndiaTimes) As of now, all critical operational systems are working, however, for precaution, the company has restricted access as well as added preventative checks for employees as well as customer-facing portals.
Indian Energy Company Tata Power's IT Infrastructure Hit By Cyber Attack (The Hacker News) Tata Power, India's largest integrated power company, has been hit by a cyberattack.
Indian energy company Tata Power announces cyberattack affecting IT infrastructure (The Record by Recorded Future) Billion-dollar Indian energy giant Tata Power Company announced that it is dealing with a cyberattack on Friday.
Tata Power hit by cyber attack, says company | India Business News - Times of India (The Times of India) India Business News: Tata Power on late Friday reported a cyber attack on its IT infrastructure, impacting some of its systems. However, all critical operational systems a
Tata Power says hit by cyber attack (The Economic Times) All critical operational systems are functioning; however, as a measure of abundant precaution, restricted access and preventive checks have been put in place for employee and customer facing portals and touch points, the company said in a statement.
Tata Power says hit by cyber attack, says critical system functioning (mint) However, all critical operational systems are functioning, it added.
Ransom Cartel Ransomware: A Possible Connection With REvil (Unit 42) Ransom Cartel is ransomware as a service (RaaS) that exhibits several similarities to and technical overlaps with REvil ransomware. Read our overview.
Black Basta Uses Qakbot, Brute Ratel in Ransomware Attacks (Decipher) Researchers said the attack kill chain is the first time they observed Brute Ratel being used as a second-stage payload via a Qakbot infection.
New PHP information-stealing malware targets Facebook accounts (BleepingComputer) Threat analysts have spotted a new Ducktail campaign using a new infostealer variant and novel TTPs (tactics, techniques, and procedures), while the Facebook users it targets are no longer limited to holders of business accounts.
Anti-Money Laundering Service AMLBot Cleans House (KrebsOnSecurity) AMLBot, a service that helps businesses avoid transacting with cryptocurrency wallets that have been sanctioned for cybercrime activity, said an investigation published by KrebsOnSecurity last year helped it shut down three dark web services that secretly resold its technology to…
The Anatomy of Wiper Malware, Part 4: Helper Techniques (CrowdStrike) This blog covers some of the rarely used “helper” techniques implemented by wipers, which achieve secondary goals or facilitate a smaller portion of the wiping process.
Android’s Design Leaks Some VPN Traffic Data, Google Calls It “Intended Behavior” (Spice Works) According to a security audit by Mullvad VPN, leaking a small amount of traffic data is inherent to Android’s design, something that third-party VPNs cannot prevent.
Meta Says It Has Busted More Than 400 Login-Stealing Apps This Year (WIRED) The company plans to alert 1 million Facebook users that their account credentials may have been compromised by malicious software.
Timing Attacks Can Be Used to Check for Existence of Private NPM Packages (SecurityWeek) Aqua Security warns that the existence of private npm packages can be disclosed by performing timing attacks via the NPM API.
Flaw in Microsoft OME Could Lead to Leakage of Encrypted Data (SecurityWeek) WithSecure researcher Harry Sintonen has released an advisory on issues with Microsoft Office 365 Message Encryption (OME).
Microsoft disputes report on Office 365 Message encryption issue after awarding bug bounty (The Record by Recorded Future) Microsoft is denying reports from a cybersecurity firm that there are issues with the Electronic Codebook (ECB) mode within Microsoft Office 365 Message Encryption.
How a Microsoft blunder opened millions of PCs to potent malware attacks (Ars Technica) Microsoft said Windows automatically blocked dangerous drivers. It didn't.
Almost 900 servers hacked using Zimbra zero-day flaw (BleepingComputer) Almost 900 servers have been hacked using a critical Zimbra Collaboration Suite (ZCS) vulnerability, which at the time was a zero-day without a patch for nearly 1.5 months.
Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug (Security Affairs) Threat actors have compromised hundreds of servers exploiting critical flaw CVE-2022-41352 in Zimbra Collaboration Suite (ZCS). Last week, researchers from Rapid7 warned of the exploitation of unpatched zero-day remote code execution vulnerability, tracked as CVE-2022-41352, in the Zimbra Collaboration Suite. Rapid7 has published technical details, including a proof-of-concept (PoC) code and indicators of compromise (IoCs) regarding […]
Researchers anticipate third wave of attacks exploiting Zimbra vulnerability (SC Media) Kaspersky researchers expect a third wave of attacks on unpatched servers running Zimbra after a recent proof of concept was added to the Metasploit Project.
Researchers release PoC for Fortinet firewall flaw, exploitation attempts mount (Help Net Security) Researchers have released a PoC exploit for CVE-2022-40684 and soon after exploitation attempts started rising.
Get real about BeReal: Employees' social media use is threatening company data (Employee Benefit News) Posting an Instagram story at work may not be as harmless as employees think.
Five misconceptions businesses keep having about ransomware (SC Media) By understanding what companies continue to get wrong about ransomware, they can better protect the business against the inevitable attacks.
Over 45,000 VMware ESXi servers just reached end-of-life (BleepingComputer) Over 45,000 VMware ESXi servers inventoried by Lansweeper just reached end-of-life (EOL), with VMware no longer providing software and security updates unless companies purchase an extended support contract.
Cybercriminals use Hurricane Ian as lure for scams, theft of FEMA funds (The Record by Recorded Future) Scammers are using the crisis faced by victims of Hurricane Ian to steal government funds and personal information.
Secret agents targeting drug cartels in Australia exposed in data hack (The Sydney Morning Herald) A massive leak of classified government documents has exposed the identities and methods of secret agents working to stop major drug importations to Australia.
Woolworths says data of online unit's 2.2 million users breached (The Star) Australia's Woolworths Group Ltd said on Friday its majority-owned online retailer MyDeal identified that a "compromised user credential" was used to access its systems that exposed data of nearly 2.2 million users.
Woolworths subsidiary MyDeal is the latest target of a cyber attack. Here's what you need to know (ABC) The cyber attack has left about 2.2 million MyDeal customers affected. Here's the latest on the data breach and what to do if you're impacted.
Genealogy site FamilySearch suffers data breach - Are you at risk? (Komando.com) Your data could be at risk if you've ever used the genealogy site FamilySearch. A massive data breach exposed user information.
Hackney Council Ransomware Attack Cost £12m+ (Infosecurity Magazine) Local government's travails highlight devastating impact of breaches
CommonSpirit readies $1.5 billion deal after upgrade, cyberattack (Bond Buyer) The nation's largest not-for-profit health system returns to the market with a mix of new money and refunding debt offering tax-exempts and taxables.
What Is the Discord Name and Shame Scam? How to Avoid It (Make Uuse Of) Received a message from a friend on Discord telling you they've blocked you because of dubious accusations against you? It's probably a scam...
Trends
The Defender's Advantage Cyber Snapshot Issue 2 — More Insights From the Frontlines (Mandiant) Our latest report covers information operations, cryptocurrency threats, and more.
Phishing works so well crims won't use deepfakes: Sophos (Register) People reveal passwords if you ask nicely, so AI panic is overblown
2 Out of 3 Companies See Zero Trust Network Access as Key to Mitigate Work-From-Anywhere Risks According to New EMA Report (PR Newswire) GoodAccess, the company reinventing secure cloud access for small and medium businesses, today announced a white paper presenting research from...
Cybersecurity Is the 'Soft Underbelly' of Space Operations, SpOC Commander Says (Air & Space Forces Magazine) Cybersecurity is an overlooked vulnerability of space operations, Space Force Lt. Gen. Stephen N. Whiting said Oct. 14.
Marketplace
IronVest Emerges From Stealth Mode With $23 Million in Seed Funding (SecurityWeek) Biometric authentication provider IronVest has emerged from stealth mode with $23 million in seed funding.
IronVest bets on biometric AI to stop identity theft (VentureBeat) IronVest releases a biometric AI solution designed to prevent identity theft with $23 million in seed funding.
Godspeed-backed SilverEdge acquires intelligence software provider QVine (PE Hub) Columbia, Maryland-based SilverEdge is a cybersecurity, software and intelligence solutions platform serving the U.S. defense and intelligence communities.
Booz Allen Completes Acquisition of EverWatch (Business Wire) Booz Allen Hamilton (NYSE: BAH) announced that it has completed its acquisition of EverWatch.
What Thoma Bravo’s latest acquisition reveals about identity management (VentureBeat) Thoma Bravo’s acquisition of ForgeRock points to a larger trend of identity management across enterprise security teams.
Search for next generation of cyber superheroes for firm (Gazette & Herald) Anglo American is searching for its next group of Cyber Security Apprentices to help protect the mining company’s global operations.
Products, Services, and Solutions
Exabeam Introduces New-Scale SIEM™ (Business Wire) Exabeam today announced a groundbreaking cloud-native portfolio of products that enables security teams everywhere to Detect the Undetectable™.
ActiveNav Unveils Market’s First Tool to Identify Unstructured, Risky (PRWeb) ActiveNav Cloud Teams Collector Fills Crucial Gaps in Monitoring for Privacy Compliance
ActiveNav, a leading data privacy and governance software provi
Lmg Unveils New Line Of Cybersecurity Solutions (CIOReview) Lmg Unveils New Line Of Cybersecurity Solutions By Cio Review - Experts deploy and maintain all LMG Security cybersecurity solutions, ensuring that each solution adheres to all cybersecurity...
Technologies, Techniques, and Standards
Which cybersecurity metrics matter most to CISOs today? (VentureBeat) Identifying which security metrics best quantify what value security delivers to a business is a valuable skill every CISO should have.
4 things CISOs need to know about software supply chain security (Security Magazine) Cybersecurity leadership needs to understand the security challenges of open source code to tackle software supply chain security threats.
The FBI Publishes Statement – Unpatched and Outdated IoT Devices Increase Cyber Attack Opportunities (Check Point Software) What Happened? The FBI recently issued an industry notification around unpatched and outdated devices, warning the public that cyber criminals are
Raising cybersecurity awareness is good for everyone - but it needs to be done better (ZDNET) October is cybersecurity awareness month. But to keep people and networks safe, employees need advice all year round - and it can't be done with fear.
EDR is not a silver bullet (Help Net Security) Why testing and tuning of both EDR and its underlying OS is essential, says David Klein, Director, Cyber Evangelist at Cymulate.
Design and Innovation
Play some 'Financial Football' designed by Visa to learn more about cybersecurity (Yahoo Finance) Khan Academy paired up with Google security experts to keep online accounts secure, browse the web safely, detect phishing attempts and more.
How TikTok ate the internet (Washington Post) The world’s most popular app has pioneered a new age of instant attention. Can we trust it?
‘You’re Not in Control of Your Thoughts’: Social Media Companies Know When Users Are Manic or Bipolar. So Why Don’t They Help Them? (The Information) Last month, before an audience of millions, Gabbie Hanna unraveled in her living room, convinced she was the second coming of Jesus Christ. Hanna, a popular influencer who made her name on Vine in the early 2010s, had ignited controversy before, usually for her public feuds with rival ...
Academia
Lakota's Cyber Academy training future cyber security warriors (Yahoo) Oct. 15—As America's cyber security industry has expanded, so too has Lakota Schools' experimental academy training high school students for future careers in it. The Lakota Cyber Academy, which is one of only two high-school programs in Greater Cincinnati, is now being offered at both its original location of Lakota East High School and more recently Lakota West High School. Demand by student ...
Legislation, Policy, and Regulation
Xi Jinping hails ‘improved cyber ecology’, state innovation (Register) Samsung and TSMC hit with chip tech patent suit; Ant Group's DB hits AWS; PayPal drops Hong Kong rights group; and more
FCC to ban all new Huawei and ZTE equipment on national security grounds (Ars Technica) Ban would prevent new products from getting FCC approval; older ones not affected.
Biden administration’s cyber regulatory plan comes into focus (Federal News Network) The White House and agencies are moving out with new cyber requirements for the water, healthcare, and emergency communications sectors, respectively.
White House preps security controls for commercial software acquisition (FCW) The administration is attempting to leverage the procurement powers of the federal government to bolster software cybersecurity for the first time.
State Department Urges Silicon Valley to Aid National Security Effort (Wall Street Journal) Presidential administrations of both parties have long sought to forge strong ties with Big Tech, urging the companies to share cyber-threat intelligence and more.
SEC Reopens Comment Period on Proposed Data Breach Disclosure and Cybersecurity Governance Rules (Lexology) Last Friday, the Securities and Exchange Commission reopened the comment period on eleven of its pending rulemakings because of a technological error…
Opinion: Canada’s information laws are preventing us from understanding our own history (The Globe and Mail) Intelligence agencies in the U.S. and the U.K. typically declassify information about national security and defence that is no longer sensitive. So why won’t Canada?
Three Cybersecurity Surprises from State Security Chiefs (Security Boulevard) What were the top cybersecurity themes, including several unexpected narratives, that emerged from the 2022 NASCIO Annual Conference held in Louisville, Ky., this past week?
Litigation, Investigation, and Law Enforcement
Mexico probes whether Pegasus spyware purchases were legal (Euronews) The Mexican attorney general’s office said on Sunday it is investigating the purchase of Pegasus computer spyware by the previous administration and whether it was carried out legally.
Mango Markets exploiter comes clean, claims all actions were legal (The Block) Avraham Eisenberg has confirmed that he was behind the attack on Mango Markets that drained $114 million from the platform.
Hacker Gets $50 Million in Heist of DeFi’s Mango (Bloomberg) Mango was exploited for more than $100 million in heist. Platform promised not to prosecute hacker or freeze funds.
Police tricks DeadBolt ransomware out of 155 decryption keys (BleepingComputer) The Dutch National Police, in collaboration with cybersecurity firm Responders.NU, tricked the DeadBolt ransomware gang into handing over 155 decryption keys by faking ransom payments.
Police tricked a ransomware gang into handing over its decryption keys. Here's how they did it (ZDNET) Sting against Deadbolt ransomware groups provides victims with a way to get encrypted files back without paying up.
When Algorithms Promote Self-Harm, Who Is Held Responsible? (WIRED) A British court ruled that teenager Molly Russell died in part because of online content—but holding platforms accountable is complicated.
Election software CEO is charged with allegedly giving Chinese contractors data access (NPR.org) The Los Angeles County district attorney alleges that the CEO of Konnech, which makes scheduling software for poll workers, improperly gave Chinese contractors access to sensitive employee data.
Crypto scam victims seek to hold Coinbase responsible for losses (Washington Post) Over the past year, thousands of people have lost tens, if not hundreds, of millions in cryptocurrency when gangs of sophisticated scammers whisked their money out of their accounts, which are managed by an app from the publicly traded cryptocurrency giant Coinbase.
Student Pleads Guilty to Cyberattacks Against Multiple Accounts at University of Puerto Rico (iTech Post) A hacker that goes by the name of “Slay3r_r00t” is sentenced to 13 months in prison for cyberattacks.
Student jailed for hacking female classmates’ email, Snapchat accounts (BleepingComputer) On Thursday, a Puerto Rico judge sentenced a former University of Puerto Rico (UPR) student to 13 months in prison for hacking over a dozen email and Snapchat accounts of female colleagues.
'Baby Al Capone' to pay $22m to SIM-swap crypto-heist victim (Register) Too young to drive, old enough to bribe AT&T staff, apparently
Former WSJ reporter says law firm used Indian hackers to sabotage his career (Reuters) Jay Solomon sued Dechert LLP, saying they worked with hackers from India to steal emails between him and one of his sources. The law firm disputed the claim.
Solomon v. Deichert LLP et al. (U.S. District Court for the District of Columbia) Plaintiff, by counsel, respectfully brings this action...
Farhad Azima, ALG Transportation, Inc., Main 3260 LLC, Ffv W39 Llc, and FFV Development LLC, Plaintiffs, V. Dechert LLC, David Neil Gerrard, David Graham Hughes, Nicholas Del Rosso, Vital Management Services, Inc., Amit Forlit, Insight Analysis And Research LLC, Sdc-Gadot LLC, Amir Handjani, Andrew Frank, and Karv Communications, Defendants. (US District Court for the Southern District of New York) Plaintiffs Farhad Azima (“Azima”), ALG Transportation, Inc. (“ALG”), Main 3260 LLC (“Main 3260”), FFV W39 LLC (“FFV W39”), and FFV Development LLC (“FFV Development”) (collectively, “Plaintiffs”) allege as follows...
Federal judge finalizes $63M settlement for OPM data breach victims (Federal News Network) Victims of one of the largest data breaches to ever hit the federal government are one step closer to a payout, more than seven years later.
Ex-LMPD officer used police tech to hack Snapchats and steal nude photos and videos (Louisville Courier Journal) Bryan Wilson relied on his law enforcement access to data software to hack into the victims' accounts, according to a federal document.