Krebs – Page 3 – Computer Security Articles

Fulton County, Security Experts Call LockBit’s Bluff

February 29, 2024 admin A Little Sunshine, brett callow, data breaches, emsisoft, FBI, fulton county hack, lockbit, lockbitsupp, NCA, ransomware, redsense, robb pitts

Credit to Author: BrianKrebs| Date: Thu, 29 Feb 2024 22:18:54 +0000

The ransomware group LockBit told officials with Fulton County, Ga. they could expect to see their internal documents published online this morning unless the county paid a ransom demand. Instead, LockBit removed Fulton County’s listing from its victim shaming website this morning, claiming county officials had paid. But county officials said they did not pay, nor did anyone make payment on their behalf. Security experts say LockBit was likely bluffing and probably lost most of the data when the gang’s servers were seized this month by U.S. and U.K. law enforcement.

Independent Krebs

Calendar Meeting Links Used to Spread Mac Malware

February 28, 2024 admin A Little Sunshine, BlueNoroff, chris ueland, hunt.io, kaspersky labs, Latest Warnings, Lazarus Group, mac malware, Recorded Future, Web Fraud 2.0, x-protect

Credit to Author: BrianKrebs| Date: Wed, 28 Feb 2024 16:56:43 +0000

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s account at Calendly, a popular free calendar application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call. But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems.

Independent Krebs

FBI’s LockBit Takedown Postponed a Ticking Time Bomb in Fulton County, Ga.

February 28, 2024 admin an-security breach, CNN, Donald Trump, Europol, FBI, fulton county hack, george chidi, lockbit, lockbitsupp, National Crime Agency, Ne'er-Do-Well News, ransomware, vx-underground, XSS

Credit to Author: BrianKrebs| Date: Mon, 26 Feb 2024 02:17:55 +0000

The FBI’s takedown of the LockBit ransomware group last week came as LockBit was preparing to release sensitive data stolen from government computer systems in Fulton County, Ga. But LockBit is now regrouping, and the gang says it will publish the stolen Fulton County data on March 2 unless paid a ransom. LockBit claims the cache includes documents tied to the county’s ongoing criminal prosecution of former President Trump, but court watchers say teaser documents published by the crime gang suggest a total leak of the Fulton County data could put lives at risk and jeopardize a number of other criminal trials.

Independent Krebs

New Leak Shows Business Side of China’s APT Menace

February 28, 2024 admin A Little Sunshine, citizen lab, dakota cary, data breaches, i-soon, mei danowski, Ne'er-Do-Well News, poison carp, sentinelone, u.s. department of justice, will thomas, wu haibo

Credit to Author: BrianKrebs| Date: Thu, 22 Feb 2024 13:27:47 +0000

A new data leak that appears to have come from one of China’s top private cybersecurity firms provides a rare glimpse into the commercial side of China’s many state-sponsored hacking groups. Experts say the leak illustrates how Chinese government agencies increasingly are contracting out foreign espionage campaigns to the nation’s burgeoning and highly competitive cybersecurity industry.

Independent Krebs

Feds Seize LockBit Ransomware Websites, Offer Decryption Tools, Troll Affiliates

February 28, 2024 admin artur sungatov, bassterlord, Europol, FBI, ivan gennadievich kondratyev, lockbit, lockbitsupp, mark stockley, mikhail matveev, mikhail vasiliev, NCA, Ne'er-Do-Well News, operation cronos, prodaft, ransomware, ruslan magomedovich astamirov, u.k. national crime agency

Credit to Author: BrianKrebs| Date: Tue, 20 Feb 2024 17:09:00 +0000

U.S. and U.K. authorities have seized the darknet websites run by LockBit, a prolific and destructive ransomware group that has claimed more than 2,000 victims worldwide and extorted over $120 million in payments. Instead of listing data stolen from ransomware victims who didn’t pay, LockBit’s victim shaming website now offers free recovery tools, as well as news about arrests and criminal charges involving LockBit affiliates.

Independent Krebs

U.S. Internet Leaked Years of Internal, Customer Emails

February 14, 2024 admin A Little Sunshine, alex holden, data breaches, Hold Security, Latest Warnings, securence, travis carter, u.s. internet corp.

Credit to Author: BrianKrebs| Date: Wed, 14 Feb 2024 16:45:46 +0000

The Minnesota-based Internet provider U.S. Internet Corp. has a business unit called Securence, which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. But until it was notified last week, U.S. Internet was publishing more than a decade’s worth of its internal email — and that of thousands of Securence clients — in plain text out on the Internet and just a click away for anyone with a Web browser.

Independent Krebs

Fat Patch Tuesday, February 2024 Edition

February 13, 2024 admin adam barnett, cve-2024-21351, cve-2024-21410, cve-2024-21412, cve-2024-21413, immersive labs, kevin breen, Latest Warnings, Microsoft Office, patch tuesday february 2024, Rapid7, Satnam Narang, Security Tools, Tenable, Time to Patch, Trend Micro, Windows SmartScreen

Credit to Author: BrianKrebs| Date: Tue, 13 Feb 2024 22:28:48 +0000

Microsoft Corp. today pushed software updates to plug more than 70 security holes in its Windows operating systems and related products, including two zero-day vulnerabilities that are already being exploited in active attacks.

Independent Krebs

Juniper Support Portal Exposed Customer Device Info

February 9, 2024 admin A Little Sunshine, juniper networks, Latest Warnings, logan george, Nicholas Weaver

Credit to Author: BrianKrebs| Date: Fri, 09 Feb 2024 15:34:21 +0000

Until earlier this week, the support website for networking equipment vendor Juniper Networks was exposing potentially sensitive information tied to customer products, including the exact devices each customer bought, as well as each device’s warranty status, service contracts and serial numbers. Juniper said it has since fixed the problem, and that the inadvertent data exposure stemmed from a recent upgrade to its support portal.