The Coming Storm – Computer Security Articles

Hamas May Be Threat to 8chan, QAnon Online

January 5, 2021 admin 8chan, A Little Sunshine, coresite, ddos-guard, hamas, kobre & kim, nick lim, qanon, Ron Guilmette, sean buckley, spartanhost, The Coming Storm, vanwatech

Credit to Author: BrianKrebs| Date: Tue, 05 Jan 2021 19:27:14 +0000

In October 2020, KrebsOnSecurity looked at how a web of sites connected to conspiracy theory movements QAnon and 8chan were being kept online by DDoS-Guard, a dodgy Russian firm that also hosts the official site for the terrorist group Hamas. New research shows DDoS-Guard relies on data centers provided by a U.S.-based publicly traded company, which experts say could be exposed to civil and criminal liabilities as a result of DDoS-Guard’s business with Hamas.

Independent Krebs

VMware Flaw a Vector in SolarWinds Breach?

December 18, 2020 admin apt 29, Ars Technica, cisa, Cozy Bear, cyber security and infrastructure security agency, data breaches, Duo, FSB, microsoft outlook web app, New York Times, NSA, saml token compromise, security assertion markup language, The Coming Storm, u.s. national security agency, VMware, volexity, washington post

Credit to Author: BrianKrebs| Date: Fri, 18 Dec 2020 18:33:13 +0000

U.S. government cybersecurity agencies warned this week that the attackers behind the widespread hacking spree stemming from the compromise at network software firm SolarWinds used weaknesses in other, non-SolarWinds products to attack high-value targets. According to sources, among those was a flaw in software virtualization platform VMware, which the U.S. National Security Agency (NSA) warned on Dec. 7 was being used by Russian hackers to impersonate authorized users on victim networks.

Independent Krebs

U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise

December 14, 2020 admin APT29, cybersecurity and infrastructure security agency, data breaches, department of commerce, fireeye hack, microsoft, orion, Reuters, solarwinds breach, The Coming Storm, u.s. treasury department

Credit to Author: BrianKrebs| Date: Mon, 14 Dec 2020 16:26:43 +0000

Communications at the U.S. Treasury and Commerce Departments were reportedly compromised by a supply chain attack on SolarWinds, a security vendor that helps the federal government and a range of Fortune 500 companies monitor the health of their IT networks. Given the breadth of the company’s customer base, experts say the incident may be just the first of many such disclosures.

Independent Krebs

Ransomware Group Turns to Facebook Ads

November 10, 2020 admin chris hodson, emsisoft, fabian wosar, ragnar locker, ransomware, The Coming Storm

Credit to Author: BrianKrebs| Date: Tue, 10 Nov 2020 17:09:59 +0000

It’s bad enough that many ransomware gangs now have blogs where they publish data stolen from companies that refuse to make an extortion payment. Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up.

Independent Krebs

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

October 28, 2020 admin alex holden, charles carmakal, Department of Homeland Security, FBI, health and human services, Hold Security, Latest Warnings, Mandiant, ransomware, Reuters, ryuk, The Coming Storm

Credit to Author: BrianKrebs| Date: Thu, 29 Oct 2020 00:43:30 +0000

On Monday, Oct. 27, KrebsOnSecurity began following up on a tip from a reliable source that an aggressive Russian cybercriminal gang known for deploying ransomware was preparing to disrupt information technology systems at hundreds of hospitals, clinics and medical care facilities across the United States. Today, officials from the FBI and the U.S. Department of Homeland Security hastily assembled a conference call with healthcare industry executives warning about an “imminent cybercrime threat to U.S. hospitals and healthcare providers.”

Independent Krebs

The Now-Defunct Firms Behind 8chan, QAnon

October 22, 2020 admin 8chan, 8kun, A Little Sunshine, American Registry for Internet Numbers, ARIN, jim watkins, n.t. technology inc., Ne'er-Do-Well News, qanon, Ron Guilmette, The Coming Storm

Credit to Author: BrianKrebs| Date: Thu, 22 Oct 2020 21:48:35 +0000

Some of the world’s largest Internet firms have taken steps to crack down on disinformation spread by QAnon conspiracy theorists and the hate-filled anonymous message board 8chan. But according to a California-based security researcher, those seeking to de-platform these communities may have overlooked a simple legal solution to that end: Both the Nevada-based web hosting company owned by 8chan’s current figurehead and the California firm that provides its sole connection to the Internet are defunct businesses in the eyes of their respective state regulators. In practical terms, what this means is that the legal contracts which granted these companies temporary control over large swaths of Internet address space are now null and void, and American Internet regulators would be well within their rights to cancel those contracts and reclaim the space.

Independent Krebs

QAnon/8Chan Sites Briefly Knocked Offline

October 20, 2020 admin 8chan, 8kun, A Little Sunshine, cnservers, ddos-guard, Ne'er-Do-Well News, nick lim, orcatech, qanon, Ron Guilmette, ryan mccully, spartan host ltd., The Coming Storm, vanwatech

Credit to Author: BrianKrebs| Date: Mon, 19 Oct 2020 04:03:45 +0000

A phone call to an Internet provider in Oregon on Sunday evening was all it took to briefly sideline multiple websites related to 8chan/8kun — a controversial online image board linked to several mass shootings — and QAnon, the far-right conspiracy theory which holds that a cabal of Satanic pedophiles is running a global child sex-trafficking ring and plotting against President Donald Trump. Following a brief disruption, the sites have come back online with the help of an Internet company based in St. Petersburg, Russia.

Independent Krebs

Microsoft Uses Trademark Law to Disrupt Trickbot Botnet

October 12, 2020 admin ransomware, The Coming Storm

Credit to Author: BrianKrebs| Date: Mon, 12 Oct 2020 12:52:02 +0000

Microsoft Corp. has executed a coordinated legal sneak attack in a bid to disrupt the malware-as-a-service botnet Trickbot, a global menace that has infected millions of computers and is used to spread ransomware. A court in Virginia granted Microsoft control over many Internet servers Trickbot uses to plunder infected systems, based on novel claims that the crime machine abused the software giant’s trademarks. However, it appears the operation has not completely disabled the botnet.

← Previous