Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

Credit to Author: BrianKrebs| Date: Thu, 08 Jul 2021 15:22:58 +0000

Last week cybercriminals deployed ransomware to 1,500 organizations that provide IT security and technical support to many other companies. The attackers exploited a vulnerability in software from Kaseya, a Miami-based company whose products help system administrators manage large networks remotely. Now it appears Kaseya’s customer service portal was left vulnerable until last week to a data-leaking security flaw that was first identified in the same software six years ago.

Read more

How Does One Get Hired by a Top Cybercrime Gang?

Credit to Author: BrianKrebs| Date: Tue, 15 Jun 2021 15:41:26 +0000

The U.S. Department of Justice (DOJ) last week announced the arrest of a 55-year-old Latvian woman who’s alleged to have worked as a programmer for Trickbot, a malware-as-a-service platform responsible for infecting millions of computers and seeding many of those systems with ransomware. Just how did a self-employed web site designer and mother of two come to work for one of the world’s most rapacious cybercriminal groups and then leave such an obvious trail of clues indicating her involvement with the gang? This post explores answers to those questions, as well as some of the ways Trickbot and other organized cybercrime gangs gradually recruit, groom and trust new programmers.

Read more

FBI, DHS, HHS Warn of Imminent, Credible Ransomware Threat Against U.S. Hospitals

Credit to Author: BrianKrebs| Date: Thu, 29 Oct 2020 00:43:30 +0000

On Monday, Oct. 27, KrebsOnSecurity began following up on a tip from a reliable source that an aggressive Russian cybercriminal gang known for deploying ransomware was preparing to disrupt information technology systems at hundreds of hospitals, clinics and medical care facilities across the United States. Today, officials from the FBI and the U.S. Department of Homeland Security hastily assembled a conference call with healthcare industry executives warning about an “imminent cybercrime threat to U.S. hospitals and healthcare providers.”

Read more

Report: U.S. Cyber Command Behind Trickbot Tricks

Credit to Author: BrianKrebs| Date: Sat, 10 Oct 2020 04:47:09 +0000

A week ago, KrebsOnSecurity broke the news that someone was attempting to disrupt the Trickbot botnet, a malware crime machine that has infected millions of computers and is often used to spread ransomware. A new report Friday says the coordinated attack was part of an operation carried out by the U.S. military’s Cyber Command.

Read more

Attacks Aimed at Disrupting the Trickbot Botnet

Credit to Author: BrianKrebs| Date: Fri, 02 Oct 2020 18:20:26 +0000

Over the past 10 days, someone has been launching a series of coordinated attacks designed to disrupt Trickbot, an enormous collection of more than two million malware-infected Windows PCs that are constantly being harvested for financial data and are often used as the entry point for deploying ransomware within compromised organizations.

Read more

Business ID Theft Soars Amid COVID Closures

Credit to Author: BrianKrebs| Date: Mon, 27 Jul 2020 22:50:56 +0000

Identity thieves who specialize in running up unauthorized lines of credit in the names of small businesses are having a field day with all of the closures and economic uncertainty wrought by the COVID-19 pandemic, KrebsOnSecurity has learned. This story is about the victims of a particularly aggressive business ID theft ring that’s spent years targeting small businesses across the country and is now pivoting toward using that access for pandemic assistance loans and unemployment benefits.

Read more

Florence, Ala. Hit By Ransomware 12 Days After Being Alerted by KrebsOnSecurity

Credit to Author: BrianKrebs| Date: Tue, 09 Jun 2020 17:05:20 +0000

In late May, KrebsOnSecurity alerted numerous officials in Florence, Ala. that their information technology systems had been infiltrated by hackers who specialize in deploying ransomware. Nevertheless, on Friday, June 5, the intruders sprang their attack, deploying ransomware and demanding nearly $300,000 worth of bitcoin. City officials now say they plan to pay the ransom demand, in hopes of keeping the personal data of their citizens off of the Internet.

Read more

Ukraine Nabs Suspect in 773M Password ‘Megabreach’

Credit to Author: BrianKrebs| Date: Tue, 19 May 2020 16:46:21 +0000

In January 2019, dozens of media outlets raised the alarm about a new “megabreach” involving the release of some 773 million stolen usernames and passwords that was breathlessly labeled “the largest collection of stolen data in history.” A subsequent review by KrebsOnSecurity quickly determined the data was years old and merely a compilation of credentials pilfered from mostly public data breaches. Earlier today, authorities in Ukraine said they’d apprehended a suspect in the case.

Read more