A Little Sunshine – Page 18 – PossibleThreat Articles

Fighting Fake EDRs With ‘Credit Ratings’ for Police

April 27, 2022 0 Comments A Little Sunshine, Apple, AT&T, Coinbase, discord, emergency data request, FBI, github, Google, kodex, LinkedIn, matt donahue, meta, Microsoft, snapchat, T-Mobile, The Coming Storm, TikTok, twilio, twitter, verizon, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Wed, 27 Apr 2022 14:27:35 +0000

When KrebsOnSecurity last month explored how cybercriminals were using hacked email accounts at police departments worldwide to obtain warrantless Emergency Data Requests (EDRs) from social media and technology providers, many security experts called it a fundamentally unfixable problem. But don’t tell that to Matt Donahue, a former FBI agent who recently quit the agency to launch a startup that aims to help tech companies do a better job screening out phony law enforcement data requests — in part by assigning trustworthiness or “credit ratings” to law enforcement authorities worldwide.

Independent Krebs Security

Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code

April 22, 2022 0 Comments A Little Sunshine, amtrak, Apple, bitbucket, Breadcrumbs, dan goodin, doxbin, electronic arts, emergency data request, everlynn, flashpoint, genesis, globant, iqor, kt, lapsus, lapsus$ jobs, michelin, Microsoft, mobile device management, mox, Ne'er-Do-Well News, NVIDIA, recursion team, russian market, Samsung, sascar, SIM swapping, Slack, source code theft, SWATting, T-Mobile, t-mobile atlas, whitedoxbin

Credit to Author: BrianKrebs| Date: Fri, 22 Apr 2022 13:09:39 +0000

KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. The logs show LAPSUS$ breached T-Mobile multiple times in March, stealing source code for a range of company projects. T-Mobile says no customer or government information was stolen in the intrusion. LAPSUS$ is known for stealing data and then demanding a ransom not to publish or sell it. But the leaked chats indicate this mercenary activity was of little interest to the tyrannical teenage leader of LAPSUS$, whose obsession with stealing and leaking proprietary computer source code from the world’s largest tech companies ultimately led to the group’s undoing.

Independent Krebs Security

Conti’s Ransomware Toll on the Healthcare Industry

April 18, 2022 0 Comments A Little Sunshine, conti, emotet, emsisoft, errol weiss, FBI, h-isac, health information sharing & analysis center, healthcare information and management systems society, Microsoft, Ne'er-Do-Well News, proofpoint, Ransomware, ryuk, sophos, u.s. cybersecurity & infrastructure security agency, zloader

Credit to Author: BrianKrebs| Date: Mon, 18 Apr 2022 20:41:08 +0000

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that Conti has launched more than 200 attacks against hospitals and other healthcare facilities since first surfacing in 2018 under the name “Ryuk.”

Independent Krebs Security

RaidForums Gets Raided, Alleged Admin Arrested

April 12, 2022 0 Comments A Little Sunshine, diogo santos coelho, europol, FBI, national crime agency, Ne'er-Do-Well News, omnipotent, operation tourniquet, raidforums seizure, subvirt, t-mobile breach, u.s. department of justice, unrivaled@pm.me, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 12 Apr 2022 17:29:33 +0000

The U.S. Department of Justice (DOJ) said today it seized the website and user database for RaidForums, an extremely popular English-language cybercrime forum that sold access to more than 10 billion consumer records stolen in some of the world’s largest data breaches since 2015. The DOJ also charged the alleged administrator of RaidForums — 21-year-old Diogo Santos Coelho, of Portugal — with six criminal counts, including conspiracy, access device fraud and aggravated identity theft.

Independent Krebs Security

Double-Your-Crypto Scams Share Crypto Scam Host

April 11, 2022 0 Comments +7.9914500893, A Little Sunshine, arkinvest, crypto investment scams, cryptohost, fintelegram, Latest Warnings, lightning-network, mark tepterev, polkadot, sergei orlovets, smartape, ulanikirill52@gmail.com, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Mon, 11 Apr 2022 15:26:40 +0000

Online scams that try to separate the unwary from their cryptocurrency are a dime a dozen, but a great many seemingly disparate crypto scam websites tend to rely on the same dodgy infrastructure providers to remain online in the face of massive fraud and abuse complaints from their erstwhile customers. Here’s a closer look at hundreds of phony crypto investment schemes that are all connected through a hosting provider which caters to people running crypto scams.

Independent Krebs Security

The Original APT: Advanced Persistent Teenagers

April 6, 2022 0 Comments A Little Sunshine, advanced persistent teenagers, amit yoran, APT, cisa, FBI, lapsus, Microsoft, Ne'er-Do-Well News, NVIDIA, okta, Samsung, tenable, The Coming Storm, twitter hack, vishing, voice phishing, wired

Credit to Author: BrianKrebs| Date: Wed, 06 Apr 2022 17:55:38 +0000

Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. But few organizations have a playbook for responding to the kinds of virtual “smash and grab” attacks we’ve seen recently from LAPSUS$, a juvenile data extortion group whose short-lived, low-tech and remarkably effective tactics are putting some of the world’s biggest corporations on edge.

Independent Krebs Security

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

March 31, 2022 0 Comments A Little Sunshine, Apple, bloomberg, Bug, discord, facebook, Instagram, lapsus, meta, Ne'er-Do-Well News, sen. ron wyden, snapchat, twitter, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Thu, 31 Mar 2022 22:54:45 +0000

On Tuesday, KrebsOnSecurity warned that hackers increasingly are using compromised government and police department email accounts to obtain sensitive customer data from mobile providers, ISPs and social media companies. Today, one of the U.S. Senate’s most tech-savvy lawmakers said he was troubled by the report and is now asking technology companies and federal agencies for information about the frequency of such schemes.

Independent Krebs Security

A Closer Look at the LAPSUS$ Data Extortion Group

March 23, 2022 0 Comments A Little Sunshine, Ne'er-Do-Well News, SIM swapping

Credit to Author: BrianKrebs| Date: Wed, 23 Mar 2022 22:00:43 +0000

Microsoft and identity management platform Okta both disclosed this week breaches involving LAPSUS$, a relatively new cybercrime group that specializes in stealing data from big companies and threatening to publish the information unless a ransom demand is paid. Here’s a closer look at LAPSUS$, and some of the low-tech but high-impact methods the group uses to gain access to targeted organizations.

Independent Krebs Security

Conti Ransomware Group Diaries, Part IV: Cryptocrime

March 7, 2022 0 Comments A Little Sunshine, athens university school of information sciences and technolog, begemot, bloodrush, chainalysis, conti ransomware, DDoS, demon, ghost, Gizmodo, jeffrey ladish, mango, matt novak, Ne'er-Do-Well News, pump and dump, Ransomware, squid, stern, van

Credit to Author: BrianKrebs| Date: Tue, 08 Mar 2022 01:38:36 +0000

Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. The candid messages revealed how Conti evaded law enforcement and intelligence agencies, what it was like on a typical day at the Conti office, and how Conti secured the digital weaponry used in their attacks. This final post on the Conti conversations explores different schemes that Conti pursued to invest in and steal cryptocurrencies.

Independent Krebs Security

Conti Ransomware Group Diaries, Part III: Weaponry

March 4, 2022 0 Comments A Little Sunshine, alarm, bentley, bio, bloodrush, chainalysis, cobalt strike, conti, grant, kaktus, lemans corporation, Ne'er-Do-Well News, pin, Ransomware, reshaev, revers, salamandra, skippy, the spaniard, tramp, trickbotleaks, trump

Credit to Author: BrianKrebs| Date: Fri, 04 Mar 2022 20:20:29 +0000

Part I of this series examined newly-leaked internal chats from the Conti ransomware group, and how the crime gang dealt with its own internal breaches. Part II explored what it’s like to be an employee of Conti’s sprawling organization. Today’s Part III looks at how Conti abused a panoply of popular commercial security services to undermine the security of their targets, as well as how the team’s leaders strategized for the upper hand in ransom negotiations with victims.