Microsoft – Page 24 – PossibleThreat Articles

Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code

April 22, 2022 0 Comments A Little Sunshine, amtrak, Apple, bitbucket, Breadcrumbs, dan goodin, doxbin, electronic arts, emergency data request, everlynn, flashpoint, genesis, globant, iqor, kt, lapsus, lapsus$ jobs, michelin, Microsoft, mobile device management, mox, Ne'er-Do-Well News, NVIDIA, recursion team, russian market, Samsung, sascar, SIM swapping, Slack, source code theft, SWATting, T-Mobile, t-mobile atlas, whitedoxbin

Credit to Author: BrianKrebs| Date: Fri, 22 Apr 2022 13:09:39 +0000

KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. The logs show LAPSUS$ breached T-Mobile multiple times in March, stealing source code for a range of company projects. T-Mobile says no customer or government information was stolen in the intrusion. LAPSUS$ is known for stealing data and then demanding a ransom not to publish or sell it. But the leaked chats indicate this mercenary activity was of little interest to the tyrannical teenage leader of LAPSUS$, whose obsession with stealing and leaking proprietary computer source code from the world’s largest tech companies ultimately led to the group’s undoing.

MalwareBytes Security

It’s legal to scrape public data—US appeals court

April 21, 2022 0 Comments CFAA, content, court ruling, data, LinkedIn, Microsoft, Privacy, scraping

Credit to Author: Christopher Boyd| Date: Thu, 21 Apr 2022 11:53:08 +0000

A US appeals court has ruled that scraping public data is legal. We look at some of the arguments for and against.

The post It’s legal to scrape public data—US appeals court appeared first on Malwarebytes Labs.

Independent Krebs Security

Conti’s Ransomware Toll on the Healthcare Industry

April 18, 2022 0 Comments A Little Sunshine, conti, emotet, emsisoft, errol weiss, FBI, h-isac, health information sharing & analysis center, healthcare information and management systems society, Microsoft, Ne'er-Do-Well News, proofpoint, Ransomware, ryuk, sophos, u.s. cybersecurity & infrastructure security agency, zloader

Credit to Author: BrianKrebs| Date: Mon, 18 Apr 2022 20:41:08 +0000

Conti — one of the most ruthless and successful Russian ransomware groups — publicly declared during the height of the COVID-19 pandemic that it would refrain from targeting healthcare providers. But new information confirms this pledge was always a lie, and that Conti has launched more than 200 attacks against hospitals and other healthcare facilities since first surfacing in 2018 under the name “Ryuk.”

ComputerWorld Independent

When humans make tech mistakes

April 18, 2022 0 Comments Microsoft, Security

Credit to Author: Susan Bradley| Date: Mon, 18 Apr 2022 08:54:00 -0700

We often think vendors are perfect. They have backups. They have redundancy. They have experts that know exactly how to deploy solutions without fail. And then we see they aren’t any better than we are.

Let’s look at a few recent examples.

In the small to mid-sized business (SMB) space, StorageCraft has long been a trusted backup software vendor. One of the first to make image backups easy to do, it was used and recommended by many managed service providers. After StorageCraft was acquired by Arcserve in March 2021, there were no immediate major changes in how the company ran.

To read this article in full, please click here

ComputerWorld Independent

April's Patch Tuesday: a lot of large, diverse and urgent updates

April 15, 2022 0 Comments Microsoft, Microsoft Office, Security, small and medium business, Windows

Credit to Author: Greg Lambert| Date: Fri, 15 Apr 2022 10:40:00 -0700

This week’s Patch Tuesday release was huge, diverse, risky, and urgent, with late update arrivals for Microsoft browsers (CVE-2022-1364) and two zero-day vulnerabilities affecting Windows (CVE-2022-26809 and CVE-2022-24500). Fortunately, Microsoft has not released any patches for Microsoft Exchange, but this month we do have to deal with more Adobe (PDF) printing related vulnerabilities and associated testing efforts. We have added the Windows and Adobe updates to our “Patch Now” schedule, and will be watching closely to see what happens with any further Microsoft Office updates.

To read this article in full, please click here

MalwareBytes Security

Zloader, another botnet, bites the dust

April 14, 2022 0 Comments blackmatter, Botnet, botnets, darkside, dcu, dga, Microsoft, ryuk, sinkhole, zloader

Credit to Author: Pieter Arntz| Date: Thu, 14 Apr 2022 11:41:19 +0000

The Zloader botnet is a malware as a service provider for a few notorious ransomware gangs. But now it has taken a serious blow to its infrastructure.

The post Zloader, another botnet, bites the dust appeared first on Malwarebytes Labs.

MalwareBytes Security

Zloader, another botnet bites the dust

April 14, 2022 0 Comments blackmatter, Botnet, botnets, darkside, dcu, dga, Microsoft, ryuk, sinkhole, zloader

Credit to Author: Pieter Arntz| Date: Thu, 14 Apr 2022 11:41:19 +0000

The Zloader botnet is a malware as a service provider for a few notorious ransomware gangs. But now it has taken a serious blow to its infrastructure.

The post Zloader, another botnet bites the dust appeared first on Malwarebytes Labs.

MalwareBytes Security

April’s Patch Tuesday update includes fixes for two zero-day vulnerabilities

April 13, 2022 0 Comments chrome, cve-2022-24491, Edge, Exploits and vulnerabilities, Microsoft, wormable

Credit to Author: Pieter Arntz| Date: Wed, 13 Apr 2022 13:57:39 +0000

April’s Patch Tuesday brings patches for two zero-day vulnerabilities and two potentially wormable Network File System vulnerabilities.

The post April’s Patch Tuesday update includes fixes for two zero-day vulnerabilities appeared first on Malwarebytes Labs.

MalwareBytes Security

Successful operations against Russian Sandworm and Strontium groups targeting Ukraine revealed

April 8, 2022 0 Comments asus, botnets, cyclops blink, doj, gru, Microsoft, notpetya, Reports, sandworm, sinkhole, Strontium, ukraine, watchguard

Credit to Author: Pieter Arntz| Date: Fri, 08 Apr 2022 14:23:30 +0000

Two announcements in two days detail operations against GRU-controlled infrastructure

The post Successful operations against Russian Sandworm and Strontium groups targeting Ukraine revealed appeared first on Malwarebytes Labs.

Independent Krebs Security

The Original APT: Advanced Persistent Teenagers

April 6, 2022 0 Comments A Little Sunshine, advanced persistent teenagers, amit yoran, APT, cisa, FBI, lapsus, Microsoft, Ne'er-Do-Well News, NVIDIA, okta, Samsung, tenable, The Coming Storm, twitter hack, vishing, voice phishing, wired

Credit to Author: BrianKrebs| Date: Wed, 06 Apr 2022 17:55:38 +0000

Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. But few organizations have a playbook for responding to the kinds of virtual “smash and grab” attacks we’ve seen recently from LAPSUS$, a juvenile data extortion group whose short-lived, low-tech and remarkably effective tactics are putting some of the world’s biggest corporations on edge.