The Not-So-Secret Network Access Broker x999xx

Credit to Author: BrianKrebs| Date: Wed, 03 Jul 2024 16:41:34 +0000

Most accomplished cybercriminals go out of their way to separate their real names from their hacker handles. But among certain old-school Russian hackers it is not uncommon to find major players who have done little to prevent people from figuring out who they are in real life. A case study in this phenomenon is “x999xx,” the nickname chosen by a venerated Russian hacker who specializes in providing the initial network access to various ransomware groups.

Read more

Stark Industries Solutions: An Iron Hammer in the Cloud

Credit to Author: BrianKrebs| Date: Thu, 23 May 2024 23:32:43 +0000

Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. An investigation into Stark Industries reveals it is being used as a global proxy network that conceals the true source of cyberattacks and disinformation campaigns against enemies of Russia.

Read more

BlackCat Ransomware Group Implodes After Apparent $22M Payment by Change Healthcare

Credit to Author: BrianKrebs| Date: Wed, 06 Mar 2024 00:22:56 +0000

There are indications that U.S. healthcare giant Change Healthcare has made a $22 million extortion payment to the infamous BlackCat ransomware group (a.k.a. “ALPHV”) as the company struggles to bring services back online amid a cyberattack that has disrupted prescription drug services nationwide for weeks. However, the cybercriminal who claims to have given BlackCat access to Change’s network says the crime gang cheated them out of their share of the ransom, and that they still have the sensitive data that Change reportedly paid the group to destroy. Meanwhile, the affiliate’s disclosure appears to have prompted BlackCat to cease operations entirely. 

Read more

Calendar Meeting Links Used to Spread Mac Malware

Credit to Author: BrianKrebs| Date: Wed, 28 Feb 2024 16:56:43 +0000

Malicious hackers are targeting people in the cryptocurrency space in attacks that start with a link added to the target’s account at Calendly, a popular free calendar application for scheduling appointments and meetings. The attackers impersonate established cryptocurrency investors and ask to schedule a video conference call. But clicking the meeting link provided by the scammers prompts the user to run a script that quietly installs malware on macOS systems.

Read more

Malware spent months hoovering up credit card details from 300 US restaurants

Credit to Author: Malwarebytes Labs| Date: Mon, 25 Jul 2022 15:30:07 +0000

MenuDrive, Harbortouch, and InTouchPOS fell victim to a long Magecart infection that started in January and only ended days ago.

The post Malware spent months hoovering up credit card details from 300 US restaurants appeared first on Malwarebytes Labs.

Read more

Microsoft Patch Tuesday, February 2022 Edition

Credit to Author: BrianKrebs| Date: Tue, 08 Feb 2022 22:38:16 +0000

Microsoft today released software updates to plug security holes in its Windows operating systems and related software. This month’s relatively light patch batch is refreshingly bereft of any zero-day threats, or even scary critical vulnerabilities. But it does fix four dozen flaws, including several that Microsoft says will likely soon be exploited by malware or malcontents.

Read more

Who Wrote the ALPHV/BlackCat Ransomware Strain?

Credit to Author: BrianKrebs| Date: Fri, 28 Jan 2022 13:18:36 +0000

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “BlackCat”), considered to be the first professional cybercrime group to create and use a ransomware strain in the Rust programming language. In this post, we’ll explore some of the clues left behind by the developer who was reputedly hired to code the ransomware variant.

Read more

Microsoft Patch Tuesday, March 2020 Edition

Credit to Author: BrianKrebs| Date: Tue, 10 Mar 2020 23:44:29 +0000

Microsoft Corp. today released updates to plug more than 100 security holes in its various Windows operating systems and associated software. If you (ab)use Windows, please take a moment to read this post, backup your system(s), and patch your PCs.

Read more

Microsoft Patch Tuesday, February 2020 Edition

Credit to Author: BrianKrebs| Date: Tue, 11 Feb 2020 23:13:57 +0000

Microsoft today released updates to plug nearly 100 security holes in various versions of its Windows operating system and related software, including a zero-day vulnerability in Internet Explorer (IE) that is actively being exploited. Also, Adobe has issued a bevy of security updates for its various products, including Flash Player and Adobe Reader/Acrobat.

Read more

Patch Tuesday, December 2019 Edition

Credit to Author: BrianKrebs| Date: Wed, 11 Dec 2019 01:51:25 +0000

Microsoft today released updates to plug three dozen security holes in its Windows operating system and other software. The patches include fixes for seven critical bugs — those that can be exploited by malware or miscreants to take control over a Windows system with no help from users — as well as another flaw in most versions of Windows that is already being exploited in active attacks.

Read more