2014, Accountability, Backups and Cybercrime

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a

Cybercrime

Cybercrime Banking Computers and Electronics DDOS

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

.” While CLOP as a money making collective is a fairly young organization, security experts say CLOP members hail from a group of Threat Actors (TA) known as “TA505,” which MITRE’s ATT&CK database says is a financially motivated cybercrime group that has been active since at least 2014. ” .

Healthcare

Healthcare Backups Ransomware Insurance

BEC scams, hacked accounts available from $150 up to $5,000

Security Affairs

OCTOBER 9, 2018

According to the FBI , the number of business email account (BEC) and email account compromise (EAC) scam incidents worldwide reached 78,000 between October 2013 and May 2018. If these passwords have been reused for corporate accounts, this may leave organizations at risk to account takeovers.” Pierluigi Paganini.

Scams

Scams Accountability Hacking Passwords

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

City of Lafayette (Colorado) paid $45,000 ransom after ransowmare attack

Security Affairs

AUGUST 12, 2020

The City of Lafayette, Colorado, USA, has been forced to pay $45,000 because they were unable to restore necessary files from backup. The City also added that credit card data was not stored on its systems, anyway it invited residents and employees to monitor their bank accounts for suspicious activity. Pierluigi Paganini.

Backups

Backups Advertising Ransomware Hacking

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

Here’s a look at some of the more notable cybercrime stories from the past year, as covered by KrebsOnSecurity and elsewhere. Internal Revenue Service website for months: Anyone seeking to create an account to view their tax records online would soon be required to provide biometric data to a private company in Virginia — ID.me.

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

Aerial Direct, the O2’s largest UK partner suffered a data breach

Security Affairs

MARCH 16, 2020

Aerial Direct’s data breach notification sent to the customers revealed that an unauthorized third party had been able to access customer data on 26 February through an external backup database. To reassure you, the database did not include any passwords or financial details, such as bank account number or credit card information.”

Data breaches

Data breaches Telecommunications Passwords Advertising

Maastricht University finally paid a 30 bitcoin ransom to crooks

Security Affairs

FEBRUARY 9, 2020

The backup of a limited number of systems was also affected.” ” N ow all critical systems at the University are online and offline backups were secured by the company. According to security experts at Fox-IT, the ransomware attack is compatible with other attacks carried out by the TA505 cybercrime gang.

Ransomware

Ransomware Cyber Attacks Architecture Backups

6,500+ sites deleted after Dark Web hosting provider Daniel’s Hosting hack

Security Affairs

NOVEMBER 18, 2018

More than 6500 Dark Web services hosted on the platform were completely deleted and the bad news is that it is not possible to recover them because there are no backups as per design choice of the operator. As per my analysis it seems someone got access to the database and deleted all accounts.” Pierluigi Paganini.

Hacking

Hacking Advertising Cybercrime Accountability

DoppelPaymer Ransomware hits City of Torrance and demands a 680K+ ransom

Security Affairs

APRIL 22, 2020

On Sunday, the computer systems in the city of Torrance suffered a cyber attack that interrupted access to email accounts and server functions. “Based on the names of the archives, this data includes city budget financials, various accounting documents, document scans, and an archive of documents belonging to the City Manager.”

Ransomware

Ransomware Advertising Backups Data breaches

ID Numbers for 120 Million Brazilians taxpayers exposed online

Security Affairs

DECEMBER 13, 2018

Every Brazilian national has assigned a taxpayer identification number that allows him to perform ordinary operations, such as opening a bank account, paying taxes, or getting a loan. Experts believe that directory was used to store database backups. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Backups

Backups Banking Advertising Cybercrime

Travelex paid $2.3 Million ransom to restore after a ransomware attack

Security Affairs

APRIL 9, 2020

“As part of this attack, the operators behind the Sodinokibi ransomware told BleepingComputer that they had encrypted the company’s entire network, deleted backup files, and copied more than 5GB of personal data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the report.

Ransomware

Ransomware Encryption Advertising Backups

Prosecutors ask 3-Year Sentence in ‘Fappening’ Case for ex-teacher

Security Affairs

FEBRUARY 25, 2019

Fappening case – Federal prosecutors requested a 3-year prison sentence for a former Virginia high school teacher convicted of hacking into private digital accounts of celebrities and others. “He hacked email accounts by answering security questions that he could easily research by reviewing victims’ Facebook accounts. .

Identity Theft

Identity Theft Accountability Hacking Advertising

Stuart City is the new victim of the Ryuk Ransomware

Security Affairs

APRIL 24, 2019

IT staff at Stuart city has restored servers, payroll, utilities, and budgeting, only city employees still don’t have access to their email accounts. Dyess confirmed that the impact was limited thanks to the availability of city’s computer backup system. “If But with those backups in place, why would we negotiate?”.

Ransomware

Ransomware Backups Malware Advertising

Maze Ransomware gang breached the US chipmaker MaxLinear

Security Affairs

JUNE 17, 2020

MaxLinear restored some of the systems using its backups, despite Maze Ransomware threatened to leak over 1TB of data allegedly stolen before encrypting the infected systems. On June 15, the gang leaked 10.3GB of accounting and financial information as proof of the hack. Source: BleepingComputer. Pierluigi Paganini.

Ransomware

Ransomware Data breaches Advertising Insurance

Interpol warns that crooks are increasingly targeting hospitals

Security Affairs

APRIL 7, 2020

” The Cybercrime Threat Response team also announced its efforts in monitoring all COVID-19-related threats, the police are working closely with private partners in the cybersecurity industry to gather information of cyber threats and provide support to organizations targeted by ransomware attacks. Pierluigi Paganini.

Healthcare

Healthcare Ransomware Backups Advertising

Security Affairs newsletter Round 201 – News of the week

Security Affairs

FEBRUARY 17, 2019

620 million accounts stolen from 16 hacked websites available for sale on the dark web. Hacker deleted all data from VFEmail Servers, including backups. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Advertising

Advertising Antivirus Malware Backups

Fxmsp: the untold story of infamous seller of access to corporate networks who made at least USD 1.5 mln

Security Affairs

JUNE 23, 2020

Fxmsp took his first steps in the cybercrime scene in September 2016 when he registered on an underground forum, fuckav[.]ru. Fxmsp included one of his Jabber accounts, in his contact information on the forum which helped Group-IB researchers to establish his presumed identity. Finally, he infects the backups by installing backdoors.

Antivirus

Antivirus Advertising Hacking Banking

Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data

Malwarebytes

APRIL 5, 2023

In fact, an October 2022 Government Accountability Office (GAO) report found that loss of learning following a cyberattack ranged from three days to three weeks, with recovery time taking anywhere from two to nine months. Require all accounts with credentialed logins to comply with NIST standards for password policies.

Education

Education Ransomware Cybersecurity Risk

The Hacker Mind Podcast: Crimeware As A Service

ForAllSecure

OCTOBER 25, 2022

At the time of this podcast, Lockbit accounts for 40% of the ransomware present today and it hits both Windows and Linux machines. It's I would call it cybercrime as a service where it's kind of not just ransomware anymore. Well, the victim may have had a good backup and recovery process in place. Vamosi: Right.

Ransomware

Ransomware Encryption Cybercrime Government

Cyber Security Informer

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

New Ransom Payment Schemes Target Executives, Telemedicine

Webinars

Trending Sources

BEC scams, hacked accounts available from $150 up to $5,000

Webinars

City of Lafayette (Colorado) paid $45,000 ransom after ransowmare attack

Happy 13th Birthday, KrebsOnSecurity!

Aerial Direct, the O2’s largest UK partner suffered a data breach

Maastricht University finally paid a 30 bitcoin ransom to crooks

6,500+ sites deleted after Dark Web hosting provider Daniel’s Hosting hack

DoppelPaymer Ransomware hits City of Torrance and demands a 680K+ ransom

ID Numbers for 120 Million Brazilians taxpayers exposed online

Travelex paid $2.3 Million ransom to restore after a ransomware attack

Prosecutors ask 3-Year Sentence in ‘Fappening’ Case for ex-teacher

Stuart City is the new victim of the Ryuk Ransomware

Maze Ransomware gang breached the US chipmaker MaxLinear

Interpol warns that crooks are increasingly targeting hospitals

Security Affairs newsletter Round 201 – News of the week

Fxmsp: the untold story of infamous seller of access to corporate networks who made at least USD 1.5 mln

Do cyber regulations actually make K–12 schools safer? Navigating compliance while securing school and student data

The Hacker Mind Podcast: Crimeware As A Service

Stay Connected