There was a big win for the good guys against the bad guys this week. On December 13, 2023, after obtaining an order from the federal court in the Southern District of New York to seize U.S. based infrastructure and take offline websites used by a group Microsoft identifies as Storm-1152, Microsoft’s Digital Crimes Unit
cybercriminals
Wyoming LLCs Apparently Driving Cybersecurity Threats
According to new reporting from Reuters, cybercriminals are exploiting Wyoming’s limited liability corporation law to set up legitimate-seeming endpoints for illicit traffic. Filtering traffic through the United States allows criminals to evade detection by their targets and law enforcement. Wyoming’s LLC governance system, often promoted as being business-friendly and user-friendly, enables criminals to create…
40 Countries Including US Vow Not to Pay Ransomware
The United States joined 39 other countries this week in the International Counter Ransomware Initiative, an effort to stem the flow of ransom payments to cybercriminals. The initiative aims to eliminate criminals’ funding through better information sharing about ransom payment accounts. Member states will develop two information-sharing platforms, one created by Lithuania and another jointly…
HC3 Warns Healthcare Organizations of NoEscape Ransomware
On October 12, 2023, the Health Sector Cybersecurity Coordination Center (HC3) issued an Alert to the healthcare industry about a “new threat actor and ransomware,” NoEscape, which is threatening health care organizations.
According to the Alert, the cybercriminals behind NoEscape “have constructed their malware and its associated infrastructure entirely from scratch.” Offering Ransomware-as-a-Service, they…
FIN8 Back in Business Stealing Credit Card Information with Badhatch
Security research firm Gigamon has reported that the nasty cybercriminal group FIN8 may have reappeared in June after a two year silence. FIN8 is known for implementing malware on point of sale systems to steal credit card information and selling it on the dark web.
FIN8 appears to be back in business with a new…
Privacy Tip #200 – Iranian Backed Hacking Group Using LinkedIn To Deliver Malicious Documents
Fireeye published research last week that it has identified a phishing campaign by APT34, which is known to be a hacking group out of Iran, that all LinkedIn users should be aware of when considering adding a LinkedIn contact. In particular, if you receive a LinkedIn request from someone named Rebecca Watts from Cambridge University,…
FBI Issues Private Warning to Banks about Unlimited ATM Cash-outs
On August 10, 2018, the Federal Bureau of Investigation (FBI) issued a private warning to banks that cybercriminals are planning to “conduct a global Automated Teller Machine (ATM) cash-out scheme in the coming days, likely associated with an unknown card issuer breach and commonly referred to as an ‘unlimited operation.’”
A typical unlimited operation uses…
Privacy Tip #125 – Check + Set LinkedIn Privacy Settings
It is well known that hackers and fraudsters surf Facebook to find individuals who have not protected their information through Facebook’s privacy settings. People put a lot of information on Facebook that is very personal and can give criminals detailed leads on how to launch successful campaigns against unsuspecting victims.
Less publicized is the fact…
Connecticut Town Struck by Cyber Fraud
On January 17, 2017, officials in Farmington, Connecticut disclosed that the town was recently the victim of a multi-million dollar theft likely perpetrated by sophisticated cybercriminals operating in China. The thieves intercepted a $2 million dollar Automated Clearing House (ACH) transfer that was intended as payment to a local company for work on a large town project.
The theft, which serves as a stark reminder to organizations of the need to assess and update their money transfer internal controls, is the latest in a string of cyber fraud schemes exploiting ACH, Society for Worldwide Interbank Financial Telecommunication (SWIFT), and other money transfer systems. Similar thefts of municipal money have been reported in Kansas, Texas, and New Hampshire, and attacks on banks in Ukraine, Bangladesh, and Ecuador have resulted in losses ranging from $10 million to $81 million.
Continue Reading Connecticut Town Struck by Cyber Fraud
Large Majority of Businesses Pay to Unlock Ransomware
2016 has been a banner year for ransomware cybercriminals. We have seen a dramatic rise in the use of ransomware, and businesses continue to become victims to ransomware, primarily through phishing and spear phishing schemes.
The cybercriminals are getting so brazen, that when they attack a business with ransomware, they actually provide instructions on how…