IT Security Newsletter

IT Security Newsletter - 08/27/2020

Written by Cadre | Thu, Aug 27, 2020

Feds avert Russian man's $1 million plot to infect Nevada company's network

A Russian national has been criminally charged for allegedly offering $1 million to a person in return for them infecting their employer's network with malware. Federal prosecutors said that Egor Igorevich Kriuchkov, 27, met with the unnamed employee on multiple occasions to entice them to install malware that would exfiltrate data from the unidentified Nevada-based company. The group behind the attack allegedly would then demand $4 million in return for the information. READ MORE...

US govt warns of North Korean hackers targeting banks worldwide

North Korean hackers tracked as BeagleBoyz have been using malicious remote access tools as part of ongoing attacks to steal millions from international banks according to a joint advisory issued today by several U.S. Government agencies. The joint release says that North Korea's BeagleBoyz hacking group has once again started robbing banks through remote internet access since February 2020 to fund the North Korean regime. BeatleBoys are currently targeting banks in more than 30 countries. READ MORE...

With Empire gone, patrons eye other illegal darkweb markets

Dark web marketplace Empire has recently made an abrupt exit after being subject to a heavy DDoS attack campaign, and extortion attempts. According to the latest reports, Empire site admins had been struggling to keep the operation afloat, and the recent blow from cyber-attacks left them no choice but to put the illicit marketplace to rest with a bleak possibility of its return. With many customers and vendors left in the dark (no pun intended) about Empire's whereabouts, and with their money stuck in escrow. READ MORE...

New Zealand stock exchange halted trading after DDoS attacks

New Zealand's stock exchange (NZX) has been impacted by distributed denial-of-service (DDoS) attacks during the last two days, forcing it to shut down trading until the connectivity issues were resolved. NZX operates New Zealand's capital, risk, and commodity markets, and it supplies market information including real-time stock quotes, market data and news. The stock market announced around 7 AM today that it was able to restore services after it had to halt cash markets yesterday afternoon. READ MORE...

From zero to hero: Zero2Automated malware reverse engineering course

With ransomware attacks running rampant, nation-state actors targeting foreign companies and governments, and democracy under siege through misinformation campaigns, cybersecurity plays an increasingly important role in our society. For those looking to get started in cybersecurity, there are many ways to start learning, including reading books, playing with malware in a virtual machine, or using crackmes to learn reverse engineering. READ MORE...

Emulation of Malicious Shellcode With Speakeasy

In order to enable emulation of malware samples at scale, we have developed the Speakeasy emulation framework. Speakeasy aims to make it as easy as possible for users who are not malware analysts to acquire triage reports in an automated way, as well as enabling reverse engineers to write custom plugins to triage difficult malware families. Originally created to emulate Windows kernel mode malware, Speakeasy now also supports user mode samples. READ MORE...

SunCrypt Ransomware sheds light on the Maze ransomware cartel

A ransomware named SunCrypt has joined the 'Maze cartel,' and with their membership, we get insight into how these groups are working together. In June, we broke the story that the Maze threat actors created a cartel of ransomware operations to share information and techniques to help each other extort their victims. When first started, this cartel included Maze and LockBit, but soon expanded to include Ragnar Locker. READ MORE...

Confessions of an ID Theft Kingpin, Part I

At the height of his cybercriminal career, the hacker known as "Hieupc" was earning $125,000 a month running a bustling identity theft service that siphoned consumer dossiers from some of the world's top data brokers. That is, until his greed and ambition played straight into an elaborate snare set by the U.S. Secret Service. Now, after more than seven years in prison Hieupc is back in his home country and hoping to convince other would-be cybercrooks to use their computer skills for good. READ MORE...

New map shows vulnerability of Antarctic ice to self-fracking

In 2016, a study found that adding a couple new processes to a model of the Antarctic ice sheets made them much more vulnerable to melt, greatly increasing global sea level rise-both this century and in the centuries to come. It was an alarming result, to be sure, but also a bit conjectural. The researchers didn't have a way to assess how realistically the new processes were modeled, so they viewed their paper as raising a question deserving attention rather than providing an answer. READ MORE...

5G in US averages 51Mbps while other countries hit hundreds of megabits

It's an upgrade over 4G but not a huge one due to reliance on low-band spectrum. Average 5G download speeds in the US are 50.9Mbps, a nice step up from average 4G speeds but far behind several countries where 5G speeds are in the 200Mbps to 400Mbps range. These statistics were reported today by OpenSignal, which presented average 5G speeds in 12 countries based on user-initiated speed tests conducted between May 16 and August 14. The US came in last of the 12 countries in 5G speeds, with 10 of the 11 other countries posting 5G. READ MORE...

  • ...in 1859, Edwin Drake struck oil at 69 feet near Titusville, Pennsylvania - the world's first successful oil well.
  • ...in 1883, the most powerful volcanic eruption in recorded history occurs on Krakatoa.
  • ...in 1904, Newport, Rhode Island, imposed the first jail sentence for a speeding violation.
  • ...in 1964, the Beatles performed at the Cincinnati Gardens.