IT Executive Steals $6 Million, Busted by Word Doc Metadata
A former corporate executive of a global internet company swindled roughly $6 million between August 2015 and May 2019 using a shell company named Interactive Systems. 48-year old Hicham Kabbaj of Floral Park, New York, pleaded guilty today to one count of wire fraud and faces a maximum sentence of 20 years in prison.
Hackers Deface U.S. Gov Website With Pro-Iran Messages
A U.S. government website was vandalized late Saturday by hackers who posted pro-Iran messages. The defaced website was the Federal Depository Library Program (FDLP) website, which makes U.S. federal government publications available to the public for free. The hackers, who struck as tensions between the U.S. and Iran heat up, claimed to be “Iran cyber security group hackers,” however, there’s no evidence to confirm any attribution to Iran at the moment, according to the Department of Homeland Security (DHS).
DeathRansom Campaign Linked to Malware Cornucopia
An ongoing DeathRansom malware campaign has been found by researchers to be part of a larger collection of malicious offensives, all carried out by an actor going by the nickname “scat01.” According to Artem Semenchenko and Evgeny Ananin at FortiGuard Labs, evidence found on Russian underground forums and in their forensic investigations points to a significant connection between ongoing DeathRansom and various infostealing malware campaigns, all likely directed by one Russian-speaking individual living in Italy.
‘Maze’ ransomware threatens data exposure unless $6m ransom paid
What’s the most effective way to fight back against a large ransomware attack? Normally, the answer would be technical or organisational, but a new type of ransomware called Maze seems to have stirred up a very different response in one of its recent victims – bring in the lawyers and try to sue the gang behind it. The victim this time was US cable and wire manufacturer Southwire, which last week filed a civil suit against Maze’s mysterious makers in Georgia Federal court.
The Hidden Cost of Ransomware: Wholesale Password Theft
Organizations in the throes of cleaning up after a ransomware outbreak typically will change passwords for all user accounts that have access to any email systems, servers and desktop workstations within their network. But all too often, ransomware victims fail to grasp that the crooks behind these attacks can and frequently do siphon every single password stored on each infected endpoint. The result of this oversight may offer attackers a way back into the affected organization, access to financial and healthcare accounts, or — worse yet — key tools for attacking the victim’s various business partners and clients.
PCs still running Windows 7 will soon be significantly more at risk of ransomware
PCs still running when Windows 7 reaches end of life on the 14th of January will be significantly more at risk of ransomware, Veritas Technologies has warned. According to experts, 26% of PCs are expected to still be running the Microsoft software after support for patches and bug fixes end. The vulnerability to ransomware of PCs running unsupported software was demonstrated by WannaCry. Despite supported PCs being pushed patches for the cryptoworm, Europol estimated that 200,000 devices in 150 countries.
Backdoors and Breaches incident response card game makes tabletop exercises fun
There's a new, fun way to run a realistic incident response tabletop exercise, and it's called Backdoors and Breaches. Inspired by Dungeons and Dragons (B&B instead of D&D), the game includes a pack of custom playing cards and a 20-sided die. Five to six people can play it in as little as 15 to 20 minutes. The card deck comes from the folks at pentesting firm Black Hills, who sent us a review deck and walked us through how to play. It's a simple concept, easy to play, and looks like a fun way to run a tabletop exercise.
