A Russian national has been indicted in the United States for allegedly operating a cybercrime marketplace where stolen credit card information and online banking account data was being traded. According to the indictment, the individual, Igor Dekhtyarchuk, 23, of Russia, operated an illegal shop that had an average of roughly 5,000 daily visitors and sold access to over 48,000 compromised email accounts and more than 39,000 hacked online accounts. READ MORE...
Okta has released additional details about the security incident caused by the Lapsus$ gang, and has named the contractor involved: Sitel. "Like many SaaS providers, Okta uses several companies ('sub-processors') to expand our workforce. These entities help us to deliver for our customers and make them successful with our products. Sitel [...] is an Okta sub-processor that provides Okta with contract workers for our Customer Support organization," explained David Bradbury, Okta's chief security officer. READ MORE...
As tensions continue to rise regarding Russian's invasion of Ukraine, the Conti ransomware group - a Russia-based organization responsible for high-profile attacks on large enterprises as well as critical infrastructure networks - initially announced its support of Putin's invasion on the group's data leak site before issuing a retraction, claiming it condemns "the ongoing war." READ MORE...
Microsoft and identity management platform Okta both this week disclosed breaches involving LAPSUS$, a relatively new cybercrime group that specializes in stealing data from big companies and threatening to publish it unless a ransom demand is paid. Here's a closer look at LAPSUS$, and some of the low-tech but high-impact methods the group uses to gain access to targeted organizations. READ MORE...
At least 30 vulnerabilities were found in the past year in the DIAEnergie industrial energy management system made by Delta Electronics. The company says it has created patches for all of them, but for now most of those patches are only available on demand. In August 2021, the US Cybersecurity and Infrastructure Security Agency (CISA) informed organizations using the DIAEnergie product that researcher Michael Heinzl had identified eight vulnerabilities, including ones rated "critical severity." READ MORE...
The Federal Bureau of Investigation (FBI) says ransomware gangs have breached the networks of at least 649 organizations from multiple US critical infrastructure sectors last year, according to the Internet Crime Complaint Center (IC3) 2021 Internet Crime Report. However, the actual number is likely higher given that the FBI only started tracking reported ransomware incidents in which the victim a critical infrastructure sector organization in June 2021. READ MORE...
AvosLocker is a ransomware-as-a-service (RaaS) gang that first appeared in mid-2021. It has since become notorious for its attacks targeting critical infrastructure in the United States, including the sectors of financial services, critical manufacturing, and government facilities. In March 2022, the FBI and US Treasury Department issued a warning about the attacks. READ MORE...