DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized
The DarkSide ransomware affiliate program responsible for the six-day outage at Colonial Pipeline this week that led to fuel shortages and price spikes across the country is running for the hills. The crime gang announced it was closing up shop after its servers were seized and someone drained the cryptocurrency from an account the group uses to pay affiliates. READ MORE...
Herff Jones credit card breach impacts college students across the US
Graduating students from several universities in the U.S. have been reporting fraudulent transactions after using payment cards at popular cap and gown maker Herff Jones. In the wake of the reports that started last Sunday, the company started an investigation to determine the extent of the data breach. The complaints continued through this week, alerting others to check their card statements for illegal charges. READ MORE...
Toshiba subsidiary confirms ransomware attack, as reports suggest possible DarkSide involvement
European units of Japanese tech giant Toshiba are investigating a security incident in which scammers may have used a similar hacking tool to the malware used against IT systems at Colonial Pipeline. The European subsidiaries of Toshiba Tec Group said Friday that a cyberattack from a criminal gang had prompted the company to disconnect network connections between Japan and Europe to stop the spread of the malware. READ MORE...
FIN7 Backdoor Masquerades as Ethical Hacking Tool
The notorious FIN7 cybercrime gang, a financially motivated group, is spreading a backdoor called Lizar under the guise of being a Windows pen-testing tool for ethical hackers. According to the BI.ZONE Cyber Threats Research Team, FIN7 is pretending to be a legitimate organization that hawks a security-analysis tool. They go to great lengths for verisimilitude, researchers said: "These groups hire employees who are not even aware that they are working with real malware or that their employer is a real criminal group." READ MORE...
Insurer AXA hit by ransomware after dropping support for ransom payments
Branches of insurance giant AXA based in Thailand, Malaysia, Hong Kong, and the Philippines have been struck by a ransomware cyber attack. As seen by BleepingComputer yesterday, the Avaddon ransomware group claimed on their leak site that they had stolen 3 TB of sensitive data from AXA's Asian operations. Additionally, BleepingComputer observed an ongoing Distributed Denial of Service (DDoS) against AXA's global websites making them inaccessible for some time yesterday. READ MORE...
Russian cybercrime forum XSS claims to ban ransomware following Colonial Pipeline hack
In the wake of the disruption to Colonial Pipeline, a popular Russian-language criminal forum has claimed it will ban the sale of ransomware tools, according to multiple researchers who monitor the site. XSS, a prominent underground forum for hacking tools and other scams, on May 13 said the platform would forbid "ransomware sales, ransomware rental and ransomware affiliate programs," according to the threat intelligence firm Digital Shadows. READ MORE...
Colonial Pipeline paid a $5 million ransom-and kept a vicious cycle turning
Nearly a week after a ransomware attack led Colonial Pipeline to halt fuel distribution on the East Coast, reports emerged on Friday that the company paid a 75 bitcoin ransom-worth as much as $5 million, depending on the time of payment-in an attempt to restore service more quickly. And while the company was able to restart operations Wednesday night, the decision to give in to hackers' demands will only embolden other groups going forward. READ MORE...
'Scheme Flooding' Allows Websites to Track Users Across Browsers
A security researcher has discovered a vulnerability that allows websites to track users across a number of different desktop browsers - including Apple Safari, Google Chrome, Microsoft Edge, Mozilla Firefox and Tor - posing a threat to cross-browser anonymity. Called "scheme flooding," the flaw "allows websites to identify users reliably across different desktop browsers and link their identities together," said Konstantin Darutkin, a researcher and developer at FingerprintJS. READ MORE...
- ...in 1792, the New York Stock Exchange is formed.
- ...in 1866, avant-garde composer Erik Satie, best known for his "Gymnopedies", is born in Honfleur, France.
- ...in 1954, the Supreme Court rules unanimously against the practice of racial segregation in schools, in the case of Brown v. Board of Education.
- ...in 1965, musician, film composer, and Nine Inch Nails founder Trent Reznor is born in New Castle, PA.
