FreshRSS

πŸ”’
β–³ πŸ”ƒ
☐ β˜† βœ‡ WIRED

5 Best VPN Services (2024): For Routers, PC, iPhone, Android, and More

By Scott Gilbertson β€” April 24th 2024 at 13:30
It won’t solve all of your privacy problems, but a virtual private network can make you a less tempting target for hackers.
☐ β˜† βœ‡ WIRED

ShotSpotter Keeps Listening for Gunfire After Contracts Expire

By Max Blaisdell, Jim Daley β€” April 24th 2024 at 10:00
Internal emails suggest that the company continued to provide gunshot data to police in cities where its contracts had been canceled.
☐ β˜† βœ‡ Troy Hunt

Weekly Update 396

By Troy Hunt β€” April 23rd 2024 at 04:02
Weekly Update 396

"More Data Breaches Than You Can Shake a Stick At". That seems like a reasonable summary and I suggest there are two main reasons for this observation. Firstly, there are simply loads of breaches happening and you know this already because, well, you read my stuff! Secondly, There are a couple of Twitter accounts in particular that are taking incidents that appear across a combination of a popular clear web hacking forum and various dark web ransomware websites and "raising them to the surface", so to speak. That is incidents that may have previously remained on the fringe are being regularly positioned in the spotlight where they have much greater visibility. The end result is greater awareness and a longer backlog of breaches to process than I've ever had before!

Weekly Update 396
Weekly Update 396
Weekly Update 396
Weekly Update 396

References

  1. Sponsored by:Β Report URI: Guarding you from rogue JavaScript! Don’t get pwned; get real-time alerts & prevent breaches #SecureYourSite
  2. Le Slip Français was breached by "shopifyGUY" (I wonder where all these Shopify API keys are coming from?!)
  3. Roku got hit with a pretty sizeable credential stuffing attack (looks like they're now mandating multi-step auth for everyone, which is certainly one way of tackling this)
  4. There's an extraordinary rate of new breaches appearing at the moment (that's a link to the HackManac Twitter account that's been very good at reporting on these)

☐ β˜† βœ‡ WIRED

Change Healthcare Finally Admits It Paid Ransomware Hackersβ€”and Still Faces a Patient Data Leak

By Andy Greenberg β€” April 23rd 2024 at 03:55
The company belatedly conceded both that it had paid the cybercriminals extorting it and that patient data nonetheless ended up on the dark web.
☐ β˜† βœ‡ Krebs on Security

Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme

By BrianKrebs β€” April 22nd 2024 at 20:07

The head of counterintelligence for a division of the Russian Federal Security Service (FSB) was sentenced last week to nine years in a penal colony for accepting a USD $1.7 million bribe to ignore the activities of a prolific Russian cybercrime group that hacked thousands of e-commerce websites. The protection scheme was exposed in 2022 when Russian authorities arrested six members of the group, which sold millions of stolen payment cards at flashy online shops like Trump’s Dumps.

A now-defunct carding shop that sold stolen credit cards and invoked 45’s likeness and name.

As reported by The Record, a Russian court last week sentenced former FSB officer Grigory Tsaregorodtsev for taking a $1.7 million bribe from a cybercriminal group that was seeking a β€œroof,” a well-placed, corrupt law enforcement official who could be counted on to both disregard their illegal hacking activities and run interference with authorities in the event of their arrest.

Tsaregorodtsev was head of the counterintelligence department for a division of the FSB based in Perm, Russia. In February 2022, Russian authorities arrested six men in the Perm region accused of selling stolen payment card data. They also seized multiple carding shops run by the gang, including Ferum Shop, Sky-Fraud, and Trump’s Dumps, a popular fraud store that invoked the 45th president’s likeness and promised to β€œmake credit card fraud great again.”

All of the domains seized in that raid were registered by an IT consulting company in Perm called Get-net LLC, which was owned in part by Artem Zaitsev β€” one of the six men arrested. Zaitsev reportedly was a well-known programmer whose company supplied services and leasing to the local FSB field office.

The message for Trump’s Dumps users left behind by Russian authorities that seized the domain in 2022.

Russian news sites report that Internal Affairs officials with the FSB grew suspicious when Tsaregorodtsev became a little too interested in the case following the hacking group’s arrests. The former FSB agent had reportedly assured the hackers he could have their case transferred and that they would soon be free.

But when that promised freedom didn’t materialize, four the of the defendants pulled the walls down on the scheme and brought down their own roof. The FSB arrested Tsaregorodtsev, and seized $154,000 in cash, 100 gold bars, real estate and expensive cars.

At Tsaregorodtsev’s trial, his lawyers argued that their client wasn’t guilty of bribery per se, but that he did admit to fraud because he was ultimately unable to fully perform the services for which he’d been hired.

The Russian news outlet Kommersant reports that all four of those who cooperated were released with probation or correctional labor. Zaitsev received a sentence of 3.5 years in prison, and defendant Alexander Kovalev got four years.

In 2017, KrebsOnSecurity profiled Trump’s Dumps, and found the contact address listed on the site was tied to an email address used to register more than a dozen domains that were made to look like legitimate Javascript calls many e-commerce sites routinely make to process transactions β€” such as β€œjs-link[dot]su,” β€œjs-stat[dot]su,” and β€œjs-mod[dot]su.”

Searching on those malicious domains revealed a 2016 report from RiskIQ, which shows the domains featured prominently in a series of hacking campaigns against e-commerce websites. According to RiskIQ, the attacks targeted online stores running outdated and unpatched versions of shopping cart software from Magento, Powerfront and OpenCart.

Those shopping cart flaws allowed the crooks to install β€œweb skimmers,” malicious Javascript used to steal credit card details and other information from payment forms on the checkout pages of vulnerable e-commerce sites. The stolen customer payment card details were then sold on sites like Trump’s Dumps and Sky-Fraud.

☐ β˜† βœ‡ WIRED

The Next US President Will Have Troubling New Surveillance Powers

By Dell Cameron β€” April 22nd 2024 at 16:59
Over the weekend, President Joe Biden signed legislation not only reauthorizing a major FISA spy program but expanding it in ways that could have major implications for privacy rights in the US.
☐ β˜† βœ‡ WIRED

North Koreans Secretly Animated Amazon and Max Shows, Researchers Say

By Matt Burgess β€” April 22nd 2024 at 07:00
Thousands of exposed files on a misconfigured North Korean server hint at one way the reclusive country may evade international sanctions.
☐ β˜† βœ‡ WIRED

AI-Controlled Fighter Jets Are Dogfighting With Human Pilots Now

By Dell Cameron, Andrew Couts β€” April 20th 2024 at 10:00
Plus: New York’s legislature suffers a cyberattack, police disrupt a global phishing operation, and Apple removes encrypted messaging apps in China.
☐ β˜† βœ‡ WIRED

The Biggest Deepfake Porn Website Is Now Blocked in the UK

By Matt Burgess β€” April 19th 2024 at 16:54
The world's most-visited deepfake website and another large competing site are stopping people in the UK from accessing them, days after the UK government announced a crackdown.
☐ β˜† βœ‡ WIRED

The Trump Jury Has a Doxing Problem

By Andrew Couts β€” April 18th 2024 at 19:25
One juror in former US president Donald Trump’s criminal case in New York has been excused over fears she could be identified. It could get even messier.
☐ β˜† βœ‡ WIRED

The Real-Time Deepfake Romance Scams Have Arrived

By Matt Burgess β€” April 18th 2024 at 11:00
Watch how smooth-talking scammers known as β€œYahoo Boys” use widely available face-swapping tech to carry out elaborate romance scams.
☐ β˜† βœ‡ Security – Cisco Blog

Cisco Hypershield: A New Era of Distributed, AI-Native Security

By Tom Gillis β€” April 18th 2024 at 06:55

AI is transformative, driving huge productivity gains. The engine of AI β€” the data center β€” will grow substantially, maybe an order of magnitude or more over the coming years.

The industry went thr… Read more on Cisco Blogs

☐ β˜† βœ‡ Security – Cisco Blog

Cisco Hypershield: Reimagining Security

By Craig Connors β€” April 18th 2024 at 06:55
Cisco Hypershield is a new security infrastructure β€” a fabric β€” that can autonomously create defenses and produce measured responses to detected attacks, making security defenders' jobs easier.
☐ β˜† βœ‡ WIRED

Big Tech Says Spy Bill Turns Its Workers Into Informants

By Dell Cameron β€” April 17th 2024 at 18:11
One of Silicon Valley’s most influential lobbying arms joins privacy reformers in a fight against the Biden administration–backed expansion of a major US surveillance program.
☐ β˜† βœ‡ WIRED

Hackers Linked to Russia’s Military Claim Credit for Sabotaging US Water Utilities

By Andy Greenberg β€” April 17th 2024 at 10:00
Cyber Army of Russia Reborn, a group with ties to the Kremlin’s Sandworm unit, is crossing lines even that notorious cyberwarfare unit wouldn’t dare to.
☐ β˜† βœ‡ Security – Cisco Blog

Supercharging Cisco XDR with AI and Identity Intelligence at RSAC 2024

By Teresa Brunner β€” April 17th 2024 at 12:00

Cisco XDR is a leader in providing comprehensive threat detection and response across the entire attack surface. We’ll be showcasing new capabilities that will give security teams even more insight, a… Read more on Cisco Blogs

❌