Brazilian gang defrauds Uber, Lyft, DoorDash using GPS spoofing and stolen IDs
US authorities have charged a gang of Brazilian nationals for a scheme that defrauded the customers of services like Uber, Lyft, DoorDash, and two other unidentified food delivery services.
Darkside ransomware gang says it lost control of its servers & money a day after Biden threat
A day after US President Joe Biden said the US plans to disrupt the hackers behind the Colonial Pipeline cyberattack, the operator of the Darkside ransomware said the group lost control of its web servers and some of the funds it made from ransom payments.
Irish health system hit by ‘significant’ ransomware attack
Ireland’s national health service, the Health Service Executive (HSE), temporarily shut down its IT systems today after suffering a ransomware attack overnight.
Popular hacking forum bans ransomware ads
One of the most popular hacking forums on the internet today announced that it would ban ransomware ads. The XSS forum, previously known as DaMaGeLab, has been one of the two major places where ransomware gangs have advertised their services and hired partners to carry out attacks.
Security firm Rapid7 says Codecov hackers accessed some of its source code
Boston-based security firm Rapid7 disclosed today that a threat actor accessed some of its source code after a hack at software supplier Codecov earlier this year.
Price of IPv4 addresses, one of the Internet’s hottest commodities, reaches all-time high
Companies that own or manage IPv4 address blocks should be on the lookout for an increased risk of hijacking attempts in the coming months as the price for an IPv4 address has reached an all-time high, which might encourage threat actors to go after unused or unsecured IPv4 inventory.
How Biden’s new executive order plans to prevent another SolarWinds attack
President Biden signed a sweeping executive order on Wednesday aimed at protecting federal networks, as the East Coast continues to deal with the fallout from a ransomware attack that shut down one of the nation’s largest fuel pipelines for several days. The Biden administration has been drafting the order over the last few months, and is designed less to address an incident like the one experienced by Colonial Pipeline, a privately-owned critical infrastructure operator that is believed to have been hit by a criminal gang, than it is aimed at preventing a future SolarWinds-like incident…
Operator of WeLeakInfo database marketplace sentenced to two years in prison
One of the three operators of WeLeakInfo, a website that sold access to hacked databases, was sentenced today in the Netherlands to two years in prison, with one year suspended.
The rebellious origins of cybersecurity’s wittiest, must-read report
The idea that would become the world’s wittiest cybersecurity report was born in the mind of Wade Baker, then a Security Risk Management consultant at a forgotten firm called Cybertrust. It was the mid-aughts, Baker recalls, when he overheard one of the firm’s incident responders talking about patterns he kept uncovering during breach investigations. That’s when it occurred to Baker that the firm’s investigative arm might have access to the exact information he felt was lacking in the cybersecurity industry. Why not use Cybertrust’s incident responders to collect data on the x’s and o’s of cyber intrusions?
FBI warns of cybercriminals abusing search ads to promote phishing sites
The Federal Bureau of Investigation says that cybercrime gangs are using search results and search engine ads to lure victims on phishing sites for financial institutions in order to collect their login credentials.