When it comes to state-sponsored hacking groups, big players such as China and Russia tend to get the most attention. But smaller nations are also continuously expanding their capabilities in cyberspace, often with regional goals in mind. Two studies published in recent days have shown that one of these groups—the Vietnamese state-sponsored threat group APT32, also known as OceanLotus—has expanded its efforts by targeting the country’s Southeast Asian neighbors with malware campaigns….
Sometimes the biggest threat to an organization’s data and IT systems are the employees who work there. A 26-year-old Ukranian citizen who was found guilty of stealing millions of dollars in digital currency and using the proceeds to fund a lavish lifestyle was sentenced Monday by a federal judge in Seattle to nine years in prison and ordered to pay more than $8.3 million in restitution.
From July to September, a handful of new ransomware extortion websites emerged as cybercriminals embraced the tactic as a way to pressure organizations to pay demands, the report found. For example, several victims of the SunCrypt ransomware group—including a school system and hospital—had their data exposed on a website launched in August. In late September, operators associated with the Egregor ransomware family started posting samples of stolen data online giving victims three days to pay the ransom before continuing the leak…
Last October, visitors to the recently-launched GNews website would have seen headlines about China-related issues including Uyghur detention facilities, Hong Kong protests, and the destruction of Tibetan Buddhist sites. Visitors to the website today, however, are met with a stream of conspiracy theories involving presidential candidate Joe Biden and his family, lobbing far-flung allegations of incest, child trafficking, and rape…
As Election Day looms, federal officials, private companies, and information security experts are urging voters to be on guard for misleading information, especially from sites like Facebook, YouTube, and Twitter, where viral information can whipsaw across the country in the blink of an eye. But one disinformation vector may be hiding in plain sight: email….
A Conversation With Jack Rhysider About How He Started His Hit Hacking Podcast Darknet Diaries—and What It Has Taught Him About Infosec
“On a weekly basis, I get some CEO messaging me saying that they would love to be on the show. My first question is always, ‘Have you ever been hacked? And are you willing to talk about that?’ Because that’s the story I want. I want a first-hand experience of the worst day of your life on the job…”
Just two years ago, ransomware was seen as a nuisance: For just a few thousand dollars—and sometimes even less—victims could obtain decryption keys to unlock their data. Since then, the average payment demanded by ransomware operators has skyrocketed, reaching an astounding $178,254 in the second quarter of 2020, nearly quadruple the amount demanded in the same period one year earlier…
A data breach involving a mental health provider in Finland has devolved into a horrifying extortion scheme that includes the abuse of hypersensitive medical data. “It’s an indescribable feeling when you know that someone has information of your traumas and is willing to use it against you,” said one patient who received a ransom email over the weekend and asked not to be named given the sensitivity of the information involved. “I feel like I have once again taken a step back in my treatment. It hurts to know that my journey to better health might take even longer now.”
Ransomware and election security have been the two great themes of the 2020 cybersecurity landscape. So it may not come as a surprise that those topics have finally intersected. With the U.S. presidential election less than two weeks away, a county in northern Georgia that has been hit by ransomware might become a litmus test for how prepared local governments are when it comes to defending voting systems….
“The honest truth is if we’re going to be public about charges, we’re going to charge the case when it’s ready to be charged, when we’re able to line up what we need to operationally, allowing for things like engaging foreign partners and rally like-minded nations into joining us on commenting on the activity. We’re going to do that when we can do it, and if you don’t hear from us for a couple months it just means we’re working on something else…”