15% of 2020 ransomware payments carried a sanctions violations risk
Around one in six ransomware payments in 2020 were made to ransomware gangs that had some sort of connection to a US-sanctioned entity.
Biden: No evidence Russian government is involved in Colonial ransomware attack
At a press conference today, President Joe Biden said the US intelligence community has no evidence that the Russian government had any kind of involvement in the ransomware attack that crippled one of the US’ largest fuel supply pipelines last week.
SolarWinds says fewer than 100 customers were impacted by supply chain attack
Texas-based software firm SolarWinds downgraded the number of customers impacted by its 2020 supply chain attack from 18,000 to less than 100.
UK and US share more vulnerabilities exploited by Russia’s APT29 hackers
The UK government’s cybersecurity agency has published today an in-depth report detailing techniques used by a group of Russian state hackers known as APT29, Cozy Bear, or the Dukes.
Credit card fraudster Sergey Pavlovich writes a new chapter
The early 2000s were a ripe time for credit card fraud, and so-called “carders” like Sergey Pavlovich were making a killing. But his luck would fade in 2004, when Belarussian authorities caught the 21-year-old Pavlovich and put him behind bars. Pavlovich would end up serving nearly a decade in jail for his crimes, and is still being investigated in the U.S. Pavlovich, who now lives in Moscow, says he’s reformed and tries to discourage others from following in his path. “In my opinion, it is pointless and dangerous to do carding now,” said Pavlovich…
DOJ hiring new liaison prosecutor to hunt cybercriminals in Eastern Europe
The Justice Department is hiring a new Liaison Prosecutor to work with authorities in Eastern Europe to combat the rising wave of organized cybercrime activity.
China-linked APT group targets Russian nuclear sub designer with an undocumented backdoor
A threat actor believed to be operating on behalf of Chinese state-sponsored interests was recently observed targeting a Russian defense contractor involved in designing nuclear submarines for the Russian Navy, according to new research published today by Cybereason. The attack was narrowly-focused, the firm said, and originated with a spear-phishing attempt targeting a general director working at the Rubin Design Bureau, a Saint Petersburg-based shipbuilder that has designed most of Russia’s nuclear submarines…
SolarWinds security chief: ‘We ran a pretty good shop’
SolarWinds’ chief information security officer defended the company’s practices and technology on Wednesday, saying the attack it experienced at the hands of Russia’s foreign intelligence agency last year wasn’t one that most companies would be prepared for. “We ran a pretty good shop, we had pretty good technology,” Tim Brown, the company’s CISO and vice president of security, said during a webcast hosted by the insurance firm Marsh. “We’ve had four months of inspections and we found things to fix, but it wasn’t like we were super dirty—there wasn’t sloppiness, there wasn’t malware all over our environment.”
Russian intelligence agency SVR sets up dark web whistleblowing platform
The SVR, Russia’s main intelligence service, has deployed a system similar to the SecureDrop whistleblowing platform to allow Russians living abroad to safely send anonymous tips via the Tor network about national security threats.
CISA, FBI, NSA reveal five enterprise bugs exploited by Russia’s APT29 group
Three US security agencies have published on Thursday a joint advisory to expose and draw attention to five vulnerabilities in popular enterprise equipment that have and are still being abused by Russian state hackers to breach corporate and government networks.