Krebs – Page 32 – PossibleThreat Articles

Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware

March 17, 2022 0 Comments alex holden, github, Hold Security, protestware, russia's war on ukraine, The Coming Storm

Credit to Author: BrianKrebs| Date: Thu, 17 Mar 2022 22:33:21 +0000

Researchers are tracking a number of open-source “protestware” projects on GitHub that have recently altered their code to display “Stand with Ukraine” messages for users, or basic facts about the carnage in Ukraine. The group also is tracking several code packages that were recently modified to erase files on computers that appear to be coming from Russian or Belarusian Internet addresses.

Independent Krebs Security

Lawmakers Probe Early Release of Top RU Cybercrook

March 15, 2022 0 Comments aleksei burkov, directconnection, jake sullivan, k0pa, mazafaka, naama issachar, Ne'er-Do-Well News, vladimir putin

Credit to Author: BrianKrebs| Date: Tue, 15 Mar 2022 15:37:43 +0000

Aleksei Burkov, a cybercriminal who long operated two of Russia’s most exclusive underground hacking forums, was arrested in 2015 by Israeli authorities. The Russian government fought Burkov’s extradition to the U.S. for four years — even arresting and jailing an Israeli woman to force a prisoner swap. That effort failed: Burkov was sent to America, pleaded guilty, and was sentenced to nine years in prison. But a little more than a year later, he was quietly released and deported back to Russia. Now some Republican lawmakers are asking why a Russian hacker once described as “an asset of supreme importance” was allowed to shorten his stay.

Independent Krebs Security

Report: Recent 10x Increase in Cyberattacks on Ukraine

March 11, 2022 0 Comments anycast, bill woodcock, dns, john todd, Latest Warnings, linx, london internet exchange, megafon, packet clearing house, quad9, rostelecom, russia's war on ukraine, The Coming Storm

Credit to Author: BrianKrebs| Date: Fri, 11 Mar 2022 16:50:11 +0000

As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians.

Independent Krebs Security

Microsoft Patch Tuesday, March 2022 Edition

March 9, 2022 0 Comments cve-2022-21967, cve-2022-21990, cve-2022-23277, cve-2022-23285, cve-2022-24459, cve-2022-24503, cve-2022-24508, cve-2022-24512, dustin childs, greg wiseman, immersive labs, kevin breen, microsoft exchange server, microsoft patch tuesday march 2022, rapid7, remote desktop, Time to Patch, trend micro zero day initiative, windows smbv3

Credit to Author: BrianKrebs| Date: Wed, 09 Mar 2022 16:22:12 +0000

Microsoft on Tuesday released software updates to plug at least 70 security holes in its Windows operating systems and related software. For the second month running, there are no scary zero-day threats looming for Windows users (that we know of), and relatively few “critical” fixes. And yet we know from experience that attackers are already trying to work out how to turn these patches into a roadmap for exploiting the flaws they fix. Here’s a look at the security weaknesses Microsoft says are most likely to be targeted first.

Independent Krebs Security

Internet Backbone Giant Lumen Shuns .RU

March 8, 2022 0 Comments cogent, doug madory, icann, kentik, lumen technologies, neil macfarquhar, russia's war on ukraine, sergey vovnenko

Credit to Author: BrianKrebs| Date: Tue, 08 Mar 2022 23:35:15 +0000

Lumen Technologies, an American company that operates one of the largest Internet backbones and carries a significant percentage of the world’s Internet traffic, said today it will stop routing traffic for organizations based in Russia. Lumen’s decision comes just days after a similar exit by backbone provider Cogent, and amid a news media crackdown in Russia that has already left millions of Russians in the dark about what is really going on with their president’s war in Ukraine.

Independent Krebs Security

Conti Ransomware Group Diaries, Part IV: Cryptocrime

March 7, 2022 0 Comments A Little Sunshine, athens university school of information sciences and technolog, begemot, bloodrush, chainalysis, conti ransomware, DDoS, demon, ghost, Gizmodo, jeffrey ladish, mango, matt novak, Ne'er-Do-Well News, pump and dump, Ransomware, squid, stern, van

Credit to Author: BrianKrebs| Date: Tue, 08 Mar 2022 01:38:36 +0000

Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. The candid messages revealed how Conti evaded law enforcement and intelligence agencies, what it was like on a typical day at the Conti office, and how Conti secured the digital weaponry used in their attacks. This final post on the Conti conversations explores different schemes that Conti pursued to invest in and steal cryptocurrencies.

Independent Krebs Security

Conti Ransomware Group Diaries, Part III: Weaponry

March 4, 2022 0 Comments A Little Sunshine, alarm, bentley, bio, bloodrush, chainalysis, cobalt strike, conti, grant, kaktus, lemans corporation, Ne'er-Do-Well News, pin, Ransomware, reshaev, revers, salamandra, skippy, the spaniard, tramp, trickbotleaks, trump

Credit to Author: BrianKrebs| Date: Fri, 04 Mar 2022 20:20:29 +0000

Part I of this series examined newly-leaked internal chats from the Conti ransomware group, and how the crime gang dealt with its own internal breaches. Part II explored what it’s like to be an employee of Conti’s sprawling organization. Today’s Part III looks at how Conti abused a panoply of popular commercial security services to undermine the security of their targets, as well as how the team’s leaders strategized for the upper hand in ransom negotiations with victims.

Independent Krebs Security

Conti Ransomware Group Diaries, Part II: The Office

March 2, 2022 0 Comments A Little Sunshine, bentley, bleeping computer, conti, emotet, hof, lawrence abrams, mango, Ne'er-Do-Well News, palo alto networks, Ransomware, reverse, ryuk, stern, The Coming Storm, trickbot

Credit to Author: BrianKrebs| Date: Wed, 02 Mar 2022 17:49:52 +0000

Earlier this week, a Ukrainian security researcher leaked almost two years’ worth of internal chat logs from Conti, one of the more rapacious and ruthless ransomware gangs in operation today. Tuesday’s story examined how Conti dealt with its own internal breaches and attacks from private security firms and governments. In Part II of this series we’ll explore what it’s like to work for Conti, as described by the Conti employees themselves.

Independent Krebs Security

Conti Ransomware Group Diaries, Part I: Evasion

March 1, 2022 0 Comments alex holden, alla witte, conti, conti breach, conti ransomware, contileaks, emercoin, emerdns, hof, Hold Security, Ne'er-Do-Well News, Ransomware, revil ransomware, stern, The Coming Storm, trickbot, ukraine

Credit to Author: BrianKrebs| Date: Tue, 01 Mar 2022 20:50:30 +0000

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti, an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. The chat logs offer a fascinating glimpse into the challenges of running a sprawling criminal enterprise with more than 100 salaried employees. The records also provide insight into how Conti has dealt with its own internal breaches and attacks from private security firms and foreign governments.

Independent Krebs Security

Russia Sanctions May Spark Escalating Cyber Conflict

February 25, 2022 0 Comments Latest Warnings, The Coming Storm

Credit to Author: BrianKrebs| Date: Fri, 25 Feb 2022 19:10:04 +0000

President Biden joined European leaders this week in enacting economic sanctions against Russia in response its military invasion of Ukraine. The West has promised tougher sanctions are coming, but experts warn these will almost certainly trigger a Russian retaliation against America and its allies, which could escalate into cyber attacks on Western financial institutions and energy infrastructure.