A Little Sunshine – Page 20 – PossibleThreat Articles

A Closer Look at the LAPSUS$ Data Extortion Group

March 23, 2022 0 Comments A Little Sunshine, Ne'er-Do-Well News, SIM swapping

Credit to Author: BrianKrebs| Date: Wed, 23 Mar 2022 22:00:43 +0000

Microsoft and identity management platform Okta both disclosed this week breaches involving LAPSUS$, a relatively new cybercrime group that specializes in stealing data from big companies and threatening to publish the information unless a ransom demand is paid. Here’s a closer look at LAPSUS$, and some of the low-tech but high-impact methods the group uses to gain access to targeted organizations.

Independent Krebs Security

Conti Ransomware Group Diaries, Part IV: Cryptocrime

March 7, 2022 0 Comments A Little Sunshine, athens university school of information sciences and technolog, begemot, bloodrush, chainalysis, conti ransomware, DDoS, demon, ghost, Gizmodo, jeffrey ladish, mango, matt novak, Ne'er-Do-Well News, pump and dump, Ransomware, squid, stern, van

Credit to Author: BrianKrebs| Date: Tue, 08 Mar 2022 01:38:36 +0000

Three stories here last week pored over several years’ worth of internal chat records stolen from the Conti ransomware group, the most profitable ransomware gang in operation today. The candid messages revealed how Conti evaded law enforcement and intelligence agencies, what it was like on a typical day at the Conti office, and how Conti secured the digital weaponry used in their attacks. This final post on the Conti conversations explores different schemes that Conti pursued to invest in and steal cryptocurrencies.

Independent Krebs Security

Conti Ransomware Group Diaries, Part III: Weaponry

March 4, 2022 0 Comments A Little Sunshine, alarm, bentley, bio, bloodrush, chainalysis, cobalt strike, conti, grant, kaktus, lemans corporation, Ne'er-Do-Well News, pin, Ransomware, reshaev, revers, salamandra, skippy, the spaniard, tramp, trickbotleaks, trump

Credit to Author: BrianKrebs| Date: Fri, 04 Mar 2022 20:20:29 +0000

Part I of this series examined newly-leaked internal chats from the Conti ransomware group, and how the crime gang dealt with its own internal breaches. Part II explored what it’s like to be an employee of Conti’s sprawling organization. Today’s Part III looks at how Conti abused a panoply of popular commercial security services to undermine the security of their targets, as well as how the team’s leaders strategized for the upper hand in ransom negotiations with victims.

Independent Krebs Security

Conti Ransomware Group Diaries, Part II: The Office

March 2, 2022 0 Comments A Little Sunshine, bentley, bleeping computer, conti, emotet, hof, lawrence abrams, mango, Ne'er-Do-Well News, palo alto networks, Ransomware, reverse, ryuk, stern, The Coming Storm, trickbot

Credit to Author: BrianKrebs| Date: Wed, 02 Mar 2022 17:49:52 +0000

Earlier this week, a Ukrainian security researcher leaked almost two years’ worth of internal chat logs from Conti, one of the more rapacious and ruthless ransomware gangs in operation today. Tuesday’s story examined how Conti dealt with its own internal breaches and attacks from private security firms and governments. In Part II of this series we’ll explore what it’s like to work for Conti, as described by the Conti employees themselves.

Independent Krebs Security

IRS: Selfies Now Optional, Biometric Data to Be Deleted

February 22, 2022 0 Comments A Little Sunshine, id.me, internal revenue service, irs, login.gov, sen. ron wyden, u.s. general services administration

Credit to Author: BrianKrebs| Date: Tue, 22 Feb 2022 17:50:33 +0000

The U.S. Internal Revenue Service (IRS) said Monday that taxpayers are no longer required to provide facial scans to create an account online at irs.gov. In lieu of providing biometric data, taxpayers can now opt for a live video interview with ID.me, the privately-held Virginia company that runs the agency’s identity proofing system. The IRS also said any biometric data already shared with ID.me would be permanently deleted over the next few weeks, and any biometric data provided for new signups will be destroyed after an account is created.

Independent Krebs Security

Report: Missouri Governor’s Office Responsible for Teacher Data Leak

February 22, 2022 0 Comments A Little Sunshine, Data Breaches, elad gross, josh renaud, mallory mcgowin, missouri gov. mike parson, missouri highway patrol, shaji khan, st. louis post-dispatch

Credit to Author: BrianKrebs| Date: Tue, 22 Feb 2022 16:18:57 +0000

Missouri Governor Mike Parson made headlines last year when he vowed to criminally prosecute a journalist for reporting a security flaw in a state website that exposed personal information of more than 100,000 teachers. But Missouri prosecutors now say they… Read More »

Independent Krebs Security

Wazawaka Goes Waka Waka

February 14, 2022 0 Comments #babuk, A Little Sunshine, babuk ransomware, biba99, boriselcin, Cisco Talos, cve-2021-20028, dmitry smilyanets, groove ransom, mikhail pavlovich matveev, Ne'er-Do-Well News, orange, RaidForums, ramp, Ransomware, sonicwall vpn, teresacox19963@gmail.com, tox, verified, washington metropolitan police department, wazawaka

Credit to Author: BrianKrebs| Date: Mon, 14 Feb 2022 18:22:38 +0000

In January, KrebsOnSecurity examined clues left behind by “Wazawaka,” the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. Wazawaka has since “lost his mind” according to his erstwhile colleagues, creating a Twitter account to drop exploit code for a widely-used virtual private networking (VPN) appliance, and publishing bizarre selfie videos taunting security researchers and journalists. In last month’s story, we explored clues that led from Wazawaka’s multitude of monikers, email addresses, and passwords to a 30-something father in Abakan, Russia named Mikhail Pavlovich Matveev. This post concerns itself with the other half of Wazawaka’s identities not mentioned in the first story, such as how Wazawaka also ran the Babuk ransomware affiliate program, and later became “Orange,” the founder of the ransomware-focused Dark Web forum known as “RAMP.”

Independent Krebs Security

IRS To Ditch Biometric Requirement for Online Access

February 7, 2022 0 Comments A Little Sunshine, id.me, internal revenue service, sen. ron wyden, the washington post, u.s. general services administration

Credit to Author: BrianKrebs| Date: Mon, 07 Feb 2022 20:56:52 +0000

The Internal Revenue Service (IRS) said today it will be transitioning away from requiring biometric data from taxpayers who wish to access their records at the agency’s website. The reversal comes as privacy experts and lawmakers have been pushing the IRS and other federal agencies to find less intrusive methods for validating one’s identity with the U.S. government online.

Independent Krebs Security

How Phishers Are Slinking Their Links Into LinkedIn

February 3, 2022 0 Comments A Little Sunshine, amazon, avanan, check point, fortinet, irs, jeremy fuchs, Latest Warnings, LinkedIn, Microsoft, Paypal, slinks, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Thu, 03 Feb 2022 18:49:38 +0000

If you received a link to LinkedIn.com via email, SMS or instant message, would you click it? Spammers, phishers and other ne’er-do-wells are hoping you will, because they’ve long taken advantage of a marketing feature on the business networking site which lets them create a LinkedIn.com link that bounces your browser to other websites, such as phishing pages that mimic top online brands (but chiefly Linkedin’s parent firm Microsoft).

Independent Krebs Security

Fake Investor John Bernard Sinks Norwegian Green Shipping Dreams

February 2, 2022 0 Comments A Little Sunshine, freidig shipping, guy devos, harald berglihn, harald vanvik, inside knowledge, john bernard, john clifton davies, Ne'er-Do-Well News, nils-odd tønnevold, the weeknd, uber, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Sat, 29 Jan 2022 18:05:52 +0000

Several articles here have delved into the history of John Bernard, the pseudonym used by a fake billionaire technology investor who’s tricked dozens of start-ups into giving him tens of millions of dollars. Bernard’s latest victim — a Norwegian startup hoping to build a fleet of environmentally friendly shipping vessels — is now embroiled in a lawsuit over a deal gone bad, in which Bernard falsely claimed to have secured $100 million from six other wealthy investors, including the founder of Uber and the artist Abel Makkonen Tesfaye, better known as The Weeknd.