The Coming Storm – Page 8 – PossibleThreat Articles

The Original APT: Advanced Persistent Teenagers

April 6, 2022 0 Comments A Little Sunshine, advanced persistent teenagers, amit yoran, APT, cisa, FBI, lapsus, Microsoft, Ne'er-Do-Well News, NVIDIA, okta, Samsung, tenable, The Coming Storm, twitter hack, vishing, voice phishing, wired

Credit to Author: BrianKrebs| Date: Wed, 06 Apr 2022 17:55:38 +0000

Many organizations are already struggling to combat cybersecurity threats from ransomware purveyors and state-sponsored hacking groups, both of which tend to take days or weeks to pivot from an opportunistic malware infection to a full blown data breach. But few organizations have a playbook for responding to the kinds of virtual “smash and grab” attacks we’ve seen recently from LAPSUS$, a juvenile data extortion group whose short-lived, low-tech and remarkably effective tactics are putting some of the world’s biggest corporations on edge.

Independent Krebs Security

Hackers Gaining Power of Subpoena Via Fake “Emergency Data Requests”

March 29, 2022 0 Comments anitsu, data extortion, discord, doxbin, emergency data request, everlynn, fake edr, FBI, kt, lapsus, mark rasch, Microsoft, miku, Ne'er-Do-Well News, oklaqq, palo alto networks, pompompurin, recursion team, The Coming Storm, unit 221b, Web Fraud 2.0, white, whitedoxbin

Credit to Author: BrianKrebs| Date: Tue, 29 Mar 2022 14:07:27 +0000

There is a terrifying and highly effective “method” that criminal hackers are now using to harvest sensitive customer data from Internet service providers, phone companies and social media firms. It involves compromising email accounts and websites tied to police departments and government agencies, and then sending unauthorized demands for subscriber data while claiming the information being requested can’t wait for a court order because it relates to an urgent matter of life and death.

Independent Krebs Security

Pro-Ukraine ‘Protestware’ Pushes Antiwar Ads, Geo-Targeted Malware

March 17, 2022 0 Comments alex holden, github, Hold Security, protestware, russia's war on ukraine, The Coming Storm

Credit to Author: BrianKrebs| Date: Thu, 17 Mar 2022 22:33:21 +0000

Researchers are tracking a number of open-source “protestware” projects on GitHub that have recently altered their code to display “Stand with Ukraine” messages for users, or basic facts about the carnage in Ukraine. The group also is tracking several code packages that were recently modified to erase files on computers that appear to be coming from Russian or Belarusian Internet addresses.

Independent Krebs Security

Report: Recent 10x Increase in Cyberattacks on Ukraine

March 11, 2022 0 Comments anycast, bill woodcock, dns, john todd, Latest Warnings, linx, london internet exchange, megafon, packet clearing house, quad9, rostelecom, russia's war on ukraine, The Coming Storm

Credit to Author: BrianKrebs| Date: Fri, 11 Mar 2022 16:50:11 +0000

As their cities suffered more intense bombardment by Russian military forces this week, Ukrainian Internet users came under renewed cyberattacks, with one Internet company providing service there saying they blocked ten times the normal number of phishing and malware attacks targeting Ukrainians.

Independent Krebs Security

Conti Ransomware Group Diaries, Part II: The Office

March 2, 2022 0 Comments A Little Sunshine, bentley, bleeping computer, conti, emotet, hof, lawrence abrams, mango, Ne'er-Do-Well News, palo alto networks, Ransomware, reverse, ryuk, stern, The Coming Storm, trickbot

Credit to Author: BrianKrebs| Date: Wed, 02 Mar 2022 17:49:52 +0000

Earlier this week, a Ukrainian security researcher leaked almost two years’ worth of internal chat logs from Conti, one of the more rapacious and ruthless ransomware gangs in operation today. Tuesday’s story examined how Conti dealt with its own internal breaches and attacks from private security firms and governments. In Part II of this series we’ll explore what it’s like to work for Conti, as described by the Conti employees themselves.

Independent Krebs Security

Conti Ransomware Group Diaries, Part I: Evasion

March 1, 2022 0 Comments alex holden, alla witte, conti, conti breach, conti ransomware, contileaks, emercoin, emerdns, hof, Hold Security, Ne'er-Do-Well News, Ransomware, revil ransomware, stern, The Coming Storm, trickbot, ukraine

Credit to Author: BrianKrebs| Date: Tue, 01 Mar 2022 20:50:30 +0000

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti, an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. The chat logs offer a fascinating glimpse into the challenges of running a sprawling criminal enterprise with more than 100 salaried employees. The records also provide insight into how Conti has dealt with its own internal breaches and attacks from private security firms and foreign governments.

Independent Krebs Security

Russia Sanctions May Spark Escalating Cyber Conflict

February 25, 2022 0 Comments Latest Warnings, The Coming Storm

Credit to Author: BrianKrebs| Date: Fri, 25 Feb 2022 19:10:04 +0000

President Biden joined European leaders this week in enacting economic sanctions against Russia in response its military invasion of Ukraine. The West has promised tougher sanctions are coming, but experts warn these will almost certainly trigger a Russian retaliation against America and its allies, which could escalate into cyber attacks on Western financial institutions and energy infrastructure.

Independent Krebs Security

Scary Fraud Ensues When ID Theft & Usury Collide

February 2, 2022 0 Comments A Little Sunshine, buckley llp, installment loan, leslie bailey, mountain summit financial, native american financial services association, payday loan, public justice, The Coming Storm, tribal lenders, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Tue, 25 Jan 2022 19:48:40 +0000

What’s worse than finding out that identity thieves took out a 546 percent interest payday loan in your name? How about a 900 percent interest loan? Or how about not learning of the fraudulent loan until it gets handed off to collection agents? One reader’s nightmare experience spotlights what can happen when ID thieves and hackers start targeting online payday lenders.

Independent Krebs Security

At Request of U.S., Russia Rounds Up 14 REvil Ransomware Affiliates

February 2, 2022 0 Comments andrey sergeevich bessonov, colonial pipeline, darkside, dmitri alperovitch, FSB, gandcrab, immersive labs, kevin breen, Ne'er-Do-Well News, notpetya, president biden, Ransomware, revil, roman gennadyevich muromsky, The Coming Storm, vladimir putin

Credit to Author: BrianKrebs| Date: Fri, 14 Jan 2022 22:41:34 +0000

The Russian government said today it arrested 14 people accused of working for “REvil,” a particularly aggressive ransomware group that has extorted hundreds of millions of dollars from victim organizations. The Russian Federal Security Service (FSB) said the actions were taken in response to a request from U.S. officials, but many experts believe the crackdown is part of an effort to reduce tensions over Russian President Vladimir Putin’s decision to station 100,000 troops along the nation’s border with Ukraine.

Independent Krebs Security

‘Wormable’ Flaw Leads January 2022 Patch Tuesday

February 2, 2022 0 Comments cve-2021-22947, cve-2021-36976, cve-2022-21846, cve-2022-21907, dustin childs, exchange server, http protocol stack, Latest Warnings, microsoft patch tuesday january 2022, National Security Agency, rapid7, satnam narang, tenable, The Coming Storm, Time to Patch, trend micro, zero day initiative

Credit to Author: BrianKrebs| Date: Tue, 11 Jan 2022 22:18:55 +0000

Microsoft today released updates to plug nearly 120 security holes in Windows and supported software. Six of the vulnerabilities were publicly detailed already, potentially giving attackers a head start in figuring out how to exploit them in unpatched systems. More concerning, Microsoft warns that one of the flaws fixed this month is “wormable,” meaning no human interaction would be required for an attack to spread from one vulnerable Windows box to another.