Tracking ransomware cryptocurrency payments: What now for Bitcoin?
www.welivesecurity.com/2021/06/11/tracking-ransomware-cryptocurrency-payments/ Earlier this week, the Department of Justice announced it seized around $2.3 million worth of bitcoin (BTC 63.7) collected in the BTC 75 payment for Colonial Pipeline ransomware. Does this mean Bitcoin is hackable given enough computation horsepower?. For years Bitcoins weaknesses (or strengths, depending on your point of view) have been known, yet rarely come to the fore. But scammers got greedy, or the market just decided for them. With public sentiment boiling, along with policymakers willingness to pursue those trying to take control of critical infrastructure, the appetite to go after Bitcoin has resurfaced.
Audi, Volkswagen data breach affects 3.3 million customers
www.bleepingcomputer.com/news/security/audi-volkswagen-data-breach-affects-33-million-customers/ Audi and Volkswagen have suffered a data breach affecting 3.3 million customers after a vendor exposed unsecured data on the Internet. Volkswagen Group of America, Inc. (VWGoA) is the North American subsidiary of the German Volkswagen Group. It is responsible for US and Canadian operations for Volkswagen, Audi, Bentley, Bugatti, Lamborghini, and VW Credit, Inc.. According to data breach notifications filed with the California and Maine Attorney General’s office, VWGoA disclosed that a vendor left unsecured data exposed on the Internet between August 2019 and May 2021.. Also:
Fortinet Targeted for Unpatched SSL VPN Discovery Activity
isc.sans.edu/forums/diary/Fortinet+Targeted+for+Unpatched+SSL+VPN+Discovery+Activity/27520/ Over the past 60 days, I have observed scanning activity to discover FortiGate SSL VPN unpatched services. Fortinet has fixed several critical vulnerabilities in SSL VPN and web firewall this year from Remote Code Execution (RCE) to SQL Injection, Denial of Service (DoS) which impact the FortiProxy SSL VPN and FortiWeb Web Application Firewall (WAF) products. Two weeks ago, US-CERT released an alert re-iterating that APT actors are looking for Fortinet vulnerabilities to gain access to networks.
Unpatched Bugs Found Lurking in Provisioning Platform Used with Cisco UC
threatpost.com/unpatched-bugs-provisioning-cisco-uc/166882/ The Akkadian Provisioning Manager, which is used as a third-party provisioning tool within Cisco Unified Communications environments, has three high-severity security vulnerabilities that can be chained together to enable remote code execution (RCE) with elevated privileges, researchers said. They remain unpatched, according to the researchers at Rapid7 who discovered them.
As Ransomware Demands Boom, Insurance Companies Keep Paying Out
www.wired.com/story/ransomware-insurance-payments/ EARLIER THIS WEEK, Colonial Pipeline CEO Joseph Blount testified before the House Homeland Security Committee that his company had filed a claim with its cyberinsurance carrier for the $4.4 million cryptocurrency ransom it paid last month. This week, US authorities announced that they had managed to recover $2.3 million of that ransom, raising further questions about who would receive that moneyColonial Pipeline or its insurance carriersand what signal it would send to ransomware victims and their insurers.
Trickbot Investigation Shows Details of Massive Cybercrime Effort
beta.darkreading.com/threat-intelligence/trickbot-investigation-shows-details-of-massive-cybercrime-effort The group behind the Trickbot malware operation, which infected more than a million systems in nearly a dozen countries, includes malware experts, freelance developers, and pay-as-you-go money mules, among other participants, according to an indictment against one developer unsealed this week. Details from the indictment against Latvian national Alla Witte charged with being a developer with the group paints a picture of a sprawling, and largely ad hoc, organization that expanded its operations to include almost 20 different participants, and probably more.
U.S. Army Hacked By 40 Military And Civilian Hackers In Six Weeks
www.forbes.com/sites/daveywinder/2021/06/12/us-army-hacked-by-40-military-and-civilian-hackers-in-six-weeks/ Across six weeks, starting in January 2021, a team of hackers described as top-tier military and civilian operatives took aim at military assets belonging to the U.S. Department of the Army and the U.S. Defense Digital Services. These assets included a number of army.mil and westpoint.edu applications. The operation was a success, and that’s no bad thing because the hackers were participating in the third Hack the Army event to have taken place since 2016.