Tag Archive for: closer

A Closer Look at the Snatch Data Ransom Group – Krebs on Security


Earlier this week, KrebsOnSecurity revealed that the darknet website for the Snatch ransomware group was leaking data about its users and the crime gang’s internal operations. Today, we’ll take a closer look at the history of Snatch, its alleged founder, and their claims that everyone has confused them with a different, older ransomware group by the same name.

According to a September 20, 2023 joint advisory from the FBI and the U.S. Cybersecurity and Infrastructure Security Administration (CISA), Snatch was originally named Team Truniger, based on the nickname of the group’s founder and organizer — Truniger.

The FBI/CISA report says Truniger previously operated as an affiliate of GandCrab, an early ransomware-as-a-service offering that closed up shop after several years and claims to have extorted more than $2 billion from victims. GandCrab dissolved in July 2019, and is thought to have become “REvil,” one of the most ruthless and rapacious Russian ransomware groups of all time.

The government says Snatch used a customized ransomware variant notable for rebooting Microsoft Windows devices into Safe Mode — enabling the ransomware to circumvent detection by antivirus or endpoint protection — and then encrypting files when few services are running.

“Snatch threat actors have been observed purchasing previously stolen data from other ransomware variants in an attempt to further exploit victims into paying a ransom to avoid having their data released on Snatch’s extortion blog,” the FBI/CISA alert reads. It continues:

“Prior to deploying the ransomware, Snatch threat actors were observed spending up to three months on a victim’s system. Within this timeframe, Snatch threat actors exploited the victim’s network moving laterally across the victim’s network with RDP for the largest possible deployment of ransomware and searching for files and folders for data exfiltration followed by file encryption.”

New York City-based cyber intelligence firm Flashpoint said the Snatch ransomware group was created in 2018, based on Truniger’s recruitment both on Russian language cybercrime forums and public Russian programming boards. Flashpoint said…

Source…

The dream of a ‘quantum internet’ is closer than you might think – Physics World


The dream of a ‘quantum internet’ is closer than you might think – Physics World

Skip to main content



Quantum



Shutterstock/Yurchanka Siarhei

Discover more from Physics World


Copyright © 2023 by IOP Publishing Ltd and individual contributors

bright-reciop pubiop-sciencephyscis connect

Source…

A Closer Look at the LAPSUS$ Data Extortion Group


Microsoft and identity management platform Okta both this week disclosed breaches involving LAPSUS$, a relatively new cybercrime group that specializes in stealing data from big companies and threatening to publish it unless a ransom demand is paid. Here’s a closer look at LAPSUS$, and some of the low-tech but high-impact methods the group uses to gain access to targeted organizations.

First surfacing in December 2021 with an extortion demand on Brazil’s Ministry of Health, LAPSUS$ made headlines more recently for posting screenshots of internal tools tied to a number of major corporations, including NVIDIA, Samsung, and Vodafone.

On Tuesday, LAPSUS$ announced via its Telegram channel it was releasing source code stolen from Microsoft. In a blog post published Mar. 22, Microsoft said it interrupted the LAPSUS$ group’s source code download before it could finish, and that it was able to do so because LAPSUS$ publicly discussed their illicit access on their Telegram channel before the download could complete.

One of the LAPSUS$ group members admitted on their Telegram channel that the Microsoft source code download had been interrupted.

“This public disclosure escalated our action allowing our team to intervene and interrupt the actor mid-operation, limiting broader impact,” Microsoft wrote. “No customer code or data was involved in the observed activities. Our investigation has found a single account had been compromised, granting limited access. Microsoft does not rely on the secrecy of code as a security measure and viewing source code does not lead to elevation of risk.”

While it may be tempting to dismiss LAPSUS$ as an immature and fame-seeking group, their tactics should make anyone in charge of corporate security sit up and take notice. Microsoft says LAPSUS$ — which it boringly calls “DEV-0537” — mostly gains illicit access to targets via “social engineering.” This involves bribing or tricking employees at the target organization or at its myriad partners, such as customer support call centers and help desks.

“Microsoft found instances where the group successfully gained access to target organizations through recruited employees (or employees…

Source…

AWS and the NHL Unveil New Face-off Probability Stat to Bring Hockey Fans Closer to the Action on the Ice


SEATTLE–()–Amazon Web Services, Inc. (AWS), an Amazon.com, Inc. company (NASDAQ: AMZN), and the National Hockey League (NHL) today announced Face-off Probability, a live, in-game NHL stat that will be displayed as a graphic that instantly shows the odds of a player winning a face-off and possession of the puck and displays them on screen for fans watching the broadcast of the game. Before the puck is dropped in a face-off, the Face-off Probability machine learning (ML) model identifies where on the ice a face-off is going to occur, and who will take the face-off, and determines the probability of each player winning the draw.

When play stops, the Face-off Probability model begins generating win probabilities for players who it predicts will take the upcoming face-off. The probabilities are based on metrics including the players on the ice, face-off location, and current game situation. Face-off Probability is one of the first ML driven stats developed for NHL Edge IQ, powered by AWS. Fans can learn more about how AWS is transforming the hockey industry with the NHL on the AWS NHL site.

The face-off is one of the most anticipated and contested moments in hockey. Late in the third period of a close game, when two players are face to face on the ice, waiting for the puck to drop deep in the zone, the tension is palpable. Whichever player wins possession can swing the momentum to his team and directly impact the game’s outcome. With Face-off Probability, fans and broadcasters now have data to back up their predictions and determine which player is most likely to win.

“We’re excited to showcase Face-off Probability as part of NHL Edge IQ,” said Dave Lehanski, NHL Executive Vice President, Business Development and Innovation. “Applying AWS’s machine learning services to game footage and official NHL data allows us to develop and share such analytics and insights as Face-off Probability, which provide new in-game analysis and predictions to enhance live broadcasts and take fans deeper into the game.”

The NHL’s new ML-driven Face-off Probability model, powered by AWS technology and created in partnership with the AWS ML Solutions Lab, uses…

Source…