Tag Archive for: firm

Russian ‘Cyber Sabotage’ A Global Threat: Security Firm

/in


A Sandworm cyber hacker groups linked to Russian intelligence services is expected by computer security firm Mandiant to take aim at Western elections the Kremlin would like to sway


Indranil Mukherjee

Text size

Source…

Fujitsu hack raises questions, after firm confirms customer data breach • Graham Cluley

/in


Fujitsu hack raises questions, after firm confirms customer data breachFujitsu hack raises questions, after firm confirms customer data breach

Fujitsu has warned that cybercriminals may have stolen files with personal and customer data after it discovering malware on its computer systems.

The firm at the center of the British Post Office scandal, said in a Japanese press release that it had discovered the presence of malware on its computers, the potential theft of customer data, and apologised for any concern or inconvenience caused.

Fujitsu announcementFujitsu announcement
Announcement published on Fujitu’s Japanese website.

The press release (a Google-translated version can be read here), is somewhat scant on detail.

For instance:

  • Fujitsu doesn’t disclose the malware found, the number of affected computers, or the internal systems or databases accessed.
  • Fujitsu doesn’t specify the type of malware found – a remote access backdoor? ransomware? something else?
  • Fujitsu doesn’t share details about the stolen information, calling it “personal information and customer information.” For instance, does it include contact details, passwords, or payment information?
  • Fujitsu announced on Friday 15 March that it suffered a cyber attack, but didn’t specify when it was discovered or how long the hackers had access to its systems and data.

Fujitsu says it has reported the incident to regulators and will contact affected individuals and customers.

The company also says that it has not seen any reports of the potentially stolen information being misused. Statements like these are meant to reassure affected parties, but they don’t make you feel much more comfortable in reality.

An absence of evidence is not evidence of absence. How could a company ever confidently and honestly claim it has incontrovertible proof that exfiltrated data has not been exploited by malicious hackers and online fraudsters?

Sign up to our free newsletter.
Security news, advice, and tips.

In the past, there have been many incidents where data stolen in a hack has not immediately shown up, before appearing on the dark web months or even years later.

Source…

Law Firm Sues MSP Over Black Basta Ransomware Attack

/in


A managed service provider (MSP) has been slapped with a lawsuit by a prominent Sacramento, California law firm alleging that it failed to protect it from a ransomware attack that took down its systems.

The lawsuit, which has generated a significant amount of chatter in the channel community, filed by the law firm Mastagni Holstedt in Sacramento Superior Court, claims that LanTech LLC, a privately-owned Sacramento company, failed to adequately protect it from the attackers.

MSSP Alert has reviewed the complaint in which Mastagni is seeking more than $1 million in damages. The firm employs 42 lawyers.

LanTech owner Terry Berg and backup provider Acronis, a Delaware-based provider, doing business in California, are also named as defendants in the filing. Berg has owned LanTech since its inception in 1994.

The plaintiff alleges that they were forced to pay the attackers, said in the complaint to be Black Basta, an undisclosed sum to regain access to its network. The incident occurred in February, 2023 and the lawsuit was filed last month.

Reached by telephone, a LanTech employee declined to comment and said he knew nothing about the suit. Acronis denied any responsibility for the ransomware attack.

“Our investigation revealed that access credentials may have been compromised outside of our systems and used to delete the firm’s backups and execute a ransomware attack,” the company said in a statement to the Sacramento Bee. “Acronis has not been served with the lawsuit and will not be commenting further on this litigation.”

Black Basta, a Russian-speaking group ransomware-as-a-service crew first detected in 2022, is said to have orchestrated some 300 ransomware attacks that have landed it more than $100 million in bitcoin ransom payments.

LanTech describes itself as a “team of IT engineers with a passion for delivering exceptional service to businesses in the Sacramento region. We specialize in network management and have extensive experience in analyzing, integrating, and maintaining crucial IT systems for our clients.” The MSP lists Microsoft, Dell and HP Enterprise as “partners.”

“Major Outage” Sparks Lawsuit

The lawsuit claims that the plaintiff and LanTech entered into an…

Source…

Chinese hacking firm buys officials’ favor with alcohol, women

/in


  • By Dake Kang and Zen Soo / AP, BEIJING

China’s hackers for hire take government officials out for lavish banquets, binge drinking and late-night karaoke with young women to win favor and business, as revealed last month in a highly unusual leak of internal documents from a private contractor linked to Chinese police.

China’s hacking industry is vast in size and scope, but also has shady business practices, disgruntlement over pay and work quality, and poor security protocols, the documents showed.

Private hacking contractors are companies that steal data from other countries to sell to Chinese authorities. Over the past two decades, Chinese state security’s demand for overseas intelligence has soared, giving rise to a vast network of private hackers for hire companies that have infiltrated hundreds of systems outside China.

Photo: AP

Although the existence of these hacking contractors is an open secret in China, little was known about how they operate.

However, the leaked documents from a firm called I-Soon (安洵信息) have pulled back the curtain, revealing a seedy, sprawling industry where corners are cut, and rules are murky and poorly enforced in the quest to make money.

Leaked chat records showed that I-Soon executives are colluding with competitors to rig bidding for government contracts. They pay thousands of dollars in “introduction fees” to contacts who bring them lucrative projects.

I-Soon has not commented on the documents.

Mei Danowski, a cybersecurity analyst who wrote about I-Soon on her blog, Natto Thoughts, said the documents showed that China’s hackers for hire work much like any other industry in China.

“It is profit driven,” Danowski said. “It is subject to China’s business culture — who you know, who you dine and wine with, and who you are friends with.”

Although I-Soon boasted about its hacking prowess in…

Source…