Tag Archive for: LargeScale

Police apprehend global cyber gang implicated in large-scale fraud

/in


The Met Police, a long with a host of other global law enforcement agencies, have dismantled a criminal gang that used a technology service to facilitate fraudulent text messages, leading to theft from victims. The scam primarily targeted younger individuals familiar with the internet. The technology service, LabHost, aided scammers in sending deceptive messages and directing victims to fake websites resembling legitimate online payment or shopping services.



The criminals obtained identity information, including card numbers and Pin codes, resulting in significant financial losses. Though the exact amount stolen remains unknown, LabHost reportedly generated nearly £1m in profits. In the UK alone, around 70,000 victims are thought to have been deceived into providing their details online, with 25,000 identified victims receiving warning text messages about potential fraudulent sites.

Victims are advised to seek guidance on the Metropolitan Police website, and their cases have been reported to fraud investigators. Personal details discovered in data obtained from LabHost have been secured by authorities.

In light of this story, the cybersecurity community has been positive in hearing this news:

Adam Pilton, Cyber Security Consultant at CyberSmart, and former Detective Sergeant investigating cybercrime at Dorset Police: “This is another fantastic result for UK and international law enforcement. 

“In February, we saw the takedown of Lockbit, the largest ransomware gang. This was an international operation which stemmed from fantastic work by the South West Regional Organised Crime Unit.

“This operation will be no different, and we should not underestimate the amount of work put into operations such as this. It took two years to reach this point and there would have been many people involved. This kind of incident would most likely have started from the intelligence gathered by law enforcement and investigative agencies. 

“This is why it is so important to report cybercrime: Even reporting phishing emails helps to build that intelligence picture, which enables law enforcement to protect us.

“One area of particular concern is the increasing tendency to see…

Source…

‘Mother of all data breaches’ reported in latest large-scale hack

/in


‘Mother of all data breaches’ hits numerous websites

Huirong Fu is a founding director of OU’s Center for Cybersecurity. She says this is difficult for consumers who sometimes have no choice but to register their information with companies they want to do business with.

FOX 2 (WJBK)It’s a shocking number – 26  billion account records were stolen in what’s being called the ‘mother of all data breaches.’

The leak includes popular sites like Dropbox,  Linkedin, Telegram, and Twitter. It was detailed in a report from Cybernews.com and is unsettling for anyone who ever goes online. 

“It’s horrible. It’s really horrible,” said Professor Huirong Fu, of Oakland University.

Fu is a founding director of OU’s Center for Cybersecurity.  She says this is difficult for consumers who sometimes have no choice but to register their information with companies they want to do business with.

This includes taking birthdays, addresses, and sometimes even Social Security numbers, putting many people between a rock and a hard place.

“We have no choice, if they don’t want to provide this information, they can not use their platform,” she said. “This is horrible.”

Cybernews.com calls it the “Mother of all Breaches” – 12 terabytes of information. Some companies you’ve likely used,

So can you do anything?

The Federal Trade Commission has some general tips: Secure your devices by keeping security software, internet browser, and operating systems up to date. protect your accounts — particularly those with personal information, like your bank, email, and social media accounts.

Strong passwords and multi-factor authentication can really help. Also be very circumspect when giving out any personal information to any organization even if you trust them, because the possibility of a hack is always a real threat.

For more on the data breach click here.

Source…

VMware ESXi Servers Targeted in Large-Scale Ransomware Campaign

/in


Posted By HIPAA Journal on Feb 6, 2023

The French Computer Emergency Response Team (CERT-FR) has warned about an ongoing ransomware campaign targeting VMware ESXi hypervisors that have not been patched against the critical heap-overflow vulnerability tracked as CVE-2021-21974.

VMware issued a patch on February 3, 2021, to fix the vulnerability; however, hundreds of VMware ESXi virtual machines are still vulnerable to the exploit and are now being attacked. The vulnerability affects the Open Service Location Protocol (OpenSLP) service and can be exploited by an unauthenticated attacker in a low-complexity attack to remotely execute code.

According to CERT-FR, the campaign targets ESXi hypervisors in version 6.x and prior to 6.7 through OpenSLP port 427, and warns that the following versions are vulnerable to the exploit:

  • ESXi 7.x versions earlier than ESXi70U1c-17325551
  • ESXi versions 6.7.x earlier than ESXi670-202102401-SG
  • ESXi versions 6.5.x earlier than ESXi650-202102101-SG

A workaround has been provided by CERT-FR in the alert for any organizations unable to immediately apply the patch, but CERT-FR strongly recommends patching to address the issue. CERT-FR has warned that patching the vulnerability or applying the workaround is not sufficient to protect against attacks, as the vulnerability may already have been exploited to deliver malicious code. After applying the mitigations, system scans should be performed to detect signs of compromise. VMware said the attacks involve a new ransomware variant dubbed ESXiArgs, which appends encrypted files with the .args extension. While it has yet to be confirmed, these attacks do not appear to involve data exfiltration, only file encryption.

Get The HIPAA
Compliance Checklist

Free and Immediate Download

Delivered via email so please ensure you enter your email address correctly.

Your Privacy Respected

HIPAA Journal Privacy Policy

Over the weekend, security researchers have been reporting hundreds of machines have been attacked, which likely involves the automated or semi-automated exploitation of the vulnerability. Over 500 machines are believed to have been targeted, with The Stack reporting…

Source…

Italy’s cybersecurity body sounds alarm on large-scale computer hacking attack

/in


Italy’s National Cybersecurity Agency (ACN) said on 5 February issued warning to organisations to take action to protect their systems after thousands of computer servers around the world have been targeted by a ransomware hacking attack.

ACN director general Roberto Baldoni said that the hacking attack sought to exploit a software vulnerability, adding it was on a massive scale.

ALSO READ: Union Budget 2023: What tech sector intends from the Government?

Earlier, Italy’s ANSA news agency reported that servers had been compromised in other European countries such as France and Finland as well as the United States and Canada.

As per reports, dozens of Italian organisations were likely to have been affected and many more had been warned to take action to avoid being locked out of their systems.

On Sunday, teTelecom Italia customers reported internet problems, however, the two issues were not believed to be related. Meanwhile, U.S. cybersecurity officials said they were assessing the impact of the reported incidents.

“CISA is working with our public and private sector partners to assess the impacts of these reported incidents and providing assistance where needed,” the U.S. Cybersecurity and Infrastructure Security Agency said.

With Reuters inputs.

Catch all the Business News, Market News, Breaking News Events and Latest News Updates on Live Mint.
Download The Mint News App to get Daily Market Updates.

More
Less

Source…