Author: nlqip
Yaroslav Vasinskyi, 24, must also pay more than $16 million in restitution. Yaroslav Vasinskyi, a Ukrainian national accused in the July 2, 2021, ransomware attack against MSP tools vendor Kaseya, has been sentenced in the United States to 13 years and seven months in prison for his role in more than 2,500 ransomware attacks. Vasinskyi…
Read More
A former cybersecurity consultant was arrested for allegedly attempting to extort a publicly traded IT company by threatening to disclose confidential and proprietary data unless they paid him $1,500,000. A staffing company assigned Vincent Cannady, 57, to assess and remediate potential vulnerabilities in a New York-based multinational information technology infrastructure services provider. After the termination of…
Read More
“Only then the desired credentials are acquired, and multi-factor authentication (MFA) is bypassed, by serving a cloned website to capture the MFA token (which failed) and later by sending MFA push notifications to the victim (which succeeded),” Mandiant said. These campaigns were carried out in three subsequent steps, Mandiant added. It starts with the victim…
Read More
May 02, 2024NewsroomRansomware / Cyber Crime A Ukrainian national has been sentenced to more than 13 years in prison and ordered to pay $16 million in restitution for carrying out thousands of ransomware attacks and extorting victims. Yaroslav Vasinskyi (aka Rabotnik), 24, along with his co-conspirators part of the REvil ransomware group orchestrated more than…
Read MoreThe UK Bans Default Passwords The UK is the first country to ban default passwords on IoT devices. On Monday, the United Kingdom became the first country in the world to ban default guessable usernames and passwords from these IoT devices. Unique passwords installed by default are still permitted. The Product Security and Telecommunications Infrastructure…
Read More
A never-before-seen botnet called Goldoon has been observed targeting D-Link routers with a nearly decade-old critical security flaw with the goal of using the compromised devices for further attacks. The vulnerability in question is CVE-2015-2051 (CVSS score: 9.8), which affects D-Link DIR-645 routers and allows remote attackers to execute arbitrary commands by means of specially…
Read More
May 02, 2024NewsroomCyber Attack / Data Breach Cloud storage services provider Dropbox on Wednesday disclosed that Dropbox Sign (formerly HelloSign) was breached by unidentified threat actors, who accessed emails, usernames, and general account settings associated with all users of the digital signature product. The company, in a filing with the U.S. Securities and Exchange Commission…
Read More
Like antivirus software, vulnerability scans rely on a database of known weaknesses. That’s why websites like VirusTotal exist, to give cyber practitioners a chance to see whether a malware sample is detected by multiple virus scanning engines, but this concept hasn’t existed in the vulnerability management space. The benefits of using multiple scanning engines Generally…
Read More
Customers express concerns Dropbox said it swung into action as soon as it discovered the breach and “launched an investigation with industry-leading forensic investigators to understand what happened and mitigate risks to our users.” Its investigation revealed that “a third party gained access to a Dropbox Sign automated system configuration tool.” “The actor compromised a…
Read More
The committee emphasized that MFA should be a fundamental expectation for an entity like Change Healthcare, given the vast amount of sensitive data it handles. Witty explained that Change Healthcare, which merged into UnitedHealth towards the end of 2022, utilized older technologies that the company had been updating since its acquisition. However, the timing proved…
Read More