Mandiant – Computer Security Articles

Canadian Man Arrested in Snowflake Data Extortions

November 5, 2024 admin A Little Sunshine, advance auto parts, alexander antonin moucka, at&t breach, Atomwaffen Division, austin larsen, bharat sanchar nigam ltd, Breadcrumbs, connor riley moucka, court, intelsecrets, irdev, john erin binns, judische, kiberphant0m, leak society, lending tree, Mandiant, Ne'er-Do-Well News, rapelash, satori, SIM swapping, snowflake, ticketmaster, unc5537, Verizon, waifu

Credit to Author: BrianKrebs| Date: Tue, 05 Nov 2024 17:10:04 +0000

A 26-year-old man in Ontario, Canada has been arrested for allegedly stealing data from and extorting more than 160 companies that used the cloud data service Snowflake. On October 30, Canadian authorities arrested Alexander Moucka, a.k.a. Connor Riley Moucka of Kitchener, Ontario, on a provisional arrest warrant from the United States. Bloomberg first reported Moucka’s alleged ties to the Snowflake hacks on Monday. At the end of 2023, malicious hackers learned that many large companies had uploaded huge volumes of sensitive customer data to Snowflake accounts that were protected with little more than a username and password (no multi-factor authentication required). After scouring darknet markets for stolen Snowflake account credentials, the hackers began raiding the data storage repositories used by some of the world’s largest corporations.

Independent Krebs

The Dark Nexus Between Harm Groups and ‘The Com’

September 13, 2024 admin 2992, 303, 404, 545, 555, 6996, 7997, 8884, advance auto parts, ali winston, alphv, aspertaine, AT&T, beige group, black cat, Bloomberg, breachforums, Breadcrumbs, chumlul, court, CrowdStrike, cultist, cvlt, Der Spiegel, discord, Doxbin, ea games, h3ll, harm nation, james thomas andrew mccarty, judische, kalana limkin, kaskar, kayte, kingbob, kt, kya christian nelson, leak society, lending tree, Mandiant, mark rasch, mgm resorts, microsoft, Minecraft, Ne'er-Do-Well News, neiman marcus, nicholas "convict" ceraolo, nmk, noah michael urban, nvidia, Okta, owen david flowers, pompompurin, RCMP, recorder, roblox, Royal Canadian Mounted Police, sagar "weep" singh, Samsung, santander bank, scattered spider, SIM swapping, slit town, snowflake, sosa, star chat, steam, SWATting, T-Mobile, telegram, the com, The Washington Post, ticketmaster, Twitch, u.s. department of justice, u.s. drug enforcement agency, unc5537, unit 221b, vile, violence-as-a-service, vsphere, waifu, Web Fraud 2.0, wired

Credit to Author: BrianKrebs| Date: Fri, 13 Sep 2024 12:16:45 +0000

A cyberattack that shut down some of the top casinos in Las Vegas last year quickly became one of the most riveting security stories of 2023: It was the first known case of native English-speaking hackers in the United States and Britain teaming up with ransomware gangs based in Russia. But that made-for-Hollywood narrative has eclipsed a far more hideous trend: Many of these young, Western cybercriminals are also members of fast-growing online groups that exist solely to bully, stalk, harass and extort vulnerable teens into physically harming themselves and others.

Independent Krebs

CISA Order Highlights Persistent Risk at Network Edge

June 15, 2023 admin adam boileau, barracuda networks, cisa, cve-2023-27997, cybersecurity and infrastructure security agency, fortinet, fortra, goanywhere, Latest Warnings, Mandiant, moveit transfer, Patrick Gray, progress software, Risky Business podcast, The Coming Storm, Time to Patch

Credit to Author: BrianKrebs| Date: Thu, 15 Jun 2023 15:40:09 +0000

The U.S. government agency in charge of improving the nation’s cybersecurity posture is ordering all federal civilian agencies to take new measures to restrict access to Internet-exposed networking equipment. The directive comes amid a surge in attacks targeting previously unknown vulnerabilities in widely used security and networking appliances.

Independent Krebs

Barracuda Urges Replacing — Not Patching — Its Email Security Gateways

June 8, 2023 admin barracuda networks, caitlin condon, cve-2023-2868, email security gateway, International Computer Science Institute, Latest Warnings, Mandiant, Nicholas Weaver, Rapid7, Time to Patch

Credit to Author: BrianKrebs| Date: Thu, 08 Jun 2023 20:17:06 +0000

It’s not often that a zero-day vulnerability causes a network security vendor to urge customers to physically remove and decommission an entire line of affected hardware — as opposed to just applying software updates. But experts say that is exactly what transpired this week with Barracuda Networks, as the company struggled to combat a sprawling malware threat which appears to have undermined its email security appliances in such a fundamental way that they can no longer be safely updated with software fixes.

Independent Krebs

3CX Breach Was a Double Supply Chain Compromise

April 24, 2023 admin 3cx, A Little Sunshine, clearsky security, diamond sleet, double supply chain breach, elastic security, ESET, iconicstealer, kaspersky lab, kim zetter, Latest Warnings, MacOS, Mandiant, marc-etienne m.leveille, microsoft, Ne'er-Do-Well News, peter kalnai, Supply chain, The Coming Storm, trading technologies, x_trader, Zero-Day, zinc

Credit to Author: BrianKrebs| Date: Fri, 21 Apr 2023 01:05:44 +0000

We learned some remarkable new details this week about the recent supply-chain attack on VoIP software provider 3CX, a complex, lengthy intrusion that has the makings of a cyberpunk spy novel: North Korean hackers using legions of fake executive accounts on LinkedIn to lure people into opening malware disguised as a job offer; malware targeting Mac and Linux users working at defense and cryptocurrency firms; and software supply-chain attacks nested within earlier supply chain attacks.

Independent Krebs

Microsoft (& Apple) Patch Tuesday, April 2023 Edition

April 11, 2023 admin bharat jogi, cve-2022-37969, cve-2023-28219, cve-2023-28220, cve-2023-28252, dbappsecurity, dustin childs, ios 15.5.7, ios/ipados 16.4.1, macos 12.6.5 and 11.7.6., Mandiant, nokoyawa ransomware, Qualys, Security Tools, The Coming Storm, Time to Patch, trend micro zero day initiative, windows common log system file system

Credit to Author: BrianKrebs| Date: Wed, 12 Apr 2023 00:06:51 +0000

Microsoft today released software updates to plug 100 security holes in its Windows operating systems and other software, including a zero-day vulnerability that is already being used in active attacks. Not to be outdone, Apple has released a set of important updates addressing two zero-day vulnerabilities that are being used to attack iPhones, iPads and Macs.

Independent Krebs

Microsoft Patch Tuesday, February 2023 Edition

February 14, 2023 admin cve-2023-21529, cve-2023-21706, cve-2023-21707, cve-2023-21715, cve-2023-21716, cve-2023-21823, cve-2023-23376, dustin childs, immersive labs, internet explorer 11, johannes ullrich, kevin breen, Latest Warnings, Mandiant, Microsoft Office, microsoft patch tuesday february 2023, sans internet storm center, Security Tools, Time to Patch, trend micro zero day initiative

Credit to Author: BrianKrebs| Date: Tue, 14 Feb 2023 21:01:41 +0000

Microsoft is sending the world a whole bunch of love today, in the form of patches to plug dozens of security holes in its Windows operating systems and other software. This year’s special Valentine’s Day Patch Tuesday includes fixes for a whopping three different “zero-day” vulnerabilities that are already being used in active attacks.

Independent Krebs

Battle with Bots Prompts Mass Purge of Amazon, Apple Employee Accounts on LinkedIn

October 20, 2022 admin A Little Sunshine, Amazon, anastacia brown, apple, binance, employment fraud, indeed, jay pinho, LinkedIn, Mandiant, Nicholas Weaver, signalhire, Web Fraud 2.0

Credit to Author: BrianKrebs| Date: Thu, 20 Oct 2022 17:07:34 +0000

On October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc. The next day, half of those profiles no longer existed. A similarly dramatic drop in the number of LinkedIn profiles claiming employment at Amazon comes as LinkedIn is struggling to combat a significant uptick in the creation of fake employee accounts that pair AI-generated profile photos with text lifted from legitimate users.

← Previous