Tag Archive for: Doesn’t

Hackers threaten to leak stolen data if Reddit doesn’t reverse API changes

/in


The situation surrounding Reddit’s changes to its API continues to get even weirder. Earlier this year, a ransomware group used a sophisticated phishing attack to steal 80GB of data from Reddit. Now, ransomware group BlackCat is claiming responsibility for that hack and threatening to release that information if Reddit doesn’t reverse its API changes and pay a $4.5 million ransom…

As spotted by Bleeping Computer, researcher Dominic Alvieri spotted BlackCat’s announcement today in which it threatens to release the data publicly if Reddit doesn’t meet its demands.

BlackCat is demanding that Reddit not only pay that $4.5 million ransom but also reverse its controversial API changes that will kill many third-party apps. BlackCat was previously waiting for Reddit’s long-awaited IPO to claim responsibility for this breach but has instead opted to seize on the ongoing controversy surrounding those API changes.

I told them in my first email that I would wait for their IPO to come along. But this seems like the perfect opportunity! We are very confident that Reddit will not pay any money for their data. But I am very happy to know that the public will be able to read about all the statistics they track about their users and all the interesting confidential data we took.

In our last email to them, we stated that we wanted $4.5 million in exchange for the deletion of the data and our silence. As we also stated, if we had to make this public, then we now demand that they also withdraw their API pricing changes along with our money or we will leak it.

Reddit publicly acknowledged the security incident back in February, saying that it was a “sophisticated and highly-targeted phishing attack.” The attackers sent “plausible-sounding prompts” redirecting employees to a website that cloned the behavior of the company’s intranet. As a result, the attackers were able to steal credentials and two-factor tokens.

Based on our investigation so far, Reddit user passwords and accounts are safe, but on Sunday night (pacific time), Reddit systems were hacked as a result of a sophisticated and highly-targeted phishing attack. They gained access to…

Source…

As Cyber Strikes Mount, What Happens in Ukraine Doesn’t Stay in Ukraine

/in


The scale of Russia’s cyber-attacks in Ukraine swelled in the first quarter of 2023, a top Ukrainian official told a gathering of top cyber security experts at the Cyber Initiatives Group Spring Summit on Wednesday; part of a new phase of the war to accompany an apparently stalled Russian ground campaign. 

“Conventional warfare and cyber warfare are integrated things,” said Col. Ivan Kalabashkin, Acting Deputy Head of the Cybersecurity Department in the Security Service of Ukraine (SSU), who detailed the nature of simultaneous Russian missile and cyber strikes against Ukrainian military positions and critical infrastructure, including recent strikes at a nuclear facility near Kyiv.  

In 2022, Ukraine reported 4,500 such strikes and related incidents. That number is already at nearly 1,200 in just the first three months of 2023, Kalabashkin said. Ukraine is also dealing with around 1,000 Russian psychological and disinformation operations every month, he added.

Many of these propaganda campaigns now orient around the battle for Bakhmut, a small eastern city that has been a focal point of recent fighting. Russian forces have encircled the city but have been unable to force a Ukrainian withdraw. 

Ukrainian Deputy Defense Minister Hanna Maliar addressed those operations on Wednesday, saying Russia is currently focused on three principal tasks in mass media: 1.) the undermining of civil-military trust, 2.) the discouraging of the Ukrainian army, and 3.) attempting to provoke battlefield mistakes. 

“Our military command, not the Russian psychological operations, will determine how long Bakhmut will be defended,” Maliar added.

And yet as the battle for Bakhmut rages, broader security questions are also being raised, not just about the evolving nature of hybrid warfare, but also about the level of public and private sector preparedness in the U.S. That preparedness includes evolving regulatory and law enforcement frameworks that govern and protect the comparably more digitally-connected societies in the West. 

It’s not just for the President anymore. Are you getting your daily national security briefing? Subscriber+Members have exclusive access to the Open Source…

Source…

Just Because You Don’t See Hackers, Doesn’t Mean They’re Not In Your Network

/in


David Schiffer is the CEO of RevBits and formerly of Safe Banking Systems (SBS). RevBits develops cybersecurity software for organizations.

An enterprise trying to protect its digital resources from hackers is in some ways like a ship trying to avoid an iceberg. What you see above the waterline may appear unscathed from malware, ransomware and the fileless breaches we read about every day. However, underneath may lurk malicious activity and dozens, if not hundreds of hacking attempts that at some point will successfully breach business operations.

While the enterprise tries to navigate what it can easily view on the surface, bad actors may have already penetrated the corporate network, lying in wait for the opportune time to unleash their payload.

Cybersecurity must be as agile as today’s workforce. It must ensure continuous and consistent protection and an optimal user experience, regardless of where users and devices are located. Disparate, siloed technologies with different configuration and management dashboards cobbled together create security gaps, visibility blind spots, and slow mitigation and recovery.

From a security standpoint, the massive base of the iceberg represents the amount of cybersecurity risk organizations face as they expand their computing perimeter. It also characterizes the growing amount of network and security device sprawl organizations adopt to protect their business resources and data. Just as difficult as it is to navigate around the unseen part of an iceberg, planning and navigating the security technology required to support an enterprise has many of its own challenges.

When It Comes To Cybersecurity, You Can Never Be Too Safe

Organizations that have a culture based upon “it’s always been done this way” are vulnerable due to their lack of vigilance. This mentality can establish a reluctance to change, placing them in a position of unnecessary risk. Those who deploy diverse security products often become complacent, thinking they’re fully protected from cybersecurity incidents.

The money involved in ransomware demands is growing the attraction to this type of cyberattack. The entry of organized crime and state-sponsored…

Source…

Hackers Threaten to Release Personal Info if Allen ISD Doesn’t Pay Millions

/in


Online blackmailers targeting Allen ISD would rake in up to $10 million if they had their way.

Last month, hackers tried to extort the North Texas school district for millions of dollars — a demand that school officials rejected. Then on Monday, after Allen ISD refused to cough up the money, the thieves emailed parents, employees and students saying they’d publish their stolen personal information online, according to NBC-DFW.

“Staff and parents of Allen ISD, Howdy!” the email read, according to that outlet. “We give you five days to collect money.”

Allen ISD spokesman David Hicks didn’t return the Observer’s request for comment by publication time, but he told NBC-DFW that the district doesn’t plan to pay. As of now, there’s no proof to back up the group’s claims.

Related Stories

I support

Dallas Observer
Dallas Observer

Local

Community

Journalism

Support the independent voice of Dallas and
help keep the future of Dallas Observer free.

Hackers have been making international headlines in recent months with a slew of high-profile attacks.

Some working under the Anonymous banner leaked data from controversial web hosting company Epik, according to The Daily Dot. The leak reportedly includes data linked to the state’s GOP, including “private documents.” Last month, after the state’s abortion ban took effect, Anonymous also appeared to have hacked into the Republican Party of Texas’ website.

Schools in particular seem to be among hackers’ favorite targets, and Allen ISD isn’t the only Texas district that was purportedly breached over the past year.

Located roughly 70 miles from Dallas, Athens’ school district had to delay the start of the 2020 school year because of a ransomware attack.

Earlier this fall, Dallas ISD contacted federal law enforcement after learning of a data security incident that exposed the personal information of parents, alumni, employees and students. On its website, the district noted that despite its best efforts, it’s now one of an increasing number of private and public organizations falling victim to such hacks.

Dallas ISD went on to say that as of now, the affected data appears to…

Source…