Tag Archive for: hacker

Hacker chutzpah: Ransomware group says it reported victim to SEC

/in


Cybercriminal group Alphv said it reported a victim of one of its ransomware attacks to the Securities and Exchange Commission for supposedly violating the regulator’s new rule mandating publicly traded companies report substantial cybersecurity incidents.

The company, financial software firm MeridianLink, confirmed it suffered an attack but had not yet determined the extent of personal information compromised.

“MeridianLink recently identified a cybersecurity incident,” a spokeswoman for the company said Friday. “Safeguarding our customers’ and partners’ information is something we take seriously. Upon discovery, we acted immediately to contain the threat and engaged a team of third-party experts to investigate the incident.”

The spokeswoman added that the company had identified “no evidence of unauthorized access to our production platforms” and that the incident caused minimal business interruption.

“If we determine that any consumer personal information was involved in this incident, we will provide notifications, as required by law,” the spokeswoman said. “We have no further details to offer currently, as our investigation is ongoing.”

MeridianLink counts many credit unions and some community banks as customers. The company reported $288 million in revenue last year.

MeridianLink did not have to report the incident in an 8-K filing, as Alphv claimed, because the SEC’s new rule regarding material data breaches does not take effect until next month. Rather, cybersecurity experts said the report was merely a means of putting additional pressure on MeridianLink, which Alphv is extorting via the threat of releasing the data it stole.

The SEC’s rule gives publicly traded companies four days to report a security incident from the time that the company determines it to be “material.” Alphv said it compromised MeridianLink on Nov. 7. Alphv posted on Wednesday on its victim-shaming website about the SEC complaint it said it filed.

The SEC did not immediately respond to a request for comment. Other reports indicated the commission was not commenting on the matter.

The “misuse” of the SEC’s form for flagging unreported data breaches was entirely foreseeable, according to Ilia Kolochenko, CEO of…

Source…

7 useful hacker tools for Microsoft Windows professionals

/in


The internet offers a rich selection of tools for criminal purposes: password crackers and vulnerability scanners are just two examples. At the same time, one also finds web applications that are suitable for violating privacy — for example, reverse searches for the owners of telephone numbers or a person in a photo.

However, these tools can not only be used for criminal purposes or to find out the identity of other people, you can also use them for your own protection or for emergencies. Password crackers, for example, are often the last resort if you have forgotten an important password. Vulnerability scanners can also be used on your own network to detect and then block possible entry points for hackers.

Caution: Cracking passwords or even spying on networks is only permitted by law if it involves your own passwords and your own network. If you try to decrypt someone else’s password or spy on another network, you are liable to prosecution.

Replace Windows password

Der Offline NT Password & Registry Editor kann auch die Passwörter von Windows 10 und 11 überschreiben. Eine ausführliche Anleitung im Web erklärt Ihnen, wie das geht.

The Offline NT Password & Registry Editor can also overwrite Windows 10 and 11 passwords. A detailed guide on the web explains how to do this.

IDG

The first password you have to enter after turning on your computer is usually the Windows password. If you no longer know this password, your data is not lost — you can boot the computer with a boot stick or a boot CD, for example, and copy important documents to another medium — but you usually have no choice but to reinstall the operating system.

The free tool Offline NT Password & Registry Editor offers a way out. It does not even try to crack the password, but simply overwrites it with a character combination of your choice.

The tool is already quite old, the last version dates from 2014, but it still runs under Windows 10 and 11, albeit with some restrictions. For example, the computer must support legacy mode when booting; the program does not work with a UEFI boot. In addition, the hard disk or SSD must not be encrypted with Bitlocker or any other software.

Also note that Windows’ built-in encryption, the EFS file system, is tied to the password. If you change it with the Offline NT Password & Registry Editor and had…

Source…

Hacker Claims to Have Published St. Louis Transit Data

/in


(TNS) — An anonymous hacker group says it has published data it stole from a regional transportation agency here.

It was not immediately clear what data was published or whether it included sensitive personal information. The hackers earlier this week demanded a ransom be paid or they would release stolen information from the regional transportation system Metro Transit, including passports, Social Security numbers and tax information.

Taulby Roach, the CEO and president of Bi-State Development, which operates Metro Transit, said Thursday the agency did not pay the ransom but did not release more details about the demand.


A union that represents many of Metro Transit’s 1,800 employees said no employees have reported instances of identity theft or other malicious activity stemming from the hack.

Roach said no customer data was stolen, and any impacted employees will be notified.

Employees were told of the data breach earlier this week and offered free credit monitoring through TransUnion, a credit reporting agency.

“We are unaware of any instances where sensitive employee information has been used maliciously,” Roach said in a statement. “However, we encouraged employees to register as soon as possible for the free credit monitoring services and heightened vigilance by our employees for suspicious links or suspicious credit activity.

Brett Callow, an analyst with the New Zealand-based cybersecurity firm Emsisoft, shared a screenshot with the Post-Dispatch that showed files containing what the hackers claimed late Wednesday was stolen Metro data.

Callow said it’s impossible to know exactly what’s in the files without downloading and viewing them, which he said he wouldn’t do because he sees it as an invasion of privacy.

The screenshot was published on an unregulated part of the Internet called the dark web, which hackers often use to publish ransom threats and cybersecurity researchers track to study ransomware activity.

It appeared to show the publication of 10 files, each 500 megabytes, and a tracker noting the download link had been viewed more than 700 times.

The cyber attack began on Oct. 2, and phone and computer…

Source…

Steam Store Spreaded Malware After Hacker Hijacked Developer Accounts

/in


Valve’s Steam store was reportedly exploited to spread malware to a small number of users. 

The incident occurred after a hacker breached several game developer accounts on Steam. The attacker then circulated malware over the platform through game updates to users. 

The problem came to light after Valve was spotted sending out a message to affected users last month about the malware infections. “The Steam account for the developer of this game was recently compromised and the attackers uploaded a new build that contained malware,” the company wrote in the notice. 

Simon Carless, founder of the Game Discover Co newsletter, then connected the message to an announcement Valve made this week, notifying game developers about a new security requirement for their accounts. “Looks like it’s related to hackers taking over Steam dev accounts and adding malware to game builds,” he wrote. 

Valve has since told PCGamer that multiple game developer accounts were recently compromised. Fortunately, the intrusions only led to fewer than 100 Steam users receiving malware through the game updates. These users have since received warnings from Valve notifying them about the threat. 

To prevent future hijackings, Valve is essentially requiring game developers on Steam to enroll in two-factor authentication. However, the company is demanding developers do so by registering their accounts with a phone number to receive the SMS-based two factor codes. 

“This change will go live on October 24, 2023, so be sure to add a phone number to your account now. We also plan on adding this requirement for other Steamworks actions in the future,” Valve said in the announcement

The problem is that SMS-based two factor authentication can be vulnerable to SIM swap attacks and other forms of phishing capable of stealing the access codes. As a result, some game developers have been complaining about the new requirement and instead urging Valve to ditch the SMS-based two factor authentication for more secure authenticator apps

“Why does every company and their grandpa think they’re entitled to my PRIVATE phone number, that so far I’ve managed to keep reasonably spam free,” added one developer…

Source…