Tag Archive for: Losing

After years of losing, it’s finally feds’ turn to troll ransomware group


After years of losing, it’s finally feds’ turn to troll ransomware group

Getty Images

After years of being outmaneuvered by snarky ransomware criminals who tease and brag about each new victim they claim, international authorities finally got their chance to turn the tables, and they aren’t squandering it.

The top-notch trolling came after authorities from the US, UK, and Europol took down most of the infrastructure belonging to Lockbit, a ransomware syndicate that has extorted more than $120 million from thousands of victims around the world. On Tuesday, most of the sites Lockbit uses to shame its victims for being hacked, pressure them into paying, and brag of their hacking prowess began displaying content announcing the takedown. The seized infrastructure also hosted decryptors victims could use to recover their data.

The dark web site Lockbit once used to name and shame victims, displaying entries such as "press releases," "LB Backend Leaks," and "LockbitSupp You've been banned from Lockbit 3.0."
Enlarge / The dark web site Lockbit once used to name and shame victims, displaying entries such as “press releases,” “LB Backend Leaks,” and “LockbitSupp You’ve been banned from Lockbit 3.0.”

this_is_really_bad

Authorities didn’t use the seized name-and-shame site solely for informational purposes. One section that appeared prominently gloated over the extraordinary extent of the system access investigators gained. Several images indicated they had control of /etc/shadow, a Linux file that stores cryptographically hashed passwords. This file, among the most security-sensitive ones in Linux, can be accessed only by a user with root, the highest level of system privileges.

Screenshot showing a folder named
Enlarge / Screenshot showing a folder named “shadow” with hashes for accounts including “root,” “daemon,” “bin,” and “sys.”

Other images demonstrated that investigators also had complete control of the main web panel and the system Lockbit operators used to communicate with affiliates and victims.

Screenshot of a panel used to administer the Lockbit site.
Enlarge / Screenshot of a panel used to administer the Lockbit site.
Screenshot showing chats between a Lockbit affiliate and a victim.
Enlarge / Screenshot showing chats between a Lockbit affiliate and a victim.

The razzing didn’t stop there. File names of the images had titles including: “this_is_really_bad.png,” “oh dear.png,” and “doesnt_look_good.png.” The seized page also teased the upcoming doxing of LockbitSupp, the moniker of the main…

Source…

I’m a tech expert – millions risk losing everything by breaking ‘number one security rule’ on iPhone and Android


CYBER experts have revealed why you must never use the same password more than once.

Gadget users risk a dangerous wave of cyber-attacks if they make a simple (and very common) mistake.

It might seem like a handy option, but re-using passwords is extremely dangerousCredit: Unsplash

Often people choose one strong password – and then use it over and over again.

That’s because it’s easy to remember just one password, giving you quick access to all of your accounts and apps.

But it’s extremely dangerous, according to Brad Freeman, director of technology at SenseOn.

“The number one security rule is don’t reuse passwords,” Brad exclusively told The U.S. Sun.

“Many websites will get compromised and reusing the same password could cause a cascading failure as attackers can access multiple services which you have signed up for.

“This could allow an identity thief to build up a rich picture about you to commit fraud against you or your employer.”

If one account is hacked or leaked, crooks can use your password to break into all of your accounts that share the same login.

This means that a small breach somewhere can suddenly cascade into an enormous cyber-attack.

It puts you at serious risk of financial loss and being defrauded.

Hackers could even use a major cyberattack like this to spy on you, or even extort or blackmail you.

Thankfully staying safe is easy: Don’t re-use passwords.

If that seems difficult, it’s best to start using a password manager.

You may already have one: Apple devices like the iPhone offer you iCloud Keychain.

This will automatically generate strong passwords for accounts and then save them for you – refilling the login field when it’s needed.

Google offers a similar password-management feature through its Chrome browser.

And both Apple and Google are trying to push users away from passwords altogether to a new system called Passkeys.

Password-less logins are only just becoming available, and mean you don’t have to risk having a password for an account at all.

Source…

S’pore police: Don’t download files from unknown sources on phones, risks of losing private pics & vids, banking & social media credentials real – Mothership.SG


Follow us on Telegram for the latest updates: https://t.me/mothershipsg

The Singapore police and the Cyber Security Agency of Singapore (CSA) has issued an advisory to remind the public of the dangers of downloading files from unknown sources that can lead to malware installation on victims’ mobile devices.

This may result in confidential and sensitive data, such as banking credentials, being stolen.

Don’t download things from sketchy sources

The advisory said malware may infect mobile devices through various means, including through the downloading of free software from unknown sources, opening of unknown email attachments and visiting of malicious websites.

Users should also be wary if they are asked to download unknown or suspicious Android Package Kit (APK) files onto their mobile devices.

This files may appear with seemingly genuine naming conventions, such as GooglePlay23Update.apk or GooglePlay.apkUpdate.apk.

These are not official APK files released by Google even though they contain the references to “GooglePlay”, the advisory warned.

Plenty of risks

Upon installation of the mobile malware, users’ mobile devices may be exposed to the following risks:

• Significant decline in the mobile devices’ performance

• Unauthorised access to the mobile devices’ systems/ data that allow attackers to remotely control infected mobile devices, possibly resulting in loss of user control

• Unauthorised installation or uninstallation of applications

• Interception of SMSes

• Receipt of unwanted push notifications or warnings

• Exfiltration of confidential and sensitive data stored in infected mobile devices such as banking credentials, stored credit card numbers, social media account credentials, private photos and/ or videos, among other information.

Attackers can use such information to gain unauthorised access to users’ social media accounts to perpetrate impersonation scams or perform fraudulent financial transactions that results in reputational and monetary losses.

Prevention methods

Members of the public are advised to take the following steps to ensure that their mobile devices are adequately protected against malware:

• Only download and install…

Source…

Apex mother encourages vaccines among young adults after losing her 20-year-old son to COVID :: WRAL.com


— Tyler Gilreath, a 20-year-old student at the University of North Carolina at Wilmington, battled coronavirus for three weeks in August. He was starting to recover and moved into a new apartment.

But soon after feeling better, he developed a sinus infection that became so severe he had to be hospitalized.

“You never know how COVID-19 is going to affect you individually,” said his mother, Tamara Demello, from Apex. “It seems like it finds your weakest point and attacks that.”

The infection cut off blood flow to his brain, and just after five days in the hospital, Gilreath’s family had to take him off life support.

“It gets really serious really fast and it can just as easily kill you,” she said.

Now, Demello is trying to make sure no one else has to go through the same pain as she has. Her story has been featured in a national commercial from the U.S. Department of Health and Human Services.

“If this can happen to my son, who was athletic and never sick and totally healthy with no pre-existing issues, this can happen to anybody,” Demello said.

Gilreath wanted to get married and be a dad. He was attending UNCW for computer science in hopes of working in cyber security and pursuing his interest in music.

Demello said she understands that “young men can be pretty stubborn when doing what their moms tell them to.” Her son thought that he was invincible, and that the virus wouldn’t affect him, so he didn’t get vaccinated against COVID-19.

“We need to be armed and prepared as much as we can,” she said. “This is a battle.”

Tyler Gilreath, 20

Data from the North Carolina Department of Health and Human Services show just 55% of people ages 18 to 24 are vaccinated. . That’s only 6% more than were vaccinated six months ago.

As of Friday, only 38% of all North Carolina children ages 5 to 17 are vaccinated against the coronavirus with at least one dose.

“The statistics are very low for young people to die from this, but the parent who loses the child doesn’t care about the statistics,” Demello said.

Demello said that her life will never be the same after losing her son.

“It’s…

Source…