Tag Archive for: morgan

4 billion dollar Bitcoin hack makes TikTok girl Heather Morgan an Internet sensation

/in


More than 1,00,000 Bitcoin, US $4,000,000,000, one of the biggest crypto hacks in the world, hackers and money untraceable for nearly 6 years… Sounds like a major heist, doesn’t it?



2 647

© Provided by DailyO
2 647


BitFinex was hacked in 2016 and millions of dollars worth Bitcoin was stolen.

The US Department of Justice has caught up to the hackers, arrested them and come in possession of the world’s largest crypto-holding wallet. But can you imagine who carried out such a sophisticated heist – perhaps state actors from North Korea or Russia, or some big mafia connection, shrouded in mystery and a black hoodie with no face?

All guesses are WRONG in this case!

The Crypto world has proved to be even more surreal and crazy than ever before. The hackers behind the 2016 Bitfinex hack are a TikTok girl named Heather Morgan who made cringey rap videos, and her husband of dual nationality – Russia and the US, who ran ‘cloud services and solutions business’.

The US DoJ arrested 31-year-old Heather Morgan and her husband 34-year-old Ilya Lichtenstein in the 2016 BitFinex hack. More than the movie plot-like-story behind the hack and the recovery, netizens are going gaga over Heather Morgan.

Heather Morgan has become an instant hit among netizens in the hack story due to her unique online persona, unlike anything anyone would have ever imagined a hacker to be. Heather made rap videos on YouTube, TikTok and elsewhere under the name Razzlekhan. She also gave speeches on growing businesses and called herself a ‘serial entrepreneur’ and an ‘angel investor’. She described her art as ‘surreal’, her genre as ‘horror-comedy, with a splash of weird allure’.



3 647

© Provided by DailyO
3 647


Heather Morgan’s profile on Forbes.

Before this, she also worked for Forbes as a writer between 2017 and 2021. Her Forbes bio reads: When she’s not reverse-engineering…

Source…

Morgan Stanley’s Third-Party Data Breach Leaks Customers’ Sensitive Information via an Accellion Hack

/in


Leading investment banking firm Morgan Stanley reported that hackers accessed its customers’ sensitive information in a third-party data breach.

In a July 2  letter to the New Hampshire Attorney General’s office, the bank said that Guidehouse disclosed that hackers had accessed customers’ records in the Accellion hack. Guidehouse offers account maintenance services to Morgan Stanley’s StockPlan Connect business.

Morgan Stanley is among the hundreds of customers compromised via the Accellion FTA vulnerability first reported in December 2020.

Other victims include Jones Day, Shell, Qualys, the Reserve Bank of New Zealand, Singtel, Kroger, the Office of the Washington State Auditor (“SAO”), the Australian Securities and Investments Commission (ASIC), among others.

Third-party data breach exposed Morgan Stanley’s decryption key

The Accellion hack leaked Morgan Stanley’s encrypted files under Guidehouse’s possession. The hackers also managed to obtain the decryption key in the third-party data breach first reported by Bleeping Computer.

However, the data did not include any security credentials like passwords that could allow the hackers to access customers’ financial accounts.

However, it included personally identifiable information (PII) like customers’ names, addresses, dates of birth, social security numbers, and company names.

Morgan Stanley disclosed that 108 New Hampshire residents were affected by the third-party data breach. However, the investment bank did not disclose the total number of customers exposed in the Accellion hack.

“The protection of client data is of the utmost importance and is something we take very seriously,” the company said. “We are in close contact with Guidehouse and are taking steps to mitigate potential risks to clients.”

Morgan Stanley’s Accellion hack was discovered almost half a year later

Guidehouse said it patched the Accellion FTA vulnerability within 5 days after the company released security fixes in January 2021. However, the company said that the threat actors had obtained the files by then.

Additionally, the company did not discover the Accellion hack until…

Source…

Cybersecurity and the NRC: A Primer for Radioactive Materials Licensees | Morgan Lewis – Up & Atom

/in


As is clear from recent news reports, cybersecurity hacks and breaches have been trending upward for some time, and there has been a noticeable uptick over the last several months—including in the energy industry. As a result, President Joseph Biden has committed his administration, in large part through the American Jobs Plan and his executive order of May 12, to strengthen cybersecurity across the nation.

Notably, the American Jobs Plan makes $20 billion in energy infrastructure investments contingent on cybermodernization, and the executive order creates a “playbook” in an effort to harmonize the federal response to cyberincidents. But what controls are in place for the nuclear industry, including commercial users of radioactive materials, and which agency has jurisdiction over such matters? We address these issues briefly here.

EVOLUTION OF THE NRC’S CYBERSECURITY REGULATIONS

The NRC’s jurisdiction over and regulation of cybersecurity for power reactor (nuclear power plant) licensees is well established and well documented. Following the attacks of September 11, 2001, the NRC began evaluating cyberrisks and the need for associated protections at nuclear power plants. These efforts resulted in 10 CFR § 73.54, Protection of Digital Computer and Communication Systems and Networks, finalized in 2009, and the subsequent Regulatory Guide 5.71, designed to advise licensees on how to meet the regulatory requirements. But cybersecurity controls for radioactive material users are less straightforward. Nevertheless, as described below, several federal agencies, including the NRC and the Food and Drug Administration (FDA), have been active in this space over the last several years.

THE WORKING GROUP: FORMATION AND SCOPE

In 2012, the NRC identified a need to evaluate cybersecurity threats for radioactive materials licensees in SECY-12-0088. To accomplish that goal, in July 2013, the NRC established the Byproduct Materials Cyber Security Working Group (the Working Group), whose goal was to identify cybersecurity vulnerabilities among certain users of “risk-significant radioactive materials” to determine if the NRC should initiate any regulatory action to address…

Source…

Russian Hacker Gets 12-Years Prison for Massive JP Morgan Chase Hack

/in


JP Morgan Chase Hack

A U.S. court on Thursday sentenced a 37-year-old Russian to 12 years in prison for perpetrating an international hacking campaign that resulted in the heist of a trove of personal information from several financial institutions, brokerage firms, financial news publishers, and other American companies.

Andrei Tyurin was charged with computer intrusion, wire fraud, bank fraud, and illegal online gambling offenses, and for his role in one of the largest thefts of U.S. customer data from a single financial institution in history, which involved the personal information of more than 80 million J.P. Morgan Chase customers.

Besides the investment bank, some of the other major targets of the hacks were E*Trade, Scottrade, and the Wall Street Journal.

Tyurin, who carried out the extensive hacking from his home in Moscow between 2012 to mid-2015, is believed to have netted over $19 million in criminal proceeds as part of his intrusion schemes.

In one such instance of security fraud, Tyurin collaborated with his partner Gery Shalon to artificially inflate the price of certain stocks publicly traded in the U.S. by marketing said stocks in a deceptive and misleading manner to customers of the victim companies whose contact information were stolen during the intrusions.

Russian Hacker
Photo Credit: REUTERS/Amir Cohen

To carry out the attacks, Tyurin is alleged to have used computer infrastructure located across five continents that were remotely controlled and is said to have maintained persistent access over long periods of time to the victims’ networks to download and refresh the stolen data from the companies periodically.

“And once his hacking activities were detected, TYURIN worked with Shalon to destroy the evidence of their criminal activity and undermine U.S. law enforcement’s efforts to identify and arrest them,” the U.S. Southern District of New York said in a statement.

The development comes after Tyurin pleaded guilty in September 2019 to carry out the wire and bank fraud, computer intrusions, and illegal online gambling. Tyurin has been in U.S. custody since he was extradited from the country of Georgia in September 2018.

Source...


[the_ad_group id="27628"]