Tag Archive for: warning

CISA and FBI Issue Warning About Rhysida Ransomware Double Extortion Attacks

/in


Rhysida Ransomware Double Extortion Attacks

The threat actors behind the Rhysida ransomware engage in opportunistic attacks targeting organizations spanning various industry sectors.

The advisory comes courtesy of the U.S. Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the Multi-State Information Sharing and Analysis Center (MS-ISAC).

“Observed as a ransomware-as-a-service (RaaS) model, Rhysida actors have compromised organizations in education, manufacturing, information technology, and government sectors and any ransom paid is split between the group and affiliates,” the agencies said.

“Rhysida actors leverage external-facing remote services, such as virtual private networks (VPNs), Zerologon vulnerability (CVE-2020-1472), and phishing campaigns to gain initial access and persistence within a network.”

First detected in May 2023, Rhysida makes use of the time-tested tactic of double extortion, demanding a ransom payment to decrypt victim data and threatening to publish the exfiltrated data unless the ransom is paid.

It’s also said to share overlaps with another ransomware crew known as Vice Society (aka Storm-0832 or Vanilla Tempest), owing to similar targeting patterns and the use of NTDSUtil as well as PortStarter, which has been exclusively employed by the latter.

Cybersecurity

According to statistics compiled by Malwarebytes, Rhysida has claimed five victims for the month of October 2023, putting it far behind LockBit (64), NoEscape (40), PLAY (36), ALPHV/BlackCat (29), and 8BASE (21).

The agencies described the group as engaging in opportunistic attacks to breach targets and taking advantage of living-off-the-land (LotL) techniques to facilitate lateral movement and establish VPN access.

In doing so, the idea is to evade detection by blending in with legitimate Windows systems and network activities.

Vice Society’s pivot to Rhysida has been bolstered in the wake of new research published by Sophos earlier last week, which said it observed the same threat actor using Vice Society up until June 2023, when it switched to deploying Rhysida.

The cybersecurity company is tracking the cluster under the name TAC5279.

“Notably, according to the ransomware group’s data leak site,…

Source…

Child hacking warning for parents after boy, 8, orders AK-47 and free pizza online | UK | News

/in


Children as young as eight are learning to hack online

Children as young as eight are learning to hack online (stock image) (Image: Getty)

Parents have been warned to be careful of their child’s online behaviour after a UK mum says her eight-year-old son ordered a loaded AK-47 to their house.

Barbara told Express.co.uk about how her son got learned how to hack online from a young age – initially ordering pizza to their house for free, before having the fully automatic gun online delivered to her home as part of an online challenge.

Meanwhile, another young hacker tells of how he was expelled from school for breaking into their online systems after starting by simply watching YouTube.

Barbara said her son started to wake up “in the early hours to access the computer when the rest of the house was asleep.”

She added: “He was so involved in what he was doing that he had devised a coded language when speaking to people online, using phrases such as ‘Hey, Pitt is joining us.’… which meant I had entered the room and they needed to switch screens.

READ MORE Briton jailed in US for hijacking Joe Biden, Elon Musk and Barack Obama

“Once I cracked the code, I confronted him, and at this point the physical and mental stress he had put himself under finally made him reveal that he was collaborating with an international group of hackers.”

It started with the eight-year-old ordering pizzas to the house without paying for them from a local pizza company by tricking their computers into believing the food had been paid for, with his mother growing increasingly suspicious of his activities.

But Barbara stepped in when a fully loaded rifle arrived at the front door.

Her son had ordered it from the dark web, she said – an area of the internet only accessible through certain web browsers.

She said: “I was utterly shocked at first, I just couldn’t believe my son was capable of doing such things online. Subsequently, I felt worried and decided to take the matter into my own hands by seeking help from the police and reading up about the dark web.”

AK-47

The child used the dark web to order an AK-47 online as part of a challenge (stock image) (Image: Getty)

“I must say I was also impressed with his technical skills,” she added.

Barbara said he did it as part of…

Source…

Biden administration takes credit for warning hundreds of targets before ransomware attacks

/in


The federal government’s leading domestic cyber agency said Wednesday it has warned hundreds of entities about looming ransomware attacks before they occurred, which enabled people to prevent getting victimized.

Ransomware gangs have ripped through American computer networks during President Biden’s tenure, particularly affecting critical infrastructure targets including healthcare, gas pipelines and government systems.

The Cybersecurity and Infrastructure Security Agency is in the early stages of implementing new programs to warn people about cyberattacks inside networks and vulnerabilities in devices that are likely to be exploited.

CISA executive director Brandon Wales said Wednesday that his agency has leveraged relationships with cybersecurity companies to gather the information it uses to alert people that they are in hackers’ crosshairs before a cyberattack starts.

Source…

‘Whatsapp Pink’ Scam Can Steal Your Sensitive Data: Police Issues Alert & Warning (How To Stop This Scam?) – Trak.in

/in


A circulating WhatsApp message offers a link to download a pink-themed version of the app, known as ‘WhatsApp Pink.’ However, it has been discovered that ‘WhatsApp Pink’ is a harmful app designed to steal sensitive data, including banking information, OTPs, photos, and contacts.

'Whatsapp Pink' Scam Can Steal Your Sensitive Data: Police Issues Alert & Warning (How To Stop This Scam?)

WhatsApp Pink Scam

The ‘WhatsApp Pink Scam,’ a deceptive scheme, was initially exposed by internet security researcher Rajshekhar Rajaharia in April 2021. Subsequently, the Mumbai Police Cyber Crime Wing issued a Twitter alert, offering guidance on how to defend against these scams. 

To shield oneself from such fraudulent activities, it is essential to exclusively obtain and install applications from reliable sources like the Google Play Store. Apple users, in particular, benefit from added protection as Apple limits installations to trusted sources.

Protect Yourself from WhatsApp Pink Scam and Uninstall the Malicious App

Furthermore, it is important to refrain from installing apps from unfamiliar websites or APKs sent by unknown individuals. The ‘Forwarded’ label on WhatsApp messages can be useful in determining whether the message originated from a trusted source.

To remove WhatsApp Pink from your device, start by disconnecting any suspicious devices from the ‘Linked devices’ section in WhatsApp. The security researcher mentioned that WhatsApp Pink may conceal itself from the list of installed apps. If you encounter this issue, navigate to the ‘Apps’ section in your phone’s settings, locate ‘WhatsApp Pink’ with the pink logo, and select the uninstall option. It is worth noting that some malicious apps may not have a visible name in the app list, so be sure to remove any unidentified apps as well.

Source

Source…