The owner of a Bitcoin exchange has become the seventeenth person to be convicted in the United States in connection with a transnational multi-million-dollar online auction fraud scheme that victimized over 900 Americans. Rossen Iossifov was found guilty yesterday by a federal jury in Frankfort, Kentucky, of one count of conspiracy to commit racketeering and one count

by Paul Ducklin We do a show on Facebook every week in our Naked Security Live video series, where we discuss one of the big security concerns of the week. We’d love you to join in if you can – just keep an eye on the @NakedSecurity Twitter feed or check our Facebook page on

A health insurance company in Washington state has been slapped with the second-largest ever HIPAA violation penalty. The Department of Health and Human Services’ Office for Civil Rights (OCR) has imposed a $6.85m penalty on Premera Blue Cross to resolve potential violations of the Health Insurance Portability and Accountability Act of 1996 (HIPAA). Premera Blue Cross is a

by Paul Ducklin Sadly, we’ve written many times before about RaaS, short for Ransomware-as-a-Service: That’s where the crooks who actually write the ransomware keep themselves out of the limelight by hiring in other crooks to identify victims, get into their networks, spread the malware and trigger the damage: The operators themselves then collect the ransom

A 13-year-old boy has been arrested in the United States after allegedly hacking into an Indiana school district’s computer system.  The unnamed teen was arrested after repeated cyber-attacks were launched against Valparaiso Community Schools.  School officials reported regular assaults on the district’s e-learning systems that disrupted instruction by causing students to become disconnected from their

A warning has been issued by America’s Cybersecurity and Infrastructure Security Agency (CISA) after a malicious cyber-actor compromised a United States federal agency.  The attacker used valid log-in credentials for multiple users’ Microsoft Office 365 accounts and domain administrator accounts to gain access to the agency’s enterprise network. Once inside, the bad actor infected the network with

A cyber-attack has struck a Texas company that provides software services to schools and state and local governments across the United States. Tyler Technologies notified customers on September 23 that its phone and computer systems had been compromised by a bad actor.  Since the incident, the website of the company has carried the message: “Our

by Paul Ducklin We saw it in a tweet. How about you? pic.twitter.com/aNYt07qKsI — DEY! (@RoninDey) September 24, 2020 If the reports are to be believed, someone has just leaked a mega-torrent (pun intended – allegedly some of the files have also been uploaded to Kiwi file-sharing service Mega) of Microsoft source code going all

New research published today by Kaspersky examines a rise in the number of cyber-attacks on industrial control system (ICS) computers used by the oil and gas industry. Over the first six months of 2020, the percentage of systems attacked in the oil and gas industry increased when compared to the same time period last year. The same trend was

by Paul Ducklin Aren’t SMSes dead? Aren’t they just plain old text anyway? Surely they’re of no interest to cybercriminals any more? Well, SMSes aren’t dead at all – they’re still widely used because of their simplicity and convenience. Indeed, as a general-purpose short message service – which is literally what the letters SMS stand

Cyber-criminals hoping to profit from the theft of Bruce Springsteen’s legal documents were left disappointed when an online auction of the data attracted no buyers. The singer’s documents were among a 756GB cache of data swiped from New York City law firm Grubman Shire Meiselas & Sacks in a cyber-attack carried out in May this year.  Other high-profile entertainers

A global sting operation targeting drug trafficking on the darknet has led to 179 arrests and the seizure of weapons, drugs, and millions of dollars in cash and virtual currencies. Operation DisrupTor was conducted across the United States and Europe and was a collaborative effort between the law enforcement and judicial authorities of Austria, Cyprus,

Hundreds of thousands of Minnesotans are receiving letters warning them that their data may have been exposed in the second-largest healthcare data breach in state history. The letters were sent to individuals who had donated to or been a patient of Allina Health hospitals and clinics or Children’s Minnesota, a two-hospital pediatric health system in

by Paul Ducklin We do a show on Facebook every week in our Naked Security Live video series, where we discuss one of the big security concerns of the week. We’d love you to join in if you can – just keep an eye on the @NakedSecurity Twitter feed or check our Facebook page on

Cybersecurity firm OneSpan has announced the appointment of Ajay Keni as its new chief technology officer (CTO). Keni will replace Benoit Grangé in the post, who will take up a new position as chief technology evangelist, in which he will “focus on sharing OneSpan’s technology vision and deep industry insights with customers, partners and the

The cybercrime gang Netwalker claims to have exfiltrated data from the College of the Nurses of Ontario in a ransomware attack. A screenshot of data allegedly swiped from the college was posted on Netwalker’s website, where the college’s name has been added to a growing list of the gang’s victims. In a sparsely detailed statement issued yesterday,

The former CEO of the UK government’s National Cyber Security Centre (NCSC) has joined Paladin Capital Group as a managing director.  The appointment of Ciaran Martin by the global cyber and deep tech investor, headquartered in Washington, DC, was announced today.   Previously, Martin was hired as director of security and intelligence at the Cabinet Office in 2008,

by Paul Ducklin You’ve probably heard terms like “spray-and-pray” and “fire-and-forget” applied to cybercriminality, especially if your involvement in cybersecurity goes back to the early days of spamming and scamming. Those phrases recognise that sending unsolicited email is annoyingly cheap and easy for cybercrooks, who generally don’t bother running servers of their own – they

The US has indicted two Iranians in connection with the theft of hundreds of terabytes of sensitive data from computers in America, Europe, and the Middle East.  Hooman Heidarian, aged 30, and Mehdi Farhadi, 34, were allegedly involved in a slew of coordinated hacks perpetrated to make money or for political reasons.  Data stolen in the attacks

by Paul Ducklin The big, bad bug of the week is called Zerologon. As you can probably tell from the name, it involves Windows – everyone else talks about logging in, but on Windows you’ve always very definitely logged on – and it is an authentication bypass, because it lets you get away with using

A lawsuit has been filed against Warner Music Group following the disclosure of a data breach that compromised customers’ sensitive personal information. Warner notified customers of a breach earlier this month after discovering a number of its e-commerce websites had fallen victim to a prolonged skimming attack.  Attackers were able to access personal data entered

A New Jersey man who physically installed keyloggers onto the computer networks of his rivals to steal trade secrets has been sent to prison for nearly eight years.  Ankur Agarwal, of Montville, pleaded guilty to two counts of obtaining information from computers and one count of aggravated identity theft in federal court in Newark back in October

Privacy issues have been detected in an official application of the Joe Biden campaign. The Vote Joe app uses relational organizing to allow users to share data about themselves and their contacts with a voter database run by Target Smart, a service claiming to have over 191 million voter records.   A user who syncs their contacts with

by Paul Ducklin Did you know that we do a show on Facebook every week in our Naked Security Live video series? We usually discuss one of the big security concerns of the week – from data breaches and corporate hacks to vulnerabilities and scare stories – in a way that not only explains what

A member of an organization dedicated to disrupting America’s political system has been charged with wire fraud conspiracy.  Project Lakhta manager Artem Mikhaylovich Lifshits of St. Petersburg, Russia, is accused of using IDs stolen from US citizens to open fraudulent accounts at banking and cryptocurrency exchanges.  According to a criminal complaint filed yesterday in the Eastern District

Cyber-criminals who launched a ransomware attack on a US court have published what they claim are stolen court documents online.  Attackers claim to have successfully targeted the Fourth Judicial District Court of Louisiana with a ransomware strain known as Conti, first detected in the wild in December 2019. The malware has been observed to use

The data of around 100,000 Razer customers has been exposed online following a misconfiguration faux pas. The lapse by the global hardware manufacturing company and eSports and financial services provider was discovered by cybersecurity expert Volodymyr “Bob” Diachenko. Customer data impacted by the cyber-slipup included full name, email, phone number, customer internal ID, order number, order details, and billing

by Paul Ducklin Our cybersecurity antennae always start vibrating when we see warnings about attacks that involve a new type of file. We’re sure you have the same sort of reaction. After all, if a file type that you’ve treated for years as mostly harmless suddenly turns out to be possibly very dangerous, you’re faced

The People’s Republic of China says the Twitter account of an ambassador who ‘liked’ a tweet containing pornographic content was hacked. The account in question belongs to Liu Xiaoming, the PRC’s ambassador to the United Kingdom. While Twitter is banned in the PRC, Chinese diplomats and their staff who live overseas are permitted to use the social media

Small-business owners are worried that their employees’ use of social media is a potential security risk, according to new research by the Cyber Readiness Institute. A survey of 400 SMB owners and 1,059 US workers found that 56% of owners believe that their employees’ social media use poses a cybersecurity threat to their business.  Despite their