Security Leftovers and Windows TCO
-
Reuters ☛ Italy government proposes tougher jail terms for cybercriminals
Italy's government is set to propose tougher jail terms for cybercrime and stricter disclosure rules for public bodies that come under attack from hackers, according to a draft law seen by Reuters on Wednesday.
The bill, set for discussion at a cabinet meeting on Thursday, comes after repeated instances of ransomware and other cyber attacks against Italian ministries, banks, local health authorities and other public institutions.
-
Bleeping Computer ☛ Ransomware payments drop to record low as victims refuse to pay
The number of ransomware victims paying ransom demands has dropped to a record low of 29% in the final quarter of 2023, according to ransomware negotiation firm Coveware.
This trend became apparent in mid-2021 when the payment rate dropped to 46% after previously being 85% at the start of 2019.
According to Coveware, the reason for this continual drop is multifaceted, including better preparedness by organizations, a lack of trust towards cybercriminals promising not to publish stolen data, and legal pressure in some regions where paying a ransom is illegal.
Coveware has found that even when data is stolen in cyberattacks, the payment rate was just 26% in the last quarter.
-
The Record ☛ Canadian malware spreader gets 2 years in prison
A Canadian court handed down a two-year prison sentence to a man who admitted coordinating ransomware and malware attacks on private citizens, businesses and government agencies.
Matthew Philbert, 33, pleaded guilty in October of last year to charges of fraud and unauthorized access to computers after his arrest in 2021 in Canada. Investigators found more than 1,100 victims total.
At the sentencing on Friday in the Ontario Court of Justice, prosecutors noted that Philbert’s attacks sometimes led to thousands of dollars in fraud, according to the CBC, including one incident in which he stole more than $10,000 from a family-run business.
-
The Register UK ☛ 750 million Indian mobile subscribers’ info for sale on dark web
Indian infosec firm CloudSEK last week claimed it found records describing 750 million Indian mobile network subscribers on the dark web, with two crime gangs offering the trove of data for just $3,000.
CloudSEK named CYBO CREW affiliates CyboDevil and UNIT8200 as the vendors of a 1.8TB trove, which contains mobile subscribers’ names, phone numbers, addresses, and Aadhaar details.
CloudSEK stated its investigation of the trove saw threat actors claim to have “obtained the data through undisclosed asset work within law enforcement channels” rather than as a result of a leak from Indian telcos. CloudSEK said its initial analysis found that the leak affects all major telecom providers. “The leak of Personally Identifiable Information (PII) poses a huge risk to both individuals and organizations, potentially leading to financial losses, identity theft, reputational damage, and increased susceptibility to cyber attacks,” stated CloudSEK.
-
The Washington Post ☛ Ex-IRS contractor who leaked Trump’s tax returns sentenced to 5 years
A former IRS contractor who leaked a slew of confidential tax records filed by the wealthiest Americans, including those of President Donald Trump, was sentenced Monday to the maximum of five years in prison.
Charles Littlejohn pleaded guilty last year to one count of unauthorized disclosure of income tax returns. Littlejohn, 38, admitted that he leaked Trump’s confidential tax information to the New York Times in 2019 and then replicated his work the next year, filtering the tax returns and financial data of thousands of wealthy Americans to ProPublica.
The news organizations published reports showing how Trump and the richest Americans for years paid little or no federal taxes. U.S. District Judge Ana C. Reyes said Littlejohn had “pulled off the biggest heist in IRS history” and deserved the maximum sentence she could impose because he targeted a sitting president and thousands of others. Reyes compared Littlejohn to one of the rioters who broke into the Capitol on Jan. 6, 2021, and said judges had to send a message that they will not tolerate “open season on our elected officials.”
“Let me be absolutely clear: What you did, in targeting the sitting president of the United States, was an attack on our constitutional democracy,” the judge told Littlejohn.
-
Dark Reading ☛ Freehold Township School District is forced to close 8 schools Monday due to cyber security threat.
On Jan. 28, the Freehold Township School District informed its staff, families, and students that its schools and offices would be closed today due to a cybersecurity incident.
School officials said that because of the incident, the district, located in Freehold, N.J., was experiencing technical difficulties and that it is working with third-party cybersecurity experts to address the issue.
Dianne Martello Brethauer, the district assistant superintendent, apologized on her X account (formerly known as Twitter) for the inconvenience after announcing the disruption the district is facing.
-
Windows TCO
-
Bruce Schneier ☛ Microsoft Executives [Breached]
Microsoft is reporting that a Russian intelligence agency—the same one responsible for SolarWinds—accessed the email system of the company’s executives.
-
Cyble Inc ☛ BianLian Ransomware Group Strikes Again, Targeting Two US-Based Companies
The BianLian ransomware attack on these two organizations was made public through posts on the dark web portal. Cislo & Thomas LLP, known for providing patent, trademark, copyright, and trade secret legal services globally, and Image Craft, renowned for innovative visual communication methods, are now grappling with the aftermath of this sophisticated cyber assault.
To understand the scope of this alleged BianLian ransomware attack, The Cyber Express reached out to the affected organizations. However, at the time of writing this, no official statement or response has been recorded, leaving the claims surrounding the BianLian ransomware attack unverified at this point.
-