DDoS-for-hire service provider jailed
Matthew Gatrel, a 33-year-old man from St. Charles, Illinois, has been sentenced to two years in prison for running websites that provide powerful distributed denial-of-service (DDoS) attacks against internet users and websites. This sentencing resulted in the seizure of his websites, making the internet a little safer from DDoS attacks. Gatrel was the administrator and owner of DownThem.org and AmpNode.com, two DDoS-for-hire websites with thousands of clients which launched attacks against more than 200,000 targets. He was convicted of three charges, including conspiracy to commit unauthorized impairment of a protected computer, conspiracy to commit wire fraud, and unauthorized impairment of a protected computer.
Senate bill would ban data brokers from selling location and health data
A bill introduced by Sen. Elizabeth Warren (D-Mass.) would prohibit data brokers from selling Americans’ location and health data, Warren’s office said Wednesday. “Largely unregulated by federal law, data brokers gather intensely personal data such as location data from seemingly innocuous sources including weather apps and prayer apps—oftentimes without the consumer’s consent or knowledge,” a bill summary said. “Then, brokers turn around and sell the data in bulk to virtually any willing buyer, reaping massive profits.” Citing the draft Supreme Court ruling overturning Roe v. Wade, Warren said “it is more crucial than ever for Congress to protect consumers’ sensitive data.”
Proofpoint dispels commonly held threat actor assumptions in new report
As part of Proofpoint’s “2022 Social Engineering report” it was found that many cybercriminals employ unanticipated behaviors as part of their hacking methods. Threat actors typically are not thought of as engaging with their victims or attempting to disguise legitimate technologies as part of their schemes. However, Proofpoint found that many hackers use some of these methods to gain an entry when targeting an individual. “Despite defenders’ best efforts, cybercriminals continue to defraud, extort, and ransom companies for billions of dollars annually,” said Sherrod DeGrippo, vice president of threat research and detection at Proofpoint. “The struggle with threat actors evolves constantly, as they change tactics to earn clicks from end users.”
Europol Busts Phishing Gang Responsible for Millions in Losses
Europol on Tuesday announced the dismantling of an organized crime group that dabbled in phishing, fraud, scams, and money laundering activities. The cross-border operation, which involved law enforcement authorities from Belgium and the Netherlands, saw the arrests of nine individuals in the Dutch nation. The suspects are men between the ages of 25 and 36 from Amsterdam, Almere, Rotterdam, and Spijkenisse and a 25-year-old woman from Deventer, according to a statement from the National Police Force.
Okta says Lapsus$ incident was actually a brilliant zero trust demonstration
So said Brett Winterford, Asia-Pacific and Japan chief security officer of the identity-management-as-a-service vendor, at the Gartner Risk and Security Summit in Sydney today. Winterford explained that the incident started in January when an Okta analyst observed a support engineer at Sitel – Okta’s (former) outsourced customer service provider – attempted to reset a password to Okta’s systems but did so from outside the expected network range and did not attempt to fulfil a multifactor authentication challenge. That request sent the reset email to a Sitel email address managed under Microsoft 365 and was made with the attacker’s own kit. That last item was highly unusual. Okta can see authentication requests made using the VMs Sitel used to provide support services. But Okta cannot see inside Sitel’s MS365. Okta therefore suspended the user and inquired about any issues at Sitel, which admitted to compromise of an Active Directory account.