AboutDFIR.com – The Definitive Compendium Project
Digital Forensics & Incident Response

Blog Post

InfoSec News Nuggets 5/23/2024

BLACKBASTA GROUP CLAIMS TO HAVE HACKED ATLAS, ONE OF THE LARGEST US OIL DISTRIBUTORS

Atlas is one of the largest national fuel distributors to 49 continental US States with over 1 billion gallons per year. The Blackbasta extortion group added the company to the list of victims on its Tor leak site, as the researcher Dominic Alvieri reported. The gang claims to have stolen 730GB of data from ATLAS, including Corporate data: Accounts, HR, Finance, Executive, department data, and users and employees’ data. The gang published a series of documents as proof of the hack, including people’s ID cards, data sheets, payroll payment requesters and a picture of the folder exfiltrated from the victim’s systems. The oil company has yet to disclose the alleged incident.

 

Using AI, Mastercard Expects to Find Compromised Cards Quicker, Before They Get Used by Criminals

In its latest software update rolling out this week, Mastercard is integrating artificial intelligence into its fraud-prediction technology that it expects will be able to see patterns in stolen cards faster and allow banks to replace them before they are used by criminals. “Generative AI is going to allow to figure out where did you perhaps get your credentials compromised, how do we identify how it possibly happened, and how do we very quickly remedy that situation not only for you, but the other customers who don’t know they are compromised yet,” said Johan Gerber, executive vice president of security and cyber innovation at Mastercard, in an interview.

 

74% of CISOs Believe that People Are Their Company’s Biggest Vulnerability, 2024 Voice of the CISO Report Reveals

Whether driven by record employee turnover, increasingly sophisticated cyberattacks or the growing reliance on cloud technology, most CISOs are nervously scanning the threat landscape. Over two-thirds (70%) believe their businesses are at risk for a cyberattack over the next 12 months—up from 68% in 2023 and 48% in 2022. Despite these concerns, many CISOs we surveyed report feeling confident in their company’s ability to deal with the consequences. Fewer than half (43%) believe that they aren’t prepared for a targeted cyberattack—down from 61% in 2023 and 50% in 2022. It is heartening to know that more CISOs feel ready to face cyber threats. However, the reality is that 70% of CISOs also believe an attack is imminent—and almost half remain unprepared for its impact.  

 

Criminal record database of millions of Americans dumped online

A cybercriminal going by the names of EquationCorp and USDoD has released an enormous database containing the criminal records of millions of Americans. The database is said to contain 70 million rows of data. The leaked database is said to include full names, dates of birth, known aliases, addresses, arrest and conviction dates, sentences, and much more. Dates reportedly range from 2020 to 2024. The exact source of the database is as yet unknown. USDoD is a high-profile player in this field, closely associated with “Pompompurin”, the operator of the first iteration of data leak site BreachForums. USDoD is said to have plans to set up a successor to the second iteration of BreachForums which was recently seized by law enforcement. Releasing this database may be USDoD’s way to round up some interested users.

 

Breach Forums Plans Dark Web Return This Week Despite FBI Crackdown

Breach Forums, the infamous cybercrime and hacker forum, is set to return to the dark web with a new Onion domain, Hackread.com can confirm. While the exact timeline for the revival of its clearnet domain remains uncertain, administrators are working towards its relaunch any time this week. ShinyHunters, both a hacker and administrator of Breach Forums, confirmed these developments to Hackread.com. According to the hacker, the new Onion domain for Breach Forums stands prepared for a comeback, set to take place sometime in the following week. “The onion is ready, it’s not public yet, but it will be launched probably this week.” When questioned about the status of the clearnet domain, the hacker simply mentioned that “the clearnet will come back,” offering no specific timeframe.

Related Posts