DOJ arrests New York couple, seizing $3.6 billion in bitcoin
The Justice Department has seized a record total $3.6 billion in cryptocurrency tied to the 2016 hack of Bitfinex virtual currency exchange, which resulted in the transfer of 120,000 bitcoin to the attackers digital wallet. Federal agents arrested Ilya “Dutch” Lichtenstein and his wife, Heather Morgan, in Manhattan in connection with the crime. Investigators were able to trace the stolen funds through thousands of transactions to over a dozen accounts linked to Lichtenstein, Morgan or their businesses. From there, the couple converted the bitcoin to cash using bitcoin ATMs and by purchasing gold, NFTs, and Walmart gift cards.
(NPR)
Google sees 50% drop in compromises after 2SV enrollment
Back in May 2021, Google announced plans to auto-enroll users into two-step verification (2SV) in order to secure accounts from compromised credential attacks. On Tuesday, Guemmy Kim, Google’s Director for Account Security and Safety, indicated that Google has successfully auto-enabled 2SV for over 150 million people, and have required another 2 million YouTube creators to enable it. Kim noted that they have seen a 50% decrease in account compromise for 2SV enrollees compared with those who have yet to enroll.
Puma employee data stolen as a result of Kronos attack
December’s ransomware attack against Kronos systems has affected employees at Puma, one of the largest sportswear brands, and one of Kronos’ biggest clients. Hackers broke into Kronos Private Cloud and stole the data before encrypting it despite it being secured through firewalls, multi-factor authentication, and encrypted data transmissions. In a filing with the Maine Attorney General, Kronos said personal data of 6,632 individuals, including affected Puma employees, was stolen during the attack. Kronos is offering free credit monitoring and identity insurance services to victims of the breach.
Vodafone Portugal 4G and 5G services hit with cyberattack
Vodafone Portugal announced on Tuesday that it was hit with a cyberattack that caused network disruptions across the country. In a statement, the company said its 4G/5G network, fixed voice, television, SMS and voice/digital answering services were affected by the attack, which they discovered on Monday night. Vodaphone said it has already recovered mobile voice and data services on the 3G network for almost the entire country, but is still working to recover its other services. Vodaphone contacted law enforcement and is conducting its own internal investigation to determine how the breach occurred.
(ZDNet)
Thanks to our episode sponsor, Datadog
In this Datadog Security Monitoring product brief, you’ll learn how to:
Solve cloud complexity challenges with threat detection tools, detect and analyze security threats anywhere in your stack, and deploy turnkey detection rules mapped to the MITRE ATT&CK framework. Download the brief today to learn more at datadoghq.com/ciso/
Canadian Netwalker ransomware crook pleads guilty to million-dollar crimes
Sebastien Vachons-Desjardins of Gatineau, Ottawa, who used Netwalker ransomware to attack 17 organisations, has been sentenced to six years and eight months in prison after pleading guilty to five criminal charges in Ontario’s Court of Justice. Vachons-Desjardins had C$30m (US$23.6m) in cash and Bitcoin when police raided his house. Canadian court documents revealed that the Defendant had been hired by 10-15 unknown individuals to teach them his methods. The judge ordered that organizations that fell victim to the attacks be paid five to six-figure sums in restitution.
ExpressVPN offering $100,000 to hack its servers
On Tuesday, ExpressVPN announced that they are offering a $100,000 bug bounty to an ethical hacker who identifies critical vulnerabilities in TrustedServer, which is a custom-built operating system based on Debian Linux, featuring proprietary security enhancements that make it ideal for use in VPN infrastructure. The first person to submit a valid vulnerability, granting unauthorized access or exposing customer data, will receive the one-time bounty. According to the company, “This is the highest single bounty offered on the Bugcrowd platform and 10 times higher than the top reward previously offered by ExpressVPN.”
No Critical Bugs for Microsoft February Patch Tuesday
Microsoft’s February 2022 Patch Tuesday release includes just 51 patches and is noteworthy because none of them rated critical. Microsoft’s releases address CVEs in Windows components, Azure Data Explorer, Kestrel Web Server, Microsoft Edge (Chromium-based), Windows Codecs Library, Microsoft Dynamics, Microsoft Dynamics GP, Microsoft Office, Windows Hyper-V Server, SQL Server, Visual Studio Code and Microsoft Teams. Among these, Microsoft addressed one zero-day, a Windows Kernel elevation-of-privilege vulnerability tagged as CVE-2022-21989. Also notable, one of the updates this month is for a CVE first published in 2013.
Garrett Yee to close out 35-year career
Assistant to the director of the Defense Information Systems Agency, Army Major General Garrett Yee, is scheduled to retire April 28, closing out a 35-year career. In his role at DISA, Yee provided critical leadership for the agency’s $13 billion information technology and cybersecurity portfolio and provided IT support to the president, secretary of defense, Joint Chiefs of Staff, combatant commanders and DOD components. During the pandemic, Yee launched a highly popular monthly virtual lunch-and-learn series, “DISA in the Know”, to keep the global DISA workforce informed of critical missions. Previously, Yee served as the military deputy to the Army Chief Information Officer/G-6 and as the Army’s senior information security officer at the Pentagon.