Who Wrote the ALPHV/BlackCat Ransomware Strain?

In December 2021, researchers discovered a new ransomware-as-a-service named ALPHV (a.k.a. “BlackCat“), considered to be the first professional cybercrime group to create and use a ransomware strain written in the Rust programming language. In this post, we’ll explore some of the clues left behind by a developer who was reputedly hired to code the ransomware…

Read More

Scary Fraud Ensues When ID Theft & Usury Collide

What’s worse than finding out that identity thieves took out a 546 percent interest payday loan in your name? How about a 900 percent interest loan? Or how about not learning of the fraudulent loan until it gets handed off to collection agents? One reader’s nightmare experience spotlights what can happen when ID thieves and…

Read More

Crime Shop Sells Hacked Logins to Other Crime Shops

Up for the “Most Meta Cybercrime Offering” award this year is Accountz Club, a new cybercrime store that sells access to purloined accounts at services built for cybercriminals, including shops peddling stolen payment cards and identities, spamming tools, email and phone bombing services, and those selling authentication cookies for a slew of popular websites. Criminals…

Read More

As easy as 123456 !

Hacked Passwords

Data security breaches have become common place over the last 10 years, so much so that as an industry we have almost become immune to them. However a recent study carried out by a Turkish Security researcher, Ata Hakcil, on password reuse found after analysing over a billion credentials that “123456” was the most commonly…

Read More

The Problem with the Kill Chain

Cyber Kill Chain

The Kill Chain is IMHO yet another flawed term that has been adopted by the IT Security Industry to describe the methodology that attackers use against organisations to steal or compromise their assets. The term originates from the military and was first used by Lockheed Martin in 2009 to describe the steps an adversary would use…

Read More