Security News for the Week Ending December 24, 2021

Russian Hackers Make Millions by Stealing SEC Earning Reports

A Russian hacker working for a cybersecurity company has been extradited to the U.S. for hacking into the computer networks of two SEC filing agents used by multiple companies to file their quarterly and annual SEC reports. Using that insider information, the hacker traded stock in advance of the earnings being made public and earned millions. The hacker made the mistake of visiting Switzerland. I guess he figured that the U.S. did not know who he was. He was wrong. Credit: Bleeping Computer

Security Flaw Found in Popular Hotel Guest WiFi System

I always tell people not to use hotel guest WiFi systems because they are not secure. A researcher says that an Internet gateway used by hundreds of hotels for the guest WiFi are not secure and could put guest personal information at risk. The gateway, from Airangel, uses extremely easy to guess and hardcoded passwords. You can pretty much guess the rest. Credit: Tech Crunch

Feds Recover $154 Million in Bitcoin Stolen by Sony Employee

The U.S. has taken legal action to seize and recover $154 million stolen from Sony Life Insurance by an employee in a very basic business email compromise attack. The funds were supposed to be transferred between company accounts but were diverted. The hacker was not very smart, was in a country friendly to the U.S. (Japan), used a U.S. bank account and a Coinbase Bitcoin account, making it pretty easy to recover once found. The FBI managed, somehow, to obtain the private key for the hacker’s Bitcoin wallet, which made recovering the funds even easier. What the FBI has not disclosed is how they were able to recover the private key, probably because they do not want to disclose methods. Score one for the good guys. Credit: Bleeping Computer

Former Uber CSO Faces New Charges for Breach Cover-Up

Here is a tip about covering up a breach. Joe Sullivan, Uber’s Chief Security Officer between 2015 and 2017, faces more charges of covering up Uber’s breach. This time it is deliberately covering up a felony, which could bring him 8 years in prison and a $500,000 fine. Knowing Uber, they are probably not paying his legal costs. Moral: don’t lie. Credit: Data Breach Today

Russia Surging Both Tanks and Cyberattacks on Ukraine

In addition to moving 175,000 soldiers to the Ukraine border as Ukraine plans to join NATO, Russia is also stepping up cyberattacks on Ukraine’s financial system and critical infrastructure. In response, the US, UK and other friendly (NATO) countries have sent cyber experts to Ukraine to help defend their digital frontier. What war looks like now. Credit: Data Breach Today

Leave a Reply

Your email address will not be published. Required fields are marked *

*

code