US law enforcement portal breach and more | #government | #hacking | #cyberattack


Verdict lists five top tweets on cybersecurity in May 2022 based on data from GlobalData’s Technology Influencer Platform.

The top tweets are based on total engagements (likes and retweets) received on tweets from more than 841 cybersecurity experts tracked by GlobalData’s Technology Influencer platform during May 2022.

1. Brian Krebs’s tweet on a US law enforcement portal breach

Brian Krebs, an investigative reporter at a computer security and cybercrime blog KrebsOnSecurity.com., shared an article on the US Drug Enforcement Administration (DEA) examining reports of hackers gaining unauthorised access to a law enforcement portal, esp.usdoj.gov, which is the Law Enforcement Inquiry and Alerts (LEIA) system managed by the DEA.  The agency portal handles 16 different federal law enforcement databases, the article detailed.

The LEIA system was accessed using a name and password of an authorised user of the esp.usdoj.gov portal. Investigations revealed that the site can be penetrated via a personal identification number or PIV card, which is generally used across the US government to tap into federal facilities and information systems, the article noted. Researchers claim that the screenshots revealed by the hackers show that they can view sensitive information, as well as provide false records to intelligence and law enforcement databases.

Username: briankrebs

Twitter handle: @briankrebs

Likes: 690

Retweets: 395

2. Kim Zetter’s tweet on military-made cyberweapons to be available on the dark web

Kim Zetter, an investigative journalist, tweeted on the distinction between military-made weapon, cybercrime malware or a commercial entity like NSO, stating that the difference depends on the sophistication, intent, and manner in which a weapon is used. Zetter further shared an article on Interpol Secretary General Jurgen Stock’s warning of military-made cyberweapons likely to be available on the dark web in some years from now. The dark web or darknet, he describes, is the concealed part of the internet which Google or other search engines cannot access in the coming years.

Interpol officials warned that digital tools developed and used by the military for cyberwarfare is likely to be misused by cybercriminals. The article further highlighted that cyberweapons come in various forms along with ransomware, where hackers lock down a company’s computer systems and demand a ransom payment to restore control.

The Russia-Ukraine has further led to renewed concerns over cyberwar, with cyberattacks having more than doubled worldwide in 2021, as per the World Economic Forum’s Global Cybersecurity Outlook report, the article detailed. The report further highlighted that ransomware attacks continue to be the most popular, with organisations being targeted 270 times a year on an average. Therefore, government officials believe that cyber incidents are likely to pose serious risks for both supply chains and critical energy infrastructure.  

Username: Kim Zetter

Twitter handle: @KimZetter

Likes: 200

Retweets: 38

3. Graham Cluley’s tweet on GoodWill ransomware asking victims to perform good deeds

Graham Cluley, a cybersecurity expert, shared an article on GoodWill ransomware does the same by encrypting the usual file types, such as databases, documents, videos, and photographs, thereby locking the one’s access to content, but in return for acts of kindness and not to extort money from its victims. The ransomware requests its victims to perform three acts of goodwill in order to retrieve their files and the decryption key, the article noted.

For example, the first request is to offer blankets and new clothing to the homeless. The second request is to take five underprivileged children, under the age of 13, to any eatery like the Domino’s, Pizza Hut, or KFC and allow them to order food of their choice. The third act of goodwill is to offer financial support to individuals who require immediate medical attention but cannot afford the treatment. When convinced with the proof of the videos of the goodwill acts, the ransomware attackers return with a decryption tool, which is either a video or a key, to help victims recover their scrambled filed, the article highlighted.

Username: Graham Cluley

Twitter handle: @gcluley

Likes: 131

Retweets: 39

4. Zack Whittaker’s tweet on hacker scraping an internal database of Verizon employees

Zack Whittaker, security editor at a news website TechCrunch, shared an article on a hacker tricking an employee of the telecommunications company Verizon into giving remote access to their corporate computer. This allowed the hacker to then steal an internal database of hundreds of Verizon employees, the article detailed. The data contains information, including full name, corporate ID numbers, email addresses, and phone numbers, which experts believe can be used in social engineering and SIM swapping attacks.

The article further noted that the hacker approached Verizon and shared the email sent to the company about the hack, requesting an offer of $250,000 in return for the leaked files. The hacker also threatened to release the employee directory information if not paid the ransom, and was in contact with the company, a Verizon spokesperson confirmed.

Username: Zack Whittaker

Twitter handle: @zackwhittaker

Likes: 78

Retweets: 44

5. Stephanie Carruthers’s tweet on the US DoD losing $23.5m to a phishing operation

Stephanie Carruthers, a chief people hacker at X-Force Red, a global team of ethical hackers and security professionals at the technology company IBM, tweeted on the US Department of Defence (DoD) being deceived into paying a phishing actor $23.5m in damages. The 40-year-old Sercan Oyuntur was convicted by the US Department of Justice (DoJ) for numerous counts related to a phishing operation, where he diverted DoD funds meant for a jet fuel supplier to his personal bank account, the article highlighted.

The article further detailed that the phishing fraud occurred in September 2018, where Oyuntur and his co-conspirators registered the domain dia-mil.com, to resemble the original dla.mil to send phishing emails. An eight-day trial at Camden, California, charged Oyuntur for bank, wire and mail fraud, unauthorised device access, false statements, and aggravated identity theft, to federal officers. He is expected to face a maximum sentence of 30 years in prison, along with a fine of $1m, or double the gross profits of the loss resulting from his fraudulent activities, the article noted.

Username: Stephanie Carruthers

Twitter handle: @_sn0ww

Likes: 84 Retweets: 25





Original Source link

Leave a Reply

Your email address will not be published.

forty three + = forty seven