million

now browsing by tag

 
 

#deepweb | More than 200 million MGM customers could have stolen info on the black market

Source: National Cyber Security – Produced By Gregory Evans

MGM RESORTS SAYS THERE WAS A DATA BREACH IN JULY 2019 — Morgan & Morgan has filed a lawsuit against MGM Resorts International over a data breach that has exposed the personal information of millions of people. The lawsuit was filed February 21, 2020 and states that in July of 2019, MGM’s computer network system was hacked. The stolen information was then posted on a closed Internet forum.

Related: Attorney files lawsuit against MGM Resorts over recent data breach

The report states more than 10.6 million MGM guests were impacted, but one of the lead attorneys said it could be much more.

“We absolutely have heard that we could be talking upwards of 200 million plus,” said Attorney Jean Martin.

She said one of their main concerns is what information was stolen. She said initially, MGM reached out to impacted customers in September of 2019, saying only names and maybe addresses had been posted online, but that information had been taken down. However in February, the lawsuit says even more personal information had been posted on an internet hacking forum, leading to prolonged risk of that stolen information spreading. Some of the information stolen included names, addresses, driver’s license numbers, passport numbers, military ID numbers, phone numbers, emails and birthdays.

“That’s what happens when your information is compromised. You never know when it’s going to go up on the web and on the dark web, when it’s going to be sold and when it’s going to be used, so now the people that have had their information compromised face this risk for the rest of their lives,” said Martin.

MGM Resorts released a statement prior to the lawsuit’s filing, and declined to give any updated information.

“Last summer, we discovered unauthorized access to a cloud server that contained a limited amount of information for certain previous guests of MGM Resorts. We are confident that no financial, payment card or password data was involved in this matter. MGM Resorts promptly notified guests potentially impacted by this incident in accordance with applicable state laws. Upon discovering the issue, the Company retained two leading cybersecurity forensics firms to assist with its internal investigation, review and remediation of the issue. At MGM Resorts, we take our responsibility to protect guest data very seriously, and we have strengthened and enhanced the security of our network to prevent this from happening again.”

Source link
——————————————————————————————————

The post #deepweb | <p> More than 200 million MGM customers could have stolen info on the black market <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#cybersecurity | #hackerspace | Zero Networks Launches Industry’s First Autonomous Network Access Orchestrator, Announces $4.65 Million in Funding

Source: National Cyber Security – Produced By Gregory Evans

Debuting at the RSA® Conference’s Launch Pad, the platform delivers adaptive user and machine-level policy enforcement to make a zero trust network model at scale a reality  

NEW YORK and TEL AVIV – February 20, 2020 – Zero Networks (www.zeronetworks.com), the pioneer in zero trust network access, today unveiled the Zero Networks Access Orchestrator, the first network security platform that automatically defines, enforces and adapts user- and machine-level network access policies to create a continuous airtight zero trust network model, at scale. The company was named one of three finalists for the prestigious RSAC Launch Pad, where it will debut the platform, on February 26th, during the RSA Conference, the world’s leading information security conference.

Zero Networks also announced it has raised $4.65 million in seed funding, led by F2 Capital and Pico Venture Partners. This funding will be used to accelerate product development and hire key positions in engineering, marketing, sales and business development.

Assuming users and machines inside the network can be completely trusted leaves the door open for malicious insiders and hackers to do almost anything they want. Zero Networks minimizes these risks, with the click of a button, constraining access in the network to only what users and machines should be doing. The Zero Networks Access Orchestrator is the first of its kind to deliver:

  • Autonomous policy enforcement – observes how users and machines normally communicate to automatically enforce a zero trust networking stance throughout your environment, with a two-factor authentication (2FA) mechanism to allow new or rare access, so users can always get what they need, when they need it.
  • Airtight security – establishes least privilege access for each and every user and machine, so they can only access only what they need, and nothing more. This provides a scalable and cost-efficient way for enterprises to establish user and machine-level perimeters that put an end to excessive allowances within the network. It also eliminates many internal attack vectors, such as network discovery, lateral movement, remote code execution and the introduction of commodity malware.
  • Access control at scale – provides a single source for all network access policies, so the entire environment is protected from managed and unmanaged devices, at scale, with the click of a button. There are no agents to deploy and no policies for IT to configure or manage.

“Zero Networks is making a zero trust security model at scale a reality,” said Jonathan Saacks, managing partner from F2 Capital. “Their approach is a radical change for the market, but not a radical change for enterprises, which is why it is so effective,” added Tal Yatsiv, operating partner at PICO Venture Partners. “Enterprises can go about their business and lock down the access of each of their users and machines to only what they need, without agents, without intervention, and without disruptions.”

Zero Networks founders Benny Lakunishok and Jossef Harush came up with the Zero Networks Access Orchestrator when they saw the burden that IT and security teams face in trying to maintain real-time access requirements for all users and machines across their environment. With deep experience in cybersecurity, they knew there had to be better, more scalable solution.

Mr. Lakunishok has been in cybersecurity for the past decade and was part of the leadership team of Aorato, which was acquired by Microsoft. Mr. Harush previously led the architecture and engineering team at CyberX. Together, they established Zero Networks to make it easy for enterprises to adapt and scale airtight, internal network access policies that keep attackers out and the business going.

The Zero Networks Access Orchestrator is currently being used by beta customers in the manufacturing, energy, retail and public sectors to defend their internal networks and will be commercially available at the end of Q1 2020.

About Zero Networks

Zero Networks automates the creation, enforcement and maintenance of zero trust network access policies for each user and machine to make zero trust security model at scale a reality. The Zero Networks Access Orchestrator enables organizations to keep up with the changes in their dynamic environment and prevent breaches from impacting operations, so they can be confident their users and machines are able to go about their business and nothing more. With Zero Networks, there are zero hassles, disruptions or worries - there’s just trust. For more information, please visit www.zeronetworks.com or follow Zero Networks on LinkedIn at https://www.linkedin.com/company/zero-networks or Twitter at https://twitter.com/ZeroNetworks.

 

Source link

The post #cybersecurity | #hackerspace |<p> Zero Networks Launches Industry’s First Autonomous Network Access Orchestrator, Announces $4.65 Million in Funding <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | Ohio Man Caught For Laundering Bitcoin Worth $300 Million

Source: National Cyber Security – Produced By Gregory Evans

|

An Ohio resident has been arrested by the United States authorities for running a “Bitcoin mixer” service on the dark web which was helping the criminals for impersonating the Bitcoin transactions. Larry Harmon is a 36-old man who is caught for three-count indictment in Akron, Ohio. He was operating Helix which is an online website located on the dark web.

Ohio Man Caught For Laundering Bitcoin Worth $300 Million

The bitcoin blockchain is a public database which is open for everyone to purchase and invest in Bitcoin. It has been noticed that in many cases the transaction for new funds by the users are getting linked to a credit card, bank account, or Paypal account.

Helix works like a Bitcoin mixer, it is a type of service which collects funds from users and split them into minor portions and send them to a new Bitcoin address using thousands of transactions. This service helps users to hide the original funds.

“The sole purpose of Harmon’s operation was to conceal criminal transactions from law enforcement on the Darknet, and because of our growing expertise in this area, he could not make good on that promise,” Don Fort, Chief, IRS Criminal Investigation, said today in a DOJ press release.

According to the reports, Harmon was indulged in running Helix as a secondary project which was attached to his primary service called Grams. It is a search engine which collects and delivers information about numbers of drugs-related marketplaces available on the dark web.

On Grams, users can search for a drug and find the cheapest one in their area and Helix was working as a way of transaction which was helping users to hide their identity while buying the products.

According to the reports, Harmon was operating Helix since 2014 during these years he had launder more bitcoin of worth $300 million at the time of the transaction, and now it has a net value of $3.5 billion.

Source

Best Mobiles in India

  • 23,999

  • 19,590

  • 22,990

  • 28,959

  • 19,890

  • 25,999

  • 34,854

  • 1,03,900

  • 15,690

  • 15,999

  • 16,999

  • 28,959

  • 10,990

  • 19,890

  • 12,999

  • 14,870

  • 15,098

  • 62,899

  • 34,854

  • 44,499


  • 13,545


  • 40,920


  • 73,999


  • 10,958


  • 24,000


  • 21,450


  • 51,150


  • 98,400


  • 20,000


  • 92,999

Source link
——————————————————————————————————

The post #deepweb | <p> Ohio Man Caught For Laundering Bitcoin Worth $300 Million <p> appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | Joker’s laughing: Fresh database of half a million Indian payment card records on sale in the Dark Web

Source: National Cyber Security – Produced By Gregory Evans

“INDIA-BIG-MIX” (full name: [CC] INDIA-BIG-MIX (FRESH SNIFFED CVV) INDIA/EU/WORLD MIX, HIGH VALID 80-85%, uploaded 2020-02-05 (NON-REFUNDABLE BASE)”

If you’re wondering what this seemingly random set of words mean, that is how a fresh database of 461,976 payment card records currently on sale on Joker’s Stash, a popular underground cardshop in the dark web has been listed.

Group-IB, a Singapore based cybersecurity company specialising in preventing cyber attacks which detected the database, says that over 98% of this database on sale were cards issued by Indian banks.

At the moment, the source of this new breach is unknown. The card records were uploaded on the 5th of February and that the total estimated value of the database according to Group-IB, is USD4.2 million, at around USD 9 apiece. Till yesterday morning 16 cards details were found to have been sold. Those who buy these cards do so with the intention of committing payment card fraud.

The company says that they have already alerted India’s Computer Emergency Response Team (CERT-In). The Economic Times will update this story as and when we hear from CERT-In on the steps they have taken.

With the sharp rise in digital payments in India and a lack of corresponding rise in awareness of the best practices to use payment cards safely online and offline, the country has become an attractive destination for nefarious elements online.

This newest breach has, according to Group-IB, “exposed card numbers, expiration dates, CVV/CVC codes and, in this case, some additional information such as cardholders’ full name, as well as their emails, phone numbers and addresses.”

This is the second major database of Indian payment card details that Group-IB has detected since October when 1.3 million credit and debit card records of mostly Indian banks’ customers uploaded to Joker’s Stash with and estimated underground market value of USD130 million was detected in what became “the biggest card database encapsulated in a single file ever uploaded on underground markets at once.”

According to Dmitry Shestakov, the head of Group-IB cybercrime research unit, “In the current case, we are dealing with so-called fullz — they have info on card number, expiration date, CVV/CVC, cardholder name as well as some extra personal info.”

They also say that unlike earlier breaches what “distinguishes the new database from its predecessor is the fact that the cards were likely compromised online, this assumption is supported by the set of data offered for sale.”

Shestakov adds “such type of data is likely to have been compromised online — with the use of phishing, malware, or JS-sniffers — while in the previous case, we dealt with card dumps (the information contained in the card magnetic stripe), which can be stolen through the compromise of offline POS terminals, for example.”

Source link
——————————————————————————————————

The post #deepweb | <p> Joker’s laughing: Fresh database of half a million Indian payment card records on sale in the Dark Web <p> appeared first on National Cyber Security.

View full post on National Cyber Security

Configuration Error Reveals 250 Million Microsoft …

Source: National Cyber Security – Produced By Gregory Evans Some the records, found on five identically configured servers, might have contained data in clear text. Researchers have found five servers revealing almost 250 million Customer Service and Support (CSS) records. Each server contains what appears to be the same set of data stored, with no […] View full post on AmIHackerProof.com

Big Microsoft data breach – 250 million records exposed – Naked Security

Source: National Cyber Security – Produced By Gregory Evans

Microsoft has today announced a data breach that affected one of its customer databases.

The blog article, entitled Access Misconfiguration for Customer Support Databases, admits that between 05 December 2019 and 31 December 2019, a database used for “support case analytics” was effectively visible from the cloud to the world.

Microsoft didn’t give details of how big the database was. However, consumer website Comparitech, which says it discovered the unsecured data online, claims it was to the order of 250 million records containing:

…logs of conversations between Microsoft support agents and customers from all over the world, spanning a 14-year period from 2005 to December 2019.

According to Comparitech, that same data was accessible on five Elasticsearch servers.

The company informed Microsoft, and Microsoft quickly secured the data.

Microsoft’s official statement states that “the vast majority of records were cleared of personal information,” meaning that it used automated tools to look for and remove private data.

However, some private data that was supposed to be redacted was missed and remained visible in the exposed information.

Microsoft didn’t say what type of personal information was involved, or which data fields ended up un-anonymised.

It did, however, give one example of data that would have been left behind: email addresses with spaces added by mistake were not recognised as personal data and therefore escaped anonymisation.

So if your email address were recorded as “name@example.com” your data would have been converted into a harmless form, whereas “name[space]@example.com” (an easy mistake for a support staffer to make when capturing data) would have been left alone.

Microsoft has promised to notify anyone whose data was inadvertently exposed in this way, but didn’t say what percentage of all records were affected.

What to do?

We don’t know how many people were affected or exactly what personal data was opened up for those users.

We also don’t know who else, besides Comparitech, may have noticed in the three weeks it was exposed, although Microsoft says that it “found no malicious use”.

We assume that if you don’t hear from Microsoft, even if you did contact support during the 2005 to 2019 period, then either your data wasn’t in the exposed database, or there wasn’t actually enough in the leaked database to allow anyone, including Microsoft itself, to identify you.

It’s nevertheless possible that crooks will contact you claiming that you *were* in the breach.

They might urge you to take steps to “fix” the problem, such as clicking on a link and logging in “for security reasons”, or to “confirm your account”, or on some other pretext.

Remember: if ever you receive a security alert email, whether you think it is legitimate or not, avoid clicking on any links, calling any numbers or taking any online actions demanded in the email.

Find your own way to the site where you would usually log in, and stay one step ahead of phishing emails!

Source link

The post Big Microsoft data breach – 250 million records exposed – Naked Security appeared first on National Cyber Security.

View full post on National Cyber Security

New Orleans Mayor: Ransomware Attack Cost City $7 Million

Source: National Cyber Security – Produced By Gregory Evans

The City of New Orleans ransomware attack has caused at least $7 million in financial damage & this figure is expected to grow, Mayor Latoya Cantrell says.

The City of New Orleans ransomware attack has caused at least $7 million in financial damage to date, Mayor Latoya Cantrell told WVUE. In addition, Cantrell said she expects the ransomware attack’s financial impact to continue to grow — despite the fact that the city has recovered $3 million via a cyber insurance policy that was purchased before the incident.

Meanwhile, the City of New Orleans still faces an IT backlog after the ransomware attack, Chief Administrative Officer Gilbert Montano told WVUE. Montano also indicated that it could take several months before the city rebuilds its network.

A Closer Look at the New Orleans Ransomware Attack

The City of New Orleans ransomware attack took place December 13. Cybercriminals shut down City of New Orleans government systems, and more than 4,000 New Orleans government computers were affected by the cyberattack.

New Orleans officials have taken steps to improve the city’s security posture after the ransomware attack. The City of New Orleans plans to increase its cyber insurance coverage to $10 million this year, and a forensic investigation into the ransomware attack is ongoing.

How Can Organizations Address Ransomware Attacks?

Ransomware attacks affect municipalities, schools and businesses of all sizes. However, there are many things that any organization can do to combat ransomware attacks, such as:

  • Perform regular IT security audits and penetration testing.
  • Deploy endpoint protection solutions across IT environments.
  • Develop and implement a cybersecurity training program to teach employees about ransomware and other cyber threats.

MSSP Alert Recommendations

The FBI and U.S. Department of Homeland Security have repeatedly warned MSPs and their technology platform providers about such attacks.

To get ahead of the ransomware threat, MSSP Alert and ChannelE2E have recommended that readers:

  1. Sign up immediately for U.S. Department of Homeland Security Alerts, which are issued by the Cybersecurity and Infrastructure Security Agency. Some of the alerts specifically mention MSPs, CSPs, telcos and other types of service providers.
  2. Study the NIST Cybersecurity Framework to understand how to mitigate risk within your own business before moving on to mitigate risk across your customer base.
  3. Explore cybersecurity awareness training for your business and your end-customers to drive down cyberattack hit rates.
  4. Connect the dots between your cybersecurity and data protection vendors. Understand how their offerings can be integrated and aligned to (A) prevent attacks, (B) mitigate attacks and (C) recover data if an attack circumvents your cyber defenses.
  5. Continue to attend channel-related conferences, but extend to attend major cybersecurity events — particularly RSA Conference, Black Hat and Amazon AWS re:Inforce. (PS: Also, keep your eyes open for PerchyCon 2020 in January.)


Return Home

Source

The post New Orleans Mayor: Ransomware Attack Cost City $7 Million appeared first on National Cyber Security.

View full post on National Cyber Security

Weekly Threat Briefing: Colorado Town Wires Over $1 Million To BEC Scammers

Source: National Cyber Security – Produced By Gregory Evans

The intelligence in this week’s iteration discuss the following threats: BabyShark, Fraud, Maze Ransomware, North Korea, POS malware, Ransomware, Rowhammer, Ryuk Ransomware, Thallium. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity.

Figure 1 – IOC Summary Charts.  These charts summarize the IOCs attached to this magazine and provide a glimpse of the threats discussed.

Source link

The post Weekly Threat Briefing: Colorado Town Wires Over $1 Million To BEC Scammers appeared first on National Cyber Security.

View full post on National Cyber Security

#deepweb | Richard Frank: LifeLabs hackers could still hold health records of 15 million Canadians

Source: National Cyber Security – Produced By Gregory Evans

LifeLabs announced this past week that hackers had invaded its computer system and put the records of 15 million Canadians at risk

Veronica Henri / Veronica Henri/Toronto Sun

OPINION: If the cybercriminals already have a copy, then retrieving data by paying ransom will not suddenly disallow the attackers from further using that data

LifeLabs — Canada’s major provider of lab diagnostics and testing services — announced on Dec. 17 that hackers had potentially accessed computer systems with data from “approximately 15 million customers” that “could include name, address, email, login, passwords, date of birth, health card number and lab test results.”

As a Canadian citizen whose data and whose family’s data is probably among the 15 million records stolen, my first thought is about the implications of this breach.

At the International Cybercrime Research Centre in the School of Criminology at Simon Fraser University, we’ve been studying online hacker communities for about seven years and the Dark Web for the past four years. The Dark Web, with its large number of marketplaces (called cryptomarkets, think eBay for drugs and stolen data), is a fascinating place where all sorts of products, data and services are made available for purchase. Payments are made using anonymous (mostly) untraceable digital currencies. I would expect parts of LifeLabs’s database to eventually end up in a marketplace like that.

So how did this happen? Details of the hack have not been revealed due to the ongoing investigation, but hopefully we will eventually learn the specifics. According to the Office of the Information and Privacy Commissioner of Ontario (IPC) and the Office of the Information and Privacy Commissioner for British Columbia (OIPC), “cyber criminals penetrated the company’s systems, extracting data and demanding a ransom,” which LifeLabs paid.

This points to a likely ransomware attack, where the attacker encrypts the data on a computer system and makes it inaccessible. Unless a backup of the data exists, the only way to recover the data is by paying the attacker a ransom, who sends the victim the decryption keys to unlock the data. Most of these ransomware attacks use encryption so strong that even security firms cannot unlock the files, which has led to a new type of business where consultants help ransomware victims negotiate and pay the ransom.

In most ransomware cases the data remains on the victim’s computer, but its access is revoked through strong encryption. This implies that the attackers do not actually have a copy of the data and thus the chances for future revictimization remain low. However, the language of the OIPC indicates that in this case, the data were “extracted.” This puts a new twist on the story.

Ransomware attackers sometimes do use ransomware — software that threatens to block access or publish data — that not only locks files, preventing the victim from doing anything, but also leaks the files back to the attackers. This allows the attackers to potentially extort more money from the victim, as happened a few weeks ago to Allied Universal, a security firm in California. That seems to be the case with LifeLabs.

If this is true, then our data is out there, in the hands of cybercriminals, and will remain out there. LifeLabs has stated that they have “retrieved the data by making a payment,” but if the cybercriminals already have a copy, then retrieving it will not suddenly stop the attackers from further using that data.

Did LifeLabs not have a proper backup and recovery procedures in place so it could recover from this failure without having to resort to paying a ransom?

The likely scenario is that LifeLabs fell victim to a ransomware attack, possibly sparked by a phishing email with a malicious link or attachment, which resulted in up to 15 million customers’ information (our information, not LifeLabs’) being extracted to the attackers. LifeLabs paid the ransom to regain access to the data and continue business.

What can we, as customers, do? Unfortunately, not much.

The data theft is beyond our control. Periodically we must do business with third-parties that require our personal information and we have no choice but to hand it over. Implicit in this transaction is that the other party (LifeLabs, for example) will protect that data. The only available option we have as customers is to be vigilant of our personal information, including financial and health details; but this is after the data theft.

We must check our credit card statements, our credit histories, our insurance claims. We must not use the same password in multiple places and should use two-factor authentication whenever possible.

Potentially the best way to prevent future breaches would be to incentivize organizations that collect our personal details to secure them properly. This could be done by changes to the legislation, like in the European Union and its new General Data Protection Regulation (GDPR) introduced in 2018.

In August 2018, the British Airways website was breached and 500,000 customer details stolen. The United Kingdom’s Information Commissioner’s Office handed down a fine of £183 million (approximately $321 million), based on a new U.K. law designed to mirror the EU’s GDPR. With penalties like that, third-party organizations would have no choice but to take data security seriously, rather than as an operational cost.

Richard Frank is assistant professor of criminology at Simon Fraser University.


Letters to the editor should be sent to provletters@theprovince.com.

CLICK HERE to report a typo.

Is there more to this story? We’d like to hear from you about this or any other stories you think we should know about. Email vantips@postmedia.com.

Source link
——————————————————————————————————

The post #deepweb | <p> Richard Frank: LifeLabs hackers could still hold health records of 15 million Canadians <p> appeared first on National Cyber Security.

View full post on National Cyber Security

Hackers Behind GozNym Malware Sentenced for Stealing $100 Million

Source: National Cyber Security – Produced By Gregory Evans

GozNym Banking Malware

Three members of an international organized cybercrime group that was behind a multi-million dollar theft primarily against U.S. businesses and financial institutions have been sentenced to prison, the U.S. Justice Department announced.

The criminals used the GozNym banking Trojan to break into more than 4,000 victim computers globally, primarily in the United States and Europe, between 2015 and 2016, and fraudulently steal nearly $100 million from their banking accounts.

In May this year, Europol dismantled the cybercrime network behind GozNym, with the United States issuing charges against a total of ten members of the group, 5 of which were arrested at that time, while five others, including the developer of GozNym, remain at the run.

In a federal court in Pittsburgh on Friday, Krasimir Nikolov, one of the group’s members, was sentenced to a period of time served after having served over 39 months in prison for his role as an “account takeover specialist” in the scheme, and will now be transferred to Bulgaria.

Nikolov, 47, was arrested in September 2016 by Bulgarian authorities and extradited to Pittsburgh in December 2016 to face federal charges of criminal conspiracy, computer fraud, and bank fraud.

“Nikolov used the victims’ stolen online banking credentials captured by GozNym malware to access victims’ online bank accounts and attempt to steal victims’ money through electronic transfers into bank accounts controlled by fellow conspirators,” the DoJ said in a press release.

Two other GozNym group members sentenced on Friday—Alexander Konovolov and Marat Kazandjian—also participated in the scheme and sentenced to seven and five years of imprisonment, respectively. Both were arrested and prosecuted in Georgia.

While Konovolov served as a primary organizer and leader of the GozNym network that controlled over 41,000 infected computers and recruited cybercriminals using underground online criminal forums, Kazandjian was his primary assistant and technical administrator.

GozNym is a notorious banking Trojan that was developed by combining two known powerful Trojans, Gozi ISFB malware—a banking Trojan that first appeared in 2012, and Nymaim—a Trojan downloader that can also function as ransomware.

Web Application Firewall

The malware, primarily delivered via massive malspam campaigns to hack on victims’ Windows PCs, waits for victims to enter their banking passwords into their web browser, captures them, and then used them to break into victims’ bank accounts and fraudulently transfer funds to their own accounts.

GozNym malware network was hosted and operated through “Avalanche” bulletproof service, whose administrator was arrested in Ukraine during a search in November 2016.

“This new paradigm involves unprecedented levels of cooperation with willing and trusted law enforcement partners around the world who share our goals of searching, arresting, and prosecuting cyber criminals no matter where they might be,” said U.S. Attorney Scott W. Brady.

The victims of this cybercrime network were primarily U.S. businesses and their financial institutions, including a number of victims located in the Western District of Pennsylvania, though the DoJ did not name any.

The Original Source Of This Story: Source link

The post Hackers Behind GozNym Malware Sentenced for Stealing $100 Million appeared first on National Cyber Security.

View full post on National Cyber Security