now browsing by tag
A California man who used social media to stalk and threaten the families of American mass shooting victims has been sentenced to 66 months in a federal prison.
Brandon Michael Fleury, of Santa Ana, was convicted of cyber-stalking and sending a kidnapping threat to the friends and family of people who were killed in the Marjory Stoneman Douglas High School shooting in Parkland, Florida. The mass shooting, which occurred in 2018, left 17 students dead.
To commit his crimes, 22-year-old Fleury created 13 different Instagram accounts, using a barrage of aliases, including alleged Parkland shooter Nikolas Cruz and executed serial killer Ted Bundy.
Fleury would then post malicious messages, tagging the friends and families of Parkland shooting victims.
These messages, posted from December 28, 2018, to January 11, 2019, included statements like, “I’m your abductor I’m kidnapping you fool,” “With the power of my AR-15, you all die,” and “With the power of my AR-15, I take your loved ones away from you PERMANENTLY.”
Many of the messages, including ones written under usernames referring to Cruz and containing Cruz’s profile picture, directly taunted victims’ friends and families about the deaths of their loved ones in the Parkland shooting.
One message, targeting Jesse Guttenberg, who lost a sister in the attack, read: “I took Jaime away from you. You’ll never see her again hahaha.”
Aliases used on Instagram by Fleury included @teddykillspeople and @nikolas.killed.your.sister.
Upon examining tablets owned by Fleury, law enforcement found thousands of saved images of the notorious Bundy along with images of Fleury’s targeted victims. Police also found saved screenshots of the messages that Fleury had sent to his victims.
Fleury was arrested in the Santa Ana home he shared with his father and brother and charged in January 2019. Law enforcement tracked him down after subpoenaing Instagram for IP addresses and account information related to the threatening and harassing posts.
Following his convictions for interstate transmission of a threat to kidnap and interstate cyber-stalking, US District Judge Rudolfo A. Ruiz II sentenced Fleury on Monday to a 66-month custodial sentence.
#infosec #itsecurity #hacking #hacker #computerhacker #blackhat #ceh #ransomeware #maleware #ncs #nationalcybersecurityuniversity #defcon #ceh #cissp #computers #cybercrime #cybercrimes #technology #jobs #itjobs #gregorydevans #ncs #ncsv #certifiedcybercrimeconsultant #privateinvestigators #hackerspace #nationalcybersecurityawarenessmonth #hak5 #nsa #computersecurity #deepweb #nsa #cia #internationalcybersecurity #internationalcybersecurityconference #iossecurity #androidsecurity #macsecurity #windowssecurity
The post #infosec | Californian Jailed for Cyber-Stalking Mass Shooting Victims’ Families appeared first on National Cyber Security.
View full post on National Cyber Security
#nationalcybersecuritymonth | Swiss Govt Says Ransomware Victims Ignored Warnings, Had Poor Security
Switzerland’s Reporting and Analysis Centre for Information Assurance (MELANI) today warned of ongoing ransomware attacks targeting the systems of Swiss small, medium-sized, and large companies.
According to the alert issued in collaboration with the Swiss Government Computer Emergency Response Team (GovCERT), the attackers have asked for ransoms ranging from thousands of Swiss Francs to millions — 1 million CHF is just over $1 million.
Over a dozen of such ransomware attacks that resulted in systems being encrypted and rendered unusable have been reported in recent weeks.
“The attackers made ransom demands of several tens of thousands of Swiss francs, in some cases even millions,” the alert says.
Swiss ransomware victims ignored warnings, had poor security
As MELANI and GovCERT discovered while investigating these ransomware incidents, recommended best practices such as MELANI’s information security checklist for SMEs were not implemented by the victims and previous warnings of such attacks were not taken into consideration.
The Swiss Government-funded cybersecurity body advises businesses not to pay ransoms to avoid becoming involuntary sponsors for the hackers’ ongoing campaigns.
Also, by paying them, businesses don’t have any guarantee that their data will be recoverable using decryption tools provided by the attackers.
It is important that the companies concerned contact the cantonal police immediately, file a complaint and discuss the further procedure with them. As long as there are still companies that make ransom payments, attackers will never stop blackmailing. – MELANI
MELANI also warned both SMEs and large companies that they are still at risk even after paying the ransoms and restoring their systems and data seeing that “the underlying infection from malware such as ‘Emotet’ or ‘TrickBot’ will remain active.”
“As a result, the attackers still have full access to the affected company’s network and can, for example, reinstall ransomware or steal sensitive data from it.”
MELANI said that there are examples of companies from Switzerland and other countries that were ransomed multiple times within short periods of time.
While analyzing the recently reported ransomware incidents, the Swiss cybersecurity body identified a number of weaknesses that allowed attackers to successfully breach the companies’ defenses (all of them can be mitigated by MELANI’s recommendations):
• Virus protection and warning messages: Companies either did not notice or did not take seriously the warning messages from antivirus software that malware had been found on servers (e.g. domain controllers).
• Remote access protection: Remote connections to systems, so-called Remote Desktop Protocols (RDP), were often protected with a weak password and the input was only set to the default (standard port 3389) and without restrictions (e.g. VPN or IP filter).
• Notifications from authorities: Notifications from authorities or from internet service providers (ISPs) about potential infections were ignored or not taken seriously by the affected companies.
• Offline backups and updates: Many companies only had online backups which were not available offline. In the event of an infestation with ransomware, these backups were also encrypted or permanently deleted.
• Patch and lifecycle management: Companies often do not have a clean patch and life cycle management. As a result, operating systems or software were in use that were either outdated or no longer supported.
• No segmentation: The networks were not divided (segmented), e.g. an infection on a computer in the HR department allowed the attacker a direct attack path to the production department.
• Excessive user rights: Users were often given excessive rights, e.g. a backup user who has domain admin rights or a system administrator who has the same rights when browsing the internet as when managing the systems.
Stream of ransomware warnings
Last year, in November, a confidential report issued by the Dutch National Cyber Security Centre (NCSC) said that at least 1,800 companies from around the globe and with operations in various industry sectors were affected by ransomware attacks.
The three file-encrypting malware strains responsible for the infections — LockerGoga, MegaCortex, and Ryuk — relied on the same infrastructure and were previously spotted in attacks that targeted corporate networks and enterprises such as Norsk Hydro and Prosegur.
The Federal Bureau of Investigation (FBI) also warned private sector partners last month about Maze Ransomware operators focusing their attacks on US companies.
This warning came less than a week after the FBI warned private industry recipients about LockerGoga and MegaCortex ransomware infecting corporate systems from the U.S. and abroad in a flash alert marked as TLP:Amber.
“Since January 2019, LockerGoga ransomware has targeted large corporations and organizations in the United States, United Kingdom, France, Norway, and the Netherlands,” the FBI announced at the time.
“The MegaCortex ransomware, first identified in May 2019, exhibits Indicators of Compromise (IOCs), command and control (C2) infrastructure, and targeting similar to LockerGoga.”
Yesterday, the Cybersecurity and Infrastructure Security Agency (CISA) alerted organizations across all critical U.S. infrastructure sectors of a recent ransomware attack that hit a natural gas compression facility and took down pipeline operations for two days.
View full post on National Cyber Security
Source: National Cyber Security – Produced By Gregory Evans by DH Kass • Jan 20, 2020 The Federal Bureau of Investigation will now notify state officials when a local election has been hit by hackers, a course reversal from a prior closed door policy not to extend notification beyond victims of cyber attacks. A protracted […] View full post on AmIHackerProof.com
Source: National Cyber Security – Produced By Gregory Evans A newly-discovered member of the Acrotaphus wasp family (Image: Kari Kaunisto) Scientists have discovered a new species of wasp that can seize control of its victim’s brains. Lurking in the dark depths of the Amazon rainforest is a ‘parasitoid’ wasp that can ‘manipulate the behaviour of […] View full post on AmIHackerProof.com
Source: National Cyber Security – Produced By Gregory Evans ANALYSIS/OPINION: Clearly, it is an egregious violation of today’s social norms to “shame” someone for being overweight, as HBO talk-show host Bill Maher can surely attest. (The uproar over Mr. Maher’s advocacy of fat-shaming was covered everywhere, from The New York Times to the BBC.) Other […] View full post on AmIHackerProof.com
Source: National Cyber Security – Produced By Gregory Evans While doing some open-source intelligence (OSINT), a security researcher discovered that a provider of end-to-end solutions for emergency care facilities in the U.S. fell victim to Ryuk ransomware. The company hit by the malware is T-System based in Dallas, Texas, and it is currently working to […] View full post on AmIHackerProof.com
Source: National Cyber Security – Produced By Gregory Evans The intelligence in this week’s iteration discuss the following threats: Backdoors, Cryptocurrency, Data breaches, Malware, and Trojans. The IOCs related to these stories are attached to the Community Threat Briefing and can be used to check your logs for potential malicious activity. Figure 1: IOC Summary Charts. These […] View full post on AmIHackerProof.com
#cyberfraud | #cybercriminals | Netflix email scam tells victims to ‘update your payment information’, news update
Source: National Cyber Security – Produced By Gregory Evans If you receive an email from Netflix telling you to update your payment information immediately, you could be the victim of sophisticated new scam. The streaming giant has once again been embroiled in a phishing email scam, which uses the same branding and username seen with […] View full post on AmIHackerProof.com
Lately, there is no shortage of hacks going on and the next vulnerability could be right in the palm of your hand – literally. Millions of mobile phones, laptops and home devices could be at risk of hacking after researchers discovered a new way to take over devices using the…
View full post on National Cyber Security Ventures