This week in InfoSec  (06:16)

With content liberated from the “today in infosec” twitter account and further afield

6th January 2014: Intel renamed its McAfee subsidiary Intel Security, distancing itself from the name of McAfee's founder, John McAfee. In 2017 Intel spun off McAfee as a separate company...then several months later John McAfee and Intel settled a lawsuit over Intel's use of the McAfee name.

https://twitter.com/todayininfosec/status/1743711096559554607

10th January 2000: The FBI was after the hacker Maxim after he posted credit card numbers online when CD Universe refused to pay $100,000 in extortion. 6 months later it was shared that he'd likely never be prosecuted b/c 1 or more of the firms which performed IR screwed up chain of custody.

Data thief threatens to strike again

https://twitter.com/todayininfosec/status/1745207259058081942   

8th January 1986: "The Hacker Manifesto" was written by Loyd Blankenship (aka The Mentor) and originally titled "The Conscience of a Hacker".

8 months later it was published in issue 7 of the hacker zine Phrack.

Read it [again]. 

http://phrack.org/issues/7/3.html#article

https://twitter.com/todayininfosec/status/1744413963696161010

Rant of the Week (16:44)

Cybercrooks play dress-up as 'helpful' researchers in latest ransomware ruse

Posing as cyber samaritans, scumbags are kicking folks when they're down

Ransomware victims already reeling from potential biz disruption and the cost of resolving the matter are now being subjected to follow-on extortion attempts by criminals posing as helpful security researchers.

Researchers at Arctic Wolf Labs publicized two cases in which casulaties of the Royal and Akira ransomware gangs were targeted by a third party, believed to be the same individual or group in both scenarios, and extorted by a fake cyber samaritan.

Victims were approached by a "security researcher" who offered post-exploitation services. In one case, the mark was told the ransomware gang's server could be hacked and their stolen data could be deleted.

Another victim was told the "researcher," who used different monikers in each attempt, gained access to the servers used to store victims' stolen data, offering the chance to either delete it or grant the victim access to the server themselves.

In return, the hacked customers were asked for a fee of approximately 5 Bitcoin ($225,823 at today's exchange rate).

"As far as Arctic Wolf Labs is aware, this is the first published instance of a threat actor posing as a legitimate security researcher offering to delete hacked data from a separate ransomware group," Stefan Hostetler and Steven Campbell, both senior threat intelligence researchers at Arctic Wolf, blogged.

"While the personalities involved in these secondary extortion attempts were presented as separate entities, we assess with moderate confidence that the extortion attempts were likely perpetrated by the same threat actor."

Billy Big Balls of the Week (21:34)

All India Pregnant Job service: Indian men conned by 'impregnating women' scam

As cyber scams go, this one is rather unique.

In early December Mangesh Kumar (name changed) was scrolling on Facebook when he came across a video from the "All India Pregnant Job Service" and decided to check it out.

The job sounded too good to be true: money - and lots of it - in return for getting a woman pregnant.

It was, of course, too good to be true. So far, the 33-year-old, who earns 15,000 rupees ($180; £142) per month working for a wedding party decoration company, has already lost 16,000 rupees to fraudsters - and they are asking for more.

But Mangesh, from the northern Indian state of Bihar, is not the only person to fall for the scam.

Deputy superintendent of police Kalyan Anand, who heads the cyber cell in Bihar's Nawada district, told the BBC there were hundreds of victims of an elaborate con where gullible men were lured to part with their cash on the promise of a huge pay day, and a night in a hotel with a childless woman.

So far, his team have arrested eight men, seized nine mobile phones and a printer, and are still searching for 18 others.

But finding the victims has proved more tricky.

Industry News (29:21)

23andMe Blames User “Negligence” for Data Breach

Merck Settles With Insurers Over $700m NotPetya Claim

North Korean Hackers Stole $600m in Crypto in 2023

Anti-Hezbollah Groups Hack Beirut Airport Screens

Ukrainian “Blackjack” Hackers Take Out Russian ISP

Cyber Insurance Market to be Worth Over $90bn by 2033

Only 4% of US States Fully Prepared for Cyber-Attacks Targeting Elections

NCSC Publishes Practical Security Guidance For SMBs

Mandiant's X Account Was Hacked in Brute-Force Password Attack

Tweet of the Week (38:11)

https://twitter.com/chris_walker_/status/1744805492273430886

Come on! Like and bloody well subscribe!