 An Arizona woman, Christina Marie Chapman, has pleaded guilty to orchestrating a sophisticated fraud that netted over $17 million!
Chapman ran a "laptop farm" from her home, enabling North Korean IT workers to masquerade as US citizens and snag remote IT jobs at numerous US companies. Here's the twist:
Charges:
Guilty Plea Date: February 11 & 12, 2025 Chapman now faces 8 to 9 years behind bars. This case sheds light on the complexities of cybersecurity and identity theft in today's world. Stay vigilant, and protect your digital identity! #CyberFraud #NationalSecurity #IdentityTheft #JusticeServed In case you're not familiar with BeyondTrust, this is their missions statement;
We’re on a mission BeyondTrust fights every day to secure identities, intelligently remediate threats, and deliver dynamic access to empower and protect organizations around the world. Our vision is a world where all identities and access are protected from cyber threats. Our innovative approach goes beyond just PAM to find, manage, and protect the Paths to Privilege™. The incident; The BeyondTrust hacking incident involved a compromise of the company's Remote Support SaaS instances, which was detected on December 2, 2024. Threat actors managed to breach some of these instances by gaining access to a Remote Support SaaS API key, which allowed them to reset passwords for local application accounts. This incident led to a significant breach at the U.S. Treasury Department, where hackers accessed departmental workstations and unclassified documents, labeling it a "major cybersecurity incident." The breach was attributed to a Chinese state-sponsored Advanced Persistent Threat (APT) actor, with the Treasury Department confirming that the compromised BeyondTrust service was taken offline, and there was no evidence indicating continued access by the threat actor to Treasury systems or information post-incident. BeyondTrust responded by patching all known vulnerabilities in their SaaS instances and providing updates for self-hosted systems. The investigation into the full scope and impact of the breach was ongoing as of early January 2025, with the U.S. Treasury Department being the only confirmed federal agency affected by this particular incident. This event has highlighted vulnerabilities in third-party cybersecurity tools and the risks associated with supply chain attacks in cybersecurity. According to a report in The Wall Street Journal, a threat actor group with ties to China’s government has broken into the networks of several US broadband providers. Known as Salt Typhoon, the group may have accessed systems used for court-authorized wiretaps. The breached companies include Verizon, AT&T, and Lumen/Century Link. The incident is being investigated the FBI, U.S. intelligence agencies, and the Department of Homeland Security.
Margaret, a retired teacher, enjoyed her peaceful mornings in her small suburban home. One day as she was enjoying her morning coffee, she received a frantic call from her grandson, Jacob, who was away at college. His voice was filled with panic as he explained that he had been in a car accident and needed money urgently to pay for the damages and avoid legal trouble. If he did not get the money right away, he could end up in jail. The voice on the other end was unmistakably Jacob's - Margaret's heart raced with worry. Without questioning, she rushed to her bank and wired money to the account Jacob provided. It wasn't until Margaret called Jacob's mother later that day to learn how Jacob was doing that Margaret learned she had been scammed. The call had been a cruel trick, a cyber-criminal had used Artificial Intelligence (AI) voice cloning technology to mimic Jacob's voice, exploiting Margaret's love and concern for her grandson.
What is Voice Cloning? Voice cloning is when someone uses AI to recreate a person's voice to include their voice patterns, intonations, and speech rhythms, creating a near-perfect replica. A voice cloning attack begins with a cyber-criminal collecting audio samples of the target's voice. These samples can be harvested from various sources such as videos on YouTube or personal posts on TikTok. After training on the recorded audio, AI generates new audio that sounds like the target. This generated voice can be used in various ways, from phone calls to voice messages, making it a potent tool for deception. When creating voice cloning attacks, cyber-attackers often do their research first. Most of the information they need is publicly available on social media sites. They study their intended victims, to include both the person's voice who they are going to replicate but also the victim they are going to call. Cyber criminals not only learn who their victims know and trust, but which emotional triggers are the most effective. When making these phone calls, cyber-attackers often modify their Caller ID, so when the victims look at their phones, the phone call appears to come from a number the victim trusts. Caller ID can be easily spoofed and is not a good way to validate or authenticate people who call you. Protect Yourself The first step to protecting yourself is just being aware that voice cloning is now possible and becoming easier for cyber-attackers to do. Some steps you can take to protect yourself include:
In a form 8-K filing with the US Securities and Exchange Commission (SEC), Dick’s Sporting Goods says that they “discovered unauthorized third-party access to its information systems” on August 21. Dick’s activated their cybersecurity incident response plan and brought in third-party experts.
The real question is would they have announced it if it weren't required by the SEC. The US Federal Bureau of Investigation (FBI) has announced the takedown of the Radar/Dispossessor ransomware infrastructure. The takedown was an international operation, involving the dismantling of servers and domains in the UK, Germany, and the US. Law enforcement organizations in all three countries were involved. The ransomware operation has targeted 43 companies around the world.
Security firm KnowBe4 is sharing a cautionary tale. A North Korean hacker used a stolen identity to apply for a position as a software engineer at KnowBe4. Thanks to the stolen identity, the individual passed background checks, their references were validated, and they were hired. Once the person received their Mac workstation, it began loading malware onto the company network. The case is being investigated by the FBI.
Microsoft says that an eight-hour Azure and Microsoft 365 outage on Tuesday, July 30, was due to “an error in the implementation” of their distributed denial-of-service (DDoS) attack response mechanisms. Rather than mitigate the incident, the buggy protection mechanism amplified the attack.
Throwing out old PCs? Hold on...Call Lanit First.
We provide drive wipe and destruction at no charge for our customers. We use a DOD standard wipe and then crush them in a 20 ton press. Here's a few things to consider prior to throwing them in the dumpster - Data Security: Hard drives often contain sensitive information such as financial records, customer data, proprietary information, and employee details. Destroying hard drives ensures this data cannot be retrieved and misused by unauthorized individuals. Compliance with Regulations: Various laws and regulations, such as GDPR, HIPAA, and others, require businesses to properly dispose of data to protect privacy and prevent data breaches. Failure to comply can result in severe legal penalties and fines. Preventing Data Breaches: Improper disposal of hard drives can lead to data breaches, where sensitive information is accessed by cybercriminals. This can cause financial losses, damage to reputation, and loss of customer trust. End-of-Life Data Management: When PCs are decommissioned or replaced, the data stored on their hard drives must be securely managed. Destroying the hard drives ensures that no residual data remains accessible. Intellectual Property Protection: Companies often store trade secrets, patents, and proprietary research on their hard drives. Destroying these drives prevents competitors from accessing valuable intellectual property. Mitigating Risks of Identity Theft: Personal information stored on hard drives can be used for identity theft if it falls into the wrong hands. Destroying the drives eliminates this risk. |
Author25 Years of IT experience has taught me to how to recognize fluff versus actual usable technology that can make a difference. ArchivesCategories |
RSS Feed