IT Security Professional
3433 stories
·
33 followers

Los Angeles Superior Court Hacked To Send Two Million Phishing Emails

1 Comment

Bleeping Computer reported on October 22 that a Texas man was sentenced to 145 months in federal prison for hacking the Los Angeles Superior Court (LASC) computer system and using its servers to deliver around 2 million phishing emails.

33-year-old Oriyomi Sadiq Aloba "was found guilty of one count of conspiracy to commit wire fraud, 15 counts of wire fraud, one count of attempted wire fraud, one count of unauthorized impairment of a protected computer, five counts of unauthorized access to a protected computer to obtain information, and four counts of aggravated identity theft."

He was facing a statutory maximum sentence of more than 350 years in federal prison after being found guilty of the above charges on July 26, 2019, but the judge sentenced him to roughly 12 years. Additionally, District Judge R. Gary Klausner ordered Aloba to pay $47,479 in restitution.

Aloba infiltrated the court's computers following a phishing attack that led to the compromise of one of LASC's employee's email accounts in July 2017. This account was later used in a spear-phishing attack targeting the accounts of thousands of other LASC employees.

Aloba sent them phishing emails containing a fake Dropbox notification asking them to send the company their user credentials. This allowed Aloba to collect the email addresses and passwords of hundreds of Superior Court employees.

He used these credentials "to log into LASC servers" according to the initial indictment from February 2018 and "sent test emails to himself to test the security features and ensure that he had full access to the accounts."

Aloba used their compromised email accounts to send more than two million phishing emails impersonating companies such as American Express and Wells Fargo.

"Hyperlinks in the fraudulent emails led victims to a webpage that asked for their banking login credentials, personal identifying information, and credit card information," the Department of Justice says.

"The link for the fake American Express website used source code that designated Aloba's email account as the delivery address for the information that the victims input into the fake website."

Aloba was apprehended by law enforcement after executing a search warrant at his home, where the investigators found signs of his attempts to destroy evidence that could incriminate him, including "dozens of phishing kits" found on his laptop.

After searching his residence, they discovered "a thumb drive in a toilet, a damaged iPhone in a bathroom sink, and a laptop computer with a smashed screen that was smeared with fresh blood."

Aloba was not the only one linked to this operation, as 28-year-old Robert Charles Nicholson (aka Million$Menace), one of his co-conspirators and a co-defendant, also pleaded guilty to one count of conspiracy to commit wire fraud. He will also appear in front of Judge Klausner on November 4, while three other defendants Aloba allegedly hired to develop the phishing kits he used in the attacks remain at large outside the U.S.

Hat tip to Dave Ries

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email: snelson@senseient.com Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson

Read the whole story
josephwebster
38 days ago
reply
Phishing from the court, oh my!
Denver, CO, USA
Share this story
Delete

How to Use Auto-Delete for Google Location History & Activity Data

1 Comment

There were one million cyber security job openings in 2016! And the market is expected to grow from $75 billion in 2015 to $170 billion by 2020. 

Enter your name and email address to get access to my 2019 guide to the best ways to starting a career in cyber security!

Read the whole story
josephwebster
112 days ago
reply
Good anaysis and info on Google's latest privacy theater attempt.
Denver, CO, USA
Share this story
Delete

Tarantula migration expected to crawl through Colorado

1 Comment

COLORADO SPRINGS, Colo. — Colorado wildlife officials say thousands of tarantulas are expected to start their annual migration through the state soon.

The Gazette reported Wednesday that the migration is expected to begin this month through early October.

Officials say the Oklahoma brown tarantulas migrate through La Junta, about 176 miles (283 kilometers) southeast of Denver.

Scientists say the majority of the spiders are 10-year-old males looking to mate with females hidden in Colorado’s grasslands.

Officials say the peak time to view the migration is mid-September near Comanche National Grassland south of La Junta off U.S. Highway 109.

Officials say tarantulas are mostly harmless to humans, but have bites that can cause injury or allergic reaction and hairs that can be irritating to the eyes, mouth and nose.

___

Information from: The Gazette, http://www.gazette.com



Read the whole story
josephwebster
120 days ago
reply
Tarantula migration. Who knew?
Denver, CO, USA
Share this story
Delete

IRS Warns Thousands of Cryptocurrency Holders to Pay Taxes

1 Comment

CNBC reported on July 26th that the Internal Revenue Service is sending letters to 10,000 digital currency holders who potentially failed to pay the necessary taxes or improperly reported taxes on their digital assets last year. In some cases, the IRS says taxpayers could be subject to criminal prosecution. All of letters will be sent by the end of August.

I am shocked, shocked to discover that some people may be trying to avoid paying taxes by hiding cryptocurrency profits!

"Taxpayers should take these letters very seriously by reviewing their tax filings and when appropriate, amend past returns and pay back taxes, interest and penalties," says IRS Commissioner Chuck Rettig, who added, "The IRS is expanding our efforts involving virtual currency, including increased use of data analytics."

Last year, popular trading platform Coinbase alerted 13,000 customers that it was complying with a court order to provide the IRS with information on accounts worth at least $20,000 from the years 2013 to 2015. The IRS did not say whether its mailing list was a result of the Coinbase disclosures.

Based on guidance issued in 2014, the IRS treats all virtual currencies — including bitcoin, Ethereum and XRP — as property under U.S. tax law. That means that like real estate, the sale or exchange of tokens for other goods is a taxable event. And similar to stockholders, digital currency holders are required to report capital gains and losses from cryptocurrency trades.

Most trades count as short-term capital gains, which can be taxed at as high as 39% depending on income bracket. Those who hold bitcoin for more than a year and then sell it, however, are only liable for a long-term capital gains tax, which is levied at a significantly lower rate of 15% to 23.8%.

If you own bitcoin or other cryptocurrencies, you might want to check your mailbox.

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email: snelson@senseient.com Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson

Read the whole story
josephwebster
127 days ago
reply
You had to see this coming.
Denver, CO, USA
Share this story
Delete

Attorney General Barr Demands Tech Firms Break Encryption: “It Can and Must Be Done”

1 Share

It is frightening, to those who give a damn about privacy, that both Attorney General Barr and FBI Director Christopher Wray have again taken up the call demanding that technologies provide encryption back doors.

The Register carried a post about Wray and ZDNet carried a post about Barr. The Register, being British, is fun to read. Their title was "Backdoors won't weaken your encryption, wails FBI boss. And he's right. They won't – they'll fscking (sic) torpedo it." And their (cough, cough) infinite respect for Wray was indicated in their subhead: "Give it a Wray, give it a Wray, give it a Wray now: Big Chris steps in to defend blowing a hole in personal crypto."

There's certainly no way you can mistake the position of The Register on this issue!

Wray sings the old songs lamenting that criminals are "going dark" and that the government can't do its job without backdoors. Whatever did they do before computers and smartphones?

He also says the government isn't trying to weaken cybersecurity. As we all know, that is pure BS. Encryption backdoors invariably get out and then not only does the government have access to our data (and we all know how much we trust the government), but so do the bad guys.

Barr talked about the "huge costs on society" of "warrant-proof encryption." But what about the privacy costs of American citizens? The government has consistently earned the distrust of its citizens. Moreover, anything that weakens encryption can and will be exploited by the very criminals the government claims it is going after.

Barr also talked about proactive surveillance to prevent crime. That's just great – now the government is going to decide who might commit a crime and conduct surveillance?

Apple, Microsoft and Google have all stood fast against this foolishness. Let's hope they continue to do so!

Sharon D. Nelson, Esq., President, Sensei Enterprises, Inc.
3975 University Drive, Suite 225|Fairfax, VA 22030
Email: snelson@senseient.com Phone: 703-359-0700
Digital Forensics/Cybersecurity/Information Technology
https://senseient.com
https://twitter.com/sharonnelsonesq
https://www.linkedin.com/in/sharondnelson
https://amazon.com/author/sharonnelson

Read the whole story
josephwebster
128 days ago
reply
Denver, CO, USA
Share this story
Delete

The Three Cooters Theory of Internet Discourse

1 Comment and 2 Shares

Hey all- Jack Wylder here. With Larry hard at work relocating into the new Stronghold of Yard Moose Mountain, he hasn’t had time to blog much lately so I wanted to take this opportunity to share a post of his from the Book of Faces. Enjoy!


It is time once again to explain my Three Cooters Theory of Internet Discourse.

-X happens.
-Three guys named Cooter get very upset about X and post about it on Twitter. (1 is actually a person, and 2 of them are probably troll accounts)
-30 people actually see the Cooter’s outrage first hand, and write tweets condemning the Cooters for being offended about X.
-300 people immediately share these condemnation posts to signal their virtue.
-3.000 click bait news articles are written about this terrible scourge of hatemongery that is sweeping the internet.
-30,000 trolls (like Cooter69, CooterPowerForever, and DarkCooterAngel) pretend to also really hate X, because it gets a rise out of people.
-300,000 memes are created mocking both sides for being butthurt snowflakes.
– 3,000,000 people claim victim status because they have been so irreparably psychologically damaged by the legions of Cooter. A special federal task force is formed to combat Cooter related hate crimes and the UN General Assembly issues a proclamation blaming it all on Israel.
-30,000,000 Americans who actually have an opinion about X are all like lol wut?

X may be things like “Black Storm Trooper” or “Starbucks Holiday” cups. (we’ve had a new one about every other week for the last four years) but whatever it is, Cooter got very upset, and though he grew up eating lead paint chips, his angry tweet represents you and the half of the country that nominally agrees with you about topic X. His incoherent outrage has been assigned to you, and the half of the country that disagrees with you is going to be sure to post about how you’re all really stupid, so that all their friends will know how virtuous they are.

This week it is because Alexendria Ocasio-Cortez or whatever her name is–I don’t care enough to go look up how its spelled–had a video of her dancing while she was in college posted to the internet.

She put up a tweet about how conservatives are outraged and offended by her dancing (I saw it because the cool Navy SEAL congressman with the eye patch laughed at it). When I went onto Facebook I saw lots and lots of memes about how conservatives are all the dad from Footloose, and want to ban sinful dancing because its from the devil, and we want women to wear burkas.

(seriously, life is way nicer now that I’m trying to limit myself to 30 minutes a day in this cesspool).

Except as I scroll through my feed, which has lots of knuckle dragging, right wingers, clinging to their guns and bibles, the most damning things I could find were people saying stuff like “She’s pretty cute for a deranged socialist” and jokes about the hot/crazy matrix. Most sane and regular people don’t give a shit how she dances, they just don’t want to pay 70% of their income in federal taxes.

And of the many many many threads about this latest super controversial subject, I saw ONE reliable person saying that they witnessed firsthand an actual cranky Cooter (who is a real person and not a troll) outraging about her dancing, and it was on some small town board nobody outside of Somnambulist County Iowa has ever heard of.

We live in a country with a third of a billion people in it. This shit is tiresome and people are gullible. Next week will be some other hot button topic that three Cooters (who magically represent half of the country) get upset about.

Just say no to three guys named Cooter.

EDIT: – this is Larry again. Jack found this post that I wrote a year ago. But if you check current events it is still going on. I think right now the Three Cooters who magically represent half of America are very upset about black mermaids or something. It’ll be something new next week.

Read the whole story
josephwebster
141 days ago
reply
Nails it.
Denver, CO, USA
kazriko
143 days ago
reply
Colorado Plateau
Share this story
Delete
Next Page of Stories