US arrests ex-cyber consultant accused of IT firm extortion | SC Media

The U.S. Department of Justice announced the arrest of former cybersecurity consultant Vincent Cannady, who allegedly extorted $1.5 million from a New York-based multinational IT infrastructure services provider where he was assigned by a staffing company to address possible network security issues, reports BleepingComputer.

Such IT firm had its trade secrets, architectural maps, and other confidential and proprietary information downloaded by Cannady using a company-issued laptop after he was fired due to performance-related issues, with the defendant then demanding the firm to pay $1.5 million for employment discrimination, according to the Justice Department.

Higher demands were then sought by Cannady, who later removed the staffing firm’s access to his laptop while attempting to disclose the stolen information through regulatory filings and the media. Cannady, who also coursed his demands to the staffing firm, could be imprisoned for up to 20 years should he be found guilty of extortion charges.

The state-sponsored group is exploiting weak DMARC policies to impersonate legitimate domains.

Sophos X-Ops discovers a curious backdoored (and signed) executable, masquerading as something else entirely.

Software firms have been urged by the FBI and Cybersecurity and Infrastructure Security Agency to ensure the absence of path traversal or directory traversal vulnerabilities in their products prior to shipping, BleepingComputer reports.

By clicking the Subscribe button below, you agree to SC Media Terms and Conditions and Privacy Policy.

Copyright © 2024 CyberRisk Alliance, LLC All Rights Reserved.
This material may not be published, broadcast, rewritten or redistributed
in any form without prior authorization.

Your use of this website constitutes acceptance of CyberRisk Alliance Privacy Policy and Terms & Conditions.