βοΈ Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
The head of counterintelligence for a division of the Russian Federal Security Service FSB was sentenced last week to nine years in a penal colony for accepting a USD 1.7 million bribe to ignore the activities of a prolific Russian cybercrime group that hacked thousands of ecommerce websites. The protection scheme was exposed in 2022 when Russian authorities arrested six members of the group, which sold millions of stolen payment cards at flashy online shops like Trump's Dumps.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
Russian FSB Counterintelligence Chief Gets 9 Years in Cybercrime Bribery Scheme
The head of counterintelligence for a division of the Russian Federal Security Service (FSB) was sentenced last week to nine years in a penal colony for accepting a USD $1.7 million bribe to ignore the activities of a prolific Russianβ¦
π΅οΈββοΈ ToddyCat APT Is Stealing Data on 'Industrial Scale' π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The threat actor is deploying multiple connections into victim environments to maintain persistence and steal data.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
ToddyCat APT Is Stealing Data on 'Industrial Scale'
The threat actor is deploying multiple connections into victim environments to maintain persistence and steal data.
π΅οΈββοΈ Licensed to Bill? Nations Mandate Certification & Licensure of Cybersecurity Pros π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Malaysia, Singapore, and Ghana are among the first countries to pass laws that require cybersecurity firms and in some cases, individual consultants to obtain licenses to do business, but concerns remain.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Nations Require Licensure of Cybersecurity Pros
Malaysia, Singapore, and Ghana are among first countries to mandate licenses for cybersecurity firms to do business, but concerns remain.
ποΈ Russia's APT28 Exploited Windows Print Spooler Flaw to Deploy 'GooseEgg' Malware ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The Russialinked nationstate threat actor tracked as APT28 weaponized a security flaw in the Microsoft Windows Print Spooler component to deliver a previously unknown custom malware called GooseEgg. The postcompromise tool, which is said to have been used since at least June 2020 and possibly as early as April 2019, leveraged a nowpatched flaw that allowed for.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ U.S. Imposes Visa Restrictions on 13 Linked to Commercial Spyware Misuse ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The U.S. Department of State on Monday said it's taking steps to impose visa restrictions on 13 individuals who are allegedly involved in the development and sale of commercial spyware or who are immediately family members of those involved in such businesses. "These individuals have facilitated or derived financial benefit from the misuse of this technology, which.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Russian APT28 Group in New βGooseEggβ Hacking Campaign π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Microsoft has warned of a longrunning credential stealing campaign from Russias APT28.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Russian APT28 Group in New βGooseEggβ Hacking Campaign
Microsoft has warned of a long-running credential stealing campaign from Russiaβs APT28
π Russian Sandworm Group Hit 20 Ukrainian Energy and Water Sites π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Notorious APT44 group Sandworm launched a major campaign against Ukrainian critical infrastructure in March.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Russian Sandworm Group Hit 20 Ukrainian Energy and Water Sites
Notorious APT44 group Sandworm launched a mass campaign against Ukrainian critical infrastructure in March
π’ MITRE cyber attack saw threat actors exploit Ivanti Connect Secure zero-days π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The organization said it plans to conduct a thorough review of the incident in a bid to prevent future mishaps.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
MITRE cyber attack saw threat actors exploit Ivanti Connect Secure zero-days
The organization said it plans to conduct a thorough review of the incident in a bid to prevent future mishaps
π¦Ώ Server Inventory Checklist (Free Download) π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Threats from malware, cryptographic infections and compromised networks have never been greater. Headlines regularly attest to such widespread problems, from infectionfelled organizations to dangerous vulnerabilities in popular tools. Companies cant protect their technological infrastructure, though, without a solid grasp of the actual equipment in play. A checklist, like the one created by Erik Eckel for ...π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Server Inventory Checklist (Free Download) | TechRepublic
Threats from malware, cryptographic infections and compromised networks have never been greater. Headlines regularly attest to such widespread problems,
ποΈ Unmasking the True Cost of Cyberattacks: Beyond Ransom and Recovery ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity breaches can be devastating for both individuals and businesses alike. While many people tend to focus on understanding how and why they were targeted by such breaches, there's a larger, more pressing question What is the true financial impact of a cyberattack? According to research by Cybersecurity Ventures, the global cost of cybercrime is projected to reach.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Cases ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
European Police Chiefs said that the complementary partnership between law enforcement agencies and the technology industry is at risk due to endtoend encryption E2EE. They called on the industry and governments to take urgent action to ensure public safety across social media platforms. "Privacy measures currently being rolled out, such as endtoend encryption, will stop tech companies.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
ποΈ German Authorities Issue Arrest Warrants for Three Suspected Chinese Spies ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
German authorities said they have issued arrest warrants against three citizens on suspicion of spying for China. The full names of the defendants were not disclosed by the Office of the Federal Prosecutor aka Generalbundesanwalt, but it includes Herwig F., Ina F., and Thomas R. "The suspects are strongly suspected of working for a Chinese secret service since an unspecified.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π’ UnitedHealth Group admits to paying ransom after Change Healthcare cyber attack π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The UnitedHealth Group, the parent company of Change Healthcare, has confirmed it paid the ransom to protect millions of potentially exposed customers.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
UnitedHealth Group admits to paying ransom after Change Healthcare cyber attack
UnitedHealth Group, the parent company of Change Healthcare, has confirmed it paid the ransom to protect millions of potentially exposed customers
ποΈ Police Chiefs Call for Solutions to Access Encrypted Data in Serious Crime Cases ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
European Police Chiefs said that the complementary partnership between law enforcement agencies and the technology industry is at risk due to endtoend encryption E2EE. They called on the industry and governments to take urgent action to ensure public safety across social media platforms. "Privacy measures currently being rolled out, such as endtoend encryption, will stop tech companies.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π¦Ώ Can a VPN Be Hacked? π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Learn about the potential vulnerabilities of VPNs and the measures you can take to enhance your VPN security.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Can a VPN Be Hacked?
Learn about the potential vulnerabilities of VPNs and the measures you can take to enhance your VPN security.
π½ International Crackdown: βLabHostβ Phishing-as-a-Service Platform Busted π½
π Read more.
π Via "BE3SEC"
----------
ποΈ Seen on @cibsecurity
A concerted effort by global law enforcement agencies has successfully dismantled LabHost, a notorious online platform specializing in phishing kits. Since its inception in 2021, LabHost accrued over 1 million in profits by providing cybercriminals with the tools to impersonate trusted websites and steal sensitive user data. The coordinated operation.π Read more.
π Via "BE3SEC"
----------
ποΈ Seen on @cibsecurity
be4sec
International Crackdown: βLabHostβ Phishing-as-a-Service Platform Busted
A concerted effort by global law enforcement agencies has successfully dismantled LabHost, a notorious online platform specializing in phishing kits. Since its inception in 2021, LabHost accrued ovβ¦
π1
π΅οΈββοΈ US Gov Slaps Visa Restrictions on Spyware Honchos π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The State Department can now deny entrance to the US for individuals accused of profiting from spywarerelated human rights abuses, and their immediate family members.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
US Gov Slaps Visa Restrictions on Spyware Honchos
The State Department can now deny entrance to the US for individuals accused of profiting from spyware-related human rights abuses, and their immediate family members.
π΅οΈββοΈ Russia's Fancy Bear Pummels Windows Print Spooler Bug π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The infamous Russian threat actor has created a custom tool called GooseEgg to exploit CVE202238028 in cyberespionage attacks against targets in Ukraine, Western Europe, and North America.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Russia's Fancy Bear Pummels Windows Print Spooler Bug
The infamous Russian threat actor has created a custom tool called GooseEgg to exploit CVE-2022-38028 in cyberespionage attacks against targets in Ukraine, Western Europe, and North America.
π΅οΈββοΈ Teetering on the Edge: VPNs, Firewalls' Nonexistent Telemetry Lures APTs π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Statesponsored groups are targeting critical vulnerabilities in virtual private network VPN gateways, firewall appliances, and other edge devices to make life difficult for incident responders, who rarely have visibility into the devices.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
VPNs, Firewalls' Nonexistent Telemetry Lures APTs
State-sponsored groups are targeting critical vulnerabilities in edge devices to make life difficult for incident responders.
π¦Ώ Grab 9 Ethical Hacking Courses for $30 and Improve Your Business Security π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Your customers expect you to keep their data secure, and this collection of video courses covers everything you need to know about cybersecurity.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Grab 9 Ethical Hacking Courses for $30 and Improve Your Business Security
Your customers expect you to keep their data secure, and this collection of video courses covers everything you need to know about cybersecurity.
π§ Passwords, passkeys and familiarity bias π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
As passkey passwordless authentication adoption proceeds, misconceptions abound. There appears to be a widespread impression that passkeys may be more convenient and less secure than passwords. The reality is that they are both more secure and more convenient possibly a first in cybersecurity. Most of us could be forgiven for not realizing passwordless authentication The post Passwords, passkeys and familiarity bias appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
Passwords, passkeys and familiarity bias
As passkey adoption proceeds, misconceptions abound. While many people believe passwordless authentication is less secure, the reality is quite different.