βοΈ How Did Authorities Identify the Alleged Lockbit Boss? βοΈ
π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit's leader "LockBitSupp" claims the feds named the wrong guy, saying the charges don't explain how they connected him to Khoroshev. This post examines the activities of Khoroshev's many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years.π Read more.
π Via "Krebs on Security"
----------
ποΈ Seen on @cibsecurity
Krebs on Security
How Did Authorities Identify the Alleged Lockbit Boss?
Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit's leader "LockBitSupp" claims the feds named the wrong guyβ¦
π’ Whatβs going on with Zscaler? π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Zscaler has received praise from cyber professionals for its response to an alleged data breach, but as the saga continues, customer uncertainty remains.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Zscaler praised for swift response amid data breach claims β but what happened?
Zscaler has received praise from cyber professionals for its response to an alleged data breach, but as the saga continues, customer uncertainty remains
π΅οΈββοΈ Why Tokens Are Like Gold for Opportunistic Threat Actors π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
When setting authentication token expiry policies, always lean in to security over employee convenience.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Why Tokens Are Like Gold for Opportunistic Threat Actors
When setting authentication token expiry policies, always lean into security over employee convenience.
π’ Dell hacker claims they had access to systems for nearly three weeks π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
The hacker trying to sell a Dell database containing 49 million customer records claims he was able to persist on the companys systems for several weeks.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
IT Pro
Dell hacker claims they had access to systems for nearly three weeks
The hacker trying to sell a Dell database containing 49 million customer records claims he was able to persist on the companyβs systems for several weeks
π¦Ώ Best Encryption Software and Tools π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
This is a comprehensive list of best encryption software and tools, covering their features, pricing and more. Use this guide to determine your best fit.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
The 7 Best Encryption Software Choices for 2024
This is a comprehensive list of the best encryption software and tools, with features, pricing and more. Use this guide to find your best fit.
ποΈ MITRE Unveils EMB3D: A Threat-Modeling Framework for Embedded Devices ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The MITRE Corporation has officially made available a new threatmodeling framework called EMB3D for makers of embedded devices used in critical infrastructure environments. "The model provides a cultivated knowledge base of cyber threats to embedded devices, providing a common understanding of these threats with the security mechanisms required to mitigate them," the nonprofit said.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Mallox Ransomware Deployed Via MS-SQL Honeypot Attack π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Analyzing Mallox samples, Sekoia identified two distinct affiliates using different approaches.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Mallox Ransomware Deployed Via MS-SQL Honeypot Attack
Analyzing Mallox samples, Sekoia identified two distinct affiliates using different approaches
π Critical Vulnerabilities in Cinterion Modems Exposed π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
The flaws include CVE202347610, a security weaknesses within the modems SUPL message handlers.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Critical Vulnerabilities in Cinterion Modems Exposed
The flaws include CVE-2023-47610, a security weakness within the modemβs SUPL message handlers
π΅οΈββοΈ IntelBroker Nabs Europol Info; Agency Investigating π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Europe's crossborder law enforcement agency says the wellknown hacking outfit, contrary to claims, did not access operational data.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
IntelBroker Nabs Europol Info; Agency Investigating
Europe's cross-border law enforcement agency says the well-known hacking outfit, contrary to claims, did not access operational data.
𧨠How to Stop Phone Spoofing π§¨
π Read more.
π Via "McAfee"
----------
ποΈ Seen on @cibsecurity
From impersonating police officers in Pennsylvania to employees of the City of San Antonio, scammers have been impersonating officials nationwide... The post How to Stop Phone Spoofing appeared first on McAfee Blog.π Read more.
π Via "McAfee"
----------
ποΈ Seen on @cibsecurity
McAfee Blog
How to Stop Phone Spoofing | McAfee Blog
From impersonating police officers in Pennsylvania to employees of the City of San Antonio, scammers have been impersonating officials nationwide in order
π¦Ώ Report: Organisations Have Endpoint Security Tools But Are Still Falling Short on the Basics π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
AI PCs could soon see organisations invest in whole fleets of new managed devices, but Absolute Security data shows they are failing to maintain endpoint protection and patching the devices they have.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
Report: Organisations Have Endpoint Security Tools But Are Still Falling Short on the Basics
Organisations are failing to manage the basics of endpoint security tools, putting them at risk when they upgrade PC fleets.
π1
π΅οΈββοΈ Ukrainian, Latvian TV Hijacked to Broadcast Russian Celebrations π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
At least 15 television channels were interrupted in Ukraine alone, which, reportedly, is not out of the norm in this "information war.".π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Ukrainian, Latvian TV Hijacked to Broadcast Russian Celebrations
At least 15 television channels were interrupted in Ukraine alone, which, reportedly, is not out of the norm in this "information war."
π₯1
π΅οΈββοΈ 500 Victims In, Black Basta Reinvents With Novel Vishing Strategy π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Ransomware groups have always created problems for their victims that only they could solve. Black Basta is taking that core idea in a creative, new direction.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
500 Victims In, Black Basta Reinvents With Novel Vishing Strategy
Ransomware groups have always created problems for their victims that only they could solve. Black Basta is taking that core idea in a creative, new direction.
π3
ποΈ Apple and Google Launch Cross-Platform Feature to Detect Unwanted Bluetooth Tracking Devices ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Apple and Google on Monday officially announced the rollout of a new feature that notifies users across both iOS and Android if a Bluetooth tracking device is being used to stealthily keep tabs on them without their knowledge or consent. "This will help mitigate the misuse of devices designed to help keep track of belongings," the companies said in a joint statement, adding it aims to address ".π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π§ 3 recommendations for adopting generative AI for cyber defense π§
π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
In the past eighteen months, generative AI gen AI has gone from being the source of jawdropping demos to a top strategic priority in nearly every industry. A majority of CEOs report feeling under pressure to invest in gen AI. Product teams are now scrambling to build gen AI into their solutions and services. The The post 3 recommendations for adopting generative AI for cyber defense appeared first on Security Intelligence.π Read more.
π Via "Security Intelligence"
----------
ποΈ Seen on @cibsecurity
Security Intelligence
3 recommendations for adopting generative AI for cyber defense
Consider these factors when evaluating generative AI (gen AI) for your threat detection and response program.
π½ Claiming Access to Coinbase π½
π Read more.
π Via "BE3SEC"
----------
ποΈ Seen on @cibsecurity
A threat actor claimed that they have an access to Coinbase with ability to check the balance of any account. The advertisement shared in Telegram group. Coinbase is a leading cryptocurrency exchange platform founded in 2012, headquartered in the United States. It allows users to buy, sell, and store various.π Read more.
π Via "BE3SEC"
----------
ποΈ Seen on @cibsecurity
Be4Sec
Claiming Access to Coinbase
A threat actor claimed that they have an access to Coinbase with ability to check the balance of any account. The advertisement shared in Telegram group. Coinbase is a leading cryptocurrency exchanβ¦
π Hackers Use DNS Tunneling to Scan and Track Victims π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Palo Alto Networks warns threat actors are using DNS tunneling techniques to probe for network vulnerabilities.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Hackers Use DNS Tunneling to Scan and Track Victims
Palo Alto Networks warns threat actors are using DNS tunneling techniques to probe for network vulnerabilities
π FCC Names and Shames First Robocall Threat Actor π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
In a first, the FCC has designated Royal Tiger as a malicious robocall threat group.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
FCC Names and Shames First Robocall Threat Actor
In a first, the FCC has designated βRoyal Tigerβ as a malicious robocall threat group
π’ Scattered Spider, the ransomware group behind the MGM cyber attack, is still on a rampage β and authorities are ramping up efforts to catch them π’
π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
Scattered Spider brought MGM Resorts to its knees in late 2023, and despite a law enforcement crackdown, its still highly active.π Read more.
π Via "ITPro"
----------
ποΈ Seen on @cibsecurity
ITPro
Scattered Spider, the ransomware group behind the MGM cyber attack, is still on a rampage β and authorities are ramping up effortsβ¦
Scattered Spider brought MGM Resorts to its knees in late 2023, and despite a law enforcement crackdown, itβs still highly active
π UK Insurance and NCSC Join Forces to Fight Ransomware Payments π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
UK insurers and the National Cybersecurity Centre release new guidance to discourage ransomware payments by businesses.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
UK Insurance and NCSC Join Forces to Fight Ransomware Payments
UK insurers and the National Cybersecurity Centre release new guidance to discourage ransomware payments by businesses
ποΈ 6 Mistakes Organizations Make When Deploying Advanced Authentication ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Deploying advanced authentication measures is key to helping organizations address their weakest cybersecurity link their human users. Having some form of 2factor authentication in place is a great start, but many organizations may not yet be in that spot or have the needed level of authentication sophistication to adequately safeguard organizational data. When deploying.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity