ποΈ Japanese Experts Warn of BLOODALCHEMY Malware Targeting Government Agencies ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Cybersecurity researchers have discovered that the malware known as BLOODALCHEMY used in attacks targeting government organizations in Southern and Southeastern Asia is in fact an updated version of Deed RAT, which is believed to be a successor to ShadowPad. "The origin of BLOODALCHEMY and Deed RAT is ShadowPad and given the history of ShadowPad being utilized in numerous APT.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Microsoft: Gift Card Fraud Rising, Costing Businesses up to $100,000 a Day π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Microsoft has warned of surging gift card fraud and sophisticated approaches from the group Storm0539.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Microsoft: Gift Card Fraud Rising, Costing Businesses up to $100,000 a Day
Microsoft has warned of surging gift card fraud and sophisticated approaches from the group Storm-0539
π¦
Incognito Admin Arrest and SuperMarket Wallet Drain: Darknet Marketplaces Plunge into Uncertainty π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Unraveling the seedy underbelly of the darknet marketplaces Executive Summary The arrest of RiuSiang Lin, the former administrator of the closed Incognito marketplace, by the US authorities on 18th May is causing a domino effect in the underground illegal communities, leading to an alleged exit plan on the SuperMarket. On Dreads, the coadministrator of the Supermarket announced to the community on May 21, 2024, that the wallets had been emptied and that the only person who would have had access to them was "FatherBear", the other administrator of the marketplace. The indictment of Lin, known in the underground as "Pharao," leads to an OSINT investigation based on his name, which provides more insight into his real identity and possible explanations for the March exit. Moreov...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
Admin Arrest & Wallet Drain: Darknet Market Uncertainty
CRIL analyses the darkweb marketplace's deceptive practices, the recent arrest of an Incognito administrator, and the SuperMarket wallet heist.
π΅οΈββοΈ CyberArk Goes All In on Machine Identity with Venafi Deal π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
CyberArk's 1.54 billion agreement to buy Venafi is a sign of how human and machine identities will converge with certificate lifecycle management.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
CyberArk Goes All In on Machine Identity with Venafi Deal
CyberArk's $1.54 billion agreement to buy Venafi is a sign of how human and machine identities will converge with certificate lifecycle management.
π΅οΈββοΈ Future-Proof Your Cybersecurity AI Strategy π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
An effective, longterm XDR strategy will address the ongoing need for rapid analysis and continual vetting of the latest threat intelligence.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Future-Proof Your Cybersecurity AI Strategy
An effective, long-term XDR strategy will address the ongoing need for rapid analysis and continual vetting of the latest threat intelligence.
π¦Ώ 5 Patch Management Best Practices for Success in 2024 π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Patching remains a difficult task for many organizations but its critical for security. Discover 5 patch management best practices.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
5 Patch Management Best Practices for Success in 2024
Patching remains a difficult task for many organizations β but itβs critical for security. Discover 5 patch management best practices.
𧨠How a VPN Can Make Your Time Online More Private and Secure π§¨
π Read more.
π Via "McAfee"
----------
ποΈ Seen on @cibsecurity
What is a VPN virtual private network? And how can it make your time online more secureand a little more... The post How a VPN Can Make Your Time Online More Private and Secure appeared first on McAfee Blog.π Read more.
π Via "McAfee"
----------
ποΈ Seen on @cibsecurity
McAfee Blog
How a VPN Can Make Your Time Online More Private and Secure | McAfee Blog
What is a VPN (virtual private network)? And how can it make your time online more secureβand a little more private too? Here weβll take a look at what a
π¦Ώ CISOs in Australia Urged to Take a Closer Look at Data Breach Risks π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
A leading cyber lawyer in Australia has warned CISOs and other IT leaders their organisations and careers could be at stake if they do not understand data risk and data governance practices.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
CISOs in Australia Urged to Take a Closer Look at Data Breach Risks
A leading cyber expert in Australia has warned CISOs and other IT leaders the long-term viability of their organisations is at stake due to data risk.
ποΈ Fake Antivirus Websites Deliver Malware to Android and Windows Devices ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
Threat actors have been observed making use of fake websites masquerading as legitimate antivirus solutions from Avast, Bitdefender, and Malwarebytes to propagate malware capable of stealing sensitive information from Android and Windows devices. "Hosting malicious software through sites which look legitimate is predatory to general consumers, especially those who look to protect their devices.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π Health Information Published Online After MediSecure Ransomware Attack π
π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
MediSecure confirmed that limited health data of customers was posted onto a dark web forum, with a 6.5TB dataset reportedly put up for sale.π Read more.
π Via "Infosecurity Magazine"
----------
ποΈ Seen on @cibsecurity
Infosecurity Magazine
Health Information Published Online After MediSecure Ransomware Attack
MediSecure confirmed that limited health data of customers was posted onto a dark web forum, with a 6.5TB dataset reportedly put up for sale
π΅οΈββοΈ When 'No' & 'Good Enough' Challenge Cybersecurity π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
As the digital landscape evolves, these words must become an impetus for innovation and dialogue, not insurmountable barriers.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
When 'No' & 'Good Enough' Challenge Cybersecurity
As the digital landscape evolves, these words must become an impetus for innovation and dialogue, not insurmountable barriers.
π΅οΈββοΈ The SEC's SolarWinds Case: What CISOs Should Do Now π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The SEC's lawsuit may take years to resolve through litigation, but here are five things CISOs should do now to protect both themselves as individuals as well as their organizations.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
The SECβs SolarWinds Case: What CISOs Should Do Now
The SEC's lawsuit may take years to resolve through litigation, but here are five things CISOs should do now to protect both themselves as individuals as well as their organizations.
π1
π¦Ώ Get a Lifetime of 1TB Cloud Storage for Only $80 With FolderFort π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Fast, affordable cloud storage isnt always easy to find for businesses, but now you can have a massive amount with maximum security.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
π¦Ώ AI Seoul Summit: 4 Key Takeaways on AI Safety Standards and Regulations π¦Ώ
π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
Major breakthroughs were made in global nations AI safety commitments, AI safety institutes, research grants and AI risk thresholds at this months AI Seoul Summit.π Read more.
π Via "Tech Republic"
----------
ποΈ Seen on @cibsecurity
TechRepublic
AI Seoul Summit: 4 Key Takeaways on AI Safety Standards and Regulations
Major breakthroughs were made in global nationsβ AI safety commitments, AI safety institutes, research grants and AI risk thresholds at this monthβs AI Seoul Summit.
π΅οΈββοΈ Google Discovers Fourth Zero-Day in Less Than a Month π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
The tech company has rolled out fixes for a type confusion vulnerability that has already been exploited by malicious actors.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
Google Discovers Fourth Zero-Day in Less Than a Month
The tech company has rolled out fixes for a type confusion vulnerability that has already been exploited by malicious actors.
π¦
The Rust Revolution: New Embargo Ransomware Steps In π¦
π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Key Takeaways Cyble Research Intelligence Labs CRIL identified a sample of Embargo ransomware, developed in Rust. The Threat Actors behind this ransomware are using double extortion tactics. We observed an instance where the ransomware group Initially demanded a 1 million ransom payment, threatening data leak and notifications to various parties upon nonpayment. The leak site User Interfaces of Embargo and ALPHV ransomware resemble each other. Additionally, the leak site of ALPHV ransomware was taken down by law enforcement in March 2024. The log generation structure of both the ransomware looks similar. Embargo, to date, has disclosed details of four victims globally. This ransomware Utilizes ChaCha20 and Curve25519 for file encryption and appends ".564ba1" ...π Read more.
π Via "CYBLE"
----------
ποΈ Seen on @cibsecurity
Cyble
The Rust Revolution: New Embargo Ransomware Steps In - Cyble
Cyble analyzes the Rust-based Embargo ransomware, investigating its operations and possible variants.
π Faraday 5.3.0 π
π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Faraday is a tool that introduces a new concept called IPE, or Integrated PenetrationTest Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to reuse the available tools in the community to take advantage of them in a multiuser way.π Read more.
π Via "Packet Storm - Tools"
----------
ποΈ Seen on @cibsecurity
Packetstormsecurity
Faraday 5.3.0 β Packet Storm
Information Security Services, News, Files, Tools, Exploits, Advisories and Whitepapers
ποΈ Hackers Created Rogue VMs to Evade Detection in Recent MITRE Cyber Attack ποΈ
π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
The MITRE Corporation has revealed that the cyber attack targeting the notforprofit company towards late December 2023 by exploiting zeroday flaws in Ivanti Connect Secure ICS involved the actor creating rogue virtual machines VMs within its VMware environment. "The adversary created their own rogue VMs within the VMware environment, leveraging compromised vCenter Server access," MITRE.π Read more.
π Via "The Hacker News"
----------
ποΈ Seen on @cibsecurity
π΅οΈββοΈ Microsoft's 'Recall' Feature Draws Criticism From Privacy Advocates π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Despite Microsoft's reassurances, multiple security researchers describe the technology as problematic for users and their organizations.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Darkreading
Microsoft's 'Recall' Feature Draws Criticism From Privacy Advocates
Despite Microsoft's reassurances, multiple security researchers describe the technology as problematic for users and their organizations.
π΅οΈββοΈ AI Voice Generator App Used to Drop Gipy Malware π΅οΈββοΈ
π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Users get duped into downloading malicious files disguised to look like an application that uses artificial intelligence to alter voices.π Read more.
π Via "Dark Reading"
----------
ποΈ Seen on @cibsecurity
Dark Reading
AI Voice Generator App Used to Drop Gipy Malware
Users get duped into downloading malicious files disguised to look like an application that uses artificial intelligence to alter voices.
𧨠Deepfake Drama: How Gwyneth Paltrow Became the Latest Target in AI Deception π§¨
π Read more.
π Via "McAfee"
----------
ποΈ Seen on @cibsecurity
As technology advances, so do the methods used by cybercriminals to spread misinformation and scams. One of the most concerning... The post Deepfake Drama How Gwyneth Paltrow Became the Latest Target in AI Deception appeared first on McAfee Blog.π Read more.
π Via "McAfee"
----------
ποΈ Seen on @cibsecurity
McAfee Blog
Deepfake Drama: How Gwyneth Paltrow Became the Latest Target in AI Deception | McAfee Blog
As technology advances, so do the methods used by cybercriminals to spread misinformation and scams. One of the most concerning developments in recent