Resilience Cyber Insurance Solutions raised $100 million in funding for global expansion of their cyber risk platform. The platform helps policyholders assess their cyber risk and prioritize security measures. The funding round was led by Intact Ventures and included participation from Lightspeed Venture Partners, General Catalyst, and Founders Fund. Resilience has raised over $225 million in prior funding and serves clients in multiple countries. The company offers insurance coverage and security services through its network. #CyberInsurance #CyberRiskPlatform #FundingRound #CybersecurityExpansion
Summary:
1. The FBI is warning about financial fraud in the NFT community.
2. Criminals are posing as NFT developers and tricking users into purchasing fake NFTs.
3. They create counterfeit social media accounts and websites to deceive users.
4. Victims are directed to connect their cryptocurrency wallets, which enables the criminals to steal their funds.
5. Stolen NFTs and cryptocurrency are often routed through cryptocurrency mixers and exchanges to cover their tracks.
6. The FBI advises users to research NFT opportunities, verify social media accounts, validate website authenticity, and be skeptical of enticing rewards.
7. Suspicious NFT-related activities should be reported to the FBI's Internet Crime Complaint Center.
Hashtags:
#FBI #NFTfraud #financialfraud #cybercrime #cryptocurrency #securityadvisory
https://www.infosecurity-magazine.com/news/fbi-warns-criminals-posing-nft-devs/
Invisible ad fraud targets Korean Android users, as discovered by cybersecurity experts. Certain apps distributed through Google Play discreetly load ads when the user's device screen is turned off, violating Google Play Developer policies. The fraudulent behavior can be remotely modified and pushed using Firebase Storage or Messaging service. McAfee reported the apps to Google, and many have been removed from the Play Store. #Android #AdFraud #Cybersecurity #GooglePlay
https://www.infosecurity-magazine.com/news/invisible-ad-targets-korea-android/
Summary:
- A cyber-attack on hospital computer systems in the United States has caused disruptions and the closure of emergency rooms in multiple states.
- Prospect Medical Holdings, a California-based company, was targeted in the attack, leading to the shutdown of its systems and the initiation of an investigation with the help of cybersecurity specialists.
- Primary care services remained closed as security experts assessed the damage and worked to find a resolution.
- The severity of the attack has immediate and far-reaching consequences on human lives, especially during the ongoing Covid-19 pandemic.
- Law enforcement agencies are collaborating with the victim entities to identify the perpetrators and secure data.
Hashtags:
- #CyberAttack
- #HealthcareDisruption
- #EmergencyRoomClosure
- #ProspectMedicalHoldings
- #Investigation
- #Cybersecurity
- #PrimaryCare
- #DigitalTransformation
- #PatientSafety
- #LawEnforcementCollaboration
https://www.infosecurity-magazine.com/news/us-primary-care-services/
Sophisticated malware is targeting air-gapped ICS systems, compromising defense mechanisms. Researchers have discovered a second-stage malware that extracts data, develops tools, and transmits data. The malware infects removable drives and sends data to Dropbox. Security experts recommend regular security assessments, vulnerability management, robust security solutions, timely updates, and incident prevention and response training. #cyberattack #cybersecurity #malware
Summary: Cybersecurity researchers have discovered security vulnerabilities on points.com, the backend provider for major airline and hotel rewards programs. These vulnerabilities allowed attackers to gain unauthorized access to customer accounts, steal reward points, and access sensitive customer information. The vulnerabilities have since been fixed by the points.com team.
Hashtags: #Cybersecurity #Points.com #RewardPrograms #DataBreach
North Korean hackers breach leading Russian missile and military engineering company. #CyberAttack #Vulnerability #DataBreaches #NorthKorea #Hackers
https://cybersecuritynews.com/north-korean-hackers-russian-missile-military/
with sqlalchemy, yes. better than bunch of csv anyway.
Some realistic hacks in this series
Colorado Department of Higher Education targeted in ransomware attack and data breach impacting students and teachers. #DataBreach #RansomwareAttack #Cybersecurity
The attack occurred between June 11 and June 19, with cybercriminals gaining access to names, social security numbers, and education records. #Cyberattack #DataIncident
Impacted individuals include students and teachers who attended public institutions in Colorado and participated in various education programs. #DataBreach #Education
Those affected are being offered free credit monitoring and identity theft protection services. #IdentityTheft #CreditMonitoring
Education organizations are frequently targeted by cybercriminals, prompting government alerts. #Cybersecurity #EducationSector
Colorado State University was recently impacted by the Cl0p ransomware group’s MOVEit hack. #Ransomware #CybersecurityAttack
Clop Gang offers data downloads via torrents. #Clop #ransomware #data #torrents #security
The group provides access to data stolen in MOVEit attacks. #data #MOVEit #attacks #security
Big-name victims such as Putnam, Iron Bow Technologies, and Delaware Life are featured. #victims #Putnam #IronBowTechnologies #DelawareLife
Clop is using P2P sharing to make the data available. #P2P #sharing #data
The group includes instructions on how to use torrent clients. #instructions #torrentclients
Clop previously created surface web sites for breached organizations like PwC. #surfaceweb #breachedorganizations #PwC
Ransomware groups constantly innovate to improve their reputation and monetize attacks. #ransomware #innovation #monetization
Clop exploited a zero-day bug in the MOVEit software to compromise victims. #zero-daybug #MOVEit #victims
Millions of end users have been impacted by Clop's campaign. #endusers #impacted #campaign
https://www.infosecurity-magazine.com/news/clop-gang-offers-data-downloads/
#Summary: The Colorado Department of Higher Education (CDHE) has suffered a ransomware breach, potentially compromising the personal information of former and current high school staff and students. The breach occurred between June 11 and June 19, 2023, and impacted records include names, social security numbers, student identification numbers, and other education records. The CDHE is implementing additional cybersecurity safeguards and providing affected individuals with complimentary credit monitoring and identity theft protection services through Experian for two years.
#Hashtags: #ColoradoEducationDepartment #RansomwareBreach #DataBreach #Cybersecurity #IdentityTheft
https://www.infosecurity-magazine.com/news/colorado-education-ransomware/
Russian hacktivist group NoName057 conducted a weeks-long DDoS campaign targeting Spanish websites. The attacks affected at least 72 websites, including government institutions such as the Prime Minister's official residence and the Constitutional Court. The cyber-attacks were believed to be in response to Spain's support for Ukraine. DDoS attacks can have significant economic consequences, and they are a favored tactic of hacktivists. The Spanish National Research Council also experienced a ransomware attack, attributed to the same actor that targeted NASA and Germany's Max Planck Institute. #RussianHacktivists #DDoS #NoName057 #Cyberattacks
https://www.infosecurity-magazine.com/news/russian-hacktivists-overwhelm/
Summary:
Spyware provider LetMeSpy shuts down after a hacker deletes server data. Hackers gained unauthorized access to email addresses, phone numbers, and message content stored in LetMeSpy's servers. LetMeSpy is an Android phone monitoring app used for parental control or employee monitoring. The company has confirmed the permanent shutdown of its spyware service and advises users to contact them for their stored data. The leaked data dates back to 2013, and LetMeSpy had controlled over 236,000 devices before the breach.
Hashtags: #spyware #cyberattack
https://cybersecuritynews.com/spyware-provider-letmespy-shuts-down/
Bram Moolenaar, creator of my favorite text editor on Linux, vim, has passed away. RIP #vim
Threat and Vulnerability Roundup for the week of July 30th to August 5th.
- Citrix Servers Compromised
- Abusing AWS SSM Agent
- New LOLBAS Binaries Uncovered
- AD CTS Attack Vector
- Microsoft Teams Phishing Attack
- Salesforce Email Zero-day Flaw
- Ivanti MobileIron API Access Flaw
- QNAP Operating Systems Flaw
- Canon Printers Wi-Fi Connection settings Flaw
- Splunk SOAR Unauthenticated Log Injection
- IBM Security Verify Access Flaw
- Trust Wallet Browser Extension Flaw
- New Collide+Power Exploit
- Black Hat AI Tools
- Burp Suite 2023.8
- BloodHound
- AWS to Charge for the Public IPv4 Addresses
- Chrome Security Update
- Researchers Jailbreak ChatGPT
- Top 42 Frequently Exploited Flaws of 2022
- CISA Guide to Harden Cisco Firewalls
- Spyware App Compromised Over 60,000 Android Devices
- Hackers Use Google AMP Pages to Bypass Detection
- Cloud Host Accused of Aiding APT Hackers
- Hackers Train AI-powered Cybercrime Tools
- BlueCharlie Credential Stealing Infrastructure
- Android Malware Via WhatsApp
- New WikiLoader Malware
- macOS HVNC Tool
#cybersecurity #threats #vulnerabilities #exploits #AWS #Microsoft #Salesforce #Ivanti #QNAP #Canon #Splunk #IBM #TrustWallet #BlackHat #BurpSuite #BloodHound #ChatGPT #CISAGuide #Spyware #GoogleAMP #CloudHost #AI #BlueCharlie #AndroidMalware #WikiLoader #macOS
https://cybersecuritynews.com/threat-and-vulnerability-roundup-weekly/
New Rilide Malware stealing credentials, targeting enterprise employees and crypto wallets. Bypasses Chromium browser manifest v3. Targets banking accounts in Australia and UK. Takes screenshots and sends stolen data to a Telegram channel. Can enable/disable browser extensions, retrieve browser history/cookies, steal login credentials, take screenshots, and inject malicious scripts. Masquerades as a Palo Alto GlobalProtect VPN extension. Linked to Twitter campaigns and NFT games. Indicators of compromise released by Trustwave. #cybersecurity #malware
Summary:
1. Public conversation on the threat of AI to democracy lacks imagination and focuses on familiar risks.
2. Six milestones that could herald a new era of AI-driven politics, including acceptance of AI-generated testimony and AI-authored legislative amendments.
3. Possibility of an AI candidate winning an election seems implausible.
4. AI could found a political party and attract human candidates.
5. AI could generate profit and make political campaign contributions.
6. AI could achieve coordinated policy outcomes across multiple jurisdictions.
Hashtags:
#AIPolitics #FutureOfDemocracy #AIInGovernment #PoliticalPowerShift #TechnologyImpacts #AIandElections
https://www.schneier.com/blog/archives/2023/08/political-milestones-for-ai.html
2023 Squid Oil Market Report: Squid oil is valuable and can be extracted from squid bodies. The market includes fish oil, krill oil, and other products. Plant-based calamari has also been introduced. #SquidOil #MarketReport