German Authorities Take Down Dark Web Marketplace Kingdom Market
#GermanAuthorities #DarkWeb #KingdomMarket #CyberSecurity #LawEnforcement #Drugs #Malware #CounterfeitDocuments #Cryptocurrency
Healthcare Provider ESO hit in ransomware attack, 2.7 million impacted. Company restored systems using backups. Personal data may have been obtained by unauthorized third party. Patient information compromised, including Social Security numbers. Ransomware gang remains unidentified. Maine Attorney General's Office notified. Other healthcare facilities also affected. Affected patients should protect themselves from identity theft and health benefits fraud.
https://www.infosecurity-magazine.com/news/eso-hit-ransomware-27m-impacted/
Google has released urgent upgrades to fix a zero-day vulnerability in Chrome that has been widely exploited. The vulnerability could lead to software crashes or arbitrary code execution. The CVE-2023-7024 vulnerability is a heap-based buffer overflow flaw in the WebRTC framework. Google is aware that an exploit for CVE-2023-7024 exists in the wild. Google withheld information regarding the attacks that took advantage of the vulnerability. Users are strongly recommended to update their Chrome web browser immediately to prevent exploitation. #GoogleChrome #ZeroDay #CyberSecurityNews
New Instagram phishing attack steals 2FA backup codes. Phishing campaign impersonates Meta and sends emails to victims. Fake Meta website redirects victims to phishing website. Attackers ask for username, password, two-factor authentication, backup code, email address, and phone number. Continuous enhancements to the phishing websites have been observed. #cybersecurity #phishing
https://cybersecuritynews.com/new-instagram-phishing-attack/
Summary: Scammers have seen a 34% increase in new phishing sites impersonating delivery services during the holiday season. These fake websites mimic legitimate postal operators and delivery companies and trick victims into giving their personal and payment details. The scammers use official names, logos, and typosquatted URLs to add legitimacy. They also restrict access to the sites by geolocation, device, and operating system, and keep them live for only a few days. Last-minute shoppers are warned to verify sender details, search through official channels cautiously, and be aware of ongoing scams.
Hashtags: #Phishing #DeliveryScams #HolidayScams
https://www.infosecurity-magazine.com/news/fake-delivery-websites-surge-34/
Email spoofing is a deceptive method used by malicious individuals to send emails with fictitious sender information. It focuses on taking advantage of flaws in the email protocol rather than hacking the sender's email account. Email spoofing is often linked to phishing attempts and targets various sectors, including financial institutions and healthcare providers. It can lead to significant financial losses and is often used to impersonate reputable entities like well-known brands. To guard against email spoofing, it is important to be aware of strange emails, thoroughly check sender addresses, refrain from clicking on suspicious links or attachments, and implement email authentication mechanisms. #EmailSpoofing #Phishing #Cybersecurity
GCHQ Christmas Codebreaking Challenge - Schneier on Security
1. The GCHQ Christmas Codebreaking Challenge is mentioned on the blog.
2. The challenge involves cryptanalysis and the history of cryptography.
3. There are comments discussing possible solutions to the challenge.
#GCHQ #Codebreaking #Cryptanalysis #Cryptography
https://www.schneier.com/blog/archives/2023/12/gchq-christmas-codebreaking-challenge.html
2024 Cybersecurity Industry Experts Predictions: Part 1:
- Cloud migration expands attack surface, increases reliance on multiple passwords, and leaves gaps in enterprise security
- Malicious actors use AI to exploit these gaps and execute phishing attacks
- People are the solution to defending against attacks and maintaining strong foundational security
- Organisations struggle to find people with the skills needed to fix security problems
- AI will be weaponised by attackers and defenders, leading to a cyber arms race
- AI used as a mass-cyberattack tool, scanning and exploiting vulnerabilities across IT systems and supply chains
- Defenders will use AI to detect attacks quicker and block AI-generated phishing scams
- AI will dominate the cyber landscape in 2024
Hashtags: #CybersecurityPredictions #CloudSecurity #PhishingAttacks #FoundationalSecurity #CyberTalent #AIinCybersecurity
https://www.itsecurityguru.org/2023/12/20/2024-cybersecurity-industry-experts-predictions-part-1/
Mozilla has released security updates for Firefox and Thunderbird, addressing 20 vulnerabilities, including memory safety issues. The updates patch a heap buffer overflow bug in WebGL that could allow remote code execution and sandbox escape. Another vulnerability makes Network Security Services NIST curves vulnerable to the Minerva side-channel attack, potentially exposing the long-term private key. Firefox 121 also resolves multiple memory safety issues and eight medium-severity flaws. Thunderbird 115.6 has patches for 11 vulnerabilities, with two high-severity flaws allowing email message spoofing. The updates are available on Mozilla's security advisories page. #Mozilla #Firefox #Thunderbird #vulnerabilities #securityupdates
Okta acquires Israeli startup Spera Security. The acquisition broadens Okta's Identity threat detection and security posture management capabilities. The deal is valued between $100-130 million. #Okta #SperaSecurity #cybersecurity
https://www.securityweek.com/okta-to-acquire-israeli-startup-spera-security/
Summary:
1. Boston-based cybersecurity training startup SimSpace has secured a $45 million investment led by L2 Point Management, bringing their total funding to $70 million.
2. SimSpace offers a "Cyber Force Platform" that enables organizations to conduct secure and scalable cyber range simulations.
3. The company collaborates with partners like Mandiant and US Cyber Command to provide up-to-date threat intelligence on their cyber ranges.
4. SimSpace's technology is used by Fortune 2000 companies, governments, and cyber teams for training and stress-testing purposes.
5. The funding will be used to enter new markets globally and accelerate customer acquisition.
Hashtags: #CyberSecurity #Investment #Technology #CyberRange #Training
BlackCat ransomware gang defies law enforcement, despite their efforts to take them down. The FBI "seized" the group's website, but the group responded by unseizing it. This is due to the fact that both law enforcement and BlackCat have access to the private key of the site. The group has continued their operations and has even allowed affiliates to target critical infrastructure. However, it is unlikely that affiliates will specifically target these organizations. The group has also cut the cost of working with them in an attempt to retain their affiliates. There is no evidence of arrests being made, so the long-term effects of the disruption activity may be limited. Affiliates may seek employment elsewhere to distance themselves from law enforcement. #BlackCat #Ransomware #LawEnforcement #Cybercrime #Affiliates
https://www.infosecurity-magazine.com/news/blackcat-ransomware-defies-law/
Summary:
- 85% of companies globally have experienced cyber incidents in the past two years, with 11% attributed to shadow IT.
- Shadow IT usage poses risks such as leakage of confidential data and harm to businesses.
- The IT industry is most impacted by shadow IT incidents, with a 16% impact in 2022 and 2023.
- Cooperation between business and IT departments, regular inventories of IT assets, access controls for personal employee devices, and training programs are recommended to mitigate risks.
Hashtags:
#cybersecurity #shadowIT #riskmanagement #dataleakage #businesssecurity
https://www.infosecurity-magazine.com/news/85-firms-cyber-incidents-11-shadow/
Cybersecurity researchers have discovered a new targeted malspam operation in the hospitality industry. The attackers use social engineering tactics to send malicious links disguised as complaints or requests for information. The malware is designed to evade detection and exfiltrates data from the victim's machine. The malware is connected to a Telegram channel for command-and-control purposes. #HospitalityIndustry #Cybersecurity #Malware #PasswordStealing
https://www.infosecurity-magazine.com/news/hospitality-industry-password/
Okta has announced its acquisition of Spera Security, a rising star in the Identity security space. The strategic union aims to enhance organizations' cybersecurity defenses and revolutionize security approaches. Spera Security specializes in unveiling threats beyond Identity Providers' walls and offers insights into vulnerabilities within SaaS and infrastructure applications. The acquisition strengthens Okta's capabilities in secure identity posture management and expands its ITDR horizons. The alliance between Okta and Spera Security empowers organizations with comprehensive visibility and relentless threat monitoring. #Okta #SperaSecurity #cybersecurity #ITDR
https://cybersecuritynews.com/okta-to-acquire-spera-security/
#CybersecurityTrends #SMEBusinessLeaders #2024 #SecurityAwareness #ArtificialIntelligence #RookieHackers #ThreatActors #CyberInsurance #GeopoliticalChaos #IdeologicallyMotivatedCyberattacks
Iranian hackers known as Seedworm have targeted telecom companies in Egypt, Sudan, and Tanzania using custom tools and living-off-the-land techniques. The attacks took place in November 2023 and the hackers used a range of tools including MuddyC2Go infrastructure, SimpleHelp remote access tool, and Venom Proxy. The MuddyC2Go launcher executed PowerShell code to establish a connection with its command-and-control server. The attackers also utilized tools like Revsocks, AnyDesk, and a custom keylogger. Businesses need to be vigilant about unusual PowerShell usage on their networks. #IranianHackers #Seedworm #CyberSecurity
BlackCat Ransomware raises ante after FBI disruption. FBI infiltrates Russia-based criminal group ALPHV and BlackCat. Seized darknet website and released decryption tool for victims. BlackCat offers 90% commissions for affiliates and targets hospitals and nuclear power plants. FBI gains access and disrupts group's operations. FBI developed decryption tool for affected victims. BlackCat formed by recruiting from other ransomware groups. Operates under ransomware-as-a-service model. Affiliate commissions set at 90%. FBI and BlackCat have private keys for Tor hidden service URL. DOJ offers reward for information on BlackCat affiliates.
https://krebsonsecurity.com/2023/12/blackcat-ransomware-raises-ante-after-fbi-disruption/
Xfinity Discloses Data Breach Impacting Nearly 36 Million
- Xfinity, a brand of Comcast Cable, has revealed a data breach impacting 35.9 million customers.
- The breach resulted from the exploitation of a Citrix vulnerability.
- Xfinity promptly patched and mitigated the vulnerability but discovered unauthorized access to its internal systems.
- The vulnerability allows threat actors to bypass multi-factor authentication (MFA) and hijack user sessions.
- Customer data, including usernames, hashed passwords, and personal information, was accessed.
- Xfinity has issued a password reset and recommends enabling multi-factor authentication.
- Customers are advised to change passwords for other accounts that use the same credentials.
- The Office of the Maine Attorney General confirmed the number of customers impacted.
#Xfinity #DataBreach #Cybersecurity #Citrix #MultiFactorAuthentication #PasswordReset #CustomerDataSecurity
https://www.infosecurity-magazine.com/news/xfinity-discloses-data-breach-36/
Summary:
Certification is important for companies to establish trust and ensure data privacy. CISOs play a crucial role in the certification process by ensuring compliance and security measures. To minimize friction in the certification process, CISOs can automate compliance checks, consult legal teams for context and risk assessment, secure infrastructure sprawl, continuously monitor security, and prioritize organization and documentation.
Hashtags: #Certification #CyberCompliance #CISOs #Automation #LegalInput #InfrastructureSecurity #ContinuousMonitoring #Organization
https://cybersecuritynews.com/cyber-compliance-certification/