CSO
BreachForums seized by law enforcement, admin Baphomet arrested
Official telegram channels operated by BreachForums members confirm law enforcement seizures and arrest.
The Cyber Express
The Cybersecurity Guardians: Meet the Top 30 cybersecurity Influencers to Follow in 2024
The ever-evolving landscape of cybersecurity is shaped by a dedicated group of individuals. These pioneers, through their research, entrepreneurship, and
The Hacker News
Black Basta Ransomware Strikes 500+ Entities Across North America, Europe, and Australia
Black Basta ransomware-as-a-service (RaaS) operation has targeted over 500 private industry and critical infrastructure entities in North America, Eur
Infosecurity News
LockBit, Black Basta, Play Dominate Ransomware in Q1 2024
The data from ReliaQuest also suggests LockBit faced a significant setback due to law enforcement action
The Hacker News
Two Chinese APT Groups Ramp Up Cyber Espionage Against ASEAN Countries
Latest Cybersecurity reports unveil two China-linked APT groups targeting ASEAN nations in cyberespionage campaign over the past 3 months.
CyberSecurity Dive
Phishing remains top route to initial access
Tricking individuals to reveal sensitive information or grant access to systems doesn’t require technical expertise. These lures turn human behavior and trust into a weapon.
DarkReading
South African Government Pension Data Leak Fears Spark Probe
LockBit ransomware gang claims 668GB of data it dumped online was stolen from South Africa's pension agency.
DarkReading
LockBit's Leak Site Reemerges, a Week After 'Complete Compromise'
Is LockBit dead? Law enforcement and the group itself seem to be telling conflicting stories.
CyberNews
LoanDepot finally reveals what data was exposed in Jan hack
US mortgage lender loanDepot finally reveals what sensitive customer information was exposed during a January cyberattack – claimed by the ALPHV/BlackCat ransom gang.
The Hacker News
LockBit Ransomware's Darknet Domains Seized in Global Law Enforcement Raid
Law enforcement from 11 countries seized LockBit's darknet domains, dealing a major blow to their operations.
DarkReading
Islamic Nonprofit Infiltrated for 3 Years With Silent Backdoor
Saudi Arabia charity was under surveillance with the modified reverse proxy tool, researchers discovered.
Infosecurity News
LockBit Reigns Supreme in Soaring Ransomware Landscape
The last quarter of 2023 saw an 80% year-on-year increase in ransomware victim claims, according to ReliaQuest
CyberNews
North Face, Vans maker VF Corp admits 35.5 million impacted in Dec breach
A VF Corp (The North Face, Vans) amended SEC breach disclosure says the personal information of over 35 million individuals was exposed in a December ransomware attack.
DarkReading
Google: Russia's ColdRiver APT Unleashes Custom 'Spica' Malware
Just in time for the US election season, one of the Kremlin's favorite hack-and-leak spy groups (aka Star Blizzard) has developed its very first custom backdoor.
CyberSecurity Dive
Progress Software’s MOVEit meltdown: uncovering the fallout
Businesses use the file-transfer service because it checks the compliance boxes for keeping data safe. Though initial attacks were targeted, thousands of bystanding businesses were hit indiscriminately.
CyberSecurity Dive
5 cybersecurity trends to watch in 2024
Preventative measures remain woefully unmet, the scourge of ransomware is as bad as its ever been, and a wave of new incident reporting and compliance regulations are taking hold. Buckle up, 2024 is here.
The Cyber Wire
The ALPHV/BlackCat takedown shuffle.
It's up, maybe it's down, no, for sure it's down, then up again, and finally down. For now.
DarkReading
Feds Snarl ALPHV/BlackCat Ransomware Operation
Dark Web chatter indicates that Scattered Spider worked with the FBI to take down the BlackCat/ALPHV operation.
DarkReading
Comcast Xfinity Breached via CitrixBleed; 35M Customers Affected
A trove of personal data belonging to millions of Americans is just the latest bullet point in a bad year for Citrix customers.
Infosecurity News
Law Enforcement Confirms BlackCat Take Down, Decryption Key Offered to
The FBI has developed a decryption key it believes will save over 500 victims around $68m
SC Magazine
No confirmation on rumored ALPHV/BlackCat site takedown by law enforcement
While one research group maintains the leak site outage by the ransomware group was law enforcement-related, there’s still no official word from the FBI.
CyberNews
Days-long ALPHV outage sparks arrest speculations
ALPHV/BlackCat is speculated to have been infiltrated by law enforcement.
Infosecurity News
ALPHV/BlackCat Site Downed After Suspected Police Action
Notorious ransomware collective ALPHV/BlackCat may have been disrupted by law enforcement
SecurityWeek
Law Enforcement Reportedly Behind Takedown of BlackCat/Alphv Ransomware Website
The leak website of the notorious BlackCat/Alphv ransomware group has been offline for days and law enforcement is reportedly behind the takedown.
DarkReading
Iran Threatens Israel's Critical Infrastructure With 'Polonium' Proxy
Cyber mimics life, as Iran uses Lebanese hackers to attack its bête noire.
The Hacker News
Scaling Security Operations with Automation
Learn how organizations are leveraging automation for security to combat the rising tide of security threats.
The Hacker News
7 Uses for Generative AI to Enhance Security Operations
Generative AI is transforming cybersecurity! Discover how it detects and prevents threats like malware and phishing in real-time.
The Hacker News
Okta Discloses Broader Impact Linked to October 2023 Support System Breach
Okta detected additional malicious activity tied to the October 2023 breach. Names and emails of support system users were compromised.
DarkReading
Scattered Spider Hops Nimbly from Cloud to On-Prem in Complex Attack
The actor behind the high-profile MGM incident jumps across segmentations in under an hour, in a ransomware attack spanning Okta, Citrix, Azure, SharePoint, and more.
DarkReading
'CitrixBleed' Linked to Ransomware Hit on China's State-Owned Bank
Meanwhile, CISA joins the call to patch CVE-2023-4966 immediately amid reports of mass-exploit activity; at least 5,000 orgs remain exposed.
CyberNews
Be careful what you scan: QR scams increase by 51%
Threat actors are using malicious QR codes to steal valuable data and money. Experts say it’s still difficult to detect and mitigate the threats spread by this method.
Infosecurity News
Quishing Campaigns Spike 50% in September
QR code phishing is becoming increasingly popular
CyberSecurity Dive
Countries pledge to not pay ransoms, but experts question impact
There is no mandate to ban governments or businesses from paying ransom demands, but the pledge could be a step toward that outcome.
SecurityWeek
Harmonic Lands $7M Funding to Secure Generative AI Deployments
The British startup is working on software to mitigate against the ‘wild west’ of unregulated AI apps harvesting company data at scale.
DataBreaches
Ransomware gang QakBot resurfaces after Feds’ botnet takedown
Simon Hendery reports: Evidence suggests the notorious Qakbot malware gang continued staging cyberattacks in August, even as authorities seized its‘...
DarkReading
Russian Hacktivism Takes a Toll on Organizations in Ukraine, EU, US
Russian hacktivist attacks are mostly for show, but sometimes they cause serious damage and are poised to begin getting worse.
CSO
Russia-linked attackers hit UK Ministry of Defence, leak stolen data
Report claims the LockBit ransomware group has published vast amounts of stolen information on the dark web.
Cyber Security News
Threat and Vulnerability Roundup for the week of August 27th to September 2nd
The latest attack techniques, significant weaknesses, and exploits have all been highlighted. We also provide the most latest software upgrades available to keep your devices secure.
Infosecurity News
FBI-Led Operation Duck Hunt Shuts Down QakBot Malware
With Operation Duck Hunt, the FBI took control of the botnet, allowed victims to uninstall the malware loader and seized $8.6m in cryptocurrency
Cyber Security News
Top 3 Malware Loaders of 2023 that Fueling 80% of Cyber Attacks
Cybersecurity Analysts at ReliaQuest have recently uncovered a multitude of malware loaders that were observed to be the most active this year in 2023.
Infosecurity News
Four in Five Cyber-Attacks Powered by Just Three Malware Loaders
ReliaQuest found that 80% of cyber intrusion campaigns used either QakBot, SocGholish or Raspberry Robin
SecurityWeek
3 Malware Loaders Detected in 80% of Attacks: Security Firm
QakBot, SocGholish, and Raspberry Robin are the three most popular malware loaders, accounting for 80% of the observed incidents.
CyberSecurity Dive
Security basics aren’t so basic — they’re hard
Lax security controls cause heavy damages, and security experts warn how unmet basics turn up, time and again, when things go wrong.
CyberSecurity Dive
How disjoined threat intelligence limits companies — and what to do about it
There’s no shortage of research on attackers, but for many CISOs, turning those insights into action is a difficult endeavor.
CyberSecurity Dive
The MOVEit spree is as bad as — or worse than — you think it is
The mass exploit has compromised more than 600 organizations, but that only scratches the surface of the potential number of downstream victims. Security experts project years of fallout.
CSO
Ransomware victim numbers surge as attackers target zero-day vulnerabilities
Ransomware groups are also prioritizing the exfiltration of files, which has become the primary source of extortion.
CSO
Cisco adds new ransomware recovery capabilities to XDR solution
Features reduce the time between the beginnings of a ransomware outbreak and capturing a snapshot of business-critical information to enhance business continuity.
CyberSecurity Dive
MOVEit mass exploit timeline: How the file-transfer service attacks entangled victims
The slow-moving disaster has ensnared some of the world's largest enterprises. Cybersecurity experts expect further damage to come.
The Hacker News
MITRE Unveils Top 25 Most Dangerous Software Weaknesses of 2023: Are You at Risk?
Attention all software developers and programmers! MITRE's Top 25 list of dangerous software weaknesses for 2023 is here.
The Hacker News
Third Flaw Uncovered in MOVEit Transfer App Amidst Cl0p Ransomware Mass Attack
🚨 Alert: Progress Software has disclosed a 3rd critical flaw in MOVEit Transfer app—an SQL injection—allowing unauthorized access.
Infosecurity News
LockBit Makes $91m From US Victims in Two Years
Allied security agencies reveal figure in new advisory
DarkReading
ReliaQuest Adds AI Capabilities to GreyMatter Intelligent Analysis
Integration of AI can lead to reduction of up to 90% in meantime to resolve security incidents.
Bleeping Computer
The Week in Ransomware - March 17th 2023 - Shifting to data extortion
The fallout from the Clop ransomware attacks on GoAnywhere platforms has become apparent this week, with the threat actors starting to extort victims on their data leak site and companies confirming breaches.
CyberSecurity Dive
How will the government enforce the national cyber strategy?
Efforts to enact laws and regulations that impose greater responsibility on the technology sector aren’t likely to come quick or easy.
CyberSecurity Dive
Hive takedown puts ‘small dent’ in ransomware problem
Successful law enforcement actions against ransomware can only do so much. The threat is omnipresent, lucrative and largely in the shadows.
DarkReading
FIN7 Cybercrime Group Likely Behind Black Basta Ransomware Campaign
Several artifacts from recent attacks strongly suggest a connection between the two operations, researchers say.
ThreatPost
New Hacker Forum Takes Pro-Ukraine Stance
A uniquely politically motivated site called DUMPS focuses solely on threat activity directed against Russia and Belarus
DarkReading
ReliaQuest to Acquire Digital Shadows
Combined company creates world-class security operations platform to offer customers unmatched visibility and detection to defend against threats.
SecurityWeek
ReliaQuest to Buy Digital Shadows for $160 Million
ReliaQuest shells out $160 million to add threat intelligence capabilities to its flagship GreyMatter platform.