25 Sep 2020

Cyber: The Art Of War

Foreign bad actors are conducting a covert cyber war. The pace, frequency, and intensity of cyberattacks are now greater than ever. As the physical realm inevitably merges with the cyber one, forming a new kind of infrastructure, cyberattacks on this infrastructure can have a catastrophic impact on our energy, waste, water, transportation, and telecommunications facilities. Examples include potential attack on infrastructures like distributed control system (DCS) and supervisory control and data acquisition (SCADA) that monitor and control processes and plant with many control loops. Additionally, exploitation of supply chain vulnerabilities can substantially disrupt the way we live, work, and play.

This piece dives deep into these topics and sheds light into optimal approaches while leaning on the lessons of Sun Tzu.

Read More
24 Sep 2020

Gamer Credentials Now a Booming, Juicy Target for Hackers

Credential theft targeting gaming platforms has been increasing rapidly over the past two years, according to a new report. Illicit markets sell account credentials on the dark web at an alarming rate, with buyers looking to find special weapons, unique tools, and other in-game benefits. According to researchers, the uptick

Read More
23 Sep 2020

179 Arrested in Massive Global Dark Web Takedown

In one of the biggest global dark web takedowns to date, 179 criminals were arrested across six different countries. Authorities seized 500 kilograms of drugs and $6.5 million in cash and cryptocurrency. The operation was announced this morning, however, it’s likely that the cybercrime group was operating since May 3

Read More
23 Sep 2020

Activision Refutes Claims of 500K-Account Hack

Call of Duty parent company Activision has denied all reports that its systems were compromised in a hack that stole personal information belonging to 500,000 users. The first alleged breach was flagged by a Twitter user, quickly gaining traction among the community, with consumers claiming that account credentials were being

Read More
23 Sep 2020

Google Cloud Buckets Exposed in Rampant Misconfiguration

According to a new analysis, highly sensitive information is publicly available in a large percentage of cloud databases due to misconfiguration errors. A new survey of 2,064 Google Cloud buckets found that 6% were left open to the public internet, allowing anybody to access their contents. Among the exposed data

Read More
23 Sep 2020

Ransomware gang targets Russian businesses in rare coordinated attacks

Cybersecurity researchers at Group-IB have reportedly identified a new cybercrime group targeting Russian entities with a new strain of ransomware named TinyCryptor. The group has been named OldGremlin and has been only targeting Russian businesses so far. Group-IB researchers stated that this case is unusual in that Russian-speaking gangs often

Read More
22 Sep 2020

Six Indicted for Bribing Amazon Workers in $100m Scheme

According to a recent statement, six individuals have been indicted for their involvement in a bribery scheme against Amazon employees. The six men and women attempted to bribe Amazon workers to gain an unfair competitive advantage on Amazon Marketplace estimated to be worth $100m. The six criminals live across the

Read More
22 Sep 2020

‘Dark Overlord’ Cyber Extortionist Pleads Guilty

Nathan Wyatt, a member of the notorious Dark Overlord cyber extortion gang, will now face five years in prison as a result of his guilty plea in court earlier this week. Wyatt will also owe his victims $1 million in reparations and will remain under law enforcement supervision after the

Read More
21 Sep 2020

Maze Ransomware Adopts Ragnar Locker Virtual-Machine Approach

According to researchers with Sophos Managed Threat Response, the operators behind Maze ransomware have been adopting tactics from rival cybercrime organizations, adding a dangerous new feature. Maze ransomware can now distribute ransomware payloads through virtual machines. According to researchers, this is a “radical” approach that aims to avoid endpoint defense.

Read More
18 Sep 2020

iOS 14 and iPadOS 14 Patch Vulnerabilities, Introduce New Privacy Features

This week, Apple patched roughly a dozen vulnerabilities and introduced new privacy features to accompany the rollout of iOS 14 and iPadOS 14. The addressed security flaws impact different operating system components such as Assets, Icons, AppleAVD, Sandbox, Siri, and WebKit. The flaws could result in several different occurrences, such

Read More