20 Jan 2022

North Korea says it will reconsider its moratorium on nuclear and long-range missile tests

On Thursday, North Korea stated that it plans to evaluate all of its temporally suspended activities and bolster its defense against the United States. The announcement may be a reference to its self-imposed moratorium on testing nuclear weapons. The moratorium has been in place since 2017. Pyongyang is banned from

Read More
20 Jan 2022

Cloned Dept. of Labor Site Hawks Fake Government Contracts

A convincing yet illegitimate government procurement portal is advertising the opportunity to submit a bid for government projects. However, the site harvests credentials from unassuming victims instead. The phishing campaign is targeting aspiring government vendors with an invitation to bid on fake federal projects within the US Department of Labor.

Read More
20 Jan 2022

Ransomware Attack on Moncler

Italian luxury brand Moncler has suffered a cyberattack in which cybercriminals stole data and published it on the dark web. The company confirmed the attack on Tuesday, stating that it had suffered from a data breach after being attacked by the AlphV/BlackCat ransomware operation in December. The attack caused a

Read More
20 Jan 2022

Cheap malware is behind a rise in attacks on cryptocurrency wallets

Chainalysis has recently warned that a rise in cheap and easy to use malware has resulted in a rise of cryptocurrency theft. Crytocurrency has been a popular target for cybercriminals, whether they are stealing it via cryptocurrency exchanges or demanding it as an extortion payment in ransomware attacks. The growing

Read More
19 Jan 2022

Ukraine warns Russia has ‘almost completed’ build-up of forces near border

Ukraine has warned that Russia is nearly finished with its build-up of forces on the border of the two countries. The military buildup could be used for an offensive against Ukraine, exacerbating fears that Moscow could launch an invasion at any time. Russia has now deployed more than 127,000 troops

Read More
18 Jan 2022

Are Initial Access Brokers the Next Crime Target for Governments?

Initial Access Brokers (IAB) are poised to become a force in 2022, due to a unique skill set that positions them as a valuable commodity for the deployment of hostile cybercrime activity. IABs serve as middlemen, specializing in the exploitation of victims and gaining initial entry. Once achieved and sustained, these actors sell these unique accesses to interested customers on dark web forums and markets. In this capacity, they execute the first phase of a cyber-attack chain, performing the necessary research prior to conducting an operation. Emilio Iaisiello explores the implications of the growth of IABs.

Read More
14 Jan 2022

Today, Putin Sends Cybercrime Crackdown Signal to U.S.; Unattributed Cyber Attack on Ukrainian Government Sites

More than any of the mixed signals of the high-level meetings between the U.S. and Russia, two cyberwar developments today are far more clear indicators of the direction of the Ukrainian conflict playing out between NATO, Putin, and the U.S. 

Read More
14 Jan 2022

AWS Patches Glue Bug That Put Customer Data at Risk

Cybersecurity researchers have uncovered a critical vulnerability in the AWS Glue service that could allow remote attackers to access sensitive data owned by large numbers of customers. The bug was created due to an internal misconfiguration within the service. AWS Glue allows customers to combine data for projects such as

Read More
13 Jan 2022

Ransomware Attack Takes Thousands Of U.S. School Websites Offline

Thousands of schools in the US were impacted by a ransomware attack that targeted Finalsite, a company that provides schools with hosted tools to manage their online presence and communications. Since the cyberattackers targeted Finalsite instead of individual school systems, thousands of school websites hosted by Finalsite went down at

Read More
13 Jan 2022

Widespread, Easily Exploitable Windows RDP Bug Opens Users to Data Theft

Earlier this week, Microsoft issued a fix for a vulnerability that allows remote, unprivileged attackers to abuse Remote Desktop Protocol (RDP) from inside Windows devices. The flaw could allow attackers to hijack smart cards and gain unauthorized access to file systems. The bug, which is tracked as CVE-2022-21893, could lead

Read More