October 7, 2024 at 05:57AM
The weekly cybersecurity recap covers a range of threats and events, including the takedown of LockBit ransomware operation, a record-breaking DDoS attack, North Korean hackers deploying a new trojan, and a large-scale fraud campaign targeting trading apps on Apple and Google stores. Furthermore, it highlights breaches at major companies and potential ways to strengthen security measures. Stay alert and informed in the ever-evolving cybersecurity landscape.
Meeting Takeaways:
Threat of the Week:
– LockBit and Evil Corp cybercrime groups were targeted by international law enforcement actions.
Top News:
– The DoJ and Microsoft seized 107 internet domains controlled by a Russian threat actor for credential harvesting campaigns.
– Cloudflare averted a record-breaking DDoS attack at 3.8 Tbps.
– A North Korea-linked threat actor deployed a new trojan, VeilShell, targeting Southeast Asia.
– A large-scale fraud campaign leveraged fake trading apps on Apple and Google Stores in a “pig butchering” scam.
– 700,000+ DrayTek Routers were found to be vulnerable to remote attacks due to security flaws.
– Chinese nation-state actor, Salt Typhoon breached U.S. broadband providers’ networks.
– Iranian spear-phishing activity was targeted at individuals with a nexus to Iranian and Middle Eastern affairs.
– NIST NVD is facing a backlog crisis with many CVEs unanalyzed.
– Major flaws in RPKI were found by German researchers.
– Telegram’s data policy shift is pushing cybercriminals to alternative apps.
Cybersecurity Resources & Insights:
– Recommendations to reduce compliance costs while strengthening security.
– Introduction of Capa Explorer Web and Ransomware Tool Matrix for cyber defense.
– Tip of the Week to keep an “Ingredients List” for software with a Software Bill of Materials (SBOM).
The main takeaway focuses on a wide range of cybersecurity incidents, including law enforcement actions against cybercrime groups, major DDoS attacks, network breaches, phishing activities, and the movement of cybercriminals to alternative messaging platforms. Additionally, insights and resources for strengthening security and reducing compliance costs were shared.