US Takes Down Stolen Credit Card Marketplace PopeyeTools

November 22, 2024 at 08:04AM The US Department of Justice seized PopeyeTools, a marketplace for trading stolen credit card information, and charged three administrators. The site, operational since 2016, had over 227,000 stolen identities and generated $1.7 million. Additionally, $283,000 in cryptocurrency was seized from one administrator’s account. **Meeting Takeaways:** 1. **Seizure of PopeyeTools**: The … Read more

Russian Hackers Deploy HATVIBE and CHERRYSPY Malware Across Europe and Asia

November 22, 2024 at 07:12AM Russian-linked threat group TAG-110 has been conducting a cyber espionage campaign targeting Central Asia, East Asia, and Europe, utilizing custom malware HATVIBE and CHERRYSPY. The campaign, focused on government and educational institutions, aims to gather intelligence to support Russia’s geopolitical interests, particularly in post-Soviet states. **Meeting Takeaways – Cyber Espionage … Read more

Unlocking Google Workspace Security: Are You Doing Enough to Protect Your Data?

November 22, 2024 at 07:12AM Google Workspace has become vital for business productivity, offering tools for collaboration. However, its popularity increases cybersecurity risks, as user errors, weak passwords, and inadequate configurations expose data. A shared responsibility model means securing user accounts falls on users. Implementing layered security and using tools like Backupify can enhance data … Read more

Russian Cyberespionage Group Hit 60 Victims in Asia, Europe

November 22, 2024 at 07:02AM A Russia-linked cyberespionage group, TAG-110, has targeted over 60 victims across Asia and Europe, mainly in government and education, since at least 2021. Utilizing malware like HatVibe and CherrySpy, the group’s activities align with Russian geopolitical interests, particularly in Central Asia, impacting multiple sectors and national institutions. ### Meeting Takeaways … Read more

How to master endpoint security

November 22, 2024 at 06:20AM The “Secure Everything for Every Endpoint” webinar, hosted by Tim Phillips and featuring Sam Duckett from Kaseya, addresses the complexities of endpoint security. Key takeaways include the importance of integrated management, automation to diminish human error, and a unified strategy to enhance protection across diverse devices. The webinar is available … Read more

Rising Tides: Wendy Nather on Resilience, Leadership, and Building a Stronger Cybersecurity Community

November 22, 2024 at 06:17AM Wendy Nather, a respected figure in cybersecurity, discusses the importance of mentorship, diversity in leadership, and the need for resilience in personal and professional challenges. She emphasizes the significance of people in any organization and advocates for creating opportunities for underrepresented groups to lead within the industry. Here are the … Read more

400,000 Systems Potentially Exposed to 2023’s Most Exploited Flaws

November 22, 2024 at 06:01AM A VulnCheck report identifies 15 critical vulnerabilities in various software products, with 400,000 internet-accessible hosts at risk. Eight flaws were exploited as zero-days, some even prior to patch releases. The report highlights significant threat actor activity, recommending organizations enhance risk visibility and patch management to mitigate exposure. ### Meeting Takeaways … Read more

Microsoft Disrupts ONNX Phishing Service, Names Its Operator

November 22, 2024 at 05:00AM Microsoft has taken down 240 phishing websites and disrupted the ONNX service, attributing its operation to an individual based in Egypt. This action is part of the company’s ongoing efforts to combat phishing threats. **Meeting Takeaways:** 1. **Phishing Website Seizures**: Microsoft has taken action by seizing a total of 240 … Read more

Microsoft, Meta, and DOJ Disrupt Global Cybercrime and Fraudulent Networks

November 22, 2024 at 04:48AM Meta, Microsoft, and the U.S. Department of Justice are taking action against cybercrime. Microsoft seized 240 fraudulent websites linked to a phishing kit seller. The DoJ shut down PopeyeTools, a marketplace for stolen data, while Meta removed over two million scam accounts. Collaborations aim to combat online fraud globally. ### … Read more

SafePay ransomware gang claims Microlise attack that disrupted prison van tracking

November 22, 2024 at 03:44AM The SafePay ransomware gang has attacked UK telematics firm Microlise, demanding payment within 24 hours to prevent data leaks of 1.2 TB stolen. Major clients, including DHL and Serco, suffered service disruptions. Microlise reports most customer systems are back online, denying major data compromises while assessing the incident’s overall impact. … Read more