November 29, 2024 at 09:03AM Cybercriminals are increasingly seeking skilled cybersecurity professionals to enhance their malware and ransomware operations, reflecting a shift towards structured, corporate-like organizations. This trend is driven by the need to secure their tools against law enforcement crackdowns and technological advances, prompting a rise in new ransomware groups and job opportunities in … Read more
November 8, 2024 at 07:27AM Recently, numerous Nigerian cybercriminals have been imprisoned in the United States, with several receiving lengthy sentences for their offenses. This uptick in prison sentences highlights the ongoing efforts to combat cybercrime originating from Nigeria. **Meeting Takeaways:** 1. A notable increase in the number of Nigerian cybercriminals sentenced to prison in … Read more
October 19, 2024 at 10:41AM Microsoft is employing deceptive strategies against phishing by using realistic honeypot tenants to attract cybercriminals. This approach enables the collection of intelligence on attackers’ methods, facilitating infrastructure mapping, campaign disruption, and prolonged deception. Presented by Ross Bevington at BSides Exeter, it aims to enhance security and understanding of threat actors. … Read more
October 3, 2024 at 10:15PM Custom dictionaries are essential for strengthening password security. They block the use of common words, industry and organization-specific terms, and easily guessable patterns, adding an extra layer of defense against targeted attacks. Integrating custom dictionaries with tools like Specops Password Policy enhances Active Directory password security and reduces the risk … Read more
October 3, 2024 at 06:39AM INTERPOL announced the arrest of eight individuals in Côte d’Ivoire and Nigeria as part of Operation Contender 2.0 to tackle cyber-enabled crimes in West Africa. The campaign targeted phishing and romance scams, resulting in financial losses of over $1.4 million. The importance of continued international cooperation in combating cybercrime was … Read more
October 2, 2024 at 01:27PM Group-IB reported on a large-scale fraud campaign involving fake trading apps on Apple App Store and Google Play Store, using phishing sites to deceive victims. Operating globally, the campaign leverages social engineering, targeting victims for investment fraud. The cybercriminals utilized a fake app to deceive victims into making investments, subsequently … Read more
September 26, 2024 at 01:37PM Hurricane Helene approaches Florida coastline as a Category 3 storm with a life-threatening 20-foot surge. Cybercriminals are anticipated to exploit public interest and anxiety by launching fraud and phishing schemes related to the hurricane. The US National Hurricane Center and Cybersecurity agencies advise people to be cautious of charitable solicitations, … Read more
September 21, 2024 at 12:51PM A cybercriminal group named “Marko Polo” has executed a large-scale infostealer malware campaign, impacting thousands and potentially causing millions in financial losses. Using various distribution channels and targeting high-value individuals, the group distributes malicious software under legitimate guises, compromising both Windows and macOS systems. Mitigating these threats involves cautious online … Read more
September 16, 2024 at 07:39AM Access Sports Medicine & Orthopaedics discovered unauthorized access to personal and health information of over 88,000 individuals due to a cyberattack. The compromised data includes names, Social Security numbers, and medical information. While no evidence of misuse has been found, fraud protection services have been offered. The attack was claimed … Read more
September 5, 2024 at 07:12AM Microchip Technology confirmed a recent ransomware attack resulting in stolen personal and other data. The company isolated the affected systems and filed an 8-K Form with the SEC, confirming the breach. Although certain data was stolen, the full extent of the impact and validity of ransomware group’s claims are still … Read more