December 12, 2024 at 03:06PM Law enforcement worldwide has seized 27 popular platforms used for DDoS attacks in an ongoing operation called PowerOFF, coordinated by Europol across 15 countries. It targeted cybercriminals, arresting three administrators and identifying over 300 others. Authorities aim to disrupt the cybercrime ecosystem, especially during heightened holiday attack periods. ### Meeting … Read more
December 12, 2024 at 02:42PM The U.S. Justice Department indicted 14 North Korean nationals for a scheme posing as remote IT workers to commit sanctions violations, fraud, and identity theft, allegedly earning $88 million over six years. They used stolen identities and advanced tactics to access U.S. companies, highlighting the threat of North Korean cyberattacks. … Read more
December 12, 2024 at 02:20PM Phishing is a leading cyber threat that often initiates data breaches, as seen in the 2021 Colonial Pipeline attack. This social engineering tactic manipulates victims into revealing sensitive information through various methods, including email and SMS. Mitigating risks requires user education, technical controls, and robust incident response strategies. ### Meeting … Read more
December 12, 2024 at 02:07PM In response to a major telecommunications breach attributed to China, Senator Ron Wyden proposed the “Secure American Communications Act” to enhance cybersecurity standards for U.S. telcos. Critics argue existing regulations are under-enforced, highlighting resource challenges rather than a lack of rules as the primary issue in cybersecurity vulnerabilities. **Meeting Takeaways: … Read more
December 12, 2024 at 12:09PM Cleo has released urgent security patches for a zero-day vulnerability in its LexiCom, VLTransfer, and Harmony software, actively exploited in data theft attacks linked to the Termite ransomware gang. Customers are advised to upgrade to version 5.8.0.24 to enhance security and mitigate risks from these breaches. ### Meeting Takeaways 1. … Read more
December 12, 2024 at 11:46AM Spanish and Peruvian police arrested 83 individuals involved in a major voice phishing scam, seizing cash and tech during 29 raids. The scammers impersonated banks, defrauding over 10,000 victims of €3 million by using spoofed calls to extract sensitive information. Authorities advise against sharing personal bank details without verification. ### … Read more
December 12, 2024 at 11:09AM Byte Federal, the largest U.S. Bitcoin ATM operator, experienced a data breach affecting 58,000 customers due to a GitLab vulnerability. Sensitive information like names, social security numbers, and contact details were accessed. The company has secured its systems and urges customers to monitor for fraud but does not offer identity … Read more
December 12, 2024 at 11:09AM Russian cyber-espionage group Turla is leveraging other threat actors’ infrastructure, specifically targeting Ukrainian military devices via Starlink. Utilizing malware from the Amadey botnet and other sources, Turla deploys custom malware like Tavdig and KazuarV2 to gather intelligence and perform reconnaissance on compromised systems. Microsoft recently highlighted these activities. ### Key … Read more
December 12, 2024 at 10:47AM Silent Push, a detection-focused threat intelligence firm, has raised $10 million, bringing total funding to $22 million. Founded in 2020, the Virginia-based startup offers tools to counter cyberattacks by identifying malicious infrastructure and utilizing automated adversary intelligence. The funding will aid expansion into new regions and enhance marketing efforts. **Meeting … Read more
December 12, 2024 at 10:24AM Sublime Security, a D.C. startup offering email security solutions for Microsoft 365 and Google Workspace, has secured $60 million in funding, bringing total investments to $93.8 million. The company, gaining traction with major clients, provides AI-driven tools for threat detection and management, competing in the growing email security market. ### … Read more