#CyberThreats

INTERPOL Disrupts Over 22,000 Malicious Servers in Global Crackdown on Cybercrime

by

November 6, 2024 at 05:24AM INTERPOL’s Operation Synergia II successfully dismantled over 22,000 malicious servers globally from April to August 2024, targeting phishing and ransomware. Approximately 76% of 30,000 identified suspicious IPs were taken down, leading to 41 arrests. The operation included cooperation with private sector partners and significant discoveries in multiple countries. ### Meeting … Read more

City of Columbus Drops Case on Cyberattack Whistleblower

by

November 5, 2024 at 11:42AM Columbus, Ohio, settled with whistleblower David Leroy Ross after he reported a cyberattack exposing residents’ personal information. The city sued him for damages but agreed to dismiss the case with a permanent injunction, allowing him to share only approved public data, amidst concerns of discouraging future whistleblowers. **Meeting Takeaways:** 1. … Read more

Ongoing typosquatting campaign impersonates hundreds of popular npm packages

by

November 5, 2024 at 11:32AM A typosquatting campaign is targeting developers through similar-named malicious JavaScript npm packages, leading to info-stealing malware. Originating in October, it employs Ethereum smart contracts for command and control, complicating detection. Researchers emphasize the need for stricter package management and authentication to protect development environments from these attacks. Here are the … Read more

Suspect behind Snowflake data-theft attacks arrested in Canada

by

November 5, 2024 at 10:22AM Canadian authorities arrested Alexander “Connor” Moucka for allegedly stealing data from hundreds of millions by targeting over 165 organizations using compromised customer credentials via malware. This attack, affecting major companies, highlights vulnerabilities in multi-factor authentication at Snowflake, which has since implemented stricter security measures. Moucka awaits extradition hearing. **Meeting Takeaways:** … Read more

Dark Reading Confidential: Quantum Has Landed, So Now What?

by

November 5, 2024 at 09:13AM Becky Bracken and Kelly Jackson Higgins discuss the implications of quantum computing on cybersecurity in the podcast “Quantum Has Landed: So Now What?” The episode emphasizes the urgency for organizations to prepare for quantum threats, shifting from reactive to proactive measures in encryption and cyber risk management. **Meeting Takeaways: Dark … Read more

DocuSign Abused to Deliver Fake Invoices

by

November 5, 2024 at 08:49AM Cybercriminals are exploiting DocuSign APIs to send fraudulent emails, including fake invoices, that evade spam and phishing filters. This highlights vulnerabilities in the platform, posing significant risks for users. The information was reported by SecurityWeek. **Meeting Takeaways:** 1. **Issue Identified**: Cybercriminals are exploiting DocuSign APIs. 2. **Method of Attack**: They … Read more

APT36 Refines Tools in Attacks on Indian Targets

by

November 4, 2024 at 05:50PM Pakistan’s APT36 group has enhanced its ElizaRAT malware, targeting Indian government and military entities. The latest variant features improved evasion techniques, ApoloStealer for data collection, and utilizes legitimate services for command-and-control. Recent campaigns show a shift to cloud-based communication and a modular approach to malware deployment, emphasizing intelligence gathering. **Meeting … Read more

Columbus, Ohio, confirms 500K people affected by Rhysida ransomware attack

by

November 4, 2024 at 12:04PM The City of Columbus, Ohio, reported that 500,000 residents’ personal data may have been accessed in a ransomware attack by Rhysida. The breach involved sensitive information, including names, addresses, and social security numbers. Columbus offered two years of credit monitoring to affected residents and faces scrutiny over its response. ### … Read more

Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning

by

November 4, 2024 at 09:45AM Cybersecurity researchers identified six vulnerabilities in the Ollama AI framework, enabling attacks like denial-of-service, model poisoning, and theft. Two unresolved issues remain unpatched, emphasizing the need for users to restrict internet exposure of certain endpoints. Of 9,831 instances analyzed, one in four is vulnerable. ### Meeting Takeaways – Cybersecurity Vulnerabilities … Read more

THN Recap: Top Cybersecurity Threats, Tools, and Practices (Oct 28 – Nov 03)

by

November 4, 2024 at 07:39AM This week in cybersecurity, numerous hacking incidents occurred, including North Korean collaborations on ransomware and exploits targeting browsers and cloud services. Highlights include vulnerabilities in PTZ cameras and OpenText software, a fraudulent scheme manipulating online shops, and security updates from various companies. Stay informed and proactive in safeguarding digital assets. … Read more