February 22, 2024 at 12:51AM The U.S. State Department offers up to $15 million in rewards for identifying LockBit ransomware leaders. The UK’s National Crime Agency disrupted the Russia-linked gang, with a history of extorting companies. Affiliates carry out attacks using LockBit’s software, and LockBit is known for scaling up and solidifying its control through … Read more
February 21, 2024 at 01:45PM CISA, the FBI, and the EPA have released a fact sheet outlining top cybersecurity measures for U.S. water utilities. Recommendations include reducing exposure of assets, changing passwords, patching vulnerabilities, and conducting regular cybersecurity training. The agencies also issued a guide and free security scan program to help utilities secure their … Read more
February 21, 2024 at 09:58AM The cyber-threat landscape is rapidly evolving, posing challenges for businesses of all sizes. Data breach incidents and costs are increasing, especially for small businesses, forcing compliance and security expenditures. Executives face the dilemma of balancing business growth with cybersecurity amidst a complex threat environment. Strategic cybersecurity investments, aligned with business … Read more
February 21, 2024 at 09:45AM The Biden-Harris administration issued an executive order to enhance cybersecurity at US ports, specifically addressing the threat of Chinese-made cranes. The maritime industry has been prone to cyber incidents, leading to concerns about supply chain security and global economy. The order empowers the Coast Guard to enforce cybersecurity standards and … Read more
February 21, 2024 at 08:38AM Cultural institutions like libraries and museums face increasing vulnerability to cyberattacks, as demonstrated by the recent ransomware attack on the British Library. Perpetrators seek to not only gain financially but also control and manipulate historical and cultural narratives. These institutions lack the resources needed for effective defense, requiring improved cybersecurity … Read more
February 21, 2024 at 04:18AM The SANS 2023 SOC report offers data-driven insights and emerging trends shaping the future of cybersecurity operations. Key findings include budget allocation, metrics usage, calculating SOC value, staffing dynamics, and major challenges such as lack of context, automation and orchestration, blind spots, and shortage of skilled staff. Strategic implications include … Read more
February 21, 2024 at 03:06AM Summary: Iranian state-backed APT groups are posing as hacktivists, carrying out cyberattacks against Israeli critical infrastructure. Referred to as “faketivists,” they aim to create plausible deniability for the state and offer support to the Israeli-Gaza war. Meanwhile, Hamas-related cyber activity has significantly reduced, possibly due to internet disruptions. Based on … Read more
February 20, 2024 at 03:54PM Researchers have identified a concerning increase in the spread of banking malware through abusive use of Google Cloud Run Service. Campaigns have expanded beyond Latin America, with Cisco Talos noting an uptick in such attacks since September 2023. Malicious emails with links to threat-controlled Cloud Run Web services are used … Read more
February 20, 2024 at 11:49AM Researchers uncovered voter data sale following a breach against Iraq’s Independent High Electoral Commission. The 21.58 GB database contains Iraqi voter info and a custom software client. Election cyber threats surged to 26% in 2022, jeopardizing democratic processes worldwide. Resecurity confirmed the leak and highlighted election threats from various actors … Read more
February 20, 2024 at 06:27AM North Korean-sponsored threat actors are conducting cyber espionage targeting the defense sector worldwide. The Lazarus Group is blamed for using social engineering to infiltrate the defense sector through a long-standing operation called Dream Job. Another incident involved an intrusion into a defense research center, executed by a North Korea-based threat … Read more