A Moscow-based Russian national, Georgy Kavzharadze, has been sentenced to 40 months in federal prison for selling stolen financial information on the dark web marketplace known as Slilpp. The US Attorney’s Office for the District of Columbia announced that Kavzharadze, 27, was a prolific vendor of login credentials, personal information, and other sensitive information using the alias “TeRorPP.” On 16 February 2024, Kavzharadze pleaded guilty to conspiracy to commit bank and wire fraud. Over and above his prison sentence, he was ordered to pay more than $1.2 million in restitution for damages caused by his criminal activities. Using several online…
Author: ISB Staff Reporter
Researchers from Kaspersky have detected a series of ongoing targeted cyberattacks on dozens of computers at Russian government entities and IT organizations. The bad actors infected devices via phishing emails with malicious shortcut attachments. These shortcuts were used to deliver malware that received commands via the popular cloud service Dropbox. Malicious actors used this malware to download additional payloads onto infected machines, in particular tools used by the APT31 group and an updated CloudSorcerer backdoor. Kaspersky has named this campaign EastWind. The security giant shared some interesting facts about the implants used in this campaign: Detecting Attacks The implants pinpointed…
Malware loaders are a significant threat in the cybersecurity landscape, with nearly 40% of all malware observed in critical security incidents involving these specialized tools. Among the most prevalent loaders are “SocGholish,” “GootLoader,” and “Raspberry Robin,” which have been frequently used by cybercriminals to deliver a range of secondary malware, including ransomware. This was revealed in ReliaQuest’s recent report, which examines the most common malware loaders today. Loaders are specialized forms of malware designed to gain an initial foothold in a system before downloading and executing additional, often more destructive, malware. Their ability to deliver secondary payloads makes them a…
In 2024, email breaches continue to pose a significant threat to personal and corporate security, with millions of email addresses exposed in data hacks. An email breach occurs when malicious actors infiltrate a company’s system, stealing customer data, including email addresses. This stolen information can be used for phishing attacks, identity fraud, and other malicious activities. The Red Flags If you’ve noticed trouble logging into your email or unusual activity within your account, your email address may have been compromised. While services like Norton and Have I Been Pwned allow users to check if their email has been part of…
The US Department of Commerce’s National Institute of Standards and Technology (NIST) has officially released its first set of finalized encryption standards designed to withstand attacks from quantum computers. These post-quantum encryption standards are expected to secure a wide array of electronic information, from confidential emails to vital e-commerce transactions. NIST has urged computer system administrators to begin transitioning to these new standards without delay, emphasizing the importance of early adoption to safeguard digital infrastructure from potential quantum threats. A Leap Forward in Quantum-Resistant Security Developed in response to the rapid development of quantum computing technology, which experts predict could…
Twitter, recently rebranded as “X,” is under increased scrutiny after nine additional complaints were filed across Europe, alleging the company unlawfully used the personal data of over 60 million EU/EEA users to train its AI technologies without their consent. This comes shortly after the Irish Data Protection Commission (DPC) initiated legal proceedings to halt the illegal data processing but has been criticized for not fully enforcing the GDPR. The complaints, filed by the non-profit privacy advocacy group noyb, span Austria, Belgium, France, Greece, Ireland, Italy, the Netherlands, Spain, and Poland. The group argues that Twitter’s actions mirror Meta’s recent failed…
A staggering 94% of companies have fallen victim to phishing attacks over the last year, while 91% experienced data loss or exfiltration incidents. It’s not surprising, then, that 95% of cybersecurity leaders are increasingly stressed about email security, particularly phishing attacks originating from compromised supply chain accounts, internal account takeovers due to credential harvesting, and wire fraud. These were two findings of the 2024 Email Security Risk Report from Egress, a KnowBe4 company. The report, based on an independent survey of 500 cybersecurity professionals, paints a grim picture of the current state of email security, revealing that traditional approaches to…
Cybercriminals have significantly increased their use of data-exfiltration tools, which are highly effective for stealing sensitive data and evading detection. This was revealed in a recent report by ReliaQuest, which highlights the evolving strategies of threat actors in the digital landscape. The report, covering incidents from September 2023 to July 2024, examined the tools that have become increasingly popular among malicious actors. Weapon of Choice Rclone, an open-source command-line utility, has emerged as a favored tool for data exfiltration, appearing in 57% of incidents investigated by ReliaQuest. Initially designed for legitimate use in synchronizing files across various cloud storage platforms,…
Vectra AI, a provider of AI-driven Extended Detection and Response (XDR) solutions, has expanded its Vectra AI Platform, enhancing its ability to provide Security Operations Center (SOC) teams with a real-time view of their active posture. This expansion leverages the company’s patented Attack Signal Intelligence to offer a comprehensive view of potential vulnerabilities across networks, identities, clouds, and GenAI tools. In the evolving threat landscape, SOC teams must stay ahead of attackers by understanding where their organization is exposed to infiltration and lateral movement. Vectra’s platform empowers teams to proactively identify and address these vulnerabilities, offering critical insights that static…
The healthcare industry is poised for a cybersecurity transformation, with passwordless authentication at the forefront. Utilizing passkeys and biometrics improves user experience and significantly strengthens data security against contemporary threats such as credential stuffing and MFA fatigue. So says Phil Englert, VP of Medical Device Security at HEALTH-ISAC, adding that the urgency to access medical data for patient care makes healthcare institutions particularly vulnerable to ransomware attacks that deny access to critical data or data breaches leaking sensitive personal information, including medical histories, Social Security numbers, and insurance details. “Cybercriminals also target medical devices, Internet of Things (IoT) technologies, and…
