A global stop-payment mechanism developed by INTERPOL has enabled Singapore authorities to recover over USD 40 million from a business email compromise (BEC) scam, marking their largest-ever recovery of fraudulently obtained funds. On 23 July 2024, a commodity firm based in Singapore reported falling victim to a BEC scam. The firm received an email on 15 July from what appeared to be a supplier, requesting that a pending payment be sent to a new bank account in Timor Leste. The email address slightly differed from the supplier’s official email, a detail the firm overlooked. Consequently, a few days later, the…
Author: ISB Staff Reporter
French cybercrime police are investigating a ransomware attack on the Grand Palais Exhibition Hall in Paris, a venue for Olympic events such as fencing and Taekwondo. According to Reuters, the central computer system of the Grand Palais was targeted, but the attack did not disrupt Olympic events. The system also handles data for 40 mainly small affiliated museums. Attackers demanded a ransom within 48 hours, threatening to leak financial data if unpaid. The “Réunion des musées nationaux – Grand Palais” has enlisted the national cybersecurity agency ANSSI to investigate. No data extraction has been detected, and operations at Grand Palais…
A US technology contractor has inadvertently exposed the personal data of 4.6 million voters and election documents from multiple counties in Illinois, sparking significant concerns over election security and voter privacy. The databases, managed by Platinum Technology Resource, were found to be unprotected by passwords and included sensitive information like full names, addresses, dates of birth, driver’s license numbers, and Social Security numbers. This breach was uncovered by cybersecurity researcher Jeremiah Fowler, who reported his findings to vpnMentor. “I discovered a variety of documents, including voting records, ballot templates, and voter registrations, all originating from a single county in Illinois,”…
Proficio, a Managed Detection and Response (MDR) provider, has rolled out its ProBAS Breach and Attack Simulation service. The solution “rigorously” tests businesses’ security defenses, to ensure they can prevent compromise events and detect attacks throughout the entire threat detection and response process. From device alert logs to SIEM, SOC detection, and containment response actions, ProBAS covers all aspects. Brad Taylor, co-founder and CEO, Proficio, says threat actors only need to be lucky once, but cyber defenders must be vigilant and successful at countering attacks every time in order to protect their environment. ProBAS, he says, identifies potential threats, and implements…
Security researchers at Kaspersky have uncovered a new Android spyware campaign called LianSpy, which has been used for cyberespionage against targeted Android device users in Russia. The malware, dubbed “LianSpy,” has been in operation since July 2021, quietly harvesting sensitive data and employing advanced evasion techniques to remain undetected. LianSpy is designed to capture screencasts, exfiltrate user files, and harvest call logs and app lists. The spyware leverages multiple evasive tactics, such as using the Russian cloud service Yandex Disk for command and control (C2) communications and avoiding dedicated infrastructure, to stay under the radar. Notably, LianSpy’s developers use techniques…
Wristband, a developer-first authentication platform designed for B2B SaaS, has released the public beta launch of its B2B authentication platform. Jim Verducci, CEO of Wristband, says building robust B2B authentication in-house is a complex and time-consuming process that can take business leaders away from their core business. “Wristband eliminates the need for developers to reinvent the wheel, providing them with a secure-by-default, multi-tenant platform that can be easily customized and scaled,” he says. Wristband will democratize enterprise-grade authentication for millions of small businesses that are priced out of the most secure authentication platforms. “Small businesses have been locked out of…
The cyber espionage group dubbed Evasive Panda (also known as StormBamboo and previously tracked as StromCloud) compromised an unnamed Internet Service Provider (ISP) in mid-2023 to push malicious software updates to target entities. This incident marks a significant escalation in the sophistication of the group’s tactics. StormBamboo, active since at least 2012, is known for using backdoors like MgBot (also known as POCOSTICK) and Nightdoor (NetMM and Suzafk) to collect sensitive information. The group has recently been linked to the macOS malware strain MACMA, observed in the wild since 2021. “StormBamboo is a highly skilled and aggressive threat actor who…
Infosec Institute, a cybersecurity education provider, is parterning with Career.io, a provider of professional career-development products and services. This collaboration aims to offer comprehensive career services to students enrolled in Infosec’s Immersive Boot Camps, equipping them with the skills and support needed to transition into entry-level cybersecurity roles successfully. Students enrolling in the Cybersecurity Foundations Immersive Boot Camp will receive 30-day access to premium career services from Career.io, including AI-assisted resume and cover letter tools, a salary analyzer, and a job tracker. They will also benefit from a professional resume rewrite, LinkedIn makeover, and expert interview preparation through career.io’s sister…
A recently discovered vulnerability in the Domain Name System (DNS), dubbed ‘Sitting Ducks,’ has left millions of domains susceptible to hijacking. This attack vector, actively exploited since 2019, enables threat actors to deliver malware, phish, impersonate brands, and exfiltrate data. Researchers at Infoblox and Eclypsium identified the vulnerability, coordinating with law enforcement and national Computer Emergency Response Teams (CERTs) since June 2024. The issue arises when a registered domain or subdomain uses authoritative DNS services from a provider different from the domain registrar, a process known as name server delegation. If the authoritative name server lacks information about the domain,…
Nearly half (49%) of spam emails can be attributed to BEC scams, with the CEO, HR, and IT being the most common targets. Alarmingly, some 40% of BEC emails are AI-generated, and in some instances, AI more than likely created the entire message. These were two of the findings of the VIPRE Q2 2024 Email Threat Trends Report, which processed 1.8 billion emails globally, detecting 226.45 million spam emails and 16.91 million malicious URLs to identify the email threat trends that impact organizations the most. According to the company, the report shines the spotlight on the ingenuity of malicious actors…
