CyberSecure Specialist

25 May

Ransomware tales: The MitM attack that really had a Man in the Middle

Information, Uncategorized

by Paul Ducklin It’s taken more than five years for justice to be served in this case, but the cops and the courts got there in the end. The UK law enforcement office SEROCU, short for South East Regional Organised Crime Unit, this week reported the peculiar tale of one Ashley Liles, the literal Man in the Middle whom we referred to in the headline. These days, we usually expand the jargon term MitM to…

Read More
25 May

Drop in Insider Breaches Drives Decline in Intrusions at OT Organizations

Information, News

The 2023 State of Operational Technology and Cybersecurity Report published on Wednesday by Fortinet shows a drop in the number of intrusions at OT organizations. The report is based on a survey of 570 OT professionals, representing the manufacturing, transportation, healthcare, oil and gas, energy, chemical, and water sectors in countries such as the US, Canada, Australia, Brazil, Mexico, the UK, France, Germany, Japan, India, South Africa, and Egypt. A vast majority of the respondents…

Read More
25 May

Microsoft links attacks on American critical infrastructure systems to China

Data Breaches, Malware, Social Engineering

Microsoft and a few American intelligence agencies have detected malware of Chinese origin deployed in critical infrastructure systems in Guam and elsewhere in the United States. The malicious activity, focused on post-compromise credential access and network security discovery, has been linked to Volt Typhoon, a state-sponsored threat actor in China. “Volt Typhoon has been active since mid-2021 and has targeted critical infrastructure organizations in Guam and elsewhere in the United States,” Microsoft said in a…

Read More
25 May

ChatGPT and data: Everything you need to know

Attacks, Data Breaches

Since OpenAI unleashed ChatGPT onto the world, opinion has been split between those who believe it will radically improve the way we live and work and those who are worried about its potential for disruption, particularly on the privacy of individuals and organizations. There have already been incidents where sensitive data has been leaked and employees have landed in hot water after entering confidential company information into the chatbot, with some countries even issuing a…

Read More
25 May

IOTW: Luxottica confirms 2021 data leak of 70 million customers’ information

Attacks, Data Breaches

Italian eyewear brand Luxottica, parent company of Ray-Ban and Oakley, has confirmed that the data of more than 70 million customers was accessed in 2021. The data was exposed after a third-party data storage provider used by Luxottica suffered a cyber attack. It has not currently been made public how the hackers gained access to its network, or which company the third party was. The data breach and theft was revealed after a malicious actor…

Read More
25 May

Attributes of a mature cyber-threat intelligence program

Data Breaches, Malware, Social Engineering

Earlier this year, ESG published a research report focused on how enterprise organizations use threat intelligence as part of their overall cybersecurity strategy. The research project included a survey of 380 cybersecurity professionals working at enterprise organizations (i.e., more than 1,000 employees). Survey respondents were asked questions about their organization’s cyber-threat intelligence (CTI) program – how it was staffed, what types of skills were most important, its challenges and strategies, spending plans, etc. I’ve written…

Read More
25 May

6 ways generative AI chatbots and LLMs can enhance cybersecurity

Data Breaches, Malware, Social Engineering

The rapid emergence of Open AI’s ChatGPT has been one of the biggest stories of the year, with the potential impact of generative AI chatbots and large language models (LLMs) on cybersecurity a key area of discussion. There’s been a lot of chatter about the security risks these new technologies could introduce — from concerns about sharing sensitive business information with advanced self-learning algorithms to malicious actors using them to significantly enhance attacks. Some countries,…

Read More
24 May

SMBs and regional MSPs are increasingly targeted by state-sponsored APT groups

Data Breaches, Malware, Social Engineering

Advanced persistent threat (APT) attacks were once mainly a concern for large corporations in industries that presented cyberespionage interest. That’s no longer the case and over the past year in particular, the number of such state-sponsored attacks against small- and medium-sized businesses (SMBs) has increased significantly. Cybersecurity firm Proofpoint analyzed its telemetry data more than 200,000 SMB customers over the past year and saw a rise in phishing campaigns originating from APT groups, particularly those…

Read More
24 May

Hackers attempt to sell personal data of 1.5 million women

Attacks, Data Breaches

The personal information of more than 1.5 million women has been put up for sale on the dark web following an alleged data breach of Indian lingerie brand Zivame. The alleged data breach was discovered after an advert offering the sale of the personal data stolen during the hack was posted on the dark web and the messaging app Telegram. The sellers, who are claiming to be the malicious actors who stole the data, are…

Read More
24 May

New hyperactive phishing campaign uses SuperMailer templates: Report

Data Breaches, Malware, Social Engineering

SuperMailer, a legitimate email newsletter program, has been found abused by threat actors to conduct a high-volume credential harvesting campaign, according to network security firm Cofense. “The SuperMailer-generated emails have been reaching inboxes at an increasingly remarkable volume,” Brah Haas, cyber threat intelligence analyst at Cofense, said in a blog post. “Emails containing the unique SuperMailer string barely registered in January and February, but in the first half of May they accounted for over 5%…

Read More