CyberSecure Specialist

18 May

Russian national indicted for ransomware attacks against the US

Data Breaches, Malware, Social Engineering

Russian national, Mikhail Pavlovich Matveev, has been charged and indicted for launching ransomware attacks against thousands of victims in the US and across the world, the US Department of Justice (DoJ) said in a press release. The US Department of State has also announced an award of up to $10 million for information that leads to the arrest and/or conviction of the Russian national. “According to the indictment obtained in the District of New Jersey,…

Read More
18 May

Highlights from TikTok CEO’s Congress grilling – Week in security with Tony Anscombe

Information

Here are some of the key moments from the five hours of Shou Zi Chew’s testimony and other interesting news on the data privacy front As the controversy surrounding TikTok continues, the app’s CEO Shou Zi Chew appeared before the U.S. Congress to explain the app’s data privacy and security practices. Here are some of the key moments from the five hours of the testimony. In other (but related) news, a school district in San…

Read More
18 May

Staying safe on OnlyFans: The naked truth

Information

How content creators and subscribers can embrace the social media platform without (overly) exposing themselves to the potentially toxic brew of NSFW content and privacy threats By now you’ve most probably heard of, or possibly even use, OnlyFans. Launched in 2016, this subscription service for content creators gained momentum over the course of the pandemic and now boasts a user base of more than 170 million people, 2.1 million of which are registered content creators.…

Read More
18 May

Meet “AI”, your new colleague: could it expose your company’s secrets?

Information

Before rushing to embrace the LLM-powered “hire”, make sure your organization has safeguards in place to avoid putting its business and customer data at risk Chatbots powered by large language models (LLMs) are not just the world’s new favorite pastime. The technology is increasingly being recruited to boost workers’ productivity and efficiency, and given its increasing capabilities, it’s poised to replace some jobs entirely, including in areas as diverse as coding, content creation, and customer…

Read More
18 May

US offers $10m bounty for Russian ransomware suspect outed in indictment

Information

by Naked Security writer He goes by many names, according to the US Department of Justice. Mikhail Pavlovich Matveev, or just plain Matveev as he’s repeatedly referred to in his indictment, as well as Wazawaka, m1x, Boriselcin and Uhodiransomwar. From that last alias, you can guess what he’s wanted for. In the words of the charge sheet: conspiring to transmit ransom demands; conspiring to damage protected computers; and intentionally damaging protected computers. Simply put, he’s…

Read More
17 May

IBM acquires Polar Security, bolstering data security capabilities

Data Breaches, Malware, Social Engineering

IBM has purchased application security startup Polar Security, in an attempt to address the security of application data in the cloud and help organizations track vulnerable information. In a statement issued this morning, IBM said that the increased cloud adoption driven by the pandemic has strained organizational capacity to track certain aspects of their application frameworks, including certain types of app data, permissions and more. The company said that this has led to “shadow data,”…

Read More
17 May

Researchers show ways to abuse Microsoft Teams accounts for lateral movement

Data Breaches, Malware, Social Engineering

With organizations increasingly adopting cloud-based services and applications, especially collaboration tools, attackers have pivoted their attacks as well. Microsoft services consistently rank at the top of statistics when it comes to malicious sign-in attempts, and Microsoft Teams is one application that recently seems to have attracted attackers’ interest. Researchers from security firm Proofpoint investigated how attackers could abuse access to a Teams account and found some interesting attack vectors that could allow hackers to move…

Read More
17 May

Access to Energy Sector ICS/OT Systems Offered on Hacker Forums

Information, News

Threat actors have been offering access to energy sector organizations, including industrial control systems (ICS) and other operational technology (OT) systems, according to a new report from Searchlight Cyber. The UK-based threat intelligence company has conducted an analysis of posts published between February 2022 and February 2023 on cybercrime forums, dark web sites, and marketplaces, and found many offers for initial access into the environments of energy sector organizations, including oil and gas and renewable…

Read More
17 May

Entro exits stealth with context-based secrets management

Data Breaches, Malware, Social Engineering

Entro, the Israeli cybersecurity company focused on protection for secrets and programmatic access to cloud services and data, has exited stealth with its first-ever product offering context-based secrets management. The new offering is the first and only holistic secrets security platform that detects, safeguards, and provides context for secrets stored across vaults, source code, collaboration tools, cloud environments, and SaaS platforms, Entro claimed. “Entro implements proactive measures to secure secrets, such as real-time discovery, end-to-end visibility,…

Read More
17 May

Attacker uses the Azure Serial Console to gain access to Microsoft VM

Data Breaches, Malware, Social Engineering

Financially motivated threat actor UNC3944 is using phishing and SIM swapping attacks to take over Microsoft Azure admin accounts and gain access to virtual machines (VM), according to cybersecurity firm Mandiant. Using access to virtual machines the attackers employed malicious use of the Serial Console on Azure Virtual Machines to install third-party remote management software within client environments, Mandiant said in a blog. UNC3944 has been active since May 2022. The threat actor has been…

Read More