CyberSecure Specialist

12 Mar

CISA and Partners Release Cybersecurity Advisory on Medusa Ransomware

Attacks, Insights, Malware

Today, CISA—in partnership with the Federal Bureau of Investigation (FBI) and Multi-State Information Sharing and Analysis Center (MS-ISAC)—released joint Cybersecurity Advisory, #StopRansomware: Medusa Ransomware. This advisory provides tactics, techniques, and procedures (TTPs), indicators of compromise (IOCs), and detection methods associated with known Medusa ransomware activity. Medusa is a ransomware-as-a-service variant used to conduct ransomware attacks; as of December 2024, over 300 victims from critical infrastructure sectors have been impacted. Medusa actors use common techniques like phishing…

Read More
11 Mar

Microsoft: 6 Zero-Days in March 2025 Patch Tuesday

Information, Insights

Microsoft today issued more than 50 security updates for its various Windows operating systems, including fixes for a whopping six zero-day vulnerabilities that are already seeing active exploitation. Two of the zero-day flaws include CVE-2025-24991 and CVE-2025-24993, both vulnerabilities in NTFS, the default file system for Windows and Windows Server. Both require the attacker to trick a target into mounting a malicious virtual hard disk. CVE-2025-24993 would lead to the possibility of local code execution,…

Read More
11 Mar

Alleged Co-Founder of Garantex Arrested in India

Information, Insights

Authorities in India today arrested the alleged co-founder of Garantex, a cryptocurrency exchange sanctioned by the U.S. government in 2022 for facilitating tens of billions of dollars in money laundering by transnational criminal and cybercriminal organizations. Sources close to the investigation told KrebsOnSecurity the Lithuanian national Aleksej Besciokov, 46, was apprehended while vacationing on the coast of India with his family. Aleksej Bešciokov, “proforg,” “iram”. Image: U.S. Secret Service. On March 7, the U.S. Department…

Read More
07 Mar

Feds Link $150M Cyberheist to 2022 LastPass Hacks

Data Breaches, Information, Insights

In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing this week, U.S. federal agents investigating a spectacular $150 million cryptocurrency heist said they had reached the same conclusion. On March 6, federal prosecutors in northern California said they seized approximately $24 million worth of…

Read More
06 Mar

Who is the DOGE and X Technician Branden Spikes?

Information, Insights

At 49, Branden Spikes isn’t just one of the oldest technologists who has been involved in Elon Musk’s Department of Government Efficiency (DOGE). As the current director of information technology at X/Twitter and an early hire at PayPal, Zip2, Tesla and SpaceX, Spikes is also among Musk’s most loyal employees. Here’s a closer look at this trusted Musk lieutenant, whose Russian ex-wife was once married to Elon’s cousin. The profile of Branden Spikes on X.…

Read More
06 Mar

FBI Warns of Data Extortion Scam Targeting Corporate Executives

Attacks, Insights, Malware

The Federal Bureau of Investigation (FBI) Internet Crime Complaint Center (IC3) has released an alert warning of a scam involving criminal actors masquerading as the “BianLian Group.” The cyber criminals target corporate executives by sending extortion letters threatening to release victims’ sensitive information unless payment is received.  CISA encourages organizations to review the following FBI Public Service Announcement for more information: Mail Scam Targeting Corporate Executives Claims Ties to Ransomware Organizations should report incidents and anomalous activity…

Read More
06 Mar

Unveiling WolfsBane: Gelsemium’s Linux counterpart to Gelsevirine

Information

ESET researchers have identified multiple samples of Linux backdoor, which we have named WolfsBane, that we attribute with high confidence to the Gelsemium advanced persistent threat (APT) group. This China-aligned threat actor has a known history dating back to 2014 and until now, there have been no public reports of Gelsemium using Linux malware. Additionally, we discovered another Linux backdoor, which we named FireWood. However, we cannot definitively link FireWood to other Gelsemium tools, and…

Read More
06 Mar

What is “Scam Likely”? Putting the phone down on unwanted calls

Information

Tired of dodging all those ‘Scam Likely’ calls? Here’s what’s behind the label and how to stay one step ahead of phone scammers. Phil Muncaster 18 Nov 2024  •  , 5 min. read Despite all the wonders of modern technology, it is often the old ways that we rely on most. That’s certainly true of communications. We may have email, video conferencing, text, social media and end-to-end encrypted instant messages to choose from, but some…

Read More
06 Mar

My information was stolen. Now what?

Information

Back in May 2023, I wrote the blogpost You may not care where you download software from, but malware does as a call to arms, warning about the risks of running software downloaded from so-called “trusted sources” of pirated software. Of course, those files were anything but trustworthy and contained malware, such as ransomware or infostealers, specifically targeted at that demographic. My hope was that by educating the public about the risks involved, people would…

Read More
05 Mar

Kathryn Thornton: Correcting Hubble’s vision | Starmus highlights

Information

WeLiveScience The veteran of four space missions discusses challenges faced by the Hubble Space Telescope and how human ingenuity and teamwork made Hubble’s success possible 20 Nov 2024 Kathryn Thornton, a renowned astronaut and physicist, recounts the groundbreaking journey of the first servicing mission to the Hubble Space Telescope in 1993. Her talk dives into the critical challenges faced by Hubble after its launch in 1990, particularly its inability to focus due to a flaw…

Read More