CyberSecure Specialist

20 Jun

KrebsOnSecurity Threatened with Defamation Lawsuit Over Fake Radaris CEO

Information, Insights

On March 8, 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in Massachusetts who operated multiple Russian language dating services and affiliate programs, in addition to a dizzying array of people-search websites. The subjects of that piece are threatening to sue KrebsOnSecurity for defamation unless the story is retracted. Meanwhile, their attorney has admitted that the person Radaris named as the CEO from…

Read More
20 Jun

Hacktivism is evolving – and that could be bad news for organizations everywhere

Information

Business Security, Critical Infrastructure Hacktivism is nothing new, but the increasingly fuzzy lines between traditional hacktivism and state-backed operations make it a more potent threat Phil Muncaster 19 Jun 2024  •  , 5 min. read Hacktivism surged back into mainstream consciousness with Russia’s invasion of Ukraine in February 2022. Less than two years later, politically-motivated groups and individuals were out in force again, this time ostensibly to make their point amid the Israel-Hamas conflict. Worryingly,…

Read More
20 Jun

CISA Releases Guidance on Single Sign-On (SSO) Adoption for Small and Medium-Sized Businesses: (SMBs)

Attacks, Insights, Malware

Today, CISA released Barriers to Single Sign-On (SSO) Adoption for Small and Medium-Sized Businesses: Identifying Challenges and Opportunities, a detailed report exploring challenges to SSO adoption by small and medium-sized businesses (SMBs). The report also identifies potential ways to overcome these challenges and improve an SMB’s level of security.  CISA also released a related blog post, Why SMBs Don’t Deploy Single Sign-On (SSO), urging software manufacturers to consider how their business practices may inadvertently reduce…

Read More
18 Jun

CISA and Partners Release Guidance for Modern Approaches to Network Access Security

Attacks, Insights, Malware

Today, CISA, in partnership with the Federal Bureau of Investigation (FBI), released guidance, Modern Approaches to Network Access Security, along with the following organizations:  New Zealand’s Government Communications Security Bureau (GCSB);  New Zealand’s Computer Emergency Response Team (CERT-NZ); and  The Canadian Centre for Cyber Security (CCCS). The guidance urges business owners of all sizes to move toward more robust security solutions—such as Zero Trust, Secure Service Edge (SSE), and Secure Access Service Edge (SASE)—that provide…

Read More
18 Jun

Preventative defense tactics in the real world

Information

Business Security Don’t get hacked in the first place – it costs far less than dealing with the aftermath of a successful attack Cameron Camp 17 Jun 2024  •  , 3 min. read We watch real life attacks in horror, where companies simply try to defend against attackers stomping on their networks in real time, blunting the damage and scouring for backups in a bid to avoid the crippling cost of ransom payments. It’s a…

Read More
15 Jun

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Data Breaches, Information, Insights

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years. The Spanish daily Murcia Today reports the suspect was wanted by the FBI and arrested in Palma de Mallorca as he tried to board a flight to Italy. A still frame from a video released…

Read More
15 Jun

ESET Research Podcast: APT Activity Report Q4 2023–Q1 2024

Information

ESET Research The I-SOON data leak confirms that this contractor is involved in cyberespionage for China, while Iran-aligned groups step up aggressive tactics following the Hamas-led attack on Israel in 2023 ESET Research 14 Jun 2024  •  , 2 min. read In this episode of the ESET Research Podcast, we dissect the most interesting findings of the Q4 2023–Q1 2024 ESET APT Activity Report, uncovering the activity of multiple advanced persistent threat (APT) groups around…

Read More
15 Jun

How Arid Viper spies on Android users in the Middle East – Week in security with Tony Anscombe

Information

Video The spyware, called AridSpy by ESET, is distributed through websites that pose as various messaging apps, a job search app, and a Palestinian Civil Registry app 14 Jun 2024 This week, ESET researchers released their findings about five campaigns that used trojanized apps to target Android users in Egypt and Palestine. Initiated in 2022, the campaigns were likely orchestrated by the Arid Viper APT group, with three of them remaining active to this day.…

Read More
14 Jun

Arid Viper poisons Android apps with AridSpy

Information

ESET researchers have identified five campaigns targeting Android users with trojanized apps. Most probably carried out by the Arid Viper APT group, these campaigns started in 2022 and three of them are still ongoing at the time of the publication of this blogpost. They deploy multistage Android spyware, which we named AridSpy, that downloads first- and second-stage payloads from its C&C server to assist it avoiding detection. The malware is distributed through dedicated websites impersonating…

Read More
12 Jun

Phone Scammers Impersonating CISA Employees

Attacks, Insights, Malware

Impersonation scams are on the rise and often use the names and titles of government employees. The Cybersecurity and Infrastructure Security Agency (CISA) is aware of recent impersonation scammers claiming to represent the agency. As a reminder, CISA staff will never contact you with a request to wire money, cash, cryptocurrency, or use gift cards and will never instruct you to keep the discussion secret. If you suspect you are a target of an impersonation…

Read More