CyberSecurity Updates

08 Aug

Best Practices for Cisco Device Configuration

Attacks, Insights, Malware

In recent incidents, CISA has seen malicious cyber actors acquire system configuration files by leveraging available protocols or software on devices, such as abusing the legacy Cisco Smart Install feature. CISA recommends organizations disable Smart Install and review NSA’s Smart Install Protocol Misuse advisory and Network Infrastructure Security Guide for configuration guidance.  CISA also continues to see weak password types used on Cisco network devices. A Cisco password type is the type of algorithm used…

Read More
07 Aug

Cybercrime Rapper Sues Bank over Fraud Investigation

Information, Insights

A partial selfie posted by Puchmade Dev to his Twitter account. Yes, that is a functioning handheld card skimming device, encrusted in diamonds. Underneath that are more medallions, including a diamond-studded bitcoin and payment card. In January, KrebsOnSecurity wrote about rapper Punchmade Dev, whose music videos sing the praises of a cybercrime lifestyle. That story showed how Punchmade’s social media profiles promoted Punchmade-themed online stores selling bank account and payment card data. The subject of…

Read More
07 Aug

Royal Ransomware Actors Rebrand as “BlackSuit,” FBI and CISA Release Update to Advisory

Attacks, Insights, Malware

Today, CISA—in partnership with the Federal Bureau of Investigation (FBI)—released an update to joint Cybersecurity Advisory #StopRansomware: Royal Ransomware, #StopRansomware: BlackSuit (Royal) Ransomware. The updated advisory provides network defenders with recent and historically observed tactics, techniques, and procedures (TTPs) and indicators of compromise (IOCs) associated with BlackSuit and legacy Royal activity. FBI investigations identified these TTPs and IOCs as recently as July 2024. BlackSuit ransomware attacks have spread across numerous critical infrastructure sectors including, but…

Read More
06 Aug

CISA Releases Secure by Demand Guidance

Attacks, Insights, Malware

Today, CISA and the Federal Bureau of Investigation (FBI) have released Secure by Demand Guide: How Software Customers Can Drive a Secure Technology Ecosystem to help organizations drive a secure technology ecosystem by ensuring their software manufacturers prioritize secure technology from the start. An organization’s acquisition staff often has a general understanding of the core cybersecurity requirements for a particular technology acquisition. However, they frequently don’t assess whether a given supplier has practices and policies…

Read More
05 Aug

Low-Drama ‘Dark Angels’ Reap Record Ransoms

Data Breaches, Information, Insights

A ransomware group called Dark Angels made headlines this past week when it was revealed the crime group recently received a record $75 million data ransom payment from a Fortune 50 company. Security experts say the Dark Angels have been around since 2021, but the group doesn’t get much press because they work alone and maintain a low profile, picking one target at a time and favoring mass data theft over disrupting the victim’s operations.…

Read More
03 Aug

AI and automation reducing breach costs – Week in security with Tony Anscombe

Information

Video Organizations that leveraged AI and automation in security prevention cut the cost of a data breach by US$2.22 million compared to those that didn’t deploy these technologies, according to IBM 02 Aug 2024 Organizations that leveraged the power of artificial intelligence (AI) and automation in security prevention cut the cost of a data breach by as much as US$2.22 million compared to those that didn’t deploy these technologies, according to IBM’s Cost of a…

Read More
02 Aug

The cyberthreat that drives businesses towards cyber risk insurance

Information

Business Security Many smaller organizations are turning to cyber risk insurance, both to protect against the cost of a cyber incident and to use the extensive post-incident services that insurers provide Tony Anscombe 31 Jul 2024  •  , 4 min. read If we were to stop people on the street and ask for words to describe the people involved in the world of cyber, there would, undoubtedly, be many words used. I am confident they…

Read More
01 Aug

U.S. Trades Cybercriminals to Russia in Prisoner Swap

Information, Insights

Twenty-four prisoners were freed today in an international prisoner swap between Russia and Western countries. Among the eight Russians repatriated were several convicted cybercriminals. In return, Russia has reportedly released 16 prisoners, including Wall Street Journal reporter Evan Gershkovich and ex-U.S. Marine Paul Whelan. AMong those in the prisoner swap is Roman Seleznev, 40, who was sentenced in 2017 to 27 years in prison for racketeering convictions tied to a lengthy career in stealing and…

Read More
31 Jul

Phishing targeting Polish SMBs continues via ModiLoader

Information

ESET Research ESET researchers detected multiple, widespread phishing campaigns targeting SMBs in Poland during May 2024, distributing various malware families Jakub Kaloč 30 Jul 2024  •  , 8 min. read Just a few months back, ESET Research published a blogpost about massive phishing campaigns across Central and Eastern Europe carried out during the second half of 2023. In those campaigns Rescoms malware (also known as Remcos), protected by AceCryptor, was delivered to potential victims with…

Read More
31 Jul

Don’t Let Your Domain Name Become a “Sitting Duck”

Information, Insights

More than a million domain names — including many registered by Fortune 100 firms and brand protection companies — are vulnerable to takeover by cybercriminals thanks to authentication weaknesses at a number of large web hosting providers and domain registrars, new research finds. Image: Shutterstock. Your Web browser knows how to find a site like example.com thanks to the global Domain Name System (DNS), which serves as a kind of phone book for the Internet…

Read More