- U.S. Internet Leaked Years of Internal, Customer Emailsby BrianKrebs on February 14, 2024 at 4:45 pm
The Minnesota-based Internet provider U.S. Internet Corp. has a business unit called Securence, which specializes in providing filtered, secure email services to businesses, educational institutions and government agencies worldwide. But until it was notified last week, U.S. Internet was publishing more than a decade’s worth of its internal email — and that of thousands of Securence clients — in plain text out on the Internet and just a click away for anyone with a Web browser.
- Fat Patch Tuesday, February 2024 Editionby BrianKrebs on February 13, 2024 at 10:28 pm
Microsoft Corp. today pushed software updates to plug more than 70 security holes in its Windows operating systems and related products, including two zero-day vulnerabilities that are already being exploited in active attacks.
- Juniper Support Portal Exposed Customer Device Infoby BrianKrebs on February 9, 2024 at 3:34 pm
Until earlier this week, the support website for networking equipment vendor Juniper Networks was exposing potentially sensitive information tied to customer products, including the exact devices each customer bought, as well as each device’s warranty status, service contracts and serial numbers. Juniper said it has since fixed the problem, and that the inadvertent data exposure stemmed from a recent upgrade to its support portal.
- From Cybercrime Saul Goodman to the Russian GRUby BrianKrebs on February 7, 2024 at 5:10 pm
In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. The leaked user database shows one of the forum’s founders was an attorney who advised Russia’s top hackers on the legal risks of their work, and what to do if they got caught. A review of this user’s hacker identities shows that during his time on the forums he served as an officer in the special forces of the GRU, the foreign military intelligence agency of the Russian Federation.
- Arrests in $400M SIM-Swap Tied to Heist at FTX?by BrianKrebs on February 1, 2024 at 6:41 pm
Three Americans were charged this week with stealing more than $400 million in a November 2022 SIM-swapping attack. The U.S. government did not name the victim organization, but there is every indication that the money was stolen from the now-defunct cryptocurrency exchange FTX, which had just filed for bankruptcy on that same day.
- Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spiderby BrianKrebs on January 30, 2024 at 7:07 pm
On Jan. 9, 2024, U.S. authorities arrested a 19-year-old Florida man charged with wire fraud, aggravated identity theft, and conspiring with others to use SIM-swapping to steal cryptocurrency. Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. technology companies during the summer of 2022.
- Who is Alleged Medibank Hacker Aleksandr Ermakov?by BrianKrebs on January 26, 2024 at 6:12 pm
Authorities in Australia, the United Kingdom and the United States this week levied financial sanctions against a Russian man accused of stealing data on nearly 10 million customers of the Australian health insurance giant Medibank. 33-year-old Aleksandr Ermakov allegedly stole and leaked the Medibank data while working with one of Russia’s most destructive ransomware groups, but little more is shared about the accused. Here’s a closer look at the activities of Mr. Ermakov’s alleged hacker handles.
- How Data Exfiltration is Changing the Ransomware Landscapeby Darren Williams on February 19, 2024 at 11:25 am
An exponential rise in data exfiltration is changing the ransomware landscape afflicting over 91% of all attacks.
- 2023 Ransomware Attack Reportby Darren Williams on February 14, 2024 at 12:00 am
The 2023 ransomware attack report summarizes the major changes we saw in ransomware trends and tactics by geography, sector and variant.
- Dual Ransomware Attacks: A Quicker Route to Extortionby Darren Williams on February 12, 2024 at 10:29 am
Dual ransomware attacks are the latest trend by threat actors whereby they send a secondary strain after the initial compromise has been successful.
- MSP vs MSSP Solutions: Which Is Right For Your Business?by Brenda Robb on February 7, 2024 at 10:39 am
What do firms need to know when evaluating potential MSP and MSSP solutions?
- The State of Ransomware 2024by Brenda Robb on February 1, 2024 at 2:32 pm
BlackFog’s state of ransomware report measures publicly disclosed and non-disclosed attacks globally.
- Bonanza Casino Bets on BlackFog to Prevent Cyberattacksby Brenda Robb on January 29, 2024 at 10:28 am
Bonanza Casino bets on BlackFog to protect its patrons and employees and prevent data exfiltration and maintain regulatory compliance.
- The 6 Key Ransomware Trends of 2023by Darren Williams on January 26, 2024 at 12:00 am
Ransomware trends of 2023 include supply chain attacks, double extortions, law enforcement actions and challenges for the regulators.
- Cyber Security Operation Center Guidelines for best practices SOC Designby Cyber Security Consultant on January 30, 2024 at 4:32 pm
Cyber Security is become most needed services for all business and industries in 2024. Every business is concerned about Cyber Security. Security operations (SecOps) leaders face a multifaceted challenge: detecting elusive and novel threats using outdated tools, mitigating the risks posed by unexplored dark data, and managing the resource-intensive nature of staying ahead of evolving
- HOW TO BECOME CERTIFIED LEAD IMPLEMENTER – ISO 27001by Cyber Security Consultant on January 26, 2023 at 11:21 am
ABOUT CERTIFIED LEAD IMPLEMENTER TRAINING AND EXAMINATION FOR INFORMATION SECURITY MANAGEMENT SYSTEM ISO / IEC 27001 Learn and get certified as a professional in implementation of ISO 27001 standard through our self-paced E-learning interactive course which comprises of 4 modules. Upon completion of these modules, you can appear for an examination and get certified as
- YouTube disrupted in Pakistan as former PM Imran Khan streams speechby Cyber Security Consultant on August 22, 2022 at 5:04 am
NetBlocks metrics confirm the disruption of YouTube on multiple internet providers in Pakistan on Sunday 21 August 2022. The disruption comes as former Prime Minister Imran Khan makes a live broadcast to the public, despite a ban issued by the Pakistan Electronic Media Regulatory Authority (PEMRA). Real-time network data show the disruption in effect on
- Recommendations for Parents about Cyber Bullyingby Cyber Security Consultant on October 20, 2021 at 6:36 am
Here are some dedicated tips for keeping younger children safe online. One of these training tips goes into the risks of young children on the Internet, covers cyber bullying and other risky Internet behavior. Here are the suggestions parents should take into account regarding kids online. • Talk with your kids about online safety and
- WhatsApp, Facebook, Instagram server down in Pakistan?by Cyber Security Consultant on October 4, 2021 at 5:32 pm
Facebook-owned social media platforms, WhatsApp, Facebook, and Instagram are facing a worldwide outage, according to Downdetector, which offers real-time status and outage information for all kinds of services. .https://d-31038805491725975734.ampproject.net/2109102127000/frame.html Downdetector showed that WhatsApp outage was reported at 8:23 pm (Pakistan Standard Time) and it shot up to 1,082 complaints by 8:38 pm. The website mentioned that
- Cloudflare reports record-breaking HTTP-request DDoS attackby Cyber Security Consultant on August 22, 2021 at 7:26 pm
Cloudflare reports thwarting the largest known HTTP-request distributed denial of service attack in history, approximately three times larger than any other previously reported. The attack in July reached 17.2 million requests per second, the company wrote in a blog post. For scale, the entirety of the Cloudflare network typically sees around 25 million requests per second
- Microsoft announces recipients of academic grants for AI research on combating phishingby Cyber Security Consultant on June 19, 2021 at 3:34 pm
Every day in the ever-changing technology landscape, we see boundaries shift as new ideas challenge the old status quo. This constant shift is observed in the increasingly sophisticated and connected tools, products, and services people and organizations use on a daily basis, but also in the security that needs to be built into these technologies