A dual Russian and Israeli national has been charged in the United States for allegedly being the developer of the now-defunct LockBit ransomware-as-a-service (RaaS) operation since its inception in or around 2019 through at least February 2024. Rostislav Panev, 51, was arrested in Israel earlier this August and is currently awaiting extradition, the U.S. Department…
Category: North America
Central Intelligence Agency, Commerce Department, Geopolitics, Global Security News, Google, Kaspersky, Mastercard, Money, North America, Recorded Future, Russia, Ukraine
Russia bans cybersecurity company Recorded Future
Russia banned the cybersecurity company Recorded Future on Wednesday, labeling it an “undesirable” organization — much to its CEO’s delight. The company stands accused of collaborating with the Central Intelligence Agency, Ukraine and other countries. “They provide information and technical support for the propaganda campaign launched by the West against Russia,” Russia’s Office of Prosecutor…
Global Security News, North America, Security
CISA urges switch to Signal-like encrypted messaging apps after telecom hacks
Today, CISA urged senior government and political officials to switch to end-to-end encrypted messaging apps like Signal following a wave of telecom breaches across dozens of countries, including eight carriers in the United States. […]
CISA, critical infrastructure, Cybersecurity and Infrastructure Security Agency, Cybersecurity and Infrastructure Security Agency (CISA), Global Security News, Government, grants, Harry Coker, Jen Easterly, National Cyber Director, National Cybersecurity Strategy, North America, NSM-22, Office of the National Cyber Director, Policy, secure by design, semiconductors
Playbook advises federal grant managers how to build cybersecurity into their programs
Two U.S. cyber agencies released guidance Tuesday on how federal grant managers should incorporate cybersecurity in their programs for critical infrastructure projects, as well as how potential recipients can take it into account. The Office of the National Cyber Director and the Cybersecurity and Infrastructure Security Agency publication — the “Playbook for Strengthening Cybersecurity in…
bytedance, Global Security News, Government & Policy, In Brief, North America, Social, TikTok, TikTok Ban
TikTok asks Supreme Court for a lifeline as sell-or-ban deadline approaches
TikTok and ByteDance asked the United States Supreme Court to block the law that forces TikTok to be sold off or banned in the United States, according to an emergency filing with America’s top court on Monday. The social media company requested that the Supreme Court consider blocking the sell-or-ban law passed earlier this year…
Global Security News, North America
New Glutton Malware Exploits Popular PHP Frameworks Like Laravel and ThinkPHP
Cybersecurity researchers have discovered a new PHP-based backdoor called Glutton that has been put to use in cyber attacks targeting China, the United States, Cambodia, Pakistan, and South Africa. QiAnXin XLab, which discovered the malicious activity in late April 2024, attributed the previously unknown malware with moderate confidence to the prolific Chinese nation-state group tracked…
Global Security News, North America
Iran-Linked IOCONTROL Malware Targets SCADA and Linux-Based IoT Platforms
Iran-affiliated threat actors have been linked to a new custom malware that’s geared toward IoT and operational technology (OT) environments in Israel and the United States. The malware has been codenamed IOCONTROL by OT cybersecurity company Claroty, highlighting its ability to attack IoT and supervisory control and data acquisition (SCADA) devices such as IP cameras,…
Application Security, Data and Information Security, IT Training , Security, Global Security News, North America
How to turn around a toxic cybersecurity culture
A toxic cybersecurity culture affects team turnover, productivity, and morale. Worse yet, it places enterprise systems and data at risk. In a toxic cybersecurity culture, everybody believes that cybersecurity is somebody else’s job, says Keri Pearlson, executive director for Cybersecurity at MIT Sloan (CAMS), a research consortium focusing on cybersecurity leadership and governance issues. “They…
Global Security News, North America, Security
New IOCONTROL malware used in critical infrastructure attacks
Iranian threat actors are utilizing a new malware named IOCONTROL to compromise Internet of Things (IoT) devices and OT/SCADA systems used by critical infrastructure in Israel and the United States. […]
china, Cybercrime, Department of Justice, Department of Justice (DOJ), Department of State, Geopolitics, Global Security News, Justice Department, Mandiant, North America, North Korea, North Korean IT workers, Russia, State Department, U.S. courts, U.S. Department of Justice, U.S. Department of State
Court indicts 14 North Korean IT workers tied to $88 million in illicit gains
A federal court has indicted 14 more North Korean IT workers as part of an ongoing U.S. government campaign to crack down on Pyongyang’s use of tech professionals to swindle American companies and nonprofits. The Justice Department said the 14 indicted workers generated at least $88 million throughout a conspiracy that stretched over approximately six…
data breach, Data loss, Global Security News, Guest blog, Krispy Kreme, malware, North America, Ransomware
Doughnut orders disrupted! Krispy Kreme suffers hack attack
Krispy Kreme, the dispenser of delectable doughnuts, says that it suffered a cyber attack at the end of last month which saw its IT systems compromised and has disrupted online orders in parts of the United States. Read more in my article on the Hot for Security blog.
business email compromise (BEC), Cybercrime, Department of Justice (DOJ), Global Security News, North America, Treasury Department
Notorious Nigerian cybercriminal tied to BEC scams extradited to U.S.
Abiola Kayode, a 37-year-old Nigerian national, has been extradited from Ghana to the United States to face charges of conspiracy to commit wire fraud. Kayode, who was on the FBI’s Most Wanted cybercriminal list, is charged with participating in a business email compromise (BEC) scheme and romance fraud from January 2015 to September 2016, defrauding…
Global Security News, North America, Technology
She Joined Facebook to Fight Terror. Now She’s Convinced We Need to Fight Facebook.
For two years, Hannah Byrne was part of an invisible machine that determines what over 3 billion people around the world can say on the internet. From her perch within Meta’s Counterterrorism and Dangerous Organizations team, Byrne helped craft one of the most powerful and secretive censorship policies in internet history. Her work adhered to…
Global Security News, Guest blog, malware, North America, Ransomware, Russia
Ransomware-hit vodka maker Stoli files for bankruptcy in the United States
Stoli Group USA, the US subsidiary of vodka maker Stoli, has filed for bankruptcy – and a ransomware attack is at least partly to blame. The American branch of Stoli, which imports and distributes Stoli brands in the United States, as well as the Kentucky Owl bourbon brand it purchased in 2017, was hit by…
@chenlun, A Little Sunshine, and Mobile Anti-Abuse Working Group, Anti-Phishing Working Group, Coalition Against Unsolicited Commercial Email, Global Security News, ICANN, Interisle Consulting, Internet Corporation for Assigned Names and Numbers, John Levine, Latest Warnings, malware, Messaging, new gTLDs, North America, phishing, spam, The Coming Storm, U.S. Postal Service
Why Phishers Love New TLDs Like .shop, .top and .xyz
Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as .shop, .top, .xyz — that attract scammers with rock-bottom prices and no meaningful registration requirements, new research finds. Meanwhile, the nonprofit entity that oversees…
Global Security News, Justice, North America, Technology
These Tech Firms Won’t Tell Us If They Will Help Trump Deport Immigrants
President-elect Donald Trump vows to start his second term with the immediate mass deportation of millions of undocumented immigrants. Like everything else, deportations of the 21st century are an increasingly data-centric undertaking, tapping vast pools of personal information sold by a litany of companies. The Intercept asked more than three dozen companies in the data…
A Little Sunshine, AT&T, Boxfan, buttholio, Connor Riley Moucka, cyb3rph4nt0m, DDoS-for-Hire, Global Security News, John Erin Binns, Judische, Kiberphant0m, Naver, Ne'er-Do-Well News, North America, Proman557, Ransomware, Reverseshell, Shi-Bot, Snowflake, South Korea, telekomterrorist, The Coming Storm, Vars_Secc, Verizon, Waifu
Hacker in Snowflake Extortions May Be a U.S. Soldier
Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect — a prolific hacker known as Kiberphant0m — remains at large and continues to publicly extort victims. However, this person’s identity may not remain a secret for long:…
A Little Sunshine, Aleksandr Ermakov, chronopay, Data Breaches, Dmitri Golubov, Global Security News, Helkern, Home Depot breach, Hydra Market, MikeMike, Mikhail Lenin, Mikhail Shefel, Ne'er-Do-Well News, North America, pavel vrublevsky, Peter Vrublevsky, Pharma Wars, Sprut, Sugar ransomware, target breach
An Interview With the Target & Home Depot Hacker
In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator, the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Moscow resident Mikhail Shefel, who confirmed using the Rescator identity in a recent interview, also admitted reaching out because he…
A Little Sunshine, emergency data request, fake EDR, fbi, Global Security News, Kodex, Latest Warnings, Matt Donahue, North America, pwnstar, The Coming Storm, Web Fraud 2.0
FBI: Spike in Hacked Police Emails, Fake Subpoenas
The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based technology companies. In an alert (PDF) published this week, the FBI…
Global Security News, North America, Politics, Technology
Pegasus Spyware Maker Said to Flout Federal Court as It Lobbies to Get Off U.S. Blacklist
Rep. Pete Sessions, R-Texas, serves a primarily rural district anchored in Waco, a city of 150,000. It’s unclear why he is so interested in NSO Group, the infamous Israeli spyware firm that was blacklisted by the U.S. for its role in human rights abuses. Between February and July, though, Sessions and his team met eight…
Global Security News, North America, Politics, Technology
Pegasus Spyware Maker Said to Flout Federal Court as It Lobbies to Get Off U.S. Blacklist
Rep. Pete Sessions, R-Texas, serves a primarily rural district anchored in Waco, a city of 150,000. It’s unclear why he is so interested in NSO Group, the infamous Israeli spyware firm that was blacklisted by the U.S. for its role in human rights abuses. Between February and July, though, Sessions and his team met eight…
Global Security News, North America, Technology
The Pentagon Wants to Use AI to Create Deepfake Internet Users
The United States’ secretive Special Operations Command is looking for companies to help create deepfake internet users so convincing that neither humans nor computers will be able to detect they are fake, according to a procurement document reviewed by The Intercept. The plan, mentioned in a new 76-page wish list by the Department of Defense’s…
Global Security News, North America, Technology
The Pentagon Wants to Use AI to Create Deepfake Internet Users
The United States’ secretive Special Operations Command is looking for companies to help create deepfake internet users so convincing that neither humans nor computers will be able to detect they are fake, according to a procurement document reviewed by The Intercept. The plan, mentioned in a new 76-page wish list by the Department of Defense’s…
Global Security News, North America
Enhancing Cyber Resilience: Insights from CISA Red Team Assessment of a US Critical Infrastructure Sector Organization
Executive Summary The Cybersecurity and Infrastructure Security Agency (CISA) conducted a red team assessment (RTA) at the request of a critical infrastructure organization. During RTAs, CISA’s red team simulates real-world malicious cyber operations to assess an organization’s cybersecurity detection and response capabilities. In coordination with the assessed organization, CISA is releasing this Cybersecurity Advisory to…