A Nigerian national was recently arrested in Ghana and faces charges in the US for his role in a business email compromise (BEC) scheme involving two charitable organizations.  According to the indictment, between June and August 2020, the man, Olusegun Samson Adejorin, targeted two charities located in North Bethesda, Maryland, and New York, New York.  Adejorin allegedly obtained the credentials of employees of both organizations, accessed their email accounts, and impersonated employees at one of the charities to request withdrawals of funds from the other charity.

Bailey Bickley, this season’s host of NSA’s Cybersecurity Speaker Series, speaks with Adrian Stanger and Bill Layton on preparing for Post-Quantum. For more on cybersecurity at NSA, and to find out when our next Speaker Series video is posted, follow us on Twitter @NSACyber.

Three new malicious packages that can deploy a cryptocurrency miner on Linux devices have been discovered in the Python Package Index (PyPI) open-source repository. The three malicious packages, named "modularseven," "driftme," and "catme," were downloaded a total of 431 times in the past month before being removed. According to Fortinet FortiGuard Labs researcher Gabby Xiong, the packages deploy a CoinMiner executable on Linux devices. The campaign appears to overlap with a previous campaign that used a package called "culturestreak" to launch a cryptocurrency miner.

A team of computer scientists led by the University of Massachusetts (UMass) Amherst announced a new method to automatically generate whole proofs that can be used to prevent software bugs and verify the correctness of the underlying code. Baldur is the new method involving Large Language Models' (LLMs) Artificial Intelligence (AI) power. Combined with the Thor tool, an efficacy of nearly 66 percent is reached.

According to Vercara, businesses faced about 800,000 cyberattacks in 2023, with over 60,000 of them being Distributed Denial-of-Service (DDoS) attacks and 4,000 falling victim to ransomware. Consumers have nuanced perceptions of cybersecurity incidents and are oftentimes unaware of their role in maintaining cyber hygiene within a business. These findings highlight the importance of brand trust in the digital landscape, with 75 percent of consumers expressing their willingness to cut ties with a brand after any cybersecurity incident.

The U.S. Federal Trade Commission (FTC) has recently started accepting submissions for its Voice Cloning Challenge, a public competition with a $25,000 top prize for ideas that protect consumers from the danger of AI-enabled voice cloning for fraudulent activity.  The Challenge was announced in mid-November in an effort to find ways to counter the misuse of voice cloning technology as it becomes more sophisticated due to the improvement of text-to-speech with the help of artificial intelligence.

A threat actor named "RET" claims to have sold the source code and a cracked version of the Zeppelin ransomware builder for $500. The threat intelligence company KELA discovered the claim on a cybercrime forum. Although the offer's legitimacy has yet to be confirmed, screenshots from the seller suggest that the package is real. The buyer could use the malware to launch a new Ransomware-as-a-Service (RaaS) operation or create a new Zeppelin-based locker. Zeppelin stems from the Delphi-based Vega/VegaLocker malware family, which was active between 2019 and 2022.