"Cyber attacks on businesses, manufacturers, cities, school districts, emergency services and infrastructure are on the rise. Prepare your organization by attending the first annual TEEX Cyber Readiness Summit. The event’s theme will be driving a healthy, prosperous, resilient community, and keynote and session topics will cover all components of the NIST Cybersecurity Framework: Identify, Protect, Detect, Respond and Recover."
"The Fifth Annual Tampa Cybersecurity Summit connects C-Suite & Senior Executives responsible for protecting their companies’ critical infrastructures with innovative solution providers and renowned information security experts. Admission gives you access to all Interactive Panels, Discussions, Catered Breakfast, Lunch & Cocktail Reception."
Researchers have discovered a new Apple macOS backdoor called SpectralBlur, which overlaps with KANDYKORN, a known malware family linked to North Korean threat actors. According to security researcher Greg Lesnewich, SpectralBlur can upload files, run a shell, update its configuration, delete files, and more. The malware is similar to KANDYKORN, a sophisticated implant that serves as a Remote Access Trojan (RAT).
"Our event for security training and awareness professionals is coming back to Florida in 2024! Don't miss your chance to hear from experts in the field, connect with industry leaders, and visit with quality vendors. Experts will speak on the latest developments in security awareness, phishing campaigns, social engineering, behavioral science, managing human risk, and more exciting topics!"
"The International Conference on Cyber Security (ICCS) is the premier global cybersecurity event spanning three days, with over 50 distinguished speakers from the government, the private sector, and academia. It is an unparalleled opportunity for global cyber threat analysis, operations, research, and law enforcement leaders to coordinate and share their efforts to create a more secure world."
The US Justice Department (DoJ) recently announced that 19 people involved in the management and use of the xDedic cybercrime marketplace have been charged following its takedown in 2019. The xDedic Marketplace was a site on the dark web where users sold and bought stolen server credentials and personal information. The DoJ said over 700,000 credentials associated with servers housed by government, healthcare, transportation, higher education, financial, and other types of organizations from around the world were offered on the website.
In a new publication titled "Adversarial Machine Learning: A Taxonomy and Terminology of Attacks and Mitigations (NIST.AI.100-2)," computer scientists at the National Institute of Standards and Technology (NIST) and their collaborators identify the vulnerabilities of Machine Learning (ML) and Artificial Intelligence (AI). Their publication aims to help AI users and developers understand potential attacks and mitigation strategies. It is part of NIST's broader effort to support the development of trustworthy AI.
An adversary, tracked as UNC-0050, known for using the RemcosRAT remote surveillance and control tool against organizations in Ukraine, is back with a new method to transfer data that evades Endpoint Detection and Response (EDR) systems. In its latest campaign, the threat actor focuses on Ukrainian government entities. According to researchers at Uptycs, the attacks are likely politically motivated, to gather specific intelligence from Ukrainian government agencies.
The US Department of Energy (DOE) recently announced that it’s offering up to $70 million in funding for research into technologies that can boost the resilience and security of the energy sector. The funding offered through this project, named the All-Hazards Energy Resilience program, is for research in four key areas: cyber threats, physical threats, natural disasters, and extreme weather events fueled by climate change.
A Nigerian national was recently arrested in Ghana and faces charges in the US for his role in a business email compromise (BEC) scheme involving two charitable organizations. According to the indictment, between June and August 2020, the man, Olusegun Samson Adejorin, targeted two charities located in North Bethesda, Maryland, and New York, New York. Adejorin allegedly obtained the credentials of employees of both organizations, accessed their email accounts, and impersonated employees at one of the charities to request withdrawals of funds from the other charity.