"Phishing Attacks Armed With AI Capabilities Are on the Rise"

"Phishing Attacks Armed With AI Capabilities Are on the Rise"

According to the security vendor Egress, phishing attempts increased 28 percent in the second quarter of the year as threat actors gained new tools. An analysis of phishing kits offered for sale on the dark web found that 75 percent advertised Artificial Intelligence (AI) capability. This article continues to discuss findings regarding the rise in phishing attacks.

SC Media reports "Phishing Attacks Armed With AI Capabilities Are on the Rise"

Submitted by grigby1

Submitted by Gregory Rigby on

"Cloud Security Risks Surge as 38% of Firms Face Exposures"

"Cloud Security Risks Surge as 38% of Firms Face Exposures"

The 2024 "Tenable Cloud Risk Report" found that 38 percent of organizations worldwide face critical exposures due to a mix of security gaps in modern cloud environments. The report identified a "toxic cloud triad" of publicly exposed, critically vulnerable, and highly privileged cloud workloads that put these companies at risk. This triad makes them vulnerable to cyberattacks that could disrupt applications, take over systems, and steal data. This article continues to discuss key findings regarding cloud security risks.

Submitted by Gregory Rigby on

"Ukrainian Pleads Guilty to Running Raccoon Infostealer Malware, Agrees to Pay Nearly $1 Million"

"Ukrainian Pleads Guilty to Running Raccoon Infostealer Malware, Agrees to Pay Nearly $1 Million"

According to the US Department of Justice (DoJ), a Ukrainian national named Mark Sokolovsky pleaded guilty to operating the "Raccoon Infostealer" malware in US federal court. Sokolovsky was previously accused of being one of the "key administrators" of the malware that steals email addresses, ID numbers, bank account details, and cryptocurrency information. Raccoon Infostealer was sold as Malware-as-a-Service (MaaS) for $200 per month in cryptocurrency. This article continues to discuss the Raccoon Infostealer malware and the Ukrainian national who has pleaded guilty to running it.

Submitted by Gregory Rigby on

"Healthcare Organizations Warned of Trinity Ransomware Attacks"

"Healthcare Organizations Warned of Trinity Ransomware Attacks"

The US Department of Health and Human Services (HHS) warns of "Trinity" ransomware attacks on healthcare and public health organizations. HHS notes that Trinity, a relatively new ransomware family first seen in May 2024, adds the '.trinitylock' extension to encrypted files. It has similarities to "2023Lock" and "Venus" ransomware. This article continues to discuss the Trinity ransomware attacks faced by the healthcare sector.  

Submitted by Gregory Rigby on

"31 New Ransomware Groups Join the Ecosystem in 12 Months"

"31 New Ransomware Groups Join the Ecosystem in 12 Months"

Secureworks has seen a 30 percent year-over-year increase in active ransomware groups despite law enforcement efforts to stop ransomware gangs. The company's eighth annual "State of the Threat Report" identified 31 new ransomware groups that had emerged in the past 12 months. According to the report, the threat landscape has shifted from a few big players to a wider range of emerging entities. The three most active ransomware groups by number of victims are "LockBit," "PLAY," and "RansomHub." This article continues to discuss key findings from Secureworks' State of The Threat Report.

Submitted by Gregory Rigby on

"Crypto Scam Attack Impacts LEGO Website"

"Crypto Scam Attack Impacts LEGO Website"

Danish company LEGO recently had its official website compromised on the evening of Oct. 4 to promote a cryptocurrency scam. Attackers placed an ad on the Lego website homepage that urged visitors to click a link that would "unlock secret rewards," which redirects to a third-party marketplace enabling purchases of the fraudulent LEGO token with Ethereum. The company immediately took down the banner ad. The company said no user accounts have been compromised, and customers can continue shopping as usual.

Submitted by Adam Ekwall on

13th International Symposium on Digital Forensics and Security (ISDFS 2025)

"ISDFS conference offers a platform for researchers and professionals from academia, industry, and government to exchange ideas and recent advancements in Digital Forensics, Cybersecurity, and Computer Science more broadly. Building on the success of the 12th event, the 13th ISDFS conference will continue to promote and share knowledge on various topics and technologies related to Digital Forensics and Cybersecurity.

2024 Annual Computer Security Applications Conference (ACSAC)

"The Annual Computer Security Applications Conference (ACSAC) brings together leading researchers and practitioners, along with a diverse group of security professionals drawn from academia, industry, and government, gathered to present and discuss the latest cybersecurity results and topics. With peer reviewed technical papers, invited talks, panels, national interest discussions, and workshops, ACSAC continues its core mission of investigating practical solutions for computer and network security technologies."

 

"Credit Monitoring And Supply Chain Risk Company Hacked"

"Credit Monitoring And Supply Chain Risk Company Hacked"

Hackers recently stole sensitive employee data from a software-as-a-service company, CreditRiskMonitor.com.  CreditRiskMonitor.com advises consumers on trade credit and provides supply chain risk monitoring.  The company said that hackers got away with an unspecified amount of data between July 9 and July 17.  The stolen files included personally identifiable information of employees and independent contractors but did not include customer data.

Submitted by Adam Ekwall on
Subscribe to