Scammers impersonating a construction company have recently duped the Florida city of Fort Lauderdale out of $1.2 million, sparking a police investigation.  The city paid the sum on Sept. 14 after receiving what was believed to be a legitimate bill from Moss Construction, a company that's building a new police station for the coastal city north of Miami.  The police noted that the bill was discovered to be a scam within a day.  The city is currently trying to get its money back.

Mixin, a Hong Kong-based cryptocurrency company, has disclosed that hackers stole about $200 million worth of its assets after attacking its cloud service provider. The company has temporarily suspended deposit and withdrawal services due to the incident. Mixin offers a network for transferring digital currency and similar assets. The company contacted Google and SlowMist, a blockchain security company, to investigate.

A Nigerian national residing in South Africa has recently pleaded guilty in court in the United States to his role in a million-dollar business email compromise (BEC) fraud scheme.  The man, Kosi Goodness Simon-Ebo, 29, was extradited to the US from Canada in April 2023.  According to the Department of Justice (DoJ), Simon-Ebo was involved in a conspiracy to commit BEC fraud and money laundering with total intended losses of close to $7 million.  The actual loss from the scheme, however, was of just over $1 million.  Simon-Ebo admitted in court to gaining unauthorized ac

Tibetan, Uyghur, and Taiwanese individuals and organizations are being targeted by a persistent campaign aimed at stealing sensitive information. According to security researchers at Volexity, the attacker has developed fake Tibetan websites and social media profiles to launch browser-based exploits against targeted users. To help spread their malware, the attacker has formed communities on online platforms such as Telegram, partly by impersonating existing popular communities.

A cyber espionage attack against a government agency in the Middle East involved a novel and sophisticated backdoor malware named Deadglyph. The Deadglyph malware is attributed to the Stealth Falcon Advanced Persistent Threat (APT) group, also known as Project Raven or FruityArmor, a United Arab Emirates (UAE) state-sponsored hacking group. For nearly a decade, the cyber group has been targeting activists, journalists, and dissidents. In a new report released at the LABScon cybersecurity conference, ESET researcher Filip Juracko explains how the new modular malware infects Windows systems.

Although there have been some positive developments, ransomware attacks continue to have a significant impact, according to SpyCloud. Infostealer infections preceded 22 percent of ransomware incidents for North American and European ransomware victim organizations in 2023, with common infostealers such as Raccoon, Vidar, and Redline increasing the likelihood. SpyCloud's analysis reveals that Raccoon infostealer malware was involved in 76 percent of infections preceding ransomware attacks.

In an effort to bolster voting security ahead of the next US Presidential Election, election machine manufacturers are allowing hackers access to their systems. The Election Security Research Forum featured organized penetration testing and bug research for digital scanners, ballot marking devices, and electronic pollbooks, emphasizing the technology that voters may encounter at the polls. The forum also allowed security researchers to interact with system vendors.

The US Cybersecurity and Infrastructure Security Agency (CISA) has published new micro-challenges that are now part of the Cyber Careers Pathway Tool. This interactive tool allows users to explore the 52 work roles in the National Initiative for Cybersecurity Education (NICE) Cybersecurity Workforce Framework. CISA's micro-challenges provide an opportunity for K-12 students and individuals looking to reskill or transition from a non-cyber career to gain further insight into the knowledge, skills, and tasks performed in the top cybersecurity workforce roles.

The National Student Clearinghouse, an educational nonprofit that provides reporting, verification, and research services to colleges and universities in North America, has recently revealed that nearly 900 schools are impacted by the MOVEit hack.  The National Student Clearinghouse in late August informed Maine’s attorney general that more than 51,000 individuals were affected by the incident.

The City of Dallas has recently announced that an $8.5 million budget has been approved to support the restoration of its systems following a ransomware attack that happened in May 2023.  The attack was identified on May 3, when the cybercrime gang named Royal started deploying file-encrypting ransomware on multiple systems.  The investigation launched into the matter has revealed that the attackers had access to the city’s network for roughly a month before that.