Warning to US Retail: ‘Scattered Spider’ Targets YOU (with DragonForce Ransomware)
Richi Jennings | | 0ktapus, attacks on online retailers, Co-op, Dembe Zuma, DragonForce, google, Harrods, internet retailers, John Hultquist, Mandiant, Marks & Spencer, Muddled Libra, online retailer, Online Retailers, online retailers cyber threats, Ransomware, Raymond Reddington, retail, Retail & Commerce, Retail & Consumer Goods, Retail & e-commerce, Retail and E-Commerce, Retail Cybersecurity, Retail Industry, SB Blogwatch, Scatter Swine, scattered spider, Starfraud, the Com, the Community, UNC3944Arachnid alarm: Three major British retailers recently attacked, resulting in huge damage. Now we see the self-same scum spotlighting stores in the States ... Read More
As US CVE Database Fumbles, EU ‘Replacement’ Goes Live
Richi Jennings | | CERT-EU, cisa, CISA Research, common vulnerabilities and exposures, CVE, CVE (Common Vulnerabilities and Exposures), CVE database, CVE Program, Cybersecurity and Infrastructure Security Agency, cybersecurity funding, Department of Homeland Security, DHS, ENISA, eu, EU Agency for Cybersecurity, European Union, European Union (EU), EUVD, Funding & Grants, Juhan Lepassaar, MITRE, MITRE Framework, National Institute of Standards and Technology, National Institute of Standards and Technology (NIST), NIS2, NIS2 Directive, NIST, SB Blogwatch, U.S. Department of Homeland Security, vulnerability databaseDiesen Kuß der ganzen Welt! European Union Vulnerability Database (EUVD) launches this week. And not a moment too soon ... Read More
SMBs Know They’re At Risk, but Most Aren’t Embracing AI
A survey by CrowdStrike finds the gap between SMB awareness of cyber threats and efforts by them to protect themselves is widening, with not enough of them spending the money needed on AI and other tools to defend against ransomware and other attacks ... Read More
U.S. Wins One, Maybe Two, Extradition Petitions in Unrelated Cases
In short order, U.S. prosecutors won an extradition case to bring a suspect in multiple ransomware cases to the United States and had another in England move in their favor when the British judge paved the way for an alleged hacker hired by a lobbyist firm to target climate change ... Read More
California Man Will Plead Guilty to Last Year’s Disney Hack
A 25-year-old California man will plead guilty to hacking into a Disney's personal computer and using stolen credentials to break into thousands of Disney Slack channels. Ryan Mitchell Kramer, who claimed to be a member of the Russian group NullBulge, then leaked the data when the victim didn't respond to ... Read More
Cybersecurity CEO Charged With Installing Malware on Hospital Computers
Jeffrey Bowie, the CEO of cybersecurity company Veritaco, was seen on security camera footage walking into St. Anthony Hospital in Oklahoma City last year and installing malware on an employee computer. He was arrested this month for violating the state's cybercrime statute ... Read More
North Korean Group Creates Fake Crypto Firms in Job Complex Scam
The North Korean hackers behind the Contagious Interview worker scam, which threat intelligence analysts have followed since late 2023, are now hiding behind three bogus crypto companies they created as fronts for their info- and crypto-stealing operations ... Read More
200,000 Workers’ PII at Risk in WorkComposer S3 SNAFU
Richi Jennings | | Amazon S3, Amazon S3 bucket, Amazon Web Services, Amazon Web Services (AWS), amazon web services compliance, AWS bucket, AWS GDPR Compliance Shared Responsibility, AWS S3 BUCKET, aws s3 storage, breach of privacy, bucket policy, buckets, California Consumer Privacy Act (CCPA), CCPA, CCPA Compliance, cybersecurity challenges in remote working, EU GDPR, GDPR, GDPR (General Data Protection Regulation), GDPR compliance, gdpr eu, online surveillance, Privacy, remote work, remote work cyber security, Remote Work Cybersecurity, remote work enviornment, remote work productivity, Remote Work Security, remote worker management, remote workers, remote workforce, Remote Workforce Security, remote working, remote working risks, S3, S3 bucket, S3 buckets, SB Blogwatch, spyware, storage bucket, WorkComposerDon’t say ‘spyware’—21 million screenshots in one open bucket ... Read More
ARMO: io_uring Interface Creates Security ‘Blind Spot’ in Linux
Researchers from security firm ARMO developed a POC rootkit called Curing that showed how the io_uring interface in Linux could be exploited by bad actors to bypass system calls, creating what they calle a "massive security loophole" in the operating system's runtime security ... Read More
Asian Scam Farms: ‘Industrial Scale,’ Warns UN Report
Richi Jennings | | #CryptoScam, #InvestmentScam, #PigButchering, Amazon Phishing Scams, AppleCare Warranty Scam, bank scam, bitcoin ATM scam, bitcoin scam, bitcoin transfer scams, gift card, gift card fraud, Gift Card Gang, gift card scams, gift cards, GiftCardScams, online romance scam, pig butchering, Pig Butchering Scams, romance, romance fraud, romance scam, romance scammers, romance scams, SB Blogwatch, social media intelligence, United Nations, UNODCBacon Redux: Pig butchering and other serious scams still thriving, despite crackdowns in Dubai and Myanmar ... Read More
