Collaborate Disseminate
In this Help Net Security interview, Jason Passwaters, CEO of Intel 471, discusses how integrating cybercrime intelligence into an organization’s security strategy enables proactive threat management and how measuring intelligence efforts can help miti… Continue reading Maximizing the impact of cybercrime intelligence on business resilience
In what we can assure you is a new cybersecurity incident despite sounding incredibly similar to incidents of past notoriety: threat actors tied to a notorious ransomware and extortion group have exploited file-transfer software to carry out attacks. Clop has claimed responsibility for attacks tied to vulnerabilities in software made by Cleo, an Illinois-based IT […]
The post Clop is back to wreak havoc via vulnerable file-transfer software appeared first on CyberScoop.
Continue reading Clop is back to wreak havoc via vulnerable file-transfer software
In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “Wazawaka,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The U.S. government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest. Last week, the Russian government reportedly arrested Matveev and charged him with creating malware used to extort companies. Continue reading U.S. Offered $10M for Hacker Just Arrested by Russia
Brazilian authorities reportedly have arrested a 33-year-old man on suspicion of being “USDoD,” a prolific cybercriminal who rose to infamy in 2022 after infiltrating the FBI’s InfraGard program and leaking contact information for 80,000 members. More recently, USDoD was behind a breach at the consumer data broker National Public Data that led to the leak of Social Security numbers and other personal information for a significant portion of the U.S. population. Continue reading Brazil Arrests ‘USDoD,’ Hacker in FBI Infragard Breach
Threat actors are leveraging the open-source EDRSilencer tool to evade endpoint detection and response systems, Trend Micro researchers have noticed. About EDRSilencer The software, which is intended for red teaming, is being abused to “silence&#… Continue reading Attackers deploying red teaming tool for EDR evasion
A partnership of 28 industry leaders serving public and private organizations across the vendor and consumer community volunteered their time, effort, and experience to launch the first version of the Cyber Threat Intelligence Capability Maturity Model… Continue reading Cyber Threat Intelligence Capability Maturity Model (CTI-CMM) released
Most accomplished cybercriminals go out of their way to separate their real names from their hacker handles. But among certain old-school Russian hackers it is not uncommon to find major players who have done little to prevent people from figuring out who they are in real life. A case study in this phenomenon is “x999xx,” the nickname chosen by a venerated Russian hacker who specializes in providing the initial network access to various ransomware groups. Continue reading The Not-So-Secret Network Access Broker x999xx
Intel 471 launched the company’s 471 Attack Surface Protection solution, an attack surface management (ASM) tool that provides its customers visibility into their external threat landscape and drives a proactive response that neutralizes threats and mi… Continue reading Intel 471 launches 471 Attack Surface Protection to enhance external threat visibility
Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. An investigation into Stark Industries reveals it is being used as a global proxy network that conceals the true source of cyberattacks and disinformation campaigns against enemies of Russia. Continue reading Stark Industries Solutions: An Iron Hammer in the Cloud
Last week, the United States joined the U.K. and Australia in sanctioning and charging a Russian man named Dmitry Yuryevich Khoroshev as the leader of the infamous LockBit ransomware group. LockBit’s leader “LockBitSupp” claims the feds named the wrong guy, saying the charges don’t explain how they connected him to Khoroshev. This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. Continue reading How Did Authorities Identify the Alleged Lockbit Boss?