Welcome to the 10th edition Cyber Weekly Digest of 2024.
Today is International Women's Day and, as a woman, I would say that acknowledgement is greater than pride. Here's to all the women, past and present, that have made a difference.
New and noteworthy this week: Pentera launch Pentera Cloud - a new era in #AutomatedSecurityValidation! Pentera Cloud is the ONE AND ONLY Automated Cloud Pentesting product, designed to secure your organisation from cloud-native cyber attacks.
With Pentera Cloud you benefit from:
Automated cloud-native attack emulation in AWS and Azure environments
Cross attack surface testing between the cloud and on-premise infrastructure
Evidence-based prioritised remediation guidance to fix your highest-risk security gaps
Abnormal Security shared this Wall Street Journal article about the emerging era of #BadGPTs and how the cyber industry is responding, feat insights from the Abnormal CEO Evan Reiser.
BadGPT. WormGPT. FraudGPT... Nefarious AI tools are proliferating across the dark web, giving cyber criminals the AI advantage, sparking an AI arms race so this is definitely worth a read!
Last but not least... Check out Security Week's Cyber Insights 2024: APIs - A Clear, Present and Future Danger. Cequence hacker-in-residence Jason Kent was featured in this yearly round-up of top pain points for #cybersecurity practitioners.
TL;DR: Developers are under pressure to deliver APIs at lightning speed, which can leave security in the dust. This opens the door for hackers to exploit #vulnerabilities, especially with the focus often being on network security, not APIs
Now, let's take a look at our Cyber Weekly Digest, highlighting our top cyber security news picks of the week.
This week we were overjoyed to hear that Duval still has 'more than enough beer' after ransomware attack, read a sobering figure reported by the FBI's Internet Crime Complaint Center and learnt how Threat Actors have been leveraging fake websites advertising popular video conferencing software such as Google Meet, Skype, and Zoom.
Keep reading to stay up to date on the latest cyber security news.
FBI's Internet Crime Complaint Center (IC3) has released its 2023 Internet Crime Report, which recorded a 22% increase in reported losses compared to 2022, amounting to a record of $12.5 billion. The number of relevant complaints submitted to the FBI in 2023 reached 880,000, 10% higher than the previous year, with the age group topping the report being people over 60, which shows how vulnerable older adults are to cybercrime.
Both figures continue a worrying trend seen by the agency since 2019, where complaints and losses rise yearly.
Hackers are conducting widescale attacks on WordPress sites to inject scripts that force visitors' browsers to bruteforce passwords for other sites. The campaign was first spotted by website cybersecurity firm Sucuri, which has been tracking a threat actor known for breaching sites to inject crypto wallet drainer scripts. Crypto wallet drainers are malicious scripts that steal all cryptocurrency and assets when someone connects their wallet.
Duvel Moortgat Brewery was hit by a ransomware attack late last night, bringing to a halt the beer production in the company's bottling facilities. Duvel is a Belgian beer brand best known for its strong and fruity golden pale ale bearing the same name. The brewery also makes other popular abbey beers such as Vedett, Maredsous, and La Chouffe that are enjoyed all over the world. Earlier this week, a spokesperson for the company told local media that their automated threat detection systems flagged the ransomware attack.
Threat actors have been leveraging fake websites advertising popular video conferencing software such as Google Meet, Skype, and Zoom to deliver a variety of malware targeting both Android and Windows users since December 2023. "The threat actor is distributing Remote Access Trojans (RATs) including SpyNote RAT for Android platforms, and NjRAT and DCRat for Windows systems," Zscaler ThreatLabz researchers said. The spoofed sites are in Russian and are hosted on domains that closely resemble their legitimate counterparts, indicating that the attackers are using typosquatting tricks to lure prospective victims into downloading the malware.
The threat actors behind the BlackCat ransomware have shut down their darknet website and likely pulled an exit scam after uploading a bogus law enforcement seizure banner. "ALPHV/BlackCat did not get seized. They are exit scamming their affiliates," security researcher Fabian Wosar said. "It is blatantly obvious when you check the source code of the new takedown notice." "There is absolutely zero reason why law enforcement would just put a saved version of the takedown notice up during a seizure instead of the original takedown notice." The U.K.'s National Crime Agency (NCA) told Reuters that it had no connection to any disruptions to the BlackCat infrastructure.
Comments