Daily Cyber Insights - Iain Fraser | Accredited Cybersecurity Journalist & Authority Writer

CYBER INSIGHTS: DATA BREACH - Online Retailer Exposes Over 1m Customers Data Syndicated By: Iain Fraser - Cybersecurity Journalist Gibraltar via IainFRASER.net/CyberInsights Google Indexed on 300523 at 10:10 CET 30th May 2023 Cybersecurity Researcher, Jeremiah Fowler , discovered and reported to WebsitePlanet a non-password protected database that contained over a million customer records. Upon further investigation, it was identified that these records were customers’ order confirmations that belonged to SimpleTire, based in Philadelphia, Pennsylvania. The exposed order confirmations included the customer’s name, phone number, physical address and partial credit card number with expiration dates. When the open server was discovered, I immediately sent a responsible disclosure notice to several email addresses at SimpleTire, stating that the database was publicly accessible to anyone with an internet connection. Despite multiple email notices, the database remained open and publicly ac...

DAILY CYBER INSIGHTS: Gartner survey shows 88% of board members agree that Cybersecurity is a business not technical issue Syndicated By: Iain Fraser - Cybersecurity Journalist Gibraltar via IainFRASER.net/CyberInsights Google Indexed on 260523 at 12:21 CET Gartner Security & Risk Management Summit 2023, 26 – 28 September, in London, U.K.,  It’s more important than ever for all security and risk leaders to work side by side with the entire organization to better understand the business impact of poor security, which is why Gartner Security & Risk Management Summit 2023 , offers guidance and insights, not just for security teams, but for the business as a whole — from the CISO and chief risk officer to security operations center managers, security architects and IT staff.  Attending together allows you to:  • Strengthen your team by connecting in person • Align cross-functional stakeholders with a common understanding of priorities • Maximise learning by addr...

STATE ACTORS: COSMICENERGY - Mandiant Identifies malware that can physically harm power grids. Posted By: Iain Fraser - Cybersecurity Journalist Gibraltar via IainFRASER.net/CyberInsights Google Indexed on 260523 at 11:57 CET Mandiant Identifies malware that can physically harm power grids. COSMICENERGY is the latest example of specialised OT malware capable of causing cyber physical impacts, which are rarely discovered or disclosed.  What makes COSMICENERGY unique is that based on our analysis, a contractor may have developed it as a red teaming tool for simulated power disruption exercises hosted by Rostelecom-Solar, a Russian cyber security company. Analysis into the malware and its functionality reveals that its capabilities are comparable to those employed in previous incidents and malware, such as INDUSTROYER and INDUSTROYER.V2, which were both malware variants deployed in the past to impact electricity transmission and distribution via IEC-104. The discovery of COSMICENERGY ...

DAILY CYBER INSIGHTS: DATA BREACH - Why Using the Right VPN Matters! By: Jeremiah Fowler - Cybersecurity Researcher Syndicated By: IainFRASER.net/CyberInsights Google Indexed on 250523 at 09:59 CET Published on 24th May 2023 Free VPN Data Breach Exposed 360 Million Records Online - Why Using the Right VPN Matters! Cybersecurity security researcher Jeremiah Fowler discovered and reported to vpnMentor a non-password protected database containing over 360 million records related to a VPN data breach. The publicly exposed records contained email addresses, device information, and even references to sites that the user visited. Nearly all of the records in the database mentioned references to SuperVPN, an application that advertises a free to download VPN service. There are two (2) apps named SuperVPN available officially on both the Apple and Google application stores. According to the Google app store page, they have a combined 100 million downloads worldwide. After reviewing a limited s...

EVENTS 2023: Gartner Security & Risk Management Summit Syndicated By: Iain Fraser - Cybersecurity Journalist Gibraltar Email:  iainfraserjournalist@gmail.com via IainFRASER.net/CyberInsights Google Indexed on 240523 at 14:44 CET 24th May 2023 Gartner Security & Risk Management Summit Cybersecurity: Business-Aligned | Risk-Focused. 26 – 28 September 2023 | London, U.K. 24th May 2023 As digital business transformation pervades the enterprise and “digital” becomes essential to get every job done, security and risk leaders must become the change agent driving secure digital transformation. No longer focused solely on defense, the security organization becomes a proactive business partner, anticipating and managing security risks in pursuit of enterprise excellence. Gartner Security & Risk Management Summit helps security and risk management leaders and practitioners to continuously improve the flexibility and responsiveness of security risk management techniques and techno...

EUROPOL: One of Europe´s biggest pirate IPTV systems taken down Syndicated By: Iain Fraser - Cybersecurity Journalist Gibraltar via IainFRASER.net/Cyber PR Wire Google Indexed on 240523 at 12:21 CET 23rd May 2023  EUROPOL has reported that in support of the Dutch FIOD (Fiscal Information and Investigation Service) it has taken down one of Europe’s biggest pirate IPTV (Internet Protocol Television) service taken down after a series of raids. The pirate carrier is believed to have had over 1,000,000 subscribers to their illegal streaming service throughout Europe. Packages bought by subscribers gave them access to over 10 000 live TV channels, alongside a library of 15 000 films and TV shows.  Several individuals were arrested on suspicion of involvement in the illegal streaming of premium content. Learn More /... About EUROPOL Headquartered in The Hague, the Netherlands, Europol’s mission is to support its Member States in preventing and combating all forms of serious internat...

STATE ACTORS: Fata Morgana - Watering hole attack on shipping & logistics websites By: ClearSky Research Team Syndicated By: Iain Fraser - Cybersecurity Journalist Gibraltar via IainFRASER.net/Cyber PR Wire Google Indexed on 240523 at 11:22 CET 24th. May 2023 Israeli Cybersecurity firm ClearSky Cyber Security has detected a "watering hole" attack on at least eight Israeli websites. The attack is highly likely to be orchestrated by a nation-state actor from Iran, with a low confidence specific attribution to Tortoiseshell (also called TA456 or Imperial Kitten).  The Infected sites collect preliminary user information through a script. We have discovered several details that suggest this script is used for malicious purposes.  In watering hole attacks, the attacker compromises a website that is frequently visited by a specific group of people, such as government officials, journalists, or corporate executives. Once compromised, the attacker can inject malicious code to the...

DARK WEB: You’ve been kept in the dark (web) - Group-IB Syndicated By: Iain Fraser - Cybersecurity Journalist Gibraltar via IainFRASER.net/PRWire 22 May 2023 Exposing Qilin’s RaaS program - All you need to know about Qilin ransomware and its operations targeting critical sectors. In the wake of increasing ransomware attacks, do security leaders strongly believe that their organization is secure enough, especially when cyber threats are only growing in sophistication? Group-IBs Hi-Tech Crime Trends 2022/2023 Report recently revealed that the impact of ransomware attacks will continue to grow in 2023 and beyond, with trends such as the Ransomware-as-a-Service market (RaaS), the publication of stolen data on dedicated leak sites (DLS), and an increase in affiliate programs shaping this trajectory. Additionally, ransomware strains are proliferating quicker than the improvements in cyber defences to detect and contain them, rendering organizations under-prepared in facing what’s coming. In ...

The NATO CCDCOE welcomes new members Iceland, Ireland, Japan, and Ukraine Syndicated By: Iain Fraser - Cybersecurity Journalist Gibraltar via IainFRASER.net/CyberPRWire Google Indexed on 190523 at 10:33 CET 19 May 2023 On its 15th anniversary, the NATO Cooperative Cyber Defence Centre of Excellence (CCDCOE) raised the flags of Iceland, Ireland, Japan, and Ukraine at its headquarters in Tallinn, welcoming four new member nations to the CCDCOE cyber defence family.  “I am truly grateful that Iceland, Ireland, Japan, and Ukraine have decided to join us. We are delighted to have like-minded nations sharing cyber knowledge and exchanging methods to systematically address cyber attacks. Our goal is to foster increased cooperation and reap the benefits of this large-scale coalition through research, training, and exercises,” said Mart Noorma, director of the CCDCOE. These nations have enjoyed a long and fruitful collaboration and cooperation with the CCDCOE, and becoming full-fledged memb...

RANSOMWARE: Russian Indicted for  Infrastructure  Ransomware Attacks   Syndicated By: Iain Fraser - Cybersecurity Journalist Gibraltar via IainFRASER.net/Syndication Google Indexed on 170523 at 11:48 CET 17th May 2023 The US DoJ (Department of Justice) has indicted a Russian national with using three different ransomware variants to attack numerous victims throughout the United States, including law enforcement agencies in Washington, D.C. and New Jersey, as well as victims in healthcare and other sectors nationwide. According to the indictment, as early as 2020, Mikhail Pavlovich Matveev, aka Wazawaka, aka m1x, aka Boriselcin, aka Uhodiransomwar, allegedly participated in conspiracies to deploy three ransomware variants.  These variants are known as LockBit, Babuk, and Hive, and Matveev transmitted ransom demands in connection with each. The perpetrators behind each of these variants, including Matveev, have allegedly used these types of ransomware to attack t...

STATE ACTORS: NCSC warns against State Actors targeting Western Critical National Infrastructure - Analysis Posted By: Iain Fraser - Cybersecurity Journalist Gibraltar via IainFRASER.net Google Indexed on 150523 at 13:13 CET 15th May 2023 The UKs National Cyber Security Centre (NCSC) has issued an advisory, warning of the heightened Threat from so called State Actors (State-Aligned Groups) against Critical National Infrastructure.  Click Here  to receive my full Analysis direct to your inbox or smart device  The Advisory has identified the emergence of a new class of state-aligned Cybercrime Groups who are worryingly sympathetic to Russia’s invasion and are ideologically, rather than financially, motivated. Although these groups can align to Russia’s perceived interests, they are often not subject to formal state control, and so their actions are less constrained and their targeting broader than traditional cyber crime actors. This makes them less predictable. The notice ...

HACKER GUILTY: U.K. Citizen Extradited and Pleads Guilty to Cyber Crime Offences Syndicated By: Iain Fraser - Cybersecurity Journalist Gibraltar via IainFRASER.net/PRWire Google Indexed on 110523 at 14:41 CET A U.K. citizen pleaded guilty today in New York to his role in cyber-stalking and multiple schemes that involve computer hacking, including the July 2020 hack of Twitter. Joseph James O’Connor, aka PlugwalkJoe, 23, was extradited from Spain on April 26. “O’Connor’s criminal activities were flagrant and malicious, and his conduct impacted multiple people’s lives. He harassed, threatened, and extorted his victims, causing substantial emotional harm,” said Assistant Attorney General Kenneth A. Polite, Jr. of the Justice Department’s Criminal Division. “Like many criminal actors, O’Connor tried to stay anonymous by using a computer to hide behind stealth accounts and aliases from outside the United States. But this plea shows that our investigators and prosecutors will identify, loca...

WEBINAR: The Future of Ransomware - 2023 and Beyond Syndicated By: Iain Fraser - Cybersecurity Journalist Gibraltar via IainFRASER.net/PRWire Google Indexed on 110523 at 13:07 CET 11th May 2023 DEEP INSTINCT: TALK - The Future of Ransomware - 2023 and Beyond Presented by: Shaul Vilkomir-Presiman, Threat Intelligence Researcher and Brian Black, Director, Sales Engineering Ransomware continues to wreak havoc—and it isn’t going away. What comes next includes an acceleration of attacks due to AI as the threat becomes less about the ransom itself and more about data extortion. Ransomware-as-a-Service (RaaS) has enabled less sophisticated threat actors to quickly launch attacks, lowering the bar for cybercriminals. While threat groups like Conti break up into smaller groups and re-emerge acting as offensive startups, scaling quickly for profits. Join us on Wednesday, May 24th when our threat research experts, Shaul Vilkomir-Presiman and Brian Black, discuss the following: How threat actor or...

RECOMMENDED READING: Voice of the CISO 2023 - Proofpoint Syndicated By: Iain Fraser - Cybersecurity Journalist Gibraltar via IainFRASER.net/PRWire Google Indexed on 110523 at 12:12 CET 11th. May 2023 The cyber threat landscape is evolving at a breakneck pace, making it harder than ever for businesses to stay secure. CISOs play a critical role in protecting their organisations from attacks—but this role is not an easy one.  Based on a survey of 1,600 CISOs worldwide – including the UK, France, Germany, the Netherlands, Sweden, Italy, Spain, KSA and UAE – Proofpoint’s Voice of the CISO report 2023 provides valuable insights into the challenges faced by CISOs and how best to protect your organisation's people and data. From the impact of the global recession on security budgets to the role of boards in cybersecurity conversations and the all-too-real problem of CISO burnout, this report covers a range of important topics. Learn More /... About Proofpoint Email, social media, and mobil...

CYBER MITIGATION: New Cisco Study Finds Only 15% of Companies Surveyed are Ready to Defend Against Cybersecurity Threats Syndicated By: Iain Fraser - Cybersecurity Journalist Gibraltar via IainFRASER.net/PRWire Google Indexed on 110523 at 10:37 CET 11th. May 2023 CYBER MITIGATION: New Cisco Study Finds Only 15% of Companies Surveyed are Ready to Defend Against Cybersecurity Threats Readiness is critical: 82% of respondents said they expect a cybersecurity incident to disrupt their business in the next 12 to 24 months The cost of being unprepared can be substantial: a majority of respondents said they had a cybersecurity incident in the last 12 months, which cost at least $500,000 for 41% of organizations affected Companies are taking action: 86% of respondents said their organizations plan to increase their cybersecurity budget by at least 10% over the next 12 months A mere 15% of organizations globally have the ‘Mature’ level of readiness needed to be resilient against today’s modern ...

DARKWEB: Europol announces wide-scale arrests of Darknet marketplace actors. Syndicated By: Iain Fraser Cybersecurity Journalist Gibraltar via IainFRASER.net/CyberInsights Google Indexed on 100523 at 12:21 CET  via Hype Newsroom 10th May 2023 288 dark web vendors arrested in major marketplace seizure - Law enforcement on three continents seize EUR 50.8 million in cash and virtual currencies, 850 kg of drugs and 117 firearms  In an operation coordinated by Europol and involving nine countries, law enforcement have seized the illegal dark web marketplace “Monopoly Market” and arrested 288 suspects involved in buying or selling drugs on the dark web. More than EUR 50.8 million (USD 53.4 million) in cash and virtual currencies, 850 kg of drugs, and 117 firearms were seized. The seized drugs include over 258 kg of amphetamines, 43 kg of cocaine, 43 kg of MDMA and over 10 kg of LSD and ecstasy pills. This operation, code-named SpecTor, was composed of a series of separate complement...

STATE ACTORS: Justice Department Announces Disruption of Snake Malware Controlled by Russia's FSB Syndicated By: Iain Fraser -  Cybersecurity Journalist Gibraltar via IainFRASER.net/PRWire Google Indexed on 100523 at 11:27 CET 9th May 2023 Through Operation MEDUSA, the FBI, and the U.S. Attorney’s Office for the Eastern District of New York Neutralised the FSB’s Premier Cyber-espionage Malware Implant in Coordination with Multiple Foreign Governments The Justice Department today announced the completion of a court-authorised operation, code-named MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated malware, called “Snake”, that the United States Government attributes to a unit within Center 16 of the Federal Security Service of the Russian Federation (FSB).   For nearly 20 years, this unit, referred to in court documents as “Turla,” has used versions of the Snake malware to steal sensitive documents from hundreds of computer systems i...

DATA BREACH: London Fitness Gym Chain Exposed 500K Customer Receipts Online By Jeremiah Fowler  -  Cybersecurity Researcher Website Planet Syndicated By: Iain Fraser - Cybersecurity Journalist Gibraltar IainFRASER.net Google Indexed on 090523 at 17:57 CET 9th May 2023 Cybersecurity Researcher, Jeremiah Fowler, discovered and reported to Website Planet about a non-password protected database that contained over 1.3 million records in total. Upon further investigation it became clear that these records were associated with a fitness and wellness organization. The exposed records indicated that they belonged to a British company called Move Your Frame or sometimes referred to as Frame, which is a fitness and wellness organization that offers over 1,300 classes, including yoga, dance, pilates, and strength training, aimed at improving overall health and well-being. They also offer personal training sessions and online classes, and have 7 studios located in London, UK. When I disco...