Stay Ahead of Cyber Threats – Daily Security Insights, Powered by AI
Summary: This article discusses the phishing activity targeting Brazil, with a focus on the involvement of threat actors linked to North Korea.
Threat Actor: Threat actors linked to North Korea | North Korea Victim: Brazilian government, aerospace, technology, and financial services sectors | Brazil
Key Point :
Threat actors linked to North Korea have been responsible for one-third of all phishing activity targeting Brazil since 2020.…Summary: UwU Lend, a decentralized finance (DeFi) protocol, has been targeted by a hacker who stole nearly $20 million worth of ETH. The company has made an offer to the hacker and is awaiting a response.
Threat Actor: Hacker | Hacker Victim: UwU Lend | UwU Lend
Key Point:
The hacker targeted UwU Lend, a DeFi protocol, and stole approximately $20 million worth of ETH.…This staggering amount underscores the imminent need for cyber security to be treated as a global priority. Moreover, with the explosion of generative AI (besides chatGPT as well!), the current 2200 daily attacks, are expected to not only multiply manifold but become far more individualized.…
Imagine being a developer who’s building the next-gen crypto app by using popular open source components to speed up coding. Instead, you end up including a package in your build that, does accomplish what you are trying to, but additionally steals cryptocurrency on any system that it’s installed on.…
On May 2, 2024, Arctic Wolf Labs began monitoring deployment of a new ransomware variant referred to as Fog. The ransomware activity was observed in several Arctic Wolf Incident Response cases, each exhibiting similar elements. All victim organizations were located in the United States, 80% of which were in the education sector and 20% in the recreation sector.…
Summary: Microsoft has identified a new North Korean threat actor called Moonstone Sleet, which has been active since August 2023 and shows similarities to another North Korean group, Diamond Sleet.
Threat Actor: Moonstone Sleet | Moonstone Sleet Victim: Not specified
Key Point :
Moonstone Sleet is a new North Korean threat actor that has been active since August 2023.…Microsoft has identified a new North Korean threat actor, now tracked as Moonstone Sleet (formerly Storm-1789), that uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for its financial and cyberespionage objectives. Moonstone Sleet is observed to set up fake companies and job opportunities to engage with potential targets, employ trojanized versions of legitimate tools, create a fully functional malicious game, and deliver a new custom ransomware.…
Summary: This article discusses the importance of making software bills of materials (SBOMs) more easily shareable in order to enhance visibility into enterprise software supply chains and improve security.
Threat Actor: N/A
Victim: N/A
Key Point:
Software bills of materials (SBOMs) are crucial for understanding the components and dependencies of software, enabling better visibility and security in enterprise software supply chains.…Elastic Security Labs has identified an intrusion set incorporating several malicious modules and leveraging vulnerable drivers to disable known security solutions (EDRs) for crypto mining. Additionally, the team discovered capabilities to establish persistence, install a previously undocumented backdoor, and execute a crypto-miner. We refer to this intrusion set as REF4578 and the primary payload as GHOSTENGINE (tangental research by the team at Antiy has named parts of this intrusion set HIDDENSHOVEL).…
Summary: Two former MIT students have been indicted for allegedly manipulating the Ethereum blockchain and stealing $25 million worth of cryptocurrency in a “first-of-its-kind” scheme.
Threat Actor: Anton Peraire-Bueno and James Pepaire-Bueno | Anton Peraire-Bueno and James Pepaire-Bueno Victim: Ethereum users | Ethereum
Key Point :
The two former MIT students allegedly used their computer science and math skills to tamper with and manipulate the protocols relied upon by millions of Ethereum users worldwide.…Summary: The Dutch court has sentenced the co-founder of Tornado Cash, an anonymizing cryptocurrency service, to five years and four months in prison for money laundering. This case highlights the clash between financial privacy advocates and law enforcement’s efforts to track the source of funds in the blockchain.…
Summary: This article discusses the new guidance for victims of cybercrime and ransomware provided by the UK’s National Cyber Security Centre (NCSC).
Threat Actor: N/A Victim: N/A
Key Point :
The UK’s National Cyber Security Centre (NCSC) has released new guidance for victims of cybercrime and ransomware.…Summary: The number of ransomware payments is decreasing, despite the rising number of victims, due to increased cyber resilience, availability of decryptors, and law enforcement actions.
Threat Actor: Ransomware gangs | Ransomware gangs Victim: Organizations | Organizations
Key Point :
The number of ransomware payments is falling, despite the increase in ransomware attacks.…Summary: This content discusses the prevalence of recovery fraud in the cryptocurrency space, where victims of crypto scams or cyberattacks are targeted again by individuals or companies claiming to offer recovery services but end up stealing their upfront fees.
Threat Actor: Recovery fraudsters | recovery fraudsters Victim: Individuals who have fallen victim to crypto scams or cyberattacks | crypto scam victims
Key Point :
Recovery fraud, where victims of crypto scams are targeted again by individuals or companies claiming to offer recovery services, is a growing concern in the cryptocurrency space.…The 2024 U.S. tax season is well underway, and as usual, scams of all kinds targeting taxpayers and causing the Internal Revenue Service (IRS) problems have cropped up. One such ongoing malicious campaign has explicitly been trailing its sights on small business owners and the self-employed.…
The Sysdig Threat Research Team (TRT) is on a mission to help secure innovation at cloud speeds.
A group of some of the industry’s most elite threat researchers, the Sysdig TRT discovers and educates on the latest cloud-native security threats, vulnerabilities, and attack patterns.
We are fiercely passionate about security and committed to the cause.…
Zscaler ThreatLabz researchers recently encountered a significant number of websites associated with fraudulent activities being hosted on popular web hosting and blogging platforms. Threat actors intentionally create these sites to spread malware by using the proliferation of web hosting platforms to manipulate search engine results – something called SEO poisoning, a subset of Black Hat SEO techniques.…
Summary: A hacker has been found guilty of orchestrating a $110 million cryptocurrency fraud scheme involving the Mango Markets decentralized finance platform.
Threat Actor: Hacker | Aaron Eisenberg Victim: Mango Markets | Mango Markets
Key Point :
A hacker has been convicted of fraudulently obtaining $110 million from cryptocurrency exchange Mango Markets and its investors.…Curated bookmark list categorized by area and event monitoring, person of interest search, corporate profiling, mapping, AI, intelligence analysis, reporting tools, collective tools, cryptocurrency, country specific, verification and fact-checking.
They are broken down into appropriate categories such as:
area and event monitoringperson of interest searchcorporate profilingmappingartificial intelligenceintelligence analysisreporting toolscollective toolscryptocurrencycountry specificverification and fact-checking.…Summary: The number of ransomware victims who choose to pay a ransom has dropped to a record low, with only 28% paying in the first quarter of 2024, down from 29% in the previous quarter. Additionally, two major ransomware groups hit by law enforcement disruptions have swindled their affiliates, causing disaffection and driving away business partners.…