Cyber News - 06/02/2024
Your Cyber News of the day ! "Be Cyber Smart, Be Cyber Secure."
Your Cyber News of the day ! "Be Cyber Smart, Be Cyber Secure."
Description:
A 42-year-old Belarusian and Cypriot national with alleged connections to the now-defunct cryptocurrency exchange BTC-e is facing charges related to money laundering and operating an unlicensed money services business.
Aliaksandr Klimenka, who was arrested in Latvia on December 21, 2023, was extradited to the U.S. and is currently being held in custody. If convicted, he faces a maximum penalty of 25 years in prison.
Date: Mon, 05 Feb 2024
Source: https://thehackernews.com/2024/02/belarusian-national-linked-to-btc-e.html
Description:
A significant challenge within cyber security at present is that there are a lot of risk management platforms available in the market, but only some deal with cyber risks in a very good way. The majority will shout alerts at the customer as and when they become apparent and cause great stress in the process. The issue being that by using a reactive, rather than proactive approach, many risks just sit there, dormant, until an emergency happens.
Date: Mon, 05 Feb 2024
Source: https://thehackernews.com/2024/02/combined-security-practices-changing.html
Description:
The threat actor known as Patchwork likely used romance scam lures to trap victims in Pakistan and India, and infect their Android devices with a remote access trojan called VajraSpy.
Slovak cybersecurity firm ESET said it uncovered 12 espionage apps, six of which were available for download from the official Google Play Store and were collectively downloaded more than 1,400 times between April 2021 and March 2023.
Date: Mon, 05 Feb 2024
Source: https://thehackernews.com/2024/02/patchwork-using-romance-scam-lures-to.html
Description:
Companies are engaged in a seemingly endless cat-and-mouse game when it comes to cybersecurity and cyber threats. As organizations put up one defensive block after another, malicious actors kick their game up a notch to get around those blocks. Part of the challenge is to coordinate the defensive abilities of disparate security tools, even as organizations have limited resources and a dearth of skilled cybersecurity experts.
XDR, or Extended Detection and Response, addresses this challenge. XDR platforms correlate indicators from across security domains to detect threats and then provide the tools to remediate incidents.
Date: Mon, 05 Feb 2024
Source: https://thehackernews.com/2024/02/hands-on-review-sase-based-xdr-from.html
Description: Latest iteration of the malware appears aimed at targets in Mexico.
Date: Mon, 05 Feb 2024
Source: https://www.darkreading.com/endpoint-security/fresh-mispadu-stealer-variant-emerges
Description:
Deepfakes are fast becoming more realistic, and access to them more democratic, enabling even ordinary attackers to enact major fraud. What's the most effective way to fight back?
Date: Mon, 05 Feb 2024
Description:
Production systems at the remote access company were breached, leading AnyDesk to revoke code signing certificate and reset Web portal credentials as part of its incident response.
Date: Mon, 05 Feb 2024
Source: https://www.darkreading.com/endpoint-security/anydesk-compromised-passwords-revoked
Description:
As the Middle East nation enforces strict cybercrime laws, citizens face crackdowns on free speech with nearly three dozen journalists and lawyers targeted with the NSO Group's spyware.
Date: Mon, 05 Feb 2024
Source: https://www.darkreading.com/vulnerabilities-threats/pegasus-spyware-targets-jordanian-civil-society
Description:
President Bola Tinubu says country is not a nation of cybercriminals, despite being the originator of the infamous "Nigerian Prince" scam.
Date: Mon, 05 Feb 2024
Source: https://www.darkreading.com/endpoint-security/nigerian-president-dismisses-cybercrime-haven-image
Description:
Crypto theft, sextortion tactics, swattings, and ransomware: teenagers are increasingly taking up cybercrime for fun and profit — and experts credit an array of contributing factors.
Date: Mon, 05 Feb 2024
Source: https://www.darkreading.com/threat-intelligence/teens-committing-scary-cybercrimes-trend
Description:
Cyber hygiene is no longer a nice-to-have but necessary for organizations that want to survive the relentless barrage of cyberattacks being unleashed daily.
Date: Mon, 05 Feb 2024
Description:
Key trends in African information security this year will include biometric deployments and privacy concerns, and the rise of misinformation.
Date: Mon, 05 Feb 2024
Description:
Google announces $1 million investment in improving Rust’s interoperability with legacy C++ codebases.
The post Google Contributes $1 Million to Rust, Says It Prevented Hundreds of Android Vulnerabilities appeared first on SecurityWeek.
Date: Mon, 05 Feb 2024
Description:
Hewlett Packard Enterprise (HPE) is investigating a potential new breach after a threat actor put allegedly stolen data up for sale on a hacking forum, claiming it contains HPE credentials and other sensitive information.
The company has told BleepingComputer that they have not found any evidence of a security breach and no ransom has been requested, but it's investigating the threat actor's claims.
Date: Mon, 05 Feb 2024
Description:
An Ivanti Connect Secure and Ivanti Policy Secure server-side request forgery (SSRF) vulnerability tracked as CVE-2024-21893 is currently under mass exploitation by multiple attackers.
Ivanti first warned about the flaw in the gateway's SAML components on January 31, 2024, giving it a zero-day status for limited active exploitation, impacting a small number of customers.
Date: Mon, 05 Feb 2024