US indicts LockBit ransomware ringleader On Tuesday, the U.S. Department of Justice (DoJ) charged the mastermind behind the notorious LockBit ransomware-as-a-service (RaaS) operation. The DoJ unmasked 31-year-old Russian National, Dimitry Yuryevich Khoroshev (also known as LockBitSupp, LockBit, and putinkrab) in a 26-count indictment that includes charges of fraud, extortion, and damaging protected computers. The charges carry a combined maximum penalty of 185 years in prison. Khoroshev is accused of designing LockBit, recruiting affiliates and maintaining LockBit’s infrastructure and leak si ..read more

LockBit’s website is back  The NCA, FBI, and Europol are having a bit of fun with the LockBit ransomware gang’s former website. The agencies, which seized the site back in February, have replaced the original content with their own press releases, and are now     planning to release new information about the hackers. On Monday, the site had a countdown to some of the teasable posts, including “Who is LockbitSupp?” and “More LBhackers exposed.” Here’s the good news: if you are reading this after 9 a.m. ET on Tuesday, May 7th, 2024, the posts should already be live. (TechCrunch ..read more

NSC’s Neuberger suggests operational approach for on mitigating cyberattacks In an interview with Click Here a podcast from Recorded Future News, deputy national security adviser for cyber and emerging technologies Anne Neuberger suggests that more should now be done to build cybersecurity into an organization’s daily operations. Describing how much of the focus is on restoration as in “how quickly can an attacked hospital or pipeline recover from an attack,” she says now more than ever the process must shift to having “the right operational risk measures to ensure we’re taking the right step ..read more

Goldoon botnet exploits D-Link routers The exploit involves a security flaw that is almost 10 years old, specifically CVE-2015-2051 which has a CVSS score of 9.8. It affects D-Link’s DIR-645 routers and allows remote attackers to execute arbitrary commands by means of specially crafted HTTP requests. The exploit was announced by Fortinet FortiGuard Labs researchers Cara Lin and Vincent Li, following a spike in the botnet activity on April 9 of this year. After setting up contact with a C2 server, Goldoon provides 27 different ways to launch DDoS attacks via protocols such as DNS, HTTP, TCP, a ..read more

Season 2 of Capture the CISO is not over. We still have the finals! And it’s going to be LIVE on Friday, May 17th, 2024 at 1 PM ET/10 AM PT! This is the normal time we do Super Cyber Friday. See our finalists Omer Singer, vp of strategy for Anvilogic, Russell Spitler, CEO of Nudge Security, and Attila Szász, founder and CEO of BugProve go head to head to see which company captures our CISO judges attention. Our judges will be Edward Contreras, CISO for Frost Bank and Alexandra Landegger, CISO for Collins Aerospace. REGISTER to witness the battle first hand on Friday, 05-17-24!  And make s ..read more

Chinese disinformation proving ineffectual We’ve had several election cycles haunted by the threat of Chinese disinformation campaigns, made only more ominous with the advent of modern generative AI tools. But Wired’s David Gilbert recently profiled that despite operating a campaign dubbed Spamouflage Dragon since 2017, real world impact remains negligible. Analysts say that despite the volume and scale of posts, these lack the cultural context to make them effective. Some compared Chinese disinformation sophistication as 10 years behind Russia. The Great Firewall seems to play a roll in this ..read more

Welcome to episode three of Capture the CISO Season 2! Our host is Rich Stroffolino and our judges are Christina Shannon, CIO, KIK Consumer Products and Dan Walsh, CISO, Paxos. Our contestants: Attila Szász, CEO & Founder, BugProve Steve Malone, VP of Product Management, Egress Ben Kliger, CEO, Zenity And don’t forget to join us for the finals, LIVE, on Friday, May 17th, 2024 at 1 PM ET/10 AM PT. REGISTER. Got feedback? Join the conversation on LinkedIn. Huge thanks to all our contestants who are also sponsors of Capture the CISO BugProve BugProve offers a vulnerability ..read more

UnitedHealth Group CEO faces congress & cause of hack revealed The CEO of UnitedHealth Group, the parent company of Change Healthcare, is set to testify before a congressional committee today, Wednesday May 1st, 2024. A transcript of CEO Andrew Witty’s statements was released ahead of the hearing, revealing significant details about the events leading up to the February attack by the Black Cat ransomware gang. According to the transcript, the hackers gained initial access through stolen credentials used on a Citrix portal that did not have multi-factor authentication enabled. It was revea ..read more

USPS phishing sites are popular In October 2023, researchers at Akamai began observing traffic to combosquatting phishing domains impersonating the US Postal Service, all using the same malicious JavaScript file. The researchers found query traffic to these malicious sites almost at parity with legitimate USPS.com traffic, even significantly surpassing it during the holiday season. Some of the sites attempted to collect sensitive information, with a few going to the effort to set up fraudulent shops offering gifts and collectibles.  (Bleeping Computer) UK bans bad IoT credentials Enforce ..read more

For many organization, risk programs are driven by compliance requirements. What compliance framework you use will directly impact what processes you have in place around risk, noted Kim Elias, Senior Compliance Specialist, Vanta. This puts the onus on organizations not just to recognize risk, but to assign ownership of the issues that can be demonstrated in an audit. Check out this preview of our Super Cyber Friday event happening this Friday, May 3, 2024. Our topic will be “Hacking the Value of GRC: An hour of critical thinking of how compliance can kickstart your risk program.” REGISTER for ..read more