CyberScoop

We're thrilled to announce the nominees for the 2024 #CyberScoop50 Awards! These cybersecurity trailblazers are not just combating today's threats but are also innovating to safeguard our future. Their dedication keeps our global networks secure and resilient. Show your support by voting for your top cybersecurity leader. Cast your vote now: https://lnkd.in/dGV3HvSi

The number of ransomware attacks that reach the encryption stage dropped 300% over the past two years, due in large part to automatic attack disruption technologies, according to a report out Tuesday from Microsoft. The findings — which come as part of Microsoft’s fifth annual Digital Defense Report analyzing trends between June 2022 and July 2023 — come amid the company observing a 275% year-over-year increase in ransomware-related attacks. https://lnkd.in/e_gDXeua

Hackers are evading natural language processing detection capabilities used to filter out phishing attacks by adding benign text and links, according to data from Egress’ threat intelligence unit released Tuesday. Egress researchers looked at 40 attacks targeting U.S. organizations that used obfuscation techniques designed to evade anti-phishing services by using natural language processors (NLP) to send malware or malicious links. NLPs are also used by artificial intelligence models like ChatGPT. https://lnkd.in/em2xnvZG

Latino and Hispanic voters are viewed as a critical, up-for-grabs bloc this election cycle, with Republican Donald Trump showing signs of making significant inroads with the groups in polling and advisers to Democrat Kamala Harris singling out those votes as key to winning battleground states like Florida, Nevada, Arizona and Pennsylvania. These voters were bombarded with Spanish-speaking mis- and disinformation in the final weeks of the 2022 and 2020 elections, and some Latino groups are sounding the alarm again this year. https://lnkd.in/eZaDFwCs

Iranian hackers are aggressively trying to crack passwords in the health care, government, information technology, energy and engineering sectors, an advisory from U.S., Canadian and Australian cyber agencies said Wednesday. The “brute force” attacks — which take a variety of forms — date to October of last year, according to the FBI, the Cybersecurity and Infrastructure Security Agency, the National Security Agency, the Communications Security Establishment Canada, Australian Federal Police and the Australian Cyber Security Centre. https://lnkd.in/eBZyjwkD

A federal grand jury unsealed an indictment Wednesday against two Sudanese brothers allegedly behind Anonymous Sudan, a cybercriminal outfit responsible for tens of thousands of attacks designed to knock websites and services offline. Authorities also unsealed a criminal complaint and announced they had disabled the group’s powerful tool for conducting attacks https://lnkd.in/eTeQtxgc

GitHub’s latest Enterprise Server update fixes a critical vulnerability that allows authentication bypass for on-premise deployments, according to the company. The bug — CVE-2024-9487 — impacts GitHub’s enterprise product and does not affect its software-as-a-service products, according to the company’s release. The Microsoft-owned company said the bug, which is a 9.5 on the CVSS scale, would allow hackers to bypass a method typically used by companies to verify employee identities using single sign-on called Security Assertion Markup Language (SAML). https://lnkd.in/exHzUjnJ

If your remote employee insists on using their own devices, won’t show up on webcam and frequently changes their payment services, you may have accidentally hired a North Korean operative. Those are some of the tactics wielded by the actors behind what Secureworks refers to as Nickel Tapestry, a group known for planting fake IT workers at Western commercial companies to raise money for North Korea’s nuclear weapons programs, according to new research from Secureworks. https://lnkd.in/eS6ZRx9E

The Federal Police of Brazil on Wednesday arrested a person allegedly responsible for a series of audacious data breaches targeting large international companies and U.S. government entities. The suspect, who is known in the cybercrime underground as USDoD or EquationCorp, is allegedly the person responsible for a breach of the online background check and fraud prevention service National Public Data, exposing personal information and Social Security numbers of millions of Americans. Brazilian authorities also say the suspect is responsible for compromising the FBI’s InfraGard — a portal used by American law enforcement to share critical threat information. https://lnkd.in/eduPW9zA

SecureWorks has released research that dives into the tell-tale behaviors behind remote employees that may be working on behalf of North Korea. https://lnkd.in/gQtpasci