CyberWolfe

Ukrainian REvil Hacker Sentenced to 13 Years and Ordered to Pay $16 Million (thehackernews.com) A Ukrainian national has been sentenced to more than 13 years in prison and ordered to pay $16 million in restitution for carrying out thousands of ransomware attacks and extorting victims. Yaroslav Vasinskyi (aka Rabotnik), 24, along with his co-conspirators part of the REvil ransomware group orchestrated more than 2,500 ransomware attacks and demanded ransom payments in cryptocurrency totaling more than $700 million. "The co-conspirators demanded ransom payments in cryptocurrency and used cryptocurrency exchangers and mixing services to hide their ill-gotten gains," the U.S. Department of Justice (DoJ) said.

Bad practices in software development create vulnerabilities that malicious actors routinely exploit. This #CybersecurityAwarenessMonth, the #FBI and the Cybersecurity and Infrastructure Security Agency (CISA) urge software manufacturers to take ownership of customer security outcomes by avoiding the risky practices outlined in our new guide: https://lnkd.in/eibEV9Pu Our list does not include every inadvisable cybersecurity practice. The items present in the list were chosen based on the threat landscape and represent the most dangerous and pressing bad practices that software manufacturers should avoid.

The Australian government has introduced the country’s first standalone cybersecurity law to Parliament. The new legislation aims to better protect citizens and organizations against a heightened geopolitical and cyber threat environment. The Cyber Security Bill 2024 covers a range of areas, including mandating minimum cybersecurity standards for IoT devices and mandatory ransomware reporting for critical infrastructure organizations. * Minimum Standards for Smart Devices * Obligation to Report Ransomware Payments * Addressing “Whole-of-Economy” Cybersecurity Issues Australia Introduces First Standalone Cybersecurity Law - Infosecurity Magazine (infosecurity-magazine.com) https://lnkd.in/eFDvz36N

Cybersecurity Advisory: The Federal Bureau of Investigation (FBI), the Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) are releasing this joint CSA to disseminate known IOCs and TTPs associated with the ALPHV Blackcat ransomware as a service (RaaS) identified through FBI investigations. Actions to take today to mitigate against the threat of ransomware: 1. Routinely take inventory of assets and data to identify authorized and unauthorized devices and software. 2. Prioritize remediation of known exploited vulnerabilities. 3. Enable and enforce multifactor authentication with strong passwords. 4. Close unused ports and remove applications not deemed necessary for day-to-day operations. This advisory provides updates to the FBI FLASH BlackCat/ALPHV Ransomware Indicators of Compromise released April 19, 2022, and to this advisory released December 19, 2023. ALPHV Blackcat actors have since employed improvised communication methods by creating victim-specific emails to notify of the initial compromise. Since mid-December 2023, of the nearly 70 leaked victims, the healthcare sector has been the most commonly victimized. This is likely in response to the ALPHV Blackcat administrator’s post encouraging its affiliates to target hospitals after operational action against the group and its infrastructure in early December 2023. https://lnkd.in/epiRuGN6

Not surprised at this stat below, but "Cybercrime is expected to Skyrocket in Coming Years unfortunately" According to estimates from Statista’s Market Insights, the global cost of cybercrime is expected to surge in the next four years, rising from $9.22 trillion in 2024 to $13.82 trillion by 2028. Cybercrime is defined by Cyber Crime Magazine as the “damage and destruction of data, stolen money, lost productivity, theft of intellectual property, theft of personal and financial data, embezzlement, fraud, post-attack disruption to the normal course of business, forensic investigation, restoration and deletion of hacked data and systems, and reputational harm.” As more and more people turn online, whether for work or their personal lives, there are more potential opportunities for cyber criminals to exploit. At the same time, attacker techniques are becoming more advanced, with more tools available to help scammers. The coronavirus pandemic saw a particular shift in cyber attacks, as Statista’s Market Insights analysts explain: “The COVID-19 crisis led to many organizations facing more cyberattacks due to the security vulnerability of remote work as well as the shift to virtualized IT environments, such as the infrastructure, data, and network of cloud computing.” #cyberattack #cybersecuity #cybercrime #smbbusiness #businesscrime #ransomware

Mastercard invests in continued defense of global digital economy with acquisition of Recorded Future. Mastercard today expanded its cybersecurity services with an agreement to acquire global threat intelligence company Recorded Future from Insight Partners for $2.65 billion. The acquisition bolsters the insights and intelligence used to secure today’s digital economy – in the payments ecosystem and beyond. Recorded Future is the world’s largest threat intelligence company, with more than 1,900 clients across 75 countries, including the governments of 45 countries and over 50% of the Fortune 100. The need for a holistic and global cyber defense has never been greater. As new technologies are introduced and adopted, there is a rising risk of cyber threats. In 2024 alone, cybercrime is projected to cost $9.2 trillion globally #cybersecurity #threatintelligene #business #mastercard #visa #cyberrisk #globaleconomy #cyberthreats https://lnkd.in/ei7YPfbG

Team CyberWolfe is excited to be part of the CAN-TECH 2024 Fall Conference: Exploring New Frontiers in Technology Understanding the Cyber Response Arsenal: What resources do clients and data breach counsel need to respond to a cyber attack. Featuring:  Olivier Bue, Vice President, Cyber Practice, Hub International Howard Smith, Cyber Insurance Counsel, HRS Law Hélène Deschamps Marquis, Partner, Deloitte Legal Canada RJ Sahi, Managing Partner, CyberWolfe In this panel you will learn the ins and outs of cyber coverage, and the trends of the changing cyber-insurance landscape; understanding the players and resources available to support a breach response, including cyber forensics; extortion advisors, e-discovery, etc. https://lnkd.in/ggy_cHsZ

Cyber security and Agriculture - Russian hackers are targeting American and Canadian food supplies Increasing automation and the use of artificial intelligence has exposed the agri-food industry to the risk of cyberattacks. In view of the potential threat to food production, there is an urgent need for better cybersecurity in the sector. It is vital to improve the security of the entire agri-food industry, particularly in view of the growing automation of agriculture, which is increasingly making use of artificial intelligence and machine learning tools. Given that successful attacks could undermine product availability and food safety, and even disrupt the entire agricultural and food production process, all the industry players should take steps to evaluate the risks and vulnerabilities of their systems. As agricultural and agri-food businesses become more and more digitized and connected online, the risk of cyber disruptions increases. Cyber disruptions can have devastating effects including interrupting key services, impacting consumer trust and affecting business profitability. Put cyber security measures in place to prevent cyber disruptions, and to protect your business. https://lnkd.in/gXdTcqiZ