SpyCloud

The SpyCloud October Security Roundup Newsletter is live and full of interesting insights and details on the latest and most trending cybercrime news our team has been monitoring over the last few weeks. From #OperationMagnus to #Telegram, #LockBit, and USDoD (the actor behind the National Public Data Breach) -- there were plenty of activities that made headlines and we're breaking them down for you plus giving you some insights into SpyCloud product updates and more!

The clock may be ticking down on 2024, but our team is not slowing down one bit! We're hitting the road through December ready to showcase SpyCloud's industry-leading identity threat protection solutions at various events across the US and abroad. Take a look at where we'll be next and if you're attending any of these shows, connect with our team of experts onsite to see how we can partner with you to disrupt cybercrime together. https://lnkd.in/dSVSKQFi

Numbers don't lie. Since the announcement of #OperationMagnus our team has observed quite a drastic drop in unique #RedLine and #Meta stealer infections. 📉 As our Vice President of #SpyCloudLabs, Trevor Hilligoss mentions this is a great win for the good guys and is just the sort of cybercrime disruption we want to see. To read more about these two legacy #infostealers and what organizations and users can do to combat this type of #malware and mitigate their risks from the stolen data, check out our recent blog on this topic: https://lnkd.in/ghiQrVWt

Last week our Engineering team sponsored our first ever SpyCloud #Hackathon. With the focus on solving problems with #AI, teams from all over the company -- hybrid and in-person -- came together to really dig into how we could create better internal or external processes, enhance customer experiences and more! This collaborative event was one way #SpyCloud lives by our Core Values and how all members of #TeamSpyCloud are aligned on our mission to disrupt cybercrime! Interested in joining our mighty, global team of innovators - check out https://lnkd.in/esuBwzD to learn more about our culture and apply for open roles.

ANNOUNCING: 🔒The Next Level in Holistic Identity Threat Protection 🔒 Today we're releasing an enhanced version of SpyCloud Active Directory Guardian, powered by our proprietary #IDLink analytics. IDLink is the industry’s first and only solution that protects the holistic employee #identity. Active Directory Guardian, now with IDLink, scans your entire set of AD credentials and automatically uncovers compromised credentials tied to your employees' digital identities ➡ both personal and professional ⬅ giving you confidence to automate password remediation at scale. Learn more about how you can: ❗Discover the full extent of exposed AD passwords ❗Accelerate #NIST compliance ❗Secure your corporate data and critical IP & lock out bad actors ❗Prevent against targeted cyberattacks like #ransomware and #ATO Read more about SpyCloud's enhanced ADG product and the power of IDLink in our latest blog: https://bit.ly/3AgLE9T

In a recent analysis of the top 10 most prevalent infostealer #malware families found in SpyCloud's recaptured data in the last 30 days, our team found that LummaC2 is coming up tops, but when we compare the same top 10 across our all-time records, RedLine Stealer historically reigns supreme in the #infostealer space -- but for how much longer?? With the announcement of Operation Magnus - a concerted, international partnership across law enforcement agencies to take down RedLine and Meta 'stealers - it may be too early to tell exactly what this means for the bad actors and groups that leverage this nefarious software. But one that can be certain, unless properly remediated, the identity data that has already been siphoned off devices can still be floating out there for bad actors to use to perpetrate cyber attacks like #ATO, #fraud and #ransomware. Read our blog breaking down the threats new and legacy infostealer malware can pose and what users and organizations can do to better protect themselves against this criminal-favorite tactic. https://bit.ly/3Ae8ij2

With the changing of the seasons comes…changes to the SpyCloud Portal dashboard! Updates that went live to the enterprise portal dashboard TODAY, include: 🚨 Domain-specific exposure monitoring insights 🚨 Timeframe filtering 🚨 Enhanced malware and breach filtering on your timeline 🚨 Active Directory scan results 🚨 Password reuse stats …and more! Get the full details: https://bit.ly/4fbFnv9

SpyCloud security researchers have uncovered some interesting activity taking place on Meta's Threads platform: cybercriminals advertising stolen financial information, specifically credit card details 💳 While Meta is aware of this activity and reportedly monitoring the situation, we have observed an increase in bad actors sharing everything from 'fullz' (complete stolen credit and account information) to actual pictures of physical credit cards. Additionally, they are using Threads features such as Polls to crowdsource feedback, assessing whether information they are providing works or if their followers need more or new stolen data. Read more about #SpyCloudLabs observations and findings here: https://bit.ly/3YrnS2G

Mobile devices are central to our lives—banking, work, shopping, and even socializing happens at our fingertips. But as our reliance on these devices increases, so does the threat landscape. Mobile #malware is rising, and the stakes are higher than ever. At SpyCloud we’ve observed a surge in sophisticated mobile threats, including banking trojan malware. Cybercriminals are exploiting vulnerabilities and creating malware that’s harder to detect, targeting everything from login credentials to a user's financial information to sensitive business data. Learn more about this growing data exfiltration tactic and how to combat the data stolen from mobile malware to better secure your digital identity and minimize business risk with #SpyCloud. #MobileSecurity #Cybersecurity #ThreatIntelligence #SpyCloud

With the ongoing threat of #BEC and #phishing, organizations have been steadily warning their employees of being extremely careful of what they click, open, or share -- even if it seems to come from a trusted source. For the final week, in honor of Cybersecurity Awareness Month, we submit for the approval of the SpyCloud Society...the fourth tale in our series, Are You Afraid of the Dark(web)? 👥 The Tale of the Digital Duplicate 👥 This week's spooky scenario details what happens when a user, a VP no less, falls victim to a malware-infection. The criminal at large stole critical personal and company information allowing them to create a digital duplicate of the VP and create deepfake videos furthering their nefarious activities. Spoiler alert: Thanks to SpyCloud, the SOC team was able to quickly remediate the exposed VPs credentials, as well as visualize the full extent of the VP exposure thanks to #SpyCloud's IDLink Analytics. If you missed any tales from this months's series, visit https://lnkd.in/gcfGcxAr to learn about the scary ways cybercriminals are using stolen data to perpetrate cybercrime and how SpyCloud can help you prevent costly cyber attacks from causing any more fright.