The White House Is Deciding Whether to Support a Bureau of Cyber Statistics

Four individuals from Eastern Europe face 20 years in prison for Racketeer Influenced Corrupt Organization (RICO) charges after pleading guilty to running a bulletproof hosting service as a safe haven for cybercrime operations targeting US entities. The bulletproof hosting service was founded by Russian citizens Aleksandr Grichishkin and Andrei Skvortsov, who hired Lithuanian Aleksandr Skorodumov…

Cybercrime , Fraud Management & Cybercrime , Fraud Risk Management CISA Describes APT Group’s Methods Doug Olenick (DougOlenick) • April 23, 2021     Secureworks says the Bronze Spiral APT group was involved in the attack described by CISA. An advanced persistent threat group gained long-term access to an unnamed entity’s network through its Ivanti…

Apple released an emergency software patch to fix a security vulnerability that researchers said could allow hackers to directly infect Apple devices without any user action. The researchers at the University of Toronto’s Citizen Lab said the flaw allowed spyware from the world’s most infamous hacker-for-hire firm, NSO Group, to directly infect the iPhone of…

Computer giant Acer has been hit by a REvil ransomware attack where the threat actors are demanding the largest known ransom to date, $50,000,000. Acer is a Taiwanese electronics and computer maker well-known for laptops, desktops, and monitors. Acer employs approximately 7,000 employees and earned $7.8 billion in 2019. Yesterday, the ransomware gang announced on their…

Cybercrime , Cybercrime as-a-service , Cyberwarfare / Nation-State Attacks Biden Administration Says Attempted Ransomware Disruption Efforts Won’t Be Immediate Mathew J. Schwartz (euroinfosec) • July 12, 2021     REvil ransom note seen by victims of the ransomware attack involving Kaseya’s software (Source: Cisco Talos) As the Biden administration attempts to force Russia to crack…

Zscaler Says It Prevented Over 2,500 Phishing Attacks Akshaya Asokan (asokan_akshaya) • March 7, 2021     Attackers steal login credentials via fake Google reCAPTCHA screens. (Source: Pixabay) A Microsoft-themed phishing campaign is using phony Google reCAPTCHA in an attempt to steal credentials from senior employees of various organizations, a new report by security firm…