13 Dec 2024
By Mary

InfoSec News Nuggets 12/13/2024

Senators, witnesses: $3B for ‘rip and replace’ a good start to preventing Salt Typhoon-style breaches The $3 billion that Congress folded into the annual defense policy bill to remove Chinese-made telecommunications technology from U.S. networks would be a huge start to defending against breaches like the Salt Typhoon espionage campaign, senators and hearing witnesses said Wednesday. Federal Communications Commission Chairwoman Jessica Rosenworcel recently told Hill leaders that the $1.9 billion Congress had devoted to the “rip and…
Read More
12 Apr 2024
By Mary

InfoSec News Nuggets 4/12/2024

Zambia Busts 77 People in China-Backed Cybercrime Operation Law enforcement in Zambia this week raided a Chinese company that hired unsuspecting young Zambian citizens purportedly for positions at a call center that instead was a front for cybercrime and money laundering. The so-called Golden Top Support services company directed the employees "with engaging in deceptive conversations with unsuspecting mobile users across various platforms such as WhatsApp, Telegram, chatrooms and others, using scripted dialogues," Nason Banda,…
Read More
16 Aug 2023
By Mary

InfoSec News Nuggets 08/16/2023

Over 120,000 Computers Compromised by Info Stealers Linked to Users of Cybercrime Forums  A "staggering" 120,000 computers infected by stealer malware have credentials associated with cybercrime forums, many of them belonging to malicious actors. The findings come from Hudson Rock, which analyzed data collected from computers compromised between 2018 to 2023. "Hackers around the world infect computers opportunistically by promoting results for fake software or through YouTube tutorials directing victims to download infected software," Hudson Rock CTO Alon Gal…
Read More
02 Feb 2023
By Mary

InfoSec News Nuggets 02/02/2023

City of London on High Alert After Ransomware Attack  A suspected ransomware attack on a key supplier of trading software to the City of London this week appears to have disrupted activity in the derivatives market. Ion Cleared Derivatives released a brief statement on Tuesday saying that it experienced a “cybersecurity event” that day which affected some of its services. “The incident is contained to a specific environment, all the affected servers are disconnected and remediation of services is…
Read More
08 Aug 2022
By Mary

InfoSec News Nuggets 08/08/2022

LinkedIn Continues its Reign as the Most-Impersonated Brand in Phishing Attacks As cybercriminals look for novel and effective ways to gain entrance to a victim network, LinkedIn is proving to be fruitful enough to keep the attention of phishing scammers. I hope you can appreciate the sophistication of a phishing attack that targets not just a specific company, or even an individual, but a role within the organization – complete with a tailored socially engineered campaign of…
Read More