X-Industry

The US Department of Justice (DOJ) said last month’s effort to bring down the Genesis Market represents a departure from its traditional cyber enforcement actions. “Operation Cookie Monster” was not about nabbing masterminds but about making it harder for JV hackers to level up in online fraud.  Cookie Monster is often associated with children, or in this case – Script Kiddies.

Lisa Monaco (Deputy Attorney General Lisa Monaco): We focus on disruptions and not always just looking for the prosecut

An open source Adversary-in-The-Middle (AiTM) phishing kit has found new users in the cybercrime world for its ability to make cyberattacks at scale.  Microsoft Threat Intelligence is tracking the threat actor behind the development of the kit under its emerging name DEV-1101.  An AiTM phishing attack typically involves a threat actor attempting to steal and intercept a target's password and session cookies by deploying a proxy server between the user and the website.

Such attacks are more effec

The US CISA Red Team Shares Key Findings to Improve Monitoring and Hardening of Networks - Actions to take today to harden your local environment:

• Establish a security baseline of normal network activity; tune network and host-based appliances to detect anomalous behavior.
• Conduct regular assessments to ensure appropriate procedures are created and can be followed by security staff and end users.
• Enforce phishing-resistant MFA to the greatest extent possible.

In 2022, the US Cybersecurity and

Ransomware attacks keep increasing in volume and impact largely due to organizations' weak security controls. Mid-market companies are targeted as they possess a significant amount of valuable data but lack the level of protective controls and staffing of larger organizations. According to a recent RSM survey, 62% of mid-market companies believe they are at risk of ransomware in the next 12 months.

As ransomware is still the preferred way for actors to monetize their access, there is a need to u

According to cyber experts, threat groups are making nearly 1,000 attempts to hack account passwords every single second and they are more determined to succeed with the number of attacks increasing.  This analysis comes from Microsoft's Digital Defense Report 2022 and are based on research of trillions of alerts and signals collected from the company's worldwide ecosystem of products and services. 

The report cautions that cyber-attacks are increasing, with account passwords still very much the

A new Phishing-as-a-Service (PhaaS) named EvilProxy (also known as Moloch) was seen for sale in dark web forums, according to researchers.  Moloch ransomware is a computer virus infection that encrypts all personal victim files on an affected device and demands a ransom for unlocking them.  This file-locking parasite belongs to a relatively small Makop ransomware family compared to others, such as Djvu or Dharma.

EvilProxy actors are using reverse proxy and cookie injection methods to bypass 2FA