Tag Archive for: global

Police apprehend global cyber gang implicated in large-scale fraud

/in


The Met Police, a long with a host of other global law enforcement agencies, have dismantled a criminal gang that used a technology service to facilitate fraudulent text messages, leading to theft from victims. The scam primarily targeted younger individuals familiar with the internet. The technology service, LabHost, aided scammers in sending deceptive messages and directing victims to fake websites resembling legitimate online payment or shopping services.



The criminals obtained identity information, including card numbers and Pin codes, resulting in significant financial losses. Though the exact amount stolen remains unknown, LabHost reportedly generated nearly £1m in profits. In the UK alone, around 70,000 victims are thought to have been deceived into providing their details online, with 25,000 identified victims receiving warning text messages about potential fraudulent sites.

Victims are advised to seek guidance on the Metropolitan Police website, and their cases have been reported to fraud investigators. Personal details discovered in data obtained from LabHost have been secured by authorities.

In light of this story, the cybersecurity community has been positive in hearing this news:

Adam Pilton, Cyber Security Consultant at CyberSmart, and former Detective Sergeant investigating cybercrime at Dorset Police: “This is another fantastic result for UK and international law enforcement. 

“In February, we saw the takedown of Lockbit, the largest ransomware gang. This was an international operation which stemmed from fantastic work by the South West Regional Organised Crime Unit.

“This operation will be no different, and we should not underestimate the amount of work put into operations such as this. It took two years to reach this point and there would have been many people involved. This kind of incident would most likely have started from the intelligence gathered by law enforcement and investigative agencies. 

“This is why it is so important to report cybercrime: Even reporting phishing emails helps to build that intelligence picture, which enables law enforcement to protect us.

“One area of particular concern is the increasing tendency to see…

Source…

Russian ‘Cyber Sabotage’ A Global Threat: Security Firm

/in


A Sandworm cyber hacker groups linked to Russian intelligence services is expected by computer security firm Mandiant to take aim at Western elections the Kremlin would like to sway


Indranil Mukherjee

Text size

Source…

Cybertech Global Tel Aviv | Gil Schwed: We’re In the 5th Generation of Cyber Attacks

/in


“We are in the midst of some of the most sophisticated attacks we have seen, from all types of attackers – ideological ones, nation-state-sponsored organizations, financial criminals, and more,” said Check Point Software Technologies Founder & CEO, Gil Schwed, on the main stage of Cybertech Global Tel Aviv this morning (Tuesday).

“The major countries try to use their cyber power. Some aspects are behind the scenes – collecting intel, gaining control over critical systems, etc., while others aspects are fighting the actual cyber war – from WannaCry on Ukraine a few years ago to mainstream attacks on Israel from Hezbollah and Iran. The sophistication level is increasing, the internet is an open universe and technologies often find themselves spreading.”

Schwed addressed the specific challenges Israel is currently facing in its cyber war with Iran, saying that “the good news is that Israel sees the attacks and can fight them. The bad news is that many organizations are behind on their defense.

“We’re in the 5th generation of cyberattacks: attacks that are very hard to identify, polymorphic – meaning they look different every time, and are multiple-stage attacks, causing a lot of damage which is more difficult to repair.”

At the end of his talk, Schwed was surprised by Cybertech’s CEO Amir Rapaport and Chairman Yossi Vardi with an honorary plaque, in honor of his devotion to Cybertech over the past 10 years.

Source…

Global malware surge revealed in WatchGuard’s latest Internet Security Report

/in


A recent Internet Security Report revealed a significant surge in evasive malware, amplifying the total volume of malware globally. Global cybersecurity leader WatchGuard Technologies compiled the report, which also outlined crucial trends among top malware and both network and endpoint security threats, exploring data collected and analysed by their Threat Lab researchers.

Key findings showed threat actors increasingly exploiting on-premises email servers and a continuing decline in ransomware detections, potentially due to law enforcement’s concerted international efforts to dismantle ransomware extortion groups.

Corey Nachreiner, WatchGuard’s Chief Security Officer, stated that their latest research shows threat actors using various techniques to target vulnerabilities, especially in older software and systems. He emphasised, “Organisations must adopt a defence-in-depth approach to protect against such threats. Updating the systems and software on which organisations rely is a vital step toward addressing these vulnerabilities.”

Among the report’s key findings was a parallel increase in evasive, basic, and encrypted malware in Q4 2023, contributing to an overall rise in malware. The average malware detection per Firebox grew by 80% compared to the previous quarter, evidencing a significant volume of malware threats arriving at the network perimeter. Geographically, the Americas and the Asia-Pacific region experienced the most significant increase in malware instances.

TLS and zero-day malware instances were also noted to rise. Approximately 55% of malware arrived over encrypted connections, a 7% increase from Q3. Meanwhile, zero-day malware detections jumped to 60% of all malware detections, up from 22% the previous quarter. However, zero-day malware detections with TLS fell to 61%, exhibiting a 10% decrease from Q3, shedding light on the unpredictability of malware in the wild.

Two of the top five malware variants led users to the DarkGate network. JS.Agent.USF and Trojan.GenericKD.67408266, both in the top five, redirected users to malicious links. Both of these malware loaders also attempted to load DarkGate malware onto the victim’s computer.

A resurgence of…

Source…