Unfortunately, I’ve had unpleasant dealings with the Phobos ransomware group. My interactions with Phobos have been fodder for a good story when I educate client employees on recent cyber-attacks to prevent them from becoming victims. The story highlights how these ransomware groups, including Phobos, are sophisticated criminal organizations with managerial hierarchy. They use common slang
russia
Nation State Backed Groups Using AI for Malicious Purposes
The Google Threat Intelligence Group (GTIG) recently published a new report “Adversarial Misuse of Generative AI,” which is well worth the read. The report shares findings on how government-backed threat actors use and misuse the Gemini web application. Although the GTIG is committed to countering threats across Google’s platforms, it is also committed to sharing…
Department of Commerce Takes Lead in Addressing Risks from Connected Car Technology
As a Rhode Islander, I am a big fan of our former Governor and now Secretary of Commerce, Gina Raimondo. She has always had her eye on the ball of the rapidly developing data privacy and cybersecurity risks and threats to national security. She is showing her continued commitment to data privacy, cybersecurity, and the…
Russian Military Cyber Actors Targeting Critical Infrastructure Sector
The Cybersecurity and Infrastructure Security Agency (CISA), along with the Federal Bureau of Investigation (FBI), the National Security Agency, and other international partners, issued an Alert on September 5, 2024, warning that cyber actors affiliated with the Russian military are targeting critical infrastructure, government services, financial services, transportation systems, energy, and healthcare sectors of NATO…
Convicted Russian Cybercriminals Part of Prisoner Swap
It is heartwarming that 16 prisoners, including innocent ex-Marine Paul Whelan and Wall Street Journal reporter Evan Gershkovich, have been freed from their wrongful imprisonment in Russia in exchange for 24 convicted Russian prisoners. What is disturbing is that innocent individuals wrongfully convicted are being used to bargain for convicted individuals, including cybercriminals.
Krebs on…
Privacy Tip #408 – Russian Cybercriminals Get 69% of Ransom Payments
Anecdotally, we know that cybercriminals hailing from Russia are a significant risk to U.S.-based and world companies and governmental entities. With two convicted Russian cybercriminals being released this week in the prisoner swap I was curious just how significant Russian cybercriminals play in cybercrime chaos.
According to Bleeping Computer, “Russian-speaking threat actors accounted…
Commerce Department Bans Kaspersky Software in US
In the Biden Administration’s continuing effort to reduce the risk of cybersecurity spyware from foreign adversaries, including Russia, the United States Department of Commerce (Commerce) issued a final rule (Rule) on June 16, 2023, entitled “Protecting Americans’ Sensitive Data from Foreign Adversaries” and also amended a previously issued rule (“Securing the Information and Communications Technology…
CISA + Partners Issue Alert for Protection of Water Systems, Dams, Energy + Food + Ag
In response to the growing threat by pro-Russia hacktivists, on May 1, 2023, CISA and other national agency partners issued an Alert to operators of industrial control systems and small-scale operational technology systems in North America and Europe on mitigation techniques for cyber operations to prevent a compromise of industrial control systems, including “Water and…
New Threat: Scattered Spider International Coalition of Hackers
Cyber adversaries in China and Russia continue to be a formidable threat to U.S. based companies. In the past, scams might be detected because a word was misspelled or the context didn’t make sense. Now, with the help of young Western hackers, cyber adversaries in Russia will be able to use insider knowledge of language…
Boeing Hit with LockBit Ransomware
Boeing has confirmed that its parts and distribution site has been attacked by LockBit ransomware, which is believed to be Russian based. Boeing has said that the attack has not affected flight safety. Boeing is investigating the attack.
LockBit publicly claimed responsibility for the attack and boasted that it had stolen “sensitive data” from Boeing…