Blog – Page 1103 – Cyber Mike

Experts Uncover Chinese Cybercrime Network Behind Gambling and Human Trafficking

The relationship between various TDSs and DNS associated with Vigorish Viper and the final landing experience for the user
A Chinese organized crime syndicate with links to money laundering and human trafficking across Southeast Asia has been using an advanced “technology suite” that runs the whole cybercrime supply chain spectrum to spearhead its operations.
Infoblox is tracking the proprietor

PINEAPPLE and FLUXROOT Hacker Groups Abuse Google Cloud for Credential Phishing

A Latin America (LATAM)-based financially motivated actor codenamed FLUXROOT has been observed leveraging Google Cloud serverless projects to orchestrate credential phishing activity, highlighting the abuse of the cloud computing model for malicious purposes.
“Serverless architectures are attractive to developers and enterprises for their flexibility, cost effectiveness, and ease of use,” Google

Application Security Startup Heeler Raises $8.5 Million in Seed Funding

Heeler Security has raised $8.5 million in seed funding for its ProductDNA application security technology.

The post Application Security Startup Heeler Raises $8.5 Million in Seed Funding appeared first on SecurityWeek.

Suspected Scattered Spider Member Arrested in UK

UK authorities have arrested a 17-year-old suspected of being a member of the Scattered Spider cybercrime gang.

The post Suspected Scattered Spider Member Arrested in UK appeared first on SecurityWeek.

How to Set up an Automated SMS Analysis Service with AI in Tines

The opportunities to use AI in workflow automation are many and varied, but one of the simplest ways to use AI to save time and enhance your organization’s security posture is by building an automated SMS analysis service.
Workflow automation platform Tines provides a good example of how to do it. The vendor recently released their first native AI features, and security teams have already

MSPs & MSSPs: How to Increase Engagement with Your Cybersecurity Clients Through vCISO Reporting

As a vCISO, you are responsible for your client’s cybersecurity strategy and risk governance. This incorporates multiple disciplines, from research to execution to reporting. Recently, we published a comprehensive playbook for vCISOs, “Your First 100 Days as a vCISO – 5 Steps to Success”, which covers all the phases entailed in launching a successful vCISO engagement, along with recommended

California Officials Say Largest Trial Court in US Victim of Ransomware Attack

The Superior Court of Los Angeles County, the largest trial court in the US, has been the victim of a ransomware attack.

The post California Officials Say Largest Trial Court in US Victim of Ransomware Attack appeared first on SecurityWeek.

CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams

The major IT outage caused by CrowdStrike is being leveraged by threat actors for phishing, scams, and malware delivery.

The post CrowdStrike Incident Leveraged for Malware Delivery, Phishing, Scams appeared first on SecurityWeek.

SocGholish Malware Exploits BOINC Project for Covert Cyberattacks

The JavaScript downloader malware known as SocGholish (aka FakeUpdates) is being used to deliver a remote access trojan called AsyncRAT as well as a legitimate open-source project called BOINC.
BOINC, short for Berkeley Open Infrastructure Network Computing Client, is an open-source “volunteer computing” platform maintained by the University of California with an aim to carry out “large-scale

New Linux Variant of Play Ransomware Targeting VMWare ESXi Systems

Cybersecurity researchers have discovered a new Linux variant of a ransomware strain known as Play (aka Balloonfly and PlayCrypt) that’s designed to target VMWare ESXi environments.
“This development suggests that the group could be broadening its attacks across the Linux platform, leading to an expanded victim pool and more successful ransom negotiations,” Trend Micro researchers said in a

Cyber News