-
Business Email Compromise (BEC): Tracking a Threat Actor’s Funny Business
Executive Summary In a recent LevelBlue incident response engagement, an analyst in our managed detection and response (MDR) security operations center (SOC) responded to an alarm that was triggered by a suspicious email/inbox rule. The rule aimed to conceal responses to an internal phishing attempt from the account user, so the attacker could solicit funds…
-
Polish Prosecutors Step Up Probe into Pegasus Spyware Operation
Polish prosecutors investigating a massive political spying operation have seized Pegasus from a government agency Read More
-
Sellafield Pleads Guilty to Historic Cybersecurity Offenses
UK’s most hazardous nuclear site, Sellafield, has admitted criminal charges related to IT security failings Read More
-
Thelma – The Real-Life Voice Scam That Made It into the Movies
This has to be a first. Something from our blogs got made into a movie. We’re talking about voice scams, the soundalike calls that rip people off. One such call sets the action in motion for a film released this weekend, “Thelma.” The synopsis of the comedy reads like this … “When 93-year-old Thelma Post…
-
Friday Squid Blogging: Squid Nebula
Beautiful astronomical photo. Read More
-
Chemical Facilities Warned of Possible Data Exfiltration Following CISA Breach
CISA has informed chemical facilities that its Chemical Security Assessment Tool (CSAT) was infiltrated by a malicious actor, and potentially exfiltrated sensitive data Read More
-
US Bans Kaspersky Over Alleged Kremlin Links
Kaspersky “poses an undue or unacceptable risk to national security,” according to the US Commerce Department’s Bureau of Industry and Security Read More
-
Ross Anderson’s Memorial Service
The memorial service for Ross Anderson will be held on Saturday, at 2:00 PM BST. People can attend remotely on Zoom. (The passcode is “L3954FrrEF”.) Read More
-
Synnovis Attackers Publish NHS Patient Data Online
Ransomware group Qilin has reportedly published nearly 400GB of data stolen following the attack on NHS provider Synnovis in early June Read More
-
KrebsOnSecurity Threatened with Defamation Lawsuit Over Fake Radaris CEO
On March 8, 2024, KrebsOnSecurity published a deep dive on the consumer data broker Radaris, showing how the original owners are two men in Massachusetts who operated multiple Russian language dating services and affiliate programs, in addition to a dizzying array of people-search websites. The subjects of that piece are threatening to sue KrebsOnSecurity for…