Counter Ransomware Summit in DC Attempts to Restrict Threat Actor’s Finances
According to a report by Chainalysis, a blockchain analysis company, ransomware payments reached nearly $600 million in 2021, up from $350 million in 20201. To counter this growing challenge, the Biden-Harris Administration launched the International Counter-Ransomware Initiative (CRI) in July 2021, with the aim of enhancing international cooperation and coordination to disrupt and deter ransomware […]
White House Issues Executive Order on Artificial Intelligence
On October 30, 2023, President Joe Biden issued a landmark Executive Order to ensure that America leads the way in seizing the promise and managing the risks of AI. The Executive Order establishes new standards for AI safety and security, protects Americans’ privacy, advances equity and civil rights, stands up for consumers and workers, promotes innovation […]
iPhone’s Hide My MAC Address Has a Critical Flaw
In 2020, Apple announced a new feature for its iOS devices that was supposed to protect the privacy of its users. The feature, called Private Address, was designed to prevent the tracking of iPhones and iPads by hiding their Wi-Fi MAC address when they connected to a wireless network. A Wi-Fi MAC address is a unique identifier that is assigned […]
Nigerian Police Force Takes Down Another Scam Center
The Nigerian operation that the police dismantled was a cybercrime recruitment and mentoring hub in Abuja, the Federal Capital Territory (FCT). According to the Nigerian Police Force (NPF), the hub was operated by a sophisticated cybercrime syndicate that was involved in various types of online fraud, such as business email compromise, romance scams, and high yield […]
Microsoft is Experimenting with Automatic Secure DNS Discovery
Microsoft is testing support for the Discovery of Network-designated Resolvers internet standard, which enables automated client-side discovery of encrypted DNS servers on local area networks. This feature allows users to automatically configure devices to reach encrypted DNS resolvers and use encrypted DNS protocols like DNS over TLS, DNS over HTTPS, and DNS over QUIC without requiring […]
1Password is Collateral Damage in OKTA Hack
OKTA recently experienced a supply chain attack, and this hack affected some of its customers, including Cloudflare and 1Password. The hackers exploited a vulnerability in Okta’s customer support system, which allowed them to access files uploaded by customers for troubleshooting purposes. These files contained sensitive information, such as session cookies and tokens, that could be used […]
Microsoft Security Copilot Now Available!
Microsoft Security Copilot is a new security product that uses generative artificial intelligence (AI) to help security teams protect their organizations from cyberthreats. It is designed to augment the capabilities and efficiency of security professionals by providing them with tailored insights and guidance based on Microsoft’s security expertise and global threat intelligence. Microsoft Security Copilot […]
Operation Chakra-II Targets India Call Center Scammers
The Central Bureau of Investigation (CBI) of India launched a nationwide crackdown on cybercrime operations behind tech support scams and cryptocurrency fraud. The operation, named Chakra-II, was based on complaints from Microsoft, Amazon, and the Financial Intelligence Unit (FIU) of India. The CBI registered five cases against the accused, who were operating illegal call centres […]
Windows Defender Bypassed to Turn Target PCs into Cryptominers
The exploit associated with Windows Defender (0BEFB96279DA248F6D49169E047EE7AB) is a malicious script that tries to disable or bypass the security features of Windows Defender and download and execute various types of malware on the infected device. The script is part of a larger campaign that targets organizations with cryptominers, keyloggers, and backdoors¹. The script, named runxm1.cmd, […]
Microsoft fixes faulty spam rule that marked all sent emails as junk
Microsoft has resolved an issue that caused a spam rule to flag all outgoing emails as junk for some users of its Exchange Online Protection (EOP) service. EOP is a cloud-based email filtering service that protects Exchange Online users from spam, malware, phishing, and other email threats. It also provides outbound email scanning to prevent […]