Who’s Behind the 8Base Ransomware Website?

Who’s Behind the 8Base Ransomware Website?

The victim shaming website operated by the cybercriminals behind 8Base — currently one of the more active ransomware groups — was until earlier today leaking quite a bit of information that the crime group probably did not intend to be made public. The leaked data suggests that at least some of website’s code was written … Read more

AWS cryptojacking campaign abuses less-used services to hide

To remain undetected for longer in cloud environments, attackers have started to abuse less-common services that don’t get a high level of security scrutiny. This is the case of a recently discovered cryptojacking operation, called AMBERSQUID, that deploys cryptocurrency mining malware on AWS Amplify, AWS Fargate, and Amazon SageMaker instead of the more obvious Amazon … Read more

Cyber Mindfulness Corner Company Spotlight: Cybermindz

At the IT Security Guru we’re showcasing organisations that are passionate about making cybersecurity a healthier, more mindful industry. This week’s guest has set up a dedicated organisation to do just that! Peter Coroneos, Founder and Executive Chairman at Cybermindz, spoke to the Gurus about the importance of supporting the wellbeing of cybersecurity professionals and … Read more

Industrial Cybersecurity Leader Dragos Raises an Additional $74M in Series D Round Extension Funding Led by WestCap

Dragos, Inc., the global leader in cybersecurity for industrial controls systems (ICS)/operational technology (OT) environments, today announced a $74 million Series D extension, led by strategic operating and investing firm WestCap. The equity investment is an extension of Dragos’s $200 million Series D that took place in October 2021, led by Koch Disruptive Technologies, an … Read more

Microsoft reveals memory corruption bugs in ‘ncurses’ library

Microsoft has discovered a set of memory corruption vulnerabilities in the ncurses library that provides a programming interface for writing text-based user interfaces (TUI) or console applications with a graphical appearance. Collectively identified as CVE-2023-29491 with a CVSS score of 7.8, the vulnerabilities can allow attackers to gain unauthorized access to systems and data by … Read more

Digital Deficit: 93% of UK Employers Identify An IT Skills Gap Within The UK Job Market

A new study from Forbes Advisor has unveiled that a staggering 93% of employers perceive there to be an IT skills gap within the UK job market. The experts at the price comparison and guidance platform surveyed 500 UK businesses across a range of sectors, including business, consulting and management, engineering and education, to find … Read more

Brits Are in the Dark About the Dark Web

New research reveals 1 in 7 Brits have had personal data leaked in the past year, equivalent to over seven million[1] Brits. Yet, more than three quarters (77%) still rarely, or never, check if their data has been stolen or leaked. Millions of Brits[2] remain in the dark about the dark web – which among … Read more

Cyber-related False Claims actions are on the uptick

Earlier this month, the US Department of Justice (DOJ) announced that Verizon Business Network Services agreed to pay $4,091,317, plus interest, to resolve False Claims Act (FCA) allegations. These allegations held that the company’s Managed Trusted Internet Protocol Service (MTIPS) provided from 2017 to 2021 to federal agencies did not meet three cybersecurity controls for … Read more

Shelter from the storm – lessons learned from the Storm-0558 Microsoft email attacks

Unless you’ve been living under a rock, you’ve probably read or heard about the targeted attacks on US government email that used an access token generated by Microsoft to spoof allowed access. Called Storm-0558, it involved a China-based threat actor using an acquired Microsoft account consumer key to forge tokens to access OWA and Outlook.com, … Read more