Tag: Cybersecurity
Only a Global Force Can Combat Cybercrime
George Patsis is the founder and CEO of Obrela and has a proven track record in developing large-scale innovative security programs for major Global 500 companies. In an exclusive interview with Cyber Intelligence, he explains why a global approach is needed to fight cybercrime. This is a philosophical discussion shaped by the evolving changes in the human and society conditions. Ten years ago, digital communications and laptops were supplementary tools in people’s lives and perceived as an extension of our natural world. Today, we are witnessing the evolution of a full-scale digital transformation leading to an entirely new domain: cyberspace. Much like the air travel leading to partitioning of the skies, or the British Empire’s domination of the seas or the space quest. Whenever humankind discovers new domains and frontiers, the absence of clear leadership and authority often leads to conflict and crime. In the American Old West, every town had its own safe, and criminals tried to rob it. In the same way, the new digital frontier of cyberspace is driving demand for companies like OBRELA to protect their digital assets. But we need more than just individual Cybersecurity companies to protect us across the new threats in cyberspace. In the absence of a central cybersecurity authority, cybercriminals operate with near impunity—facing little resistance, no clear attribution, and a remarkably low risk of consequences.
Sperm Bank Heist
Another cyber breach as potentially damaging as that of the infamous hook-up site for married users, Ashley Madison, 15 years ago has recently come to light that could have equally serious consequences. According to a notification filed this month with the California Department of Justice, the sperm bank California Cryobank reports a breach that occurred last April. Stolen files include the names, social security numbers, driver's license numbers, financial accounts, and health insurance information of many of the sperm bank donors and their recipients.
UK defence ministry ‘loses’ 269 phones
The UK Ministry of Defence (MoD) has egg all over its face following its admission that over 269 of its phones went missing between January 1 and February 27. This is a record number, even for the MoD, which lost 262 phones in total in 2023 and 2024. The astonishing total of how many phones were recorded as lost, misplaced or stolen in the first two months of this year only came to light in response to a question asked in the UK parliament by the shadow defence secretary, James Cartlidge. The fact that a security-conscious organization such as the MoD could lose track of so many devices only evidences the increasing overlap between cybersecurity and physical security. Once a device such as a smartphone is in the hands of a threat actor, it can provide a portal to enable all kinds of cyber-attacks.
Elon Musk Blames ‘Massive Cyberattack’ for Widespread X Outage – March 10th
Social media platform X suffered a major outage on March 10, with tens of thousands of users unable to access the site. Owner Elon Musk blamed the disruption on a "massive cyberattack," suggesting that a well-funded group or nation-state may have been involved. The outage, which peaked around 10 a.m. EST, affected both the X app and website, with intermittent service disruptions continuing throughout the day. As frustrated users flocked to alternative platforms like Threads and Bluesky, concerns grew over the security of X’s infrastructure.
Majority of Orgs Hit by AI Cyber-Attacks as Detection Lags – March 7th
AI-driven cyber-attacks are becoming a widespread threat, with 87% of security professionals reporting incidents in the past year, according to SoSafe’s latest cybercrime trends report. Despite the growing concern, only 26% of security experts express high confidence in their ability to detect such attacks. The World Economic Forum noted a 223% rise in deepfake-related tools on dark web forums between early 2023 and 2024, further fueling concerns. While 91% of experts expect AI-driven attacks to surge over the next three years, nearly all respondents acknowledge the urgency of improving detection capabilities.
Advanced Persistent Threats Rise by 74% in 2024 Report – March 6th
The frequency of Advanced Persistent Threats (APTs) has surged, with Kaspersky's latest report revealing a 74% increase in such attacks compared to last year. APTs were detected in 25% of organizations, accounting for 43% of high-severity security incidents, highlighting a sharp rise in sophisticated cyber threats. Kaspersky's analysis suggests attackers are refining their tactics to bypass security measures, leveraging human-operated techniques rather than automated exploits. The report underscores the growing persistence of APT actors, emphasizing the need for proactive defense strategies across industries.
Companies complacent about AI-generated cyber-attacks
Companies are largely ignorant of the looming threat of increased artificial intelligence (AI) identity theft, despite the fact that 93 per cent of companies surveyed suffered two or more identity-related breaches in 2024. According to leading identity management company CyberArk Software, executives and employees alike are overconfident of their ability to spot ongoing ID-theft and subsequent cyber breaches, with over 75 per cent of respondents to a recent survey saying that they are confident their employees can identify deepfake videos or audio of their leaders. “Employees are [also] largely confident in their ability to identify a deepfake video or audio of the leaders in their organization. Whether we chalk it up to the illusion of control, planning fallacy, or just plain human optimism, this level of systemic confidence is misguided,” warns Cyberark following a survey of 4,000 US-based employees.
60% of Cybersecurity Professionals Considering Job Change – March 5th
Cybersecurity professionals are restless, with over 60% planning to switch jobs in the next year. A new study by IANS Research and Artico Search highlights career stagnation as a major reason, while salaries remain high across the industry. The report finds senior professionals are the most eager to leave, frustrated by limited growth opportunities. Specialists in cloud security, application security, and threat intelligence, however, continue to command the highest salaries.
Cyber truce with Russia opens up US for cyber-attacks
US Defense Secretary Pete Hegseth’s shock directive to US Cyber Command to pause offensive cyber-operations against Russia may have unforeseen consequences for organizations across the US. It would mean that the West could be blind-sided by a lack of actionable intelligence regarding Russia’s ongoing cyber-war against countries such as the US and the UK. Russian groups are already upping cyber-attacks on the US. In December, Cyber Intelligence reported that two Russian groups, the People’s Cyber Army and Z-Pentest, claim to have taken attacks on critical infrastructure in the US to a new and more dangerous level. This was evidenced by Telegram videos detailing attacks on US energy and water facilities far beyond the previously supposed capabilities of such groups.
Lee Enterprises Investigating Ransomware Claim, Data Leak Threat – March 3rd
Lee Enterprises is investigating a claim from the Qilin ransomware group, which alleges it stole 350GB of data from the newspaper chain’s network in an early February attack. According to SentinelOne researchers, Qilin has threatened to begin leaking data on March 5, though the specific ransom demand remains unknown. A Lee Enterprises spokesperson confirmed awareness of the claims but provided no further details on the investigation.
Three million Google Chrome users hacked
Over three million Google Chrome users have been issued a warning concerning 16 browser extensions that have been compromised by hackers. This alarming news comes hard on the heels of reports earlier this month that cybercriminals are also leveraging search engine giant Google’s new Gemini 2.0 (artificial intelligence) AI assistant. The list of Google’s hacked browser extensions includes: Emojis, Video Effects for YouTube, Audio Enhancer, Blipshot, Color Changer for YouTube, Themes for Chrome, and YouTube Picture in Pictures. Adblocker for Chrome, Adblock for You, Adblock for Chrome, Nimble Capture, KProxy and Page Refresh, Wistia Video Downloader have also been compromised.
Employment Screening Provider Data Breach Affects 3.3M Individuals – February 28th
DISA Global Solutions, Inc., a provider of employment screening services, confirmed a data breach impacting over 3.3 million individuals. The breach, which occurred between February 9 and April 22, 2024, granted an unauthorized third party access to names, Social Security numbers, driver’s license details, financial account information, and other sensitive data. While forensics could not confirm the exact extent of the stolen data, the exposure raises concerns over identity theft risks for affected individuals.