Consider This
Every Vote Counts. On September 4, 2024, the FBI revealed that it took down 32 domains used by a Russian influence network spreading misinformation to the US ahead of the presidential election.
List of Best Phishing Spots. On September 10, 2024, Zscaler issued a report identifying the top phishing domain targets between February and July 2024.
The Cost of BECs is B-I-G. On September 12, 2024,the FBI released its annual report, which indicated that BEC scams have cost people and companies a whopping $55 billion since 2013.
FERC Issues New Guidelines to Power-Up Cybersecurity for Power Systems. On September 23, 2024, FERC announced new guidelines to help thwart malicious actors from interfering with operations of the bulk-power system.
NIST to Change Password Changes for a Change. On September 25, 2024, NIST announced changes to its password requirements. Gone is guidance to: (i) use specific types or characters in passwords; (ii) change passwords periodically; and (iii) use knowledge-based authentication or security questions when selecting passwords.
As the World Turns
Wealthy Nigerians Need Your Help to Get out of Prison. On September 5, 2024, two Nigerians were sentenced to prison for their role in a BEC scheme.
Robbing Peter to Pay Yourself. On September 5, 2024, researchers revealed that certain hackers are selling other hackers a purported tool that steals OnlyFans accounts. However, the tool actually infects the other hackers with malware.
First Blood. On September 9, 2024, an academic researcher developed a new attack method, RAMBO, which allows attackers to exfiltrate encoded files, encryption keys, images, keystrokes, and biometric information from up to 23 feet away.
ALPHV Banking on Banks. A September 10, 2024, report noted that ALPHV was responsible for nearly one quarter of ransomware attacks in 2024 in the financial sector.
Back to Office Mandate for Remote Tools. A September 10, 2024, study found that a prevalence of remote tools makes companies vulnerable to attack.
Maybe We Can Launder the Money? On September 26, 2024, the US announced the indictment of Talon, a Russian cybercriminal whose crypto exchange became one of Russia's most active money laundering networks.
Don't Forget
Give Me Liberty or Give Me Access. On September 26, 2024, Pennsylvania's newly amended data breach notification law came into effect. Among other things, under the new amendments, unauthorized access to personal information constitutes a breach (unauthorized acquisition was required previously).
The content of this article is intended to provide a general guide to the subject matter. Specialist advice should be sought about your specific circumstances.
