New episode of DISCARDED where I chat with @bingohotdog about how she catches phish. 🎣

We dive into how to write detections, what to hunt for when finding phish kits, and some of her recent research on phishing scams. Tune in wherever you get your podcasts!

Apple: https://podcasts.apple.com/us/podcast/discarded-tales-from-the-threat-research-trenches/id1612506550?i=1000677061400

Spotify: https://open.spotify.com/episode/0NpdI41xywdaxgwlGQXew3?si=30jQ45GnQeO0pVOGZ9rrew

Web: https://www.spreaker.com/episode/scams-smishing-and-safety-nets-how-emerging-threats-catches-phish--62744117

Alleged Boss of "Scattered Spider" Hacking Group Arrested in Spain

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider, a cybercrime group suspected of hacking into Twilio, LastPass, DoorDash, Mailchimp, and nearly 130 other organizations over the past two years.

https://krebsonsecurity.com/2024/06/alleged-boss-of-scattered-spider-hacking-group-arrested/

#scatteredspider #0ktapus #tylerb #sosa

Say you, say me. Can it say together? The Natto Team is afraid to say probably not. Cyber attribution is complicated. It looks as if we have more questions than answers after all.

https://nattothoughts.substack.com/p/who-is-volt-typhoon-a-state-sponsored

Just published the second-longest blog post in my 14 year career as an independent reporter.

This story is the result of a ridiculous amount of research. I hope you like it, because I learned tons reporting this, and there needs to be a broader conversation about some of the issues raised by this research. The lede:

Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. An investigation into Stark Industries reveals it is being used as a global proxy network that conceals the true source of cyberattacks and disinformation campaigns against enemies of Russia.

https://krebsonsecurity.com/2024/05/stark-industries-solutions-an-iron-hammer-in-the-cloud/

We have compiled our Cyber Brief for the month of April 2024, with a summary of the main IT security developments, reported by open sources. It is available at https://cert.europa.eu/publications/threat-intelligence/cb24-05/.

🔖 Policy: EC encourages MS to adopt a unified approach to cryptography-safe digital infrastructure. 🇺🇸 🇯🇵 announce partnerships in AI research. 🇺🇸 published an advisory on securing election infrastructure against FIMI and charged 🇮🇷 nationals for involvement in cyber intrusions.

🕵️‍♀️ Cyberespionage: reporting of activity by allegedly 🇷🇺 🇨🇳 🇰🇵 threat actors. Additionally, Apple alerted iPhone users about potential targeting of a spyware by PSOAs.

💶 Cybercrime: top ransomware in 🇪🇺: Lockbit3, Blackbasta, Akira, Bianlian, and Hunter.
💥 Disruption: 🇫🇷 a hospital experienced a cyberattack, disrupting operations. Reportedly 🇷🇺 Sandworm and Muddling Meerkat have targeted 🇫🇷 energy infrastructure and manipulated 🇨🇳 Great Firewall's DNS responses, respectively. 🇨🇿 accused 🇷🇺 of attempting to sabotage European railways.

ℹ️ InfoOps: Reportedly 🇷🇺 🇨🇳 disinformation campaigns are heavily targeting 🇪🇺 and 🇺🇸 elections, 🇷🇺 through social media and fake websites, 🇨🇳 attempts to influence 🇺🇸 elections through covert accounts posing as Trump supporters. AI chatbots have inadvertently contributed to misinformation about the 🇪🇺 elections.