Threat group FIN7 has set up a website posing as a security company to recruit talent, according to fraud intelligence company Gemini Advisory. The aim of the scam was to lure security researchers who could help the group with penetration testing-related activities to enable ransomware attacks.

https://www.inforisktoday.co.uk/fin7-sets-up-fake-pentesting-company-site-to-recruit-talent-a-17783

Two Senate leaders on Thursday introduced legislation that would form a working group charged with monitoring the security of AI data obtained by federal contractors. This body would also ensure that the data adequately protects national security and recognizes privacy rights, the lawmakers say.

https://www.inforisktoday.co.uk/new-bill-would-secure-government-contractors-use-ai-a-17786

Researchers at open-source software firm Sonatype have uncovered multiple malicious packages that disguise themselves as legitimate JavaScript libraries on npm registries to launch cryptominers on Windows, macOS and Linux machines.

https://www.inforisktoday.co.uk/malicious-packages-disguised-as-javascript-libraries-found-a-17782

The infamous Carbanak operator is moving is looking to juice its ransomware game by recruiting IT staff to its fake Bastion Secure ‘pen-testing’ company.

https://threatpost.com/fin7-security-pros-ransomware-attacks/175681/

The International Foundation for Protection Officers (IFPO) has released “The Competence of Frontline Security Professionals and What They Say About Their Work,” a research project about security officers’ roles and perceptions of their experiences in the industry.

https://www.securitymagazine.com/articles/96366-access-control-customer-service-among-top-security-guard-responsibilities

A multi-country effort has given ransomware gang REvil a taste of its own medicine by pwning its backups and pushing its leak site and Tor payment site offline.

https://threatpost.com/revil-servers-offline-governments/175675/

U.S. senators urged the Federal Communications Commission (FCC) to address surveillance threats posed by foreign corporations managing U.S. telecommunications providers.

https://www.securitymagazine.com/articles/96351-us-senators-urge-fcc-to-address-surveillance-threats-to-telecom-networks

City leaders in Berkeley, Calif. are turning to security surveillance to help mitigate violent gun crime.

https://www.securitymagazine.com/articles/96353-berkeley-city-leaders-turn-to-surveillance-cameras-for-crime-prevention

Gigabyte Technology, a Taiwanese manufacturer and distributor of computer hardware, has allegedly suffered a massive data breach as a result of a ransomware attack.

https://www.securitymagazine.com/articles/96364-gigabyte-victim-to-ransomware-again

Faraday is a tool that introduces a new concept called IPE, or Integrated Penetration-Test Environment. It is a multiuser penetration test IDE designed for distribution, indexation and analysis of the generated data during the process of a security audit. The main purpose of Faraday is to re-use the available tools in the community to take advantage of them in a multiuser way.

https://packetstormsecurity.com/files/164602/faraday-3.18.0.tar.gz

A new survey from Nexor shows the knowledge gap when it comes to cybersecurity, with 23% of employers not knowing where to begin protecting their businesses from cyber threats or being able to afford adequate protection.

https://www.securitymagazine.com/articles/96363-employers-increase-cybersecurity-budgets-as-workplaces-go-hybrid

The current state of the XDR market is a “chaotic jumble of different features,” according to Forrester analyst Allie Mellon, who has authored a new study to identify the top XDR providers in the industry: The Forrester New Wave: Extended Detection And Response (XDR) Providers, Q4 2021.

https://www.inforisktoday.co.uk/forrester-report-key-questions-to-ask-xdr-vendors-a-17781

The high-severity bug, tracked as CVE-2021-1529, is an OS command-injection flaw.

https://threatpost.com/cisco-sd-wan-bug-code-execution-root/175669/

The outages of the notorious REvil - aka Sodinokibi - ransomware operation have been due to a coordinated law enforcement effort involving the U.S. and foreign partners, aimed at disrupting the group’s attack capabilities, Reuters reports.

https://www.inforisktoday.co.uk/revil-revelations-law-enforcement-behind-disruptions-a-17779

In the latest weekly update, four ISMG editors discuss: a federal judge imposing the maximum sentences on a hacker who pleaded guilty to conspiracy and aggravated identity theft, regulators getting tougher on cryptocurrency lending platforms and the return to in-person roundtables.

https://www.inforisktoday.co.uk/ismg-editors-panel-regulators-get-tough-on-crypto-firms-a-17780

Hey everyone! My name is Niclas Hilgert and today I would like to talk about forensic analysis of micromobility solutions. And in case you’re wondering, what exactly is the micro mobility solution? Something like this: an e-scooter, for example, or … Read more

The post A Forensic Analysis of Micromobility Solutions appeared first on Forensic Focus.

https://www.forensicfocus.com/webinars/a-forensic-analysis-of-micromobility-solutions/

Ed Skoudis, a cybersecurity leader and educator, has been named the new President of the SANS Technology Institute, according to a statement. Ed will lead the institute’s degree programs and Internet Storm Center.

https://www.securitymagazine.com/articles/96360-ed-skoudis-named-president-of-sans-technology-institute

Employees and non-employee contractors continue representing the most critical weak link in the IT chain. Too many employees, and vendors using corporate networks, are still falling for phishing attacks. Enhanced worker training on cyber risks helps, but training coupled with stronger systems offers the best protection against cyber threats.

https://www.securitymagazine.com/articles/96359-strengthening-it-to-help-withstand-cyberattacks

The platform’s Content Delivery Network and core features are being used to send malicious files—including RATs–across its network of 150 million users, putting corporate workplaces at risk.

https://threatpost.com/threat-actors-abuse-discord-to-push-malware/175663/

The Professional Dental Alliance is notifying more than 170,000 individuals in about a dozen states of a phishing breach involving an affiliated vendor that provides nonclinical management services to dental practices owned by PDA. Why is breach notification so complicated?

https://www.inforisktoday.co.uk/dental-alliance-reports-vendor-breach-affecting-170000-a-17775