NIST has released its Cybersecurity Framework 2.0 after several years of consideration. The new framework expands its recommendations to cover the concerns of organizations beyond critical infrastructure. NIST issued the first CSF in 2014, in response to a presidential executive order, to assist organizations, particularly critical infrastructure, in managing cybersecurity …
Read More »
Investigators found that two cryptocurrency addresses linked to a company in Myanmar received nearly $100 million in deposits in less than two years. This sheds light on the lucrative business of conducting romance scams and extorting ransom payments from the families of trafficked workers. Chainalysis and a human rights researcher …
Read More »
Microsoft has released a new open automation framework called PyRIT (Python Risk Identification Toolkit). It helps security professionals and machine learning engineers identify and reduce risks in generative models. The need for automation in AI Red Teaming: Red teaming AI systems is complex. Microsoft’s AI Red Team consists of experts …
Read More »
LockBit restarted their ransomware operation on a new infrastructure after law enforcement disrupted their servers. Now, they threat to target the government sector more with their attacks. The gang posted a long message admitting their negligence and sharing their future plans. “Due to my personal negligence and irresponsibility I relaxed …
Read More »
The LockBit ransomware group reactivated a hidden website on the dark web. They posted a long message written by their leader, who vowed not to retreat from the criminal underground world. The LockBit leader says the FBI used a vulnerability in PHP to hack their servers. They didn’t fix it …
Read More »
OWASP released the LLM AI Cybersecurity & Governance Checklist. The 32-page document helps organizations create a strategy for using large language models and reducing associated risks. Sandy Dunn, CISO at Quark IQ, started working on the checklist in August 2023 as a supporting resource to OWASP’s Top 10 Security Issues …
Read More »
LockBit ransomware creators were working on a new version of their file-encrypting malware, called LockBit-NG-Dev, possibly to be known as LockBit 4.0, before law enforcement dismantled their operation this week. Multiple Versions: “Security experts said LockBit previously released various versions of its ransomware:” LockBit version 1.0 was released in January …
Read More »
The U.K. National Crime Agency (NCA) confirmed that it got LockBit’s source code and gathered intelligence about its activities and affiliates as part of Operation Cronos. “Some of the data on LockBit’s systems belonged to victims who had paid a ransom to the threat actors, evidencing that even when a …
Read More »
Every day different cases of cyber fraud come to light. Identifying them is not an easy task at all. So law enforcement is now taking the help of advanced technology. Recently the police launched a chat bot called “Surat Cyber Mitra” to fight cyber fraud. It is known that this …
Read More »
The prolific ransomware gang LockBit has claimed responsibility for hacking one of India’s top brokerage firms, Motilal Oswal. Indian authorities say they are aware and investigating the incident. On Tuesday, LockBit added the Indian brokerage giant Motilal Oswal to its dark web leak site, according to the report published by …
Read More »
InfoSecBulletin Cybersecurity for mankind