Cyber Crime
Cyber Attacks
The crypto industry often hailed as the vanguard of modern financial innovation faced a tumultuous 2024 marred by significant losses due to cyber threats. According to Cyvers' latest Security Fraud and Compliance Report the sector lost over $2.361 billion to cybercriminal activities marking a 40% increase from the $1.69 billion lost in 2023.
Turla, a Russia-linked Advanced Persistent Threat (APT) group with a history spanning nearly three decades. Known for their stealthy and innovative approaches, Turla continues to raise the bar for nation-state cyber operations. Their latest campaign unveiled by Lumen Technologies Black Lotus Labs reveals an extraordinary feat of infiltration: hijacking the command-and-control (C2) infrastructure of Storm-0156 a Pakistan-based hacking group to expand their espionage activities.
Tech
RISC-V, an open-source processor architecture, is transforming computing by offering flexibility, transparency, and cost efficiency. Industry giants like NVIDIA, Google, and Qualcomm are leveraging it for AI, mobile, and embedded systems. With Linux 6.12 introducing vulnerability reporting, RISC-V ensures enhanced security, positioning itself as a powerful alternative to x86 and ARM.
In 2024, SaaS breaches surged, with 31% of organizations impacted, highlighting vulnerabilities in identity management. To address these risks, Okta introduced the IPSIE framework at Oktane 2024. IPSIE aims to standardize identity security, promoting interoperability, lifecycle management, and risk-sharing to reduce fragmentation and enhance protection across SaaS platforms.
With attacks targeting critical infrastructure, supply chains, and even the democratic processes, governments worldwide are under pressure to reinforce their cybersecurity defenses. The United States has been at the forefront of this effort and its National Cybersecurity Strategy—refined over the years and updated in 2024 continues to serve as a key blueprint for national defense against cyber threats. This blog explores how the U.S. is addressing modern cybersecurity challenges and offers insights that developing countries can adopt to bolster their own defenses.
Synthetic identity fraud is a sophisticated form of financial crime that's becoming increasingly prevalent. Unlike traditional identity theft, which involves stealing an individual's entire identity, synthetic identity fraud is about creating a completely fake person using a mix of real and fictitious information. This fake identity is then used to commit fraud, typically by acquiring credit, loans and other financial resources that are never repaid.
In this blog, you'll learn about quishing—a new cyber threat where malicious QR codes trick users into revealing sensitive information or installing malware. We’ll explore how quishing works, QRL Jacking, real-life examples and practical tips to protect yourself. Stay informed and safeguard your digital interactions with these essential insights.
In today's increasingly complex digital landscape, cybersecurity threats are evolving at an alarming rate. The MITRE ATT&CK Framework offers a structured, comprehensive approach to understanding and countering these threats. By cataloging real-world adversary behaviors, this framework helps organizations enhance their defenses, improve threat detection and respond more effectively to cyberattacks, making it an essential tool in modern cybersecurity.
Bloody Wolf targets Kazakh organizations with STRRAT malware sold for $80 on underground markets. Using phishing emails impersonating official entities, the malware gains access, steals data and evades detection by utilizing JAR files and Pastebin for communication. This highlights the growing trend of low-cost, sophisticated cyberattacks.
The future of cyber threat intelligence lies in the synergy between human analysts and machine learning. Rather than a replacement ML serves as a powerful augmentation to human capabilities. This symbiotic relationship leverages the analytical power and speed of ML combined with the creative problem-solving, contextual understanding and ethical judgment of human analysts. Dive deeper into this symbiotic relationship in the full blog for additional insights.
Google's dark web monitoring service, previously exclusive to Google One members, will soon be free for all users with a Google account. This tool scans the dark web for personal information, providing alerts and guidance on protecting and removing compromised data.
In a significant stride towards enhancing national security capabilities, India has recently unveiled its joint doctrine for cyberspace operations under the guidance of Chief of Defence Staff General Anil Chauhan. This doctrine marks a pivotal moment in India's military strategy, emphasizing the critical role of cyberspace in modern warfare and the imperative of integrating cyber capabilities across all domains.
An in-depth analysis of APT36's (Transparent Tribe) latest cyber-espionage campaign targeting India's defense and aerospace sectors. Explore their methods, targets, and the significant impact on national security, with recommendations for robust defensive measures against this persistent threat
Geopolitics
Wide-ranging
Space militarization has long been a goal for global powers, with each seeking dominance beyond Earth's atmosphere. Russia's recent decision to veto the proposal on banning nuclear weapons in space sparks debate. Prompting concerns about the implications for security and stability in space. With solid deterrence and space warfare capabilities, India's presence in the cosmic arena underscores the complexities of the space arms race.