An interesting week that was overshadowed by several conferences. Law enforcement was on a high, with multi-national action being taken against known cybercriminals, resulting in arrests and sanctions against LockBit and the founders of Evil Corp. That action also saw new indictments from the US Department of Justice and the seizure of more LockBit infrastructure. It will inevitably lead to more intelligence and more arrests.
The UK, US and Australia have issued a new round of sanctions against 16 members of Evil Corp. The announcement also revealed new individuals who are now believed to be part of the organisation. Additionally, the US unveiled an indictment against Aleksandr Ryzhenkov, the right-hand man of Maksim Yakubets, the leader of Evil Corp.
ThreatQuotient launched version 6 of its ThreatQ Platform. The company described it as a major upgrade with over 30 new enhancements, innovations and modules. The company says it will enable customers to scale their security operations and collaborate better.
Egress has released its latest Phishing Threat Trends Report (registration required). It shows that phishing attacks were up 28% in the second quarter of 2024 compared to the first quarter. Egress also noted the majority of phishing toolkits, which are sold on the dark web, now mention deepfakes (82%) and AI (74.8%). To increase the chance of success, malicious actors are now sending 44% of phishing emails from compromised accounts.
Europol
Europol and 12 other countries took action against LockBit. The operation resulted in four arrests in the UK, Spain and France, along with the seizure of servers and the takedown of other infrastructure. The US announced new indictments against some of those arrested and sanctions were imposed on some LockBit actors and on Evil Corp members.
FBI
The Justice Department today unsealed an indictment charging Russian national Aleksandr Viktorovich Ryzhenkov with using the BitPaymer ransomware variant to attack numerous victims in Texas and throughout the United States and hold their sensitive data for ransom. He was also made the subject of action to seize his assets.
Deputy Attorney General Lisa Monaco, said, “The Justice Department is using all the tools at its disposal to attack the ransomware threat from every angle.
“Today’s charges against Ryzhenkov detail how he and his conspirators stole the sensitive data of innocent Americans and then demanded ransom. With law enforcement partners here and around the world, we will continue to put victims first and show these criminals that, in the end, they will be the ones paying for their crimes.”
Forescout
Forescout Technologies published its “DRAY:BREAK” research report. It identified 14 previously unknown vulnerabilities in routers manufactured by DrayTek. One with the highest possible severity rating of 10.
Barry Mainz, Forescout CEO, said, “Routers are crucial for keeping internal systems connected to the outside world yet too many organizations overlook their security until they are exploited by attackers.
“Cybercriminals work around the clock to find cracks in routers’ defenses, using them as entry points to steal data or cripple business operations. Forescout’s DrayTek research is just the latest example to show how routers continue to be the riskiest device category across all assets.”
Forescout Technologies has also announced two internal promotions. Justin Foster, Chief Technology Officer (CTO), has expanded his role to oversee the Research and Development organization. Meanwhile, Rob McNutt has been promoted to Chief Strategy Officer (CSO).
Jumpcloud
JumpCloud announced that Antoine Jebara, the company’s co-founder and general manager of MSP business, has been named an Endeavor Entrepreneur through Endeavor Lebanon.
Endeavor is the leading global community of, by, and for high-impact entrepreneurs. It builds thriving entrepreneurial ecosystems in emerging and underserved markets around the world. Endeavor creates a Multiplier Effect by inspiring high-growth founders to dream bigger. They support and invest in them to scale faster, and provide a platform to pay it forward — compounding their individual impact.
NOYB
Meta has lost another case brought by Max Schrems in the European Court of Justice (CJEU). It has been ordered to minimise its use of personal data for advertising. It must also stop using historical data for advertising.
In today’s ruling in C-446/21 (Schrems v. Meta), the Court of Justice of the European Union (CJEU) has fully backed a lawsuit brought against Meta, over its Facebook service. The Court decided on two questions: First, massively limiting the use of personal data for online advertisements. Secondly, limiting the use of publicly available personal data to the originally intended purposes for publication.
US Department of Justice
The Justice Department has announced a new Strategic Approach to Countering Cybercrime that is part of the division’s plan to combat cybercrime and other offences enabled by emerging technology like AI.
The announcement was made by Principal Deputy Assistant Attorney General Nicole M. Argentieri, head of the Criminal Division, at the Artificial Intelligence in the Department of Justice Symposium in Washington, D.C.
The Justice Department unsealed a warrant authorizing the seizure of 41 internet domains. Russian intelligence agents and their proxies were using the domains to commit computer fraud and abuse in the United States.
Deputy Attorney General Lisa Monaco, said, “Today’s seizure of 41 internet domains reflects the Justice Department’s cyber strategy in action – using all tools to disrupt and deter malicious, state-sponsored cyber actors.
“The Russian government ran this scheme to steal Americans’ sensitive information, using seemingly legitimate email accounts to trick victims into revealing account credentials. With the continued support of our private sector partners, we will be relentless in exposing Russian actors and cybercriminals and depriving them of the tools of their illicit trade.”
Xalient
Xalient has announced a partnership with SailPoint. The partnership combines Xalient’s managed services experience with SailPoint’s unified identity security solutions. The partnership delivers a highly sophisticated, robust, scalable offering comprising a full suite of zero-trust services.
Mike Shishman, VP for Partners and Alliances, at Xalient, said, “We are excited to partner with SailPoint to enhance our managed services capability. Identity security is paramount in today’s ever-changing digital environment, and SailPoint’s solutions provide the robust framework needed to protect sensitive data and mitigate cyber threats.
“Combined with our managed services offering, we can deliver unparalleled value to our clients and help them achieve their security objectives.”