For the 5th time, the who's who of investigative authorities will meet to discuss developments in the field of cybercrime. This time as guests of Deutsche Telekom in Bonn - today and tomorrow. #cybersecurity #bka #criticalinfrastructure #police #telekom

@gborn
Bitte lieber schreiben: "als angebliche Opfer gelistet." Danke.

Sports fans still like to use their favorite club as their password. The top 30 list of stolen passwords (Germany) that are most frequently found online in 2024 clearly shows this. A soccer club is already in second place. Only "Password1" can be found more often - as bad as that is. #password #phishing #darkweb #cybersecurity #idtheft #soccer

https://www.telekom.com/en/media/media-information/archive/insecure-soccer-passwords-1064492

Radical transparency may be a trend in many industries - I don't like the way TransparentTribe seem to be approaching it from Pakistan. They trick targeted users into revealing credentials or downloading malware onto their systems. Cyble has presented APT 36 in a comprehensive profile. #infosec #malware #phishing #cybersecurity #apt

https://cyble.com/blog/threat-actor-profile-transparenttribe/

When it comes to cybercrime, Russians and Ukrainians could almost be brothers in arms - at least that's how you could interpret the latest Europol report. They analyzed 821 criminal networks, and nine of the most threatening networks specialize in cyberattacks as their main activity. If you look at the details, Russians and Ukrainians are the most strongly represented nationalities there. #cybersecurity #ransomware #truecrime #europol #infosec

https://www.europol.europa.eu/media-press/newsroom/news/europol-report-identifies-most-threatening-criminal-networks-in-eu

It doesn't seem to be that easy to have a suspected fake shop closed down. Want an example?

https://akrylfrancecc.com/ supposedly sells motorhomes.

If you move the mouse pointer over the page, you will quickly notice that behind the social media logos there are only the home pages of the respective services. But personal contact is also likely to be difficult. A business address in Germany, but a telephone number in France? Currently, only the city is listed. A few weeks ago, the site admin had also added the street address. Anyone who knows the area will know that there is a garage there. With motorhome rental and its own small website. Akrylfrancecc takes advantage of this fact - but there is no actual link between the French online service and the German garage. The German owner of the workshop has filed a complaint with the police. The reaction of akrylfrancecc.com? They left the location unchanged, but removed the address of the garage. Cheeky, but the site is still online. #fakeshop #idtheft #cybercrime @Europol

https://akrylfrancecc.com/

@kenji
Wahrscheinlich ist einfach der Satz falsch formuliert und müsste eigentlich heißen: "46 Prozent der Befragten wären mit ihren Unternehmen ein leichtes Opfer für die vielen Facetten von Cyberkriminalität."

The German Bundestag has voted in favor of implementing the Digital Services Act, thereby implementing the EU's requirements. The Act regulates fines and penalties for infringements, which can amount to up to 6 percent of annual revenue for internet platform operators. The EU Commission is already responsible for monitoring online giants such as Google. In Germany, this is now to be the Federal Network Agency for smaller providers. #eu #bundestag #dsa #bundesnetzagentur #hatespeech #dataprotection

https://www.bundestag.de/dokumente/textarchiv/2024/kw03-de-digitale-dienste-986292

From good cop, bad cop to good bot, bad bot. Spiderlabs compared the two best-known malicious LLMs and their evolutionary stages. The conclusion on WormGPT and FraudGPT - "The product may still be far from perfect, but one way or another, this is a clear sign that generative artificial intelligence can become a weapon in the hands of cybercriminals." #ai #tech #fraudgpt #wormgpt #cybersec #darknet

https://www.trustwave.com/en-us/resources/blogs/spiderlabs-blog/wormgpt-and-fraudgpt-the-rise-of-malicious-llms/

Lawsuits can be very revealing, like this one. It shows what data material is used in AI training. The fact that companies use "collected knowledge" and, for example, the well-crafted texts in a library as a basis for earning money is one of the facets of AI. The courts clarify the question of whether the authors whose texts contribute to business success must be involved in this. But what does this mean in principle for texts and graphics that are created as a product when working with an AI? Does it make a difference whether an author or graphic designer watches films and reads books - all of which are protected by various rights - takes inspiration from them and uses this inspiration to create a piece of commissioned work - or whether an AI does the same? #ai #copyright #tech #lawsuit #NVIDIA #california

https://torrentfreak.com/images/nvidia-lawsuit.pdf

What does a European Data Protection Supervisor actually do? I wouldn't have thought straight away, for example, that he checks whether the European Commission has installed and uses Microsoft 365 in an appropriate way. But he did and has now stated in a press release that there is a problem right there. #privacy #dataprotection #microsoft #eu

https://www.edps.europa.eu/system/files/2024-03/EDPS-2024-05-European-Commission_s-use-of-M365-infringes-data-protection-rules-for-EU-institutions-and-bodies_EN.pdf

ENISA is responding to the rapid developments in the field of artificial intelligence (AI), including deep fakes. The new version of the security compendium is intended to help better protect the upcoming elections in many European countries against cybersecurity risks. #enisa #cybersecurity #ai #tech #deepfakes

https://www.enisa.europa.eu/news/safeguarding-eu-elections-amidst-cybersecurity-challenges

I don't think anyone wants smart cities to become insecure cities. But when everything is connected, it takes a lot of discipline and oversight to ensure that the attack surface does not become unnecessarily larger #tech #iot #internetofthings #smartcity #smartcities

https://www.ncsc.gov.uk/blog-post/new-connected-places-infographic-published

How do attackers operate in #cloud environments? Palo Alto's Unit 42 explains lateral movement techniques and their differences compared to similar techniques in on-premises environments
#tech #cybersecurity #incidentresponse

https://unit42.paloaltonetworks.com/cloud-lateral-movement-techniques/

faster and faster... After the #Emotet takedown, it took around six months for the threat actors to be back on stage with a new infrastructure - #LockBit did it in just a few days.
#tech #truecrime #cybersecurity #threatactors #ransomware

https://thehackernews.com/2024/02/lockbit-ransomware-group-resurfaces.html

The times when we assumed that threat actors were standing outside the guarded castle wall looking for ways into our inner sanctum are over. #supplychainattacks have become commonplace and vulnerabilities to popular security solutions are being published with alarming frequency. Many have already risen to these new challenges and changed their habits. Many, but not all. Unfortunately, the marketing departments of the companies that manufacture and sell these security solutions have not yet realized that their habits are part of the problem. US vendors in particular, why is that?
If I advise a customer and then sell them a security solution, why do I next paint a blueprint of their security architecture and send it out as a press release? Please stop this. Almost every week I am asked by a supplier if we can appear as a reference on their website. I really wonder if they want to put that right next to the ten latest CVEs that have been published for their product families. This really needs to stop, fast. #tech #cybersecurity #databreach #threats #techindustry #0day @briankrebs

That's why it can be worth taking a look at the top 3 in the "Top New Free" category in the #GooglePlay store from time to time. The threat actors behind the #bankingtrojan #Anatsa intensively promote dropper applications during their campaign waves. You'll find them high up in the rankings. The actors have increased their reach and now include Slovakia, Slovenia, and Czech Republic in their campaigns, according to a recent report. #malware #android #cybersecurity

https://www.threatfabric.com/blogs/anatsa-trojan-returns-targeting-europe-and-expanding-its-reach

Suppose an employee with admin rights leaves a company. When should his account be deactivated?

A) with a solemn ceremony on the last day of work
B) immediately
c) better now than later

#CyberThreats #cybersecurity #IncidentResponse #Malware #Phishing #Ransomware

https://www.cisa.gov/news-events/alerts/2024/02/15/cisa-and-ms-isac-release-advisory-compromised-account-used-access-state-government-organization

And we thought the graphic filters on #socialmedia and their negative influence on the ideal image of users were bad enough. The distribution of #doping substances via social media #ads seems to be at least as big a problem, with over 12 million pills confiscated and more than 90 websites shut down in the course of Operation Shield IV. #europol #truecrime #cybercrime #darknet

https://www.europol.europa.eu/media-press/newsroom/news/fake-medicines-worth-eur-64-million-eu-markets

#globalization effects - This term is so easy to say. However, in the context of law enforcement in #cybercrime cases, this term describes dimensions that are difficult to imagine. You want to arrest two suspects (in Malta and Nigeria) and take a handful of websites offline? All you need is the #FBI, #Europol and law enforcement agencies in Australia, Canada, Croatia, Finland, Germany, Malta, the Netherlands, Nigeria, Romania and the United States
#malware #RAT #cybersecurity #truecrime

https://www.europol.europa.eu/media-press/newsroom/news/international-cybercrime-malware-service-targeting-thousands-of-unsuspecting-consumers-dismantled