- Home
- Cybercrime and Ransomware
- Emerging Tech
- Threat Intelligence
- Expert Insights
- Careers and Learning
- Compliance
Subscribe to Updates
Subscribe to our newsletter and never miss our latest news
Subscribe my Newsletter for New Posts & tips Let's stay updated!
Author: Staff Writer
John Marcelli is a staff writer for the CISO Brief, with a passion for exploring and writing about the ever-evolving world of technology. From emerging trends to in-depth reviews of the latest gadgets, John stays at the forefront of innovation, delivering engaging content that informs and inspires readers. When he's not writing, he enjoys experimenting with new tech tools and diving into the digital landscape.
Quick Takeaways Telus Digital suffered a significant cyberattack by ShinyHunters, who reportedly stole over one petabyte of data through long-term, trusted access, highlighting a shift toward insider-like, stealthy breaches rather than perimeter failures. The attack involved sophisticated tactics like lateral movement, slow data staging, and encrypted exfiltration, exploiting existing trusted pathways, and emphasizing the need to treat identity as the new security perimeter. Experts recommend organizations implement multi-factor authentication (MFA), data-centric monitoring, environment segmentation, and behavioral analytics to prevent and detect such trust-based, long-term data thefts. The incident underscores a crucial strategic lesson: organizations should prepare for data theft instead…
Top Highlights Andersen Consulting partners with A3Sec to enhance its cybersecurity and accelerate digital transformation initiatives globally. A3Sec, with over 14 years of experience and a 24/7 Security and Digital Surveillance Center, provides advanced threat detection and response services worldwide. The collaboration combines Andersen’s strategic advisory with A3Sec’s technology-driven cybersecurity services to strengthen client defenses against evolving cyber threats. This partnership exemplifies a growing industry trend of collaboration between consulting firms and specialized security providers to maintain secure, resilient digital operations. A Strategic Partnership Enhances Cybersecurity Efforts Recently, Andersen Consulting announced a partnership with A3Sec, a company specializing in data-driven…
Essential Insights Pro-Iranian hackers are escalating cyberattacks targeting Middle Eastern infrastructure and beginning to threaten U.S. sites, including defense contractors and critical infrastructure. These hackers aim to weaken U.S. military and energy operations by conducting disruptive attacks such as DDoS, data destruction, and intelligence gathering, often focusing on vulnerable, undersecured targets. Iran’s cyber capabilities have grown significantly, with activity like infiltrating U.S. political campaigns, spreading disinformation, and monitoring regional targets to enhance missile targeting. Cyber threats from Iran are dangerous but less sophisticated, emphasizing the importance of updated security measures, while potential collaboration with Russia or China could amplify attacks…
Cyber threats, especially ransomware, BEC, and data breaches, are rapidly intensifying, prompting organizations to adopt cyber insurance as a key risk transfer strategy, with 90% coverage including ransom payments. Modern cyber insurance policies now cover a wide range of incident response, legal, and recovery costs, but increasingly exclude risks from poor security practices, pre-existing vulnerabilities, or insider attacks. Insurers are tightening requirements, favoring organizations with mature security controls like multi-factor authentication, privileged access management, and proactive monitoring, which lower premiums and improve coverage. Effective preparation—including working with experienced brokers, demonstrating strong security posture, and reducing human error—are essential for securing…
Quick Takeaways Iranian intelligence agencies, especially MOIS, increasingly leverage cybercriminal underground networks and tools, such as ransomware and infostealer services, to conceal and bolster their cyber operations. Iran’s cyber activities often blur the lines between state-sponsored attacks and organized cybercrime, collaborating with and even relying on criminal groups for resources and infrastructure. This integration complicates attribution and enhances Iran’s operational flexibility, making it easier to carry out destructive activities while obscuring state involvement. Economic and strategic pressures, especially during wartime, drive Iran to buy cyber capabilities like access and malware from underground markets, increasing reliance on cybercriminal services for rapid…
Top Highlights A cyberattack on Stryker, potentially by the pro-Iranian Handala group, resulted in thousands of devices being remotely wiped, likely through a compromised Microsoft Intune management system. The attack, linked to political retaliation by Handala, claimed to have wiped over 200,000 systems and extracted 50 terabytes of data, signaling a significant escalation in nation-state cyber hostility. The breach exploited a critical flaw in Stryker’s use of Entra for authentication, possibly via credential theft or spear-phishing, highlighting severe security vulnerabilities. Security experts warn this incident underscores the increased threat level, emphasizing that Iranian nation-state actors are targeting US companies and…
Essential Insights Authorities from multiple countries dismantled SocksEscort, a large residential proxy network used for fraud, which had access to about 369,000 IP addresses since 2020. The operation, called Operation Lightning, seized 34 domains and 23 servers across seven nations, freezing $3.5 million in cryptocurrency linked to the botnet. SocksEscort exploited vulnerabilities in residential modems to infect over 8,000 routers, primarily in the U.S. and U.K., and claimed around 20,000 victims weekly, peaking at over 15,000 daily in January 2025. The cybercriminal network facilitated illegal activities by providing anonymity for cyberattacks, with law enforcement gaining potential intelligence to target other…
Fast Facts Cybersecurity often fails not due to lack of tools but because it functions as an open-loop system, lacking continuous enforcement and control. Key frameworks like Zero Trust and C2C often reach a standstill, as they lack authoritative mechanisms to verify and maintain system integrity consistently. The core issue is the absence of ongoing verification and enforcement of system integrity as a prerequisite for access. Effective cybersecurity requires integrating integrity-driven, continuous verification mechanisms, as exemplified by Zscaler and CimTrak’s approach to Zero Trust. The Issue The story highlights a fundamental flaw in cybersecurity practices. It reveals that breaches often…
Top Highlights Chinese hackers linked to Salt Typhoon compromised U.S. telecoms two years ago, risking widespread phone data exposure affecting nearly all Americans. Public apathy and limited awareness about telecom breaches hinder policymakers’ efforts to enforce stronger cybersecurity regulations. Many Americans view data theft as insignificant compared to tangible threats like attacks on water or power infrastructure, contributing to complacency. Experts warn that the lack of public outrage dampens momentum for comprehensive telecom security reforms, risking ongoing espionage and vulnerability. Underlying Problem Two years ago, Chinese hackers known as Salt Typhoon compromised at least ten U.S. telecommunications companies, gaining extensive…
Summary Points A 41-year-old South Florida man, Angelo John Martino III, is accused of orchestrating at least 10 ransomware attacks, extorting approximately $75.25 million while serving as a ransomware negotiator for DigitalMint. Martino allegedly used his position to negotiate on behalf of victims while secretly collaborating with cybercriminals, notably gaining access to ALPHV/BlackCat, and providing confidential negotiation information to maximize ransom payments. He was charged with conspiracy to interfere with commerce by extortion, with authorities seizing over $12 million in cryptocurrency, luxury vehicles, and properties in Florida, and he faces up to 20 years in prison. DigitalMint stated they terminated…