The FBI has hacked the Hive ransomware group's operations after infiltrating it for six months. The agency says it prevented the theft of $130M. More: - The FBI stated it was conducting an undercover operation since July 2022, when it gained access to Hive ransomware's control panel.
- Since then, the agency has contacted victims that have been breached by the hacker group and given keys to decrypt malware.
- The agency estimates that around $130M would have been stolen through ransomware if it weren't for this operation.
- The FBI gained access to two dedicated servers, one virtual private server, records of Hive communications, malware file hash values, and information on Hive's 250 affiliates.
| |
New security reports claim that hackers are posting job ads that promise salaries of as much as $20,000 per month as hacking campaigns intensify globally. Over 200,000 jobs on the dark web were analyzed in this report. More: - The job postings were published on 150 websites between 2020 and 2022.
- Security researchers found that the ads are posting job ads for a number of positions, such as:
- Software engineer,
- Data analyst,
- Attack specialist,
- Designer,
- Reverse engineer, etc.
- Most of these job openings were posted during Q1 2020, coinciding with the COVID-19 lockdown and the economic challenges that the lockdowns created for citizens in the U.S. and worldwide.
| |
 A message from LACEWORK Discover cloud insights and harden your security posture In the latest installment of the Cloud Threat Report series, Lacework Labs covers the significant increase in efficiencies used by cybercriminals. Get insights into these trends that cover how: - Attackers are automating key discovery and exploits, taking advantage of momentary mistakes
- Simple mistakes turn into misconfigurations that attackers use to compromise your cloud identity infrastructure
- Vulnerabilities continue to stick around for months (sometimes even years) and attackers quickly exploit any new vulnerabilities
- Cryptojacking continues to be a staple in cybercriminal tool belts
Discover detailed intelligence about ongoing infrastructure compromise activities and best practices for hardening your cloud security posture. Read the Lacework Labs Cloud Threat Report, Vol. 4 today. get the report
| |
A New York woman has been sentenced to 45 months in prison for stealing $9.2M through a PPP loan scam. The 34-year-old will also have to pay over $1.6M in restitution. More: - The woman recruited many individuals to apply for PPP loans in exchange for kickbacks from their PPP loan proceeds.
- In total, 30 people have been charged and convicted in this scheme by U.S. Attorneys in the Southern District of Florida, the Northern District of Ohio, and the Middle District of North Carolina.
- In addition to her prison time, the New York native will spend three years under the court's supervision after her release.
- While participating in this scheme, the woman was on pretrial release for a separate federal fraud-related case in the District of New Jersey.
| |
JD Sports says hackers stole the data of 10 million customers in a breach that happened between 2018 and 2020. Hackers stole names, email addresses, credit card information, etc. More: - The company has contacted the affected victims, directing them to change their passwords and to look for unauthorized credit card transactions.
- Even though the breach happened a few years ago, the company has only now tracked the full impact of this hacking campaign
- The full list of stolen information includes:
- Full names,
- delivery and billing addresses,
- email addresses,
- phone numbers,
- final four digits of the payment card.
- JD Sports has not stated whether it has information on which threat actor is responsible for this breach.
| |
 A message from 360LEARNING Discover the learning platform that’s transforming L&D at 1,700+ companies. What’s keeping execs up at night? Building and maintaining a skilled workforce in an economic downturn. The pressure is on to create robust employee training programs that close critical skill gaps. Enter 360Learning: the comprehensive learning platform designed to help your company upskill from within. By combining automation, AI, and a built-in collaborative authoring tool, 360Learning makes it easy for L&D leaders to partner with internal SMEs on course creation, leading to faster development and increased credibility. From reduced training costs to enhanced efficiency, 360Learning customers have seen results like these: - 65% reduction in annual training costs
- 40 new hires onboarded per month with just 1 L&D manager
- 400 internal subject-matter experts contributing to courses
Discover the learning platform for business impact. Book Your Demo
| |
Blaze.tech has raised a $3.5M Pre-Seed funding round to offer no-code tools that focus on cybersecurity. Flybridge Capital and MaC Venture Capital were the lead investors. More: - Blaze.tech offers a no-code platform that allows non-technical people to create apps independently. Its core technology is based on Chat GPT3, the famous Artificial Intelligence chatbot created by Open AI.
- The company aims to differentiate itself by focusing on security features that guarantee users a higher degree of reliability.
- This funding round will be used to grow the company's user base and expand its Artificial Intelligence capabilities.
- The company's clients include names such as:
- Triller,
- Cart.com,
- Branch,
- Kwell Labs,
- Mixhalo, etc.
| |
Quick Hits - This year, try a resolution that sticks — going to therapy with BetterHelp. Save 25% off your first month.*
- Hackers are advertising a new Golang-based malware named Titan Stealer. The malware can steal data from Windows devices, steal information from crypto wallets, take screenshots, etc.
- Russian hackers are targeting Ukrainian organizations with SwiftSlicer. The latter is believed to be used by Sandworm, a threat actor with ties to the Russian army.
- Security researchers claim that they have found the identity of the administrator behind the Golden Chickens malware.
- Microsoft has released a new security announcement that urges its customers to update their Exchange Servers as a security precaution.
- Automation is your finance team's best productivity strategy. See five finance tasks you should be automating today.*
*This is sponsored content.
| |
Upcoming events at Inside:
| |
 |  | Arbër is an Inside writer who also has experience in entrepreneurship. He has experience covering Consumer Tech, Venture Capital, NFTs, Crypto, etc. Arbër holds a Bachelor's degree in Business from XAMK University in Finland. When he is not reading(and writing) business news, he chooses to watch sports or anime...and then read news about sports or anime. |   | | Editor | Aaron Crutchfield is based in the high desert of California. Over the last two decades, he has spent time writing and editing at various local newspapers and defense contractors in California. When he's not working, he can often be found looking at the latest memes with his kids or working on his 1962 and 1972 Fords. | |
| |
360Learning is the LMS for collaborative learning that enables companies to upskill from within. | |
