Cyber Security
-
A Brief Understanding of Health Privacy and Privacy Torts – From an IT Perspective
By Jorge Castaneda Over the last several years, I’ve made it a point to get more educated and experienced with data privacy. I’ve read several books along the way, watched…
-
Why Multi-Factor Authentication is Essential for Online Security
By Jorge Castaneda We are online almost every day if not every day! Yet, a lot of people don’t take online security very seriously. Online security is more important than…
-
Massive Data Leak: 760,000 Employee Records Exposed
A hacker known as ‘Nam3l3ss’ has leaked over 760,000 employee records from major organizations, including Bank of America, Koch, Nokia, JLL, Xerox, Morgan Stanley, and Bridgewater. The compromised data encompasses…
-
Deloitte Breach: Brain Cipher’s Claims and Implications
In September 2024, the threat actor known as Brain Cipher claimed responsibility for leaking internal communications from Deloitte, a leading global auditing firm. The breach reportedly occurred when an Apache…
-
Docker Remote API servers Exploited
Cybercriminals are exploiting misconfigured Docker Remote API servers to deploy the Gafgyt malware, enabling them to launch Distributed Denial-of-Service (DDoS) attacks. Originally targeting Internet of Things (IoT) devices, Gafgyt has…
-
Costa Rica’s State-Owned Energy Company Hit With Ransomware
Costa Rica’s state-owned energy company, RECOPE, experienced a ransomware attack on November 27, 2024, forcing a shift to manual operations for fuel distribution. The incident disrupted digital payment systems, prompting…
-
Storm-1811: Hacking RMM Tools To Spread Ransomware
The cybercriminal group Storm-1811 has been exploiting remote monitoring and management (RMM) tools, such as Microsoft’s Quick Assist, to deploy Black Basta ransomware. They initiate attacks by flooding victims’ inboxes…
-
Horns&Hooves: Campaign Targets Users and Retailers with RATs via Fake Emails
The “Horns&Hooves” campaign, active since March 2023, has targeted over 1,000 victims—primarily private users, retailers, and service businesses in Russia—by distributing remote access trojans (RATs) like NetSupport RAT and BurnsRAT.…
-
SpyLoan: 8 Million Android Users Targeted by Malicious Apps
Over 8 million Android users have been affected by malicious loan applications, collectively termed “SpyLoan,” available on the Google Play Store. These 15 apps, identified by McAfee Labs, deceptively promise…
-
Rockstar 2FA: A New Phishing-as-a-Service Threat Targeting Microsoft 365 Accounts
A new phishing-as-a-service (PhaaS) platform named ‘Rockstar 2FA’ has emerged, enabling large-scale adversary-in-the-middle (AiTM) attacks to steal Microsoft 365 credentials. This service allows attackers to bypass multifactor authentication (MFA) by…
CyberCasta 