Cybersecurity Articles
-
CIS Controls
It’s been over a month since I last posted on my blog. I was busy finishing up my Master’s Degree, and time just flew by! My goal is to write…
-
Consequences of Poor Data Privacy
Data privacy is not just a technical concern, it’s a cornerstone of trust between individuals and organizations. However, when data privacy is poorly managed, the consequences can be devastating. Here…
-
A Brief Understanding of Health Privacy and Privacy Torts – From an IT Perspective
By Jorge Castaneda Over the last several years, I’ve made it a point to get more educated and experienced with data privacy. I’ve read several books along the way, watched…
-
Why Multi-Factor Authentication is Essential for Online Security
By Jorge Castaneda We are online almost every day if not every day! Yet, a lot of people don’t take online security very seriously. Online security is more important than…
-
Massive Data Leak: 760,000 Employee Records Exposed
A hacker known as ‘Nam3l3ss’ has leaked over 760,000 employee records from major organizations, including Bank of America, Koch, Nokia, JLL, Xerox, Morgan Stanley, and Bridgewater. The compromised data encompasses…
-
Deloitte Breach: Brain Cipher’s Claims and Implications
In September 2024, the threat actor known as Brain Cipher claimed responsibility for leaking internal communications from Deloitte, a leading global auditing firm. The breach reportedly occurred when an Apache…
-
Docker Remote API servers Exploited
Cybercriminals are exploiting misconfigured Docker Remote API servers to deploy the Gafgyt malware, enabling them to launch Distributed Denial-of-Service (DDoS) attacks. Originally targeting Internet of Things (IoT) devices, Gafgyt has…
-
Costa Rica’s State-Owned Energy Company Hit With Ransomware
Costa Rica’s state-owned energy company, RECOPE, experienced a ransomware attack on November 27, 2024, forcing a shift to manual operations for fuel distribution. The incident disrupted digital payment systems, prompting…
-
Storm-1811: Hacking RMM Tools To Spread Ransomware
The cybercriminal group Storm-1811 has been exploiting remote monitoring and management (RMM) tools, such as Microsoft’s Quick Assist, to deploy Black Basta ransomware. They initiate attacks by flooding victims’ inboxes…
-
Horns&Hooves: Campaign Targets Users and Retailers with RATs via Fake Emails
The “Horns&Hooves” campaign, active since March 2023, has targeted over 1,000 victims—primarily private users, retailers, and service businesses in Russia—by distributing remote access trojans (RATs) like NetSupport RAT and BurnsRAT.…
CyberCasta 