It’s the romance scam story that plays out like a segment on a true crime show. It starts with a budding relationship formed on an online dating site. It ends with an ominous note and an abandoned car on a riverside boat ramp hundreds of miles away from the victim’s home.  The story that follows offers a look at how far romance scams can go. With that, we warn you that this story comes to…

Security and AI Among the IT leaders taking a cautious approach to AI is Saurabh Gugnani, the global head of cyber defense and application security at Dutch compliance firm TMF Group. “Adopting AI poses several security challenges, such as data privacy, attack vulnerability, and strict regulation compliance. Protecting sensitive data and ensuring the integrity of AI models against cyber threats, such as adversarial attacks, are key concerns for CIOs,” he said. Additionally, traditional security measures…

What’s going on? A wave of cheap, crude, amateurish ransomware has been spotted on the dark web – and although it may not make as many headlines as LockBit, Rhysida, and BlackSuit, it still presents a serious threat to organizations. What’s “junk gun” ransomware? It’s a name coined by Sophos researchers for unsophisticated ransomware that is often sold cheaply as a one-time purchase. “Junk gun” ransomware is appealing to a criminal who wants to operate…

The US government has taken down Samourai Wallet, a cryptocurrency mixing service that executed over $2bn in unlawful transactions and laundered over $100m in criminal proceeds. In an April 24 press release, the US Department of Justice (DoJ) announced that Samourai’s web servers and domain were seized following a law enforcement operation in collaboration with Iceland’s authorities. Additionally, the illegal cryptocurrency service’s Android app has been removed from the Google Play Store in the US….

Navigating Access and Security in the Stolen Credentials Landscape By Tom Caliendo, Cybersecurity Reporter, Co-Founder at Brocket Consulting LLC In the last few years, an unprecedented number of stolen login credentials have been exposed in data breaches. Data Breach Search Engines (DBSEs) are increasingly providing public access to these stolen credentials. While designed to alert users to potential data exposure, these engines may unintentionally contribute to the growing cyber threat landscape by aiding malicious actors…

A state-sponsored threat actor has launched a sophisticated cyber espionage campaign that exploits two vulnerabilities in Cisco firewall platforms, according to an advisory from Cisco Talos. The campaign, dubbed ArcaneDoor, targets perimeter network devices to enable the attacker to undertake a range of actions inside an organization’s systems, including rerouting or modifying traffic and monitoring network communications. Cisco identified a threat actor tracked as UAT4356 by Talos and STORM-1849 by the Microsoft Threat Intelligence Center…