West African Crime Syndicate Taken Down by Interpol Operation

Law enforcement managed to arrest numerous members of Black Axe, a notorious group engaged in a wide variety of criminal activity. [TechWeb]( Follow Dark Reading: [RSS]( July 18, 2024 LATEST SECURITY NEWS & COMMENTARY [West African Crime Syndicate Taken Down by Interpol Operation]( Law enforcement managed to arrest numerous members of Black Axe, a notorious group engaged in a wide variety of criminal activity. [Iranian Cyber Threat Group Drops New Backdoor, 'BugSleep']( The group — which has targeted Israel, Saudi Arabia, and other nations — often uses spear phishing and legitimate remote management tools but is developing a brand-new homegrown toolset. [Threat Actors Ramp Up Use of Encoded URLs to Bypass Secure Email]( The tactic is not new, but there has been a steady increase in its use as of this spring. [Orgs Are Finally Making Moves to Mitigate GenAI Risks]( With AI use ramping up rapidly, a growing number of enterprise security teams have begun putting controls in place to protect sensitive data from accidental exposure and leaks. ['BadPack' APK Files Make Android Malware Hard to Detect]( Manipulated header info within files, in mobile Trojans like TeaBot and others, makes it difficult for defenders to analyze and detect them. [DPRK Hackers Tweak Malware to Lure MacOS Users into Video Calls]( North Korean espionage campaign delivers updated BeaverTail info stealer by spoofing legitimate video calling service, researcher finds. [Snowflake Account Attacks Driven by Exposed Legitimate Credentials]( Credential management gets a boost with the latest infostealers' extortion campaign built on info stolen from cloud storage systems. [MORE NEWS /]( [MORE COMMENTARY]( HOT TOPICS [Void Banshee APT Exploits Microsoft Zero-Day in Spear-Phishing Attacks]( The threat group used CVE-2024-38112 and a "zombie" version of IE to spread Atlantida Stealer through purported PDF versions of reference books. [Cloud Security, PowerShell Expertise Emerge as Key SOC Analyst Skills]( SOC analysts should also cultivate skills like incident handling and response, threat hunting, digital forensics, Python, and bash scripting. [Name That Toon: Near Miss]( Feeling creative? Submit your caption and our panel of experts will reward the winner with a $25 Amazon gift card. [MORE]( PRODUCTS & RELEASES [Top 5 Mistakes Businesses Make When Implementing Zero Trust]( [Tumeryk Inc. Launches With Free Gen AI LLM Vulnerability Scanner]( [MxD Research Reveals Major Disconnect Between Perceived and Actual Cybersecurity Capabilities in US Manufacturing]( [Aura Partners With Mosaic Compliance Services to Launch a Program to Protect Auto Dealers and Buyers From Cybercrime]( [QBE Insurance Launches Global Cyber Coverage With QCyberProtect]( [MORE PRODUCTS & RELEASES]( EDITORS' CHOICE [Security End-Run: 'AuKill' Shuts Down Windows-Reliant EDR Processes]( Russian threat actor FIN17 has shifted gears multiple times in recent years, focusing now on helping ransomware groups be even more covertly effective. LATEST FROM THE EDGE [Training at Black Hat to Focus on Equipping Cybersecurity Leaders With Soft Skills]( A two-day presentation will examine the social-behavioral aspects of cybersecurity leadership to drive team success. LATEST FROM DR TECHNOLOGY [AI Consortium Plans Toolkit to Rate AI Model Safety]( An AI consortium consisting of top tech companies will release a toolkit later this year for measuring the safety of generative AI models. LATEST FROM DR GLOBAL [IDF Has Rebuffed 3B Cyberattacks Since Oct. 7, Colonel Claims]( Israel's military computer systems have been under constant barrage in recent months. WEBINARS - [Enhance Cloud Security with Cloud-Native Security]( In this webinar, learn how your current cloud security measures may be falling short as you shift to cloud-native, and what new tools and processes you will need to put in place to stay ahead of attackers. - [Tales of a Modern Data Breach: The Rise of Mobile Attacks]( Modern breaches now happen in minutes, not months. Threat actors are exploiting the fact that mobile devices are more susceptible to social engineering, enabling them to gain direct access to cloud infrastructure with legitimate credentials and swiftly compromise data. Recent ... [View More Dark Reading Webinars >>]( WHITE PAPERS - [2023 OT Cybersecurity Year in Review]( - [5 Critical Controls for World-Class OT Cybersecurity]( - [Tracking the Untrackable: Taking a Proactive Approach to Emerging Risks]( - [The Future of Audit, Risk, and Compliance: Exploring AI's Transformative Impact, Use Cases, and Risks]( - [The Three-Point Action Plan for new CISOs]( - [Google Cloud Threat Horizons Report, H1 2024]( - [5 Essential Insights into Generative AI for Security Leaders]( [View More White Papers >>]( FEATURED REPORTS - [2024 InformationWeek US IT Salary Report]( [View More Dark Reading Reports >>]( Dark Reading Daily -- Published By [Dark Reading]( Informa Tech Holdings LLC | Registered in the United States with number 7418737 | 605 Third Ave., 22nd Floor, New York, New York 10158, USA To opt-out of any future Dark Reading Daily Newsletter emails, please respond [here.]( Thoughts about this newsletter? [Give us feedback.](mailto:ContactDarkReading@informa.com) Keep This Newsletter Out Of Your SPAM Folder Don't let future editions go missing. Take a moment to add the newsletter's address to your anti-spam white list: /cdn-cgi/l/email-protection?sp_aid=124647&elq_cid=22844169&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529&utm_source=eloqua&utm_medium=email&utm_campaign=DR_NL_Dark%20Reading%20Daily_07.18.24&sp_cid=54333&utm_content=DR_NL_Dark%20Reading%20Daily_07.18.24&sp_eh=9ec2e0353644c03ce56099bfb161a49d1f8a5a22f0d884f0cd961b89d205d529#b1 If you're not sure how to do that, ask your administrator or ISP. Or check your anti-spam utility's documentation. We take your privacy very seriously. Please review our [Privacy Statement.]( [© 2024]( | [Informa Tech]( | [Privacy Statement]( | [Terms & Conditions]( | [Contact Us](mailto:ContactDarkReading@informa.com)