When sending sensitive files via email, encrypt attachments to protect them from unauthorized access. Use encryption tools provided by your email service and share the decryption password securely through a separate channel. This ensures your sensitive information remains confidential and safe during transmission. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support

When parting with old devices or data, secure disposal is vital to protect your information. Follow these tips:

• Destroy devices: Factory reset, then shred or drill hard drives and SSDs.
• Recycle responsibly: Use certified e-waste centers or donation programs.
• Shred documents: Use a cross-cut shredder for confidential papers.
• Secure disposal: Utilize designated secure bins to prevent theft.

Two men have been indicted in the U.S. for allegedly running WWH Club, a dark web marketplace specializing in sensitive personal and financial information. Alex Khodyrev, 35, from Kazakhstan, and Pavel Kublitskii, 37, from Russia, face charges of conspiracy to commit access device fraud and wire fraud.

From 2014 to 2024, Khodyrev and Kublitskii are accused of managing WWH Club and its associated sites, including wwh-club[.]ws, wwh-club[.]net, and skynetzone[.]org. These sites served as platforms for cybercriminal activities, including fraud and identity theft.

The indictment follows an FBI investigation that began in July 2020. Authorities traced WWH Club's main domain to an IP address hosted by DigitalOcean, leading to a federal search warrant and subsequent charges.

If convicted, the men could each face up to 20 years in federal prison. The indictment also seeks the forfeiture of Khodyrev’s 2023 Mercedes-Benz G63 AMG and Kublitskii’s 2020 Cadillac CT5 Sport,...

Don’t open attachments from unknown or unexpected sources, as they may contain malware or phishing attempts. Always verify the sender’s identity before downloading or opening any files. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support. 

Always access company servers through a VPN to ensure secure communication and data transmission. Avoid accessing sensitive information when using remote access tools from public places to reduce the risk of unauthorized access. Regularly update all software and security patches to protect against known vulnerabilities and security breaches.

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support

Scammers might pretend to be government officials, police, or company reps to steal money or personal information. Always verify the identity of anyone asking for sensitive details or payments and contact the organization directly using trusted contact information. Stay vigilant to protect yourself. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support. 

Shred sensitive documents to prevent unauthorized access and protect confidentiality. Proper disposal reduces security risks and ensures information is destroyed. Understanding these practices is crucial for maintaining data security. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support

North Korean hackers have used a fake Windows video conferencing app that pretends to be FreeConference.com to secretly access developers' systems. This is part of an ongoing campaign called Contagious Interview, which is financially motivated.

In August 2024, the Singaporean company Group-IB discovered this new attack. It shows that these hackers are also using installers for both Windows and Apple macOS to spread malware.

Contagious Interview, also known as DEV#POPPER, is a harmful campaign led by a North Korean group known as Famous Chollima, according to CrowdStrike.

The attacks start with a fake job interview that tricks people into downloading and running a Node.js project. This project contains BeaverTail downloader malware, which then installs a cross-platform Python backdoor called InvisibleFerret. This backdoor can remotely control systems, log keystrokes, and steal browser data.

Source: September 4, 2024 20:30 (on 9/5/24) |  0 | 1 minute read

Protect your device from malicious ads by installing ad blocker software or browser extensions. These tools prevent ads from being displayed on websites, reducing the risk of encountering malware or phishing attempts hidden within advertisements. These tools block harmful scripts and codes, enhancing your online security and creating a safer browsing environment overall. 

Do you have a question? Submit a ticket at [PB8324.3] Data Security Support

When using devices with personal data in public, follow these tips to stay secure:

• Use Secure Wi-Fi: Avoid public Wi-Fi for sensitive tasks; use a VPN instead.
• Disable Auto-Connect: Turn off auto-connect to prevent joining unsecured networks.
• Be Cautious with Public Computers: Avoid logging into personal accounts; always log out and clear browser data.
• Shield Your Screen: Use privacy screens to prevent others from viewing your screen.
• Avoid Public Charging Stations: Use your own charger and power outlet to prevent tampering.