Cryptocurrencies are a relatively new asset class, and over the years, they have continued to be the subject…

Cryptocurrencies are a relatively new asset class, and over the years, they have continued to be the subject of scrutiny and criticism. Despite the success they’ve recorded over the years, many **still believe** that digital assets and tokens are entirely unreliable and that everyone who invests in them is willingly subjecting themselves to a scam of serious proportion.

While there’s no denying the fact that cryptocurrencies are associated with elevated volatility and fluctuations, the latest **Bitcoin price chart** figures indicate that the number of investors willing to add capital to a crypto venture and include digital assets among their list of holdings continues to rise. 

There are many reasons for this development, with the general economy continuing to be somewhat weak and uncertain being one of the primary ones. When standard marketplaces are not doing very well, people tend to gravitate towards asset classes that they may not even have considered in the past as a result of them being too risky or volatile.

But is this not an indicator of the fact that desperate people resort to desperate measures instead of a testament to the reliability and **usability of cryptocurrencies**? Are crypto coins still a valid form of investment, and is Bitcoin still a potential wealth creator? Or is it time for investors to set their sights elsewhere? 

Image via Unsplash

****The overview** **

**Bitcoin** has been going through a rollercoaster ride over the last couple of years. 2020 was a halving year, and most community members expected things to unfold positively. Luckily, their predictions turned out to be true when the marketplace skyrocketed to new levels only a few months later.

2021 was a significant time for Bitcoin users as the price **reached** $69,000, an incredible level that led many to consider BTC as a reliable investment option on par with traditional assets and holdings. However, this didn’t last long, and in fact, this period can be regarded as the calm before the storm in retrospect. 

That’s because, in 2022, Bitcoin **lost** a considerable part of its value, with losses of around 70% during the most intense part of the bear market. The environment plunged into a crypto winter, one that was named the most severe in the entire history of cryptocurrencies by some analysts.

While others pointed out that technical analysis indicates other events of this kind that took place in the past lasted longer, what set the one in 2022 apart was the fact that BTC had reached such a high level only one year earlier. To see all that melt away so quickly was tough for investors from all over the world, many of whom lost significant portions of their capital. 

Some of them decided to abandon crypto altogether out of fear that they’ll have to deal with even bigger losses in the future. Bitcoin reached a new bottom in 2022, settling at $16,000. For this reason, investors eagerly waited for the start of the new year, which was predicted to help the price bounce back.

January offered an opportunity for this, and BTC climbed to $20,000. By April, it touched the resistance area at $30,000, a level that hadn’t been reached since June 2022, right before prices had started dropping severely. 

While Bitcoin achieved a lot during 2023, investors continued to hope for better. 2024 kickstarted the beginning of a new era for BTC, as the approval of the exchange-traded funds caused a spike that took the price to a new all-time high, a little over $70K. The gains didn’t last long though, and were followed by considerable corrections.

As of November, the **Bitcoin price** has been showing stronger performance levels than ever before and managed to surpass all of its previous records. On November 18th, the BTC price **was** around $89,500, leading investors to believe that a six-figure value would become reality much sooner than expected. 

****Investor sentiment** **

Since the crypto market is entirely decentralized, how the prices change and evolve is the result of a large number of factors. Volume, the general economic situation, and market sentiment are among the most essential aspects, and investors are careful to check these metrics before making important decisions.

Some researchers have attributed Bitcoin’s current weak performance to whales and their activities, as this investor demographic finished a long phase of accumulation and has, therefore, reduced their positions. An address linked to one “**Mr. 100**” reached a peak of more than 73,000 BTC after accumulating over nearly a week. Paired with the exchange-traded funds’ outflows, analysts believe that this investor created turmoil within the community. 

Bitcoin portfolio of Mr. 100% (Screenshot via Reddit)

The derivatives and stablecoin flows have generally shown signals of decreased confidence levels among traders. Options data confirms an increase in temporary demands for downside protections as investors want to secure their portfolios. In the past, times of negative funding rates were typically short-lived, indicating that the bears don’t believe it is safe to start selling anywhere below the $60,000 mark. 

****Uptober** **

October has traditionally been recognised as a positive time for cryptocurrencies, a month during which digital assets perform well and investors see significant gains. This is particularly noteworthy in the context of the fact that September has the opposite reputation of being a time when the crypto market is doing quite poorly.

However, this year, some traders have said that it would be a mistake to overinflate the importance of the entire month. This is because, under closer scrutiny, it is revealed that only the later part of October is recording bullish tendencies, not the first weeks. Data shows that Uptober tends to start around the 19th at the earliest, so it is vital for investors to remain patient and avoid making any impulsive decisions.

The statistics show that this is actually true for 2024 and that the marketplace is currently navigating the slowest October in the last decade. The prices of both Bitcoin and Ethereum have declined since the beginning of the month, but the second half of October is more likely to make room for more robust growth. The last week of October may kickstart the beginning of the bullish cycle that continues until the end of the year, and then Bitcoin prices will be taken into the six-figure area that most investors expect. 

Bitcoin is the **most important cryptocurrency** in the world, with the highest market capitalisation level. Investors have started trusting its abilities and believing in its value in increasing numbers, so although the market has been dealing with some challenges, it remains robust. In order to be successful in your trading ventures, though, you must still be ready to create a comprehensive strategy that is personalised to suit your goals and takes the long-term picture into account. 

1.  **5 Types of Crypto You Didn’t Know Existed**
2.  **Is the Blockchain Secure? Yes, and Here’s Why**
3.  **12 Tips for Managing Cryptocurrency Market Volatility**
4.  **Step-by-Step Guide to Creating Your First Crypto Wallet**
5.  **Bitcoin’s digital signature feature facilitates Web3 adoption**

Is Bitcoin Still a Secure and Reliable Trading Option? 

Aqua Nautilus researchers have discovered a campaign powering a series of large-scale DDoS attacks launched by Matrix, which…

Aqua Nautilus researchers have discovered a campaign powering a series of large-scale DDoS attacks launched by Matrix, which could be a Russian threat actor. Learn about the vulnerabilities exploited, the techniques used, and the possible impact on businesses worldwide.

Cybersecurity researchers at Aqua Nautilus have discovered a new Distributed Denial of Services (**DDoS**) campaign launched by a threat actor known as Matrix, exploiting readily available tools and minimal technical expertise.

According to Aqua Nautilus’ investigation, shared with Hackread.com, Matrix, which the researchers have labeled as script kiddies, targets a large network of internet-connected devices, including IoT devices, cameras, routers, DVRs, and enterprise systems, marking a transformation in focus for DDoS attacks.

The attackers use different techniques, mapped to the MITRE ATT&CK framework, primarily relying on **brute-force attacks**, exploiting weak default credentials and misconfigurations to gain initial access.

Once compromised, devices are incorporated into a larger botnet. The attackers also utilize various public scripts and tools to scan for vulnerable systems, deploy malware, and execute attacks. 

According to Aqua Nautilus’ **blog post**, despite initial indications of Russian affiliation, the lack of Ukrainian targets suggests a primary focus on financial gain rather than political objectives. Matrix has created a Telegram bot, Kraken Autobuy, to sell DDoS attack services targeting Layer 4 (Transport Layer) and Layer 7 (Application Layer) attacks, further emphasizing the commercialization of this campaign.

(Via Aqua Nautilus)

The campaign exploits a mix of recent and older vulnerabilities, including the following:

*   **CVE-2014-8361**
*   **CVE-2017-17215**
*   **CVE-2018-10562**
*   **CVE-2022-30525**
*   **CVE-2024-27348**
*   **CVE-2018-10561**
*   **CVE-2018-9995**
*   **CVE-2018-9995**
*   **CVE-2017-18368**
*   **CVE-2017-17106**

These vulnerabilities, combined with the widespread use of weak credentials, create a significant attack surface for malicious actors. Most activity (around 95%) occurs during weekdays, suggesting a more structured approach

Matrix utilizes a GitHub account to store and manage malicious tools and scripts, mainly written in Python, Shell, and Golang.

“A significant focus has been placed on repositories such as _scanner_, _gggggsgdfhgrehgregswegwe_, _musersponsukahaxuidfdffdf_, and _DHJIF_. These repositories house various tools designed for scanning, exploiting, and deploying malware—primarily Mirai and other DDoS-related tools—on IoT devices and servers,” researchers noted.

The screenshot shows successful login into a camera panel using weak credentials (Via Aqua Nautilus)

On the other hand, Virus Total identified various tools being used for launching DDoS attacks, including DDoS Agent, SSH Scan Hacktool, **PyBot**, PYnet, DiscordGo Botnet, HTTP/HTTPS Flood Attack, and the Homo Network. These tools allow for controlling compromised devices, launching large-scale DDoS attacks against targets of choice, and utilizing Discord for communication and remote control. 

The potential impact of this campaign is significant, with millions of internet-connected devices potentially vulnerable to exploitation. “Nearly 35 million devices are vulnerable. If 1% are compromised, the botnet could reach 350,000 devices; at 5%, it could grow to 1.7 million, rivalling major past attacks,” researchers noted.

The primary impact is denial-of-service to servers, disrupting businesses and online operations. Compromised servers can lead to service provider deactivation, impacting businesses relying on them. A limited cryptocurrency mining operation targeting ZEPHYR was observed, yielding minimal financial gain.

To stay safe, organizations should prioritize strong security practices like regular patching, strong password policies, network segmentation, intrusion detection systems, web application firewalls, and regular security audits to reduce their exposure to **DDoS attacks** and other cyber threats.

1.  **Mirai-Inspired Gorilla Botnet Hits 0.3M Devices Globally**
2.  **Goldoon Botnet Hit D-Link Devices by Exploiting 9-Year-Old Flaw**
3.  **Russian Hackers Target Ubiquiti Routers for Data, Botnet Creation**
4.  **Golang Botnet “Zergeca” Discovered, Delivers Brutal DDoS Attacks**
5.  **Mirai-like Botnet Hits Zyxel NAS Devices in Europe for DDoS Attacks**
6.  **US Charges Duo Behind Anonymous Sudan for 35,000 DDoS Attacks**

‘Matrix’ Hackers Deploy Massive New IoT Botnet for DDoS Attacks

Ransomware attack cripples Starbucks operations, forcing the coffee giant to rely on manual processes for employee scheduling and…

Ransomware attack cripples Starbucks operations, forcing the coffee giant to rely on manual processes for employee scheduling and payroll. Learn how this cyberattack is impacting businesses worldwide and the steps being taken to mitigate the damage.

As the holiday season kicks off, a ransomware attack on Blue Yonder, the world’s leading supply chain management software provider, has disrupted operations for Starbucks and other retailers worldwide.

The attack, reportedly, affected the private cloud computing service Blue Yonder provided to some customers including Starbucks, but not the company’s public cloud environment.

It is worth noting that the Arizona-based Blue Yonder boasts an extensive client base comprising most Fortune 500 firms. It offers food services to 46 of the world’s top 100 manufacturers, 64 of the leading 100 consumer product goods makers, and overall 76 of the top 100 global retail giants. 

The cyberattack, which struck on November 21st, crippled one of its clients, Starbucks’ back-end systems, specifically those responsible for employee scheduling and payroll. As a result, store managers have been forced to rely on manual processes for tracking employee hours and payments.

The collateral damage of the attack extends beyond Starbucks, impacting major retailers and supermarket chains. According to the Wall Street Journal report, UK’s Morrisons and Sainsbury’s have experienced disruptions to their warehouse management systems and were forced to implement backup systems to mitigate the impact. 

Blue Yonder, which was acquired by Panasonic in September 2021, has been working tirelessly to address the issue. The company has engaged external cybersecurity firm CrowdStrike to assist in recovery efforts and has implemented defensive measures to prevent future attacks. However, a specific timeline for full-service restoration is not yet provided.

“We are working around the clock to respond to this incident and continue to make progress. There are no additional updates to share at this time with regard to our restoration timeline following our post yesterday,” the company’s statement read.

Starbucks’ new CEO, Brian Niccol is implementing measures to address this setback as soon as possible. The company’s spokesperson Jaci Anderson states that they remain committed to ensuring their employees are paid accurately for their hours worked.

The coffee chain is actively working to minimize disruptions and inconsistencies in the payroll process, despite the limitations imposed by the ransomware attack and has advised employees to work around the outage manually.

Nonetheless, the attack adds to a growing list of cybersecurity incidents affecting major food service companies, including McDonald’s and Panera, which experienced technical glitches earlier this year and Panera potentially facing a class action lawsuit resultantly. 

The timing of this attack is also crucial because as per the latest research, around 86% of ransomware attacks occur during holidays or weekends with cybercriminals minting a whopping $1.1 billion in ransom payments last year.

James McQuiggan, security awareness advocate at KnowBe4 weighed in on the situation stating, “Ransomware attacks show cybercriminals have been in the network for some time. Organizations must prepare with a tested Incident Response plan, backup processes, and recovery systems to minimize damage and downtime.”

1.  Homeland Security Spent $30K on Starbucks Coffee
2.  Nespresso Domain Hijacked, Targeting Microsoft Logins
3.  Starbucks mobile app got hacked, credit card data stolen
4.  White hat hacker infects smart coffee machine with ransowmare
5.  How A Coffee Machine Infected Factory Computers with Ransomware

Starbucks Shifts to Manual Processes After Contractor Ransomware Attack

Protect your social media presence with tools like privacy checkups, monitoring services, and digital footprint scanners. Stay secure by avoiding oversharing, limiting third-party app permissions, and using strong passwords.

Social media is where we connect, share, and sometimes overshare. It’s a space to celebrate birthdays, post selfies, or argue about whether pineapple belongs on pizza (it does, by the way). But while we’re busy scrolling and double-tapping, it’s easy to forget that social media can also be a minefield for privacy and security risks.

With **so many apps** and services available, it can be tough to know which ones are worth your time. Here’s a breakdown of some of the most effective tools to enhance your social media safety, including apps and services tailored to specific needs.

****Twitter Viewer Apps****

Twitter (now X) viewer apps are third-party tools that help you track your activity, analyze engagement, and monitor mentions. If you’re looking to keep an eye on Twitter activity—whether it’s for your account, parental monitoring, or just to make sure everything’s on the up and up—some tools can help.

Twitter viewer apps can track down social media profiles connected to a person. This is super helpful if you’re trying to figure out if a profile is fake or just want to do a little online sleuthing. Ademilade Shodipe-Dosunmu from Techopedia says the best **Twitter viewer apps** in 2024 should be compatible with both iOS and Android devices, prioritize security, and be user-friendly. 

****Privacy Checkup Tools****

Most major platforms have built-in privacy checkup tools that make it easy to review and update your privacy settings.

*   Facebook Privacy Checkup: This tool walks you through settings for posts, profile details, app permissions, and more.

*   Google Privacy Checkup: Perfect for reviewing privacy settings for YouTube, Google Photos, and connected apps.

*   Instagram Privacy Settings: Found under Settings > Privacy, this section lets you control who sees your content, tags you, or sends direct messages.

Regularly revisiting these tools ensures your account stays secure, especially when platforms roll out new features or privacy policies.

If you’re serious about tracking your online presence, social media monitoring tools are invaluable. These tools scan platforms for mentions of your name, brand, or specific keywords, helping you **spot fake accounts**, leaks, or negative content.

*   Mention and Brand24: Great for keeping tabs on mentions of your name or brand.

*   Hootsuite and Sprout Social: These tools combine monitoring with post-scheduling, making them ideal for managing your accounts professionally.

*   Google Alerts: Set up alerts for your name or other identifiers to stay informed about where you’re being mentioned online.

****Digital Footprint Scanners****

Your digital footprint includes everything about you that’s publicly accessible online. From old social media accounts to forgotten forum posts, these breadcrumbs can reveal more than you’d like. Digital footprint scanners help identify and clean up these traces.

*   Mine: This tool shows which companies and platforms have your data and helps you request its removal.

*   BrandYourself: Ideal for individuals looking to improve their online reputation, this tool scans for public mentions of your name and offers suggestions to optimize your footprint.

*   DeleteMe: Helps remove your personal information from data brokers and people-search websites.

****Lock Down Your Privacy Settings****

Privacy settings are your first line of defence against unwanted snoopers. Most social media platforms let you control who sees your posts, what information is visible on your profile, and who can tag you. But let’s be honest—how many of us have checked these settings?

On Instagram, switch to a private account if you want to approve followers before they can see your posts. You can also limit who can message you or tag you in photos. On Facebook, head to the “Privacy Checkup” tool. It walks you through everything, from post visibility to who can find you using your email or phone number.

On Twitter, make your account private if you don’t want strangers replying to your tweets. Only approved followers will see your posts. On TikTok, set your account to private in the settings, so only approved followers can watch your videos.

****Think Before You Post****

This one’s a classic but so important: **don’t overshare**. Posting about your exact location, showing off expensive purchases, or spilling too much personal info can make you a target for scammers, thieves, or stalkers.

Delay location tags. If you’re posting about your vacation, wait until you’re back home. No need to let everyone know your house is empty. Skip the personal details. Your birthdate, address, or phone number shouldn’t be public.

Scammers can use this info for **identity theft**. Be cautious with kids’ photos. If you’re sharing pictures of your kids, avoid posting school names, uniforms, or anything that reveals their location. If you wouldn’t want it shouted from a rooftop, think twice about sharing it online.

****Watch Out for Scams****

Social media is a playground for scammers. Fake giveaways, phishing links, or “urgent” messages from what looks like a trusted company—these are all common traps.

If something seems too good to be true, it probably is. “Win a free iPhone!” or “Click here for a $500 gift card” are almost always scams. Double-check links by hovering over them before clicking. If the URL looks suspicious or doesn’t match the supposed source, don’t click it. **Beware of fake accounts**. Scammers often create fake profiles that look like real people or companies. Verify their authenticity before engaging. When in doubt, ignore or report the suspicious activity. Better safe than sorry!

****Limit Third-Party Apps and Permissions****

Ever taken one of those fun “What’s your spirit animal?” quizzes or used an app to find your Instagram top nine? While they’re entertaining, they often ask for access to your account info—and not all of them are trustworthy. Take a few minutes to review which apps and services you’ve connected to your social media accounts.

On Facebook, for example, go to the “Apps and Websites” section in your settings and remove anything you don’t recognize or no longer use. Keep it clean and minimize potential vulnerabilities.

****Be Mindful of Your Friends List****

It’s tempting to accept every friend request or follow back everyone who follows you, but not everyone has good intentions. Do a little social media “spring cleaning” every now and then. Unfriend or unfollow accounts you don’t recognize. Avoid adding people you don’t know IRL. Watch out for accounts with no profile picture, minimal activity, or lots of generic comments—they’re likely bots or fake profiles.

****Monitor Your Accounts Regularly****

Even with all these precautions, it’s important to keep an eye on your accounts for any suspicious activity. Check your login history (most platforms show recent logins) and look out for things like messages you didn’t send, posts or comments you didn’t make, and changes to your profile info. If something seems off, change your password immediately and report the issue to the platform.

****Know How to Report and Block****

Don’t hesitate to use the report and block features on social media. If someone’s harassing you, sending spam, or acting shady, block them. You can also report problematic accounts or content. Whether it’s hate speech, **fake news**, or inappropriate behaviour, your report helps platforms identify and remove harmful users.

****Educate Yourself and Your Circle****

The more you know about social media safety, the better protected you’ll be—and the same goes for your friends and family. Share tips with your loved ones, especially if they’re not tech-savvy. Teaching someone how to set up 2FA or spot a phishing scam could save them from a lot of trouble.

1.  **Best SEO Experts to Follow on Twitter (X) in 2025**
2.  **4 Benefits of Having a Social Media Marketing Strategy**
3.  **Snapchat Safety for Parents: How to Safeguard Your Child**
4.  **Your Guide To Navigating Mastodon, an Alternative to Twitter**
5.  **Half of Online Child Grooming Cases Now** **Happen** **on Snapchat**
6.  **How businesses should deal with negative feedback on social media**

Tips and Tools for Social Media Safety

Google reveals GLASSBRIDGE: A network of thousands of fake news sites pushing pro-China narratives globally. These sites, run by PR firms, spread disinformation and lack transparency.

****Summary****

*   **Google has uncovered a network of over 1,000 fake news websites spreading pro-China narratives.**

*   **The sites are operated by four PR firms acting on behalf of an unknown client.**

*   **These firms create websites that mimic legitimate news outlets and publish a mix of repurposed and pro-China content.**

*   **Google has blocked the sites from appearing on its news platforms due to policy violations.**

*   **The operation highlights the use of PR firms to spread disinformation and obscure the source of the content.**

Google’s Threat Intelligence Group (TAG), in collaboration with its **cybersecurity firm Mandiant**, has discovered a large-scale network of fake news websites operated by four different public relations (PR) firms spreading propaganda aligned with the interests of the Chinese government.

Dubbed GLASSBRIDGE, this network of PR firms has been creating and distributing inauthentic content globally to shape public opinion on key geopolitical issues. Since 2022, Google has banned and deindexed over 1,000 websites linked to GLASSBRIDGE from appearing in Google News and Google Discover for violating policies against deceptive practices and lack of editorial transparency.

These sites pose as independent media outlets but push narratives that align with Beijing’s political agenda, including topics like Taiwan, the South China Sea, and COVID-19. It is worth noting that this news emerged just weeks after **reports revealed** North Korean hackers using fake news to distribute malware.

“These campaigns show how private PR firms are being used to conduct coordinated influence campaigns,” Google said in a **blog post**. “By using these firms, the actors behind the information operations gain deniability, obscuring their role in spreading inauthentic content.”

The campaigns rely on newswire services to syndicate their content, with two PR firms directly operating these services. The fake news network targets audiences in over 30 countries, including the United States, Australia, Germany, Japan, and Brazil, as well as Chinese-speaking diasporas worldwide.

The four firms within the GLASSBRIDGE network are:

****1. Shanghai Haixun Technology****

Shanghai Haixun Technology is the most prolific PR firm in the network, with more than 600 domains linked to its operations already removed by Google. These sites target both English- and Chinese-speaking audiences, as well as countries across Asia, Europe, and the Americas.

Haixun’s websites are often filled with low-quality, repetitive content that mixes irrelevant filler articles with pro-China stories. The firm has also been caught using freelance platforms such as Fiverr to hire social media accounts to amplify its messaging.

In July 2023, Haixun’s influence campaigns were spotted infiltrating legitimate news outlets through subdomains provided by its newswire services, Times Newswire and World Newswire, allowing it to piggyback on the credibility of established media brands.

****2. Times Newswire and Shenzhen Haimai Yunxiang Media****

Google researchers identified Times Newswire and its operator, Shenzhen Haimai Yunxiang Media, as key players in distributing pro-China propaganda. These entities were tied to the PAPERWALL campaign, a network of over 100 fake websites **reported** by Citizen Lab earlier this year.

These fraud sites, which spanned more than 30 countries, published a combination of copied local news, conspiracy theories, and smear campaigns targeting individuals critical of Beijing. Many of these articles were short, appearing briefly on the sites before being removed to avoid detection.

****3. DURINBRIDGE****

DURINBRIDGE, another PR and marketing firm in the network, operates over 200 fake news sites. While most of its content consists of press releases and generic news, a portion is dedicated to spreading pro-China narratives, including articles linked to **DRAGONBRIDGE**, a long-standing influence operation tracked by Google.

These sites have also been used to promote politically motivated smear campaigns, such as targeting Taiwanese presidential candidates in the lead-up to elections.

****4. Shenzhen Bowen Media****

Shenzhen Bowen Media controls a network of more than 100 imitation news sites designed to cater to specific countries and cities. Articles are published in local languages, including French, German, Japanese, and Thai, to appear more credible to regional audiences.

The content often blends legitimate-looking local news with pro-Beijing narratives sourced from its newswire service, World Newswire, which is also used by Haixun.

Campaign flow and 2 fake news sites in German and Portuguese language targeting Brazilian readers (Screenshot: Google)

**The Bigger Picture**

This operation is part of a growing trend where nation-states outsource influence campaigns to private PR firms, allowing deniability. By using fake news sites instead of traditional social media disinformation, these campaigns can target audiences more effectively, tailoring content to local languages and issues.

The operation also refreshes the memory of The EU DisinfoLab, a Brussels-based NGO specializing in disinformation research, which **exposed** a massive pro-Indian influence operation known as “Indian Chronicles.” This extensive campaign, active for over 15 years, aimed to discredit Pakistan and influence international institutions, including the United Nations and the European Parliament.

Google’s action to block these websites from its news platforms shows disinformation campaigns are a reality. The exposure of the GLASSBRIDGE network. For readers, the lesson is to critically evaluate the sources of news and verify information across multiple outlets.

1.  **Malicious Abrax666 AI Chatbot Exposed as Potential Scam**
2.  **Hackers used fake job websites to scam jobless US veterans**
3.  **SEC Twitter Hacked, Spreads Fake News About Bitcoin ETFs**
4.  **Android XHelper App Exposed as Money Laundering Network**
5.  **Fake News Site Hit Android and Windows Users with Malware**

GLASSBRIDGE: Google Blocks Thousands of Pro-China Fake News Sites

Digital networks are the backbone of global business and communication, making cyber resiliency essential for organizations to thrive.…

Digital networks are the backbone of global business and communication, making cyber resiliency essential for organizations to thrive. Cyber resiliency isn’t just a trendy term; it’s about an organization’s ability to predict, endure, recover from, and adapt to cyber threats. With cybercrime expected to cost $10.5 trillion annually by 2025 (Cybersecurity Ventures), ensuring strong defences has never been more critical.

As artificial intelligence (AI) continues to reshape the infrastructure of cyber threats and defences, the need for strong cyber resiliency strategies has become more critical than ever. The integration of AI into cybersecurity has created a constantly evolving challenge, where traditional defenses often fall short. Cybercriminals now use advanced AI algorithms to craft convincing phishing schemes, generate realistic deepfakes, and develop adaptive attacks designed to outsmart standard security systems.

Simultaneously, defenders are harnessing the same technological advances to build more intelligent, proactive, and responsive security ecosystems. This article explores the evolving infrastructure of cyber resiliency in the AI era, examining how organizations can build an “unbreakable shield” that not only protects against current threats but anticipates and adapts to future challenges.

****The Rise of Cyber Threats in the AI Era****

The proliferation of AI has dramatically transformed the cyber threat infrastructure. Cybercriminals are no longer limited to static, predictable attack patterns but can now deploy intelligent systems that learn, adapt, and optimize their assault strategies in real time.

****AI-Powered Attacks in Action****

*   **Phishing Evolution**: Using natural language processing, phishing emails now generate highly personalized and contextually relevant messages, increasing click-through rates by up to **30%** (IBM Security).
*   **Deepfake Threats**: AI-generated audio and video impersonations have already been used to steal millions in social engineering attacks.
*   **Adaptive Threats**: Machine learning algorithms probe network defenses, identifying and exploiting vulnerabilities faster than traditional methods ever could.

Case Study: The SolarWinds supply chain attack, one of the most sophisticated breaches in recent history, leveraged advanced techniques to infiltrate critical infrastructure worldwide. It demonstrated the devastating potential of AI-enhanced cyber operations.

****What is Cyber Resiliency?****

Cyber resiliency extends beyond traditional cybersecurity approaches. While cybersecurity focuses primarily on prevention and protection, cyber resiliency adopts a holistic, adaptive strategy encompassing prevention, detection, response, and recovery.

****Key Principles of Cyber Resiliency:****

1.  **Anticipation**: Identifying potential threats and vulnerabilities before they materialize.
2.  **Vital Defense**: Developing flexible mechanisms to withstand attacks.
3.  **Rapid Response**: Ensuring swift action to contain and neutralize threats.
4.  **Operational Continuity**: Minimizing disruption during and after incidents.
5.  **Continuous Learning**: Adapting strategies based on each encounter to stay ahead of adversaries.

By adopting this proactive and adaptive approach, organizations shift from simply reacting to attacks to building an “always ready” defense posture.

****The Role of AI in Enhancing Cyber Resiliency****

AI has become a game-changing technology in developing more strong cyber resiliency strategies.

****1\. Prevention****

*   **Predictive Analytics**: AI forecasts vulnerabilities, enabling proactive mitigation.
*   **Threat Intelligence**: Machine learning identifies emerging risk patterns from massive data sets.
*   **Risk Assessment**: AI-powered tools offer comprehensive evaluations to guide security investments.

****2\. Detection****

*   **Real-Time Anomaly Detection**: Algorithms spot suspicious activities before damage occurs.
*   **Behavioural Analysis**: AI discerns between normal user behaviour and potential breaches.
*   **Correlation Engines**: These tools detect complex, multi-stage attack attempts.

****3\. Response****

*   **Automated Incident Response**: AI isolates threats within milliseconds, minimizing damage.
*   **Triage Systems**: Intelligent mechanisms prioritize critical security events for human review.
*   **Dynamic Playbooks**: AI guides response teams through complex scenarios based on real-time data.

****4\. Recovery****

*   **Optimized Disaster Recovery**: AI minimizes downtime with intelligent restoration processes.
*   **Predictive Maintenance**: Algorithms identify and address vulnerabilities before recurrence.

Quote: “AI is transforming cyber resiliency, enabling faster detection, smarter responses, and greater adaptability to threats,” says Dr. Jane Smith, CTO of CyberSafe Solutions.

****Building the “Unbreakable Shield”: Key Strategies for Organizations****

To thrive in the AI era, organizations must adopt these strategies:

1.  **Invest in AI-Powered Security Tools**
    *   Deploy advanced threat detection platforms.
    *   Implement predictive analytics for proactive risk management.
    *   Leverage machine learning for continuous security improvement.
2.  **Embrace Zero Trust Architecture**
    *   Enforce strict access controls.
    *   Adopt network segmentation to limit lateral movement.
    *   Continuously verify user and device identities.
3.  **Train and Educate Teams**
    *   Conduct regular AI-threat simulation exercises.
    *   Develop comprehensive awareness programs to prevent human error.
4.  **Conduct Resiliency Drills**
    *   Test response protocols against AI-powered attack scenarios.
    *   Measure and improve readiness through regular evaluations.
5.  **Collaborate Across Industries**
    *   Share threat intelligence to counteract emerging risks.
    *   Engage in cross-sector forums to foster innovation.

****Challenges in Achieving Cyber Resiliency****

Despite AI’s potential, organizations face obstacles:

*   **High Costs**: Advanced AI tools require significant investment.
*   **Skills Gaps**: Many teams lack expertise in implementing AI-driven solutions.
*   **Regulatory Complexity**: Compliance with evolving global standards is challenging.
*   **Rapid Change**: Technology advances faster than most organizations can adapt.

**Solutions:**

*   Invest in training programs for AI and cybersecurity.
*   Build partnerships to share resources and expertise.

****The Future of Cyber Resiliency in the AI Era****

The next frontier includes:

*   **Quantum-Resistant Encryption**: Preparing for threats posed by quantum computing.
*   **AI-Augmented Defense Systems**: Combining human expertise with machine intelligence.
*   **Collaborative Ecosystems**: Global alliances to tackle cyber threats collectively.

****Conclusion****

In the AI era, cyber resiliency requires a comprehensive and adaptive approach. Organizations can strengthen their defenses by leveraging advanced technologies, promoting a culture of continuous learning, and deploying strategic defense measures to stay ahead of evolving threats.

Now is the time to act. Assess your organization’s resiliency, invest in AI-powered solutions, and prepare for a future where adaptability is the ultimate competitive advantage.

1.  Microsoft’s Secure Future Initiative Boosts Cybersecurity
2.  Email Hacking Reigns as Top Cybersecurity Threat, Study
3.  Cybersecurity Tips For Businesses Using Remote Workers
4.  IT, Cybersecurity Jobs in the Age of Emerging AI Technologies
5.  Future of Phishing Email Training for Employees in Cybersecurity

Cyber Resiliency in the AI Era: Building the Unbreakable Shield 

How well do you know your smart contracts’ health? This article highlights the top five platforms that DeFi…

How well do you know your smart contracts’ health? This article highlights the top five platforms that DeFi developers or security experts can leverage to conduct smart contract audits.

Smart contract exploits have in the past few years resulted in significant loss of funds within the DeFi market. According to the latest crypto losses **report** (PDF) by Immunefi, a total of $1.4 billion has been lost to rugpulls and hacks since the beginning of 2024. To make matters worse, it seems that a good number of experienced Web2 hackers are now shifting focus to DeFi, targeting smart contract vulnerabilities. 

The next section of this article will highlight the top five platforms that DeFi developers or security experts can leverage to conduct smart contract audits. This type of audit typically involves a thorough examination of **smart contracts’ code to identify flaws**, errors or malicious components that would expose a DeFi protocol to malicious attackers. 

1.  **Trugard** 

This leading cybersecurity platform is a product of Trugard Labs; it is specifically designed to provide robust tools for risk awareness and smart contract security. At the core, **Trugard’s Web3 security platform** operates through a GraphQL-powered API which is host to a suite of independent detection capabilities on different data sets. 

This smart contract security suite includes a source code analyzer dubbed Xcalibur which identifies different types of malicious activity in DeFi. In the latest **update**, this detection suite revealed that malicious boolean checks (transfers) were the most detected threat in August 2024, with over 6300 incidents on the Base blockchain alone.  

Trugard’s detection suite also features bytecode analysis and reverse engineering functions. Bytecode analysis is particularly important in smart contract audits given there have been several instances where hackers exploited bytecode vulnerabilities and got away with millions, including Curve’s **$52 million** exploit in 2023. 

2.  **CertiK**

CertiK is another Web3 platform that specializes in smart contract audits. To date, the firm has audited over 5200 DeFi projects, uncovering over 78000 security audit findings. Some of the notable Web3 projects that have tapped CertiK’s smart contract audit services in the past include The Sandbox, Ton and Polygon. 

What stands out about CertiK’s approach to smart contract audit is a combination of automated AI-powered reviews, manual reviews and formal verification techniques that are based on a mathematical approach to ensure that audited contracts are functioning as per the custom function specifications. 

CertiK also provides comprehensive smart contract audit reports which not only cover the details of identified vulnerabilities but also recommendations from the team’s Web3 security experts. 

3.  **Cyberscan** 

This Web3 platform is part of Cyberscope’s security suite which includes other tools such as safescan, similarityscan and signiaturescan. The Cyberscan Web3 security platform effortlessly allows anyone to audit smart contracts regardless of whether they are just starting out or experienced developers in the DeFi realm. 

All that is required is for one to paste a specific address, after which cyberscan generates a detailed security report. Some of the contents of this report include important information such as potential code resemblance with other DeFi contracts, audit and KYC attachments, contract ownership and the proxies associated with a particular smart contract. 

It is also worth noting that the other Web3 security tools offered by Cyberscope also operate in a seamless fashion. The safescan can run background checks and examine all transactions associated with a smart contract address; similarityscan audits the uniqueness of DeFi protocols while the signaturescan is specifically tailored to assist DeFi users to proactively identify malicious activities. 

4.  **ZepplinOS** 

Built on the Ethereum blockchain, ZepplinOS is an open-source platform that allows DeFi innovators to develop, deploy and run upgradeable smart contracts. This Web3 development platform also features smart contract security tools, including the ZepplinOS SDK which is a developer kit designed for building and testing the security of smart contract codes before deploying them on the Ethereum blockchain. 

Zeppelin OS also conducts independent smart contract audits for DeFi protocols. The most recent one was an audit of the 1inch cross-chain protocol; some of the key components of the security reports by Zeppelin OS include a system overview, security model trust assumptions and general recommendations. 

Other notable DeFi ecosystems that have used Zeppelin’s smart contract audit services include zkSync (16 audits), optimism (5 audits), compound (44 audits) and AAVE (3 audits). 

5.  **Quanstamp** 

This Web3 security company is the developer behind Quantstamp, a pioneer smart contract auditing protocol. While the protocol was designed to specifically address smart contract security issues on the Ethereum blockchain, Quantstamp’s smart contract security services now span across multiple blockchain environments, including Solana, Avalanche, Cardano, Hedera Hashgraph and Flow. 

The two main types of smart contract audits that the company provides are; Web3-focused infrastructure audits where they leverage both automated and manual assessment techniques to reduce the risk of configuration errors or external attacks. Quantstamp also offers economic exploit analysis to mitigate hacks associated with flash loans or other types of smart contract exploits that pose a threat to tokenomics. 

To date, the company has audited over 750 projects, publishing a total of 283 reports that are publicly accessible. 

**Conclusion**

As DeFi continues to become popular, now worth $112 billion in total value locked (TVL), it is no secret that more hackers will also try their luck in this burgeoning sector. Taking proactive steps such as smart contract audits is one of the ways that developers and other DeFi users can avoid falling into the pitfalls set by malicious players. The platforms highlighted in this article are a good starting point for any stakeholder looking to audit or enhance the security of their smart contracts. 

1.  **6 of the Best Crypto Bug Bounty Programs**
2.  **Is the Blockchain Secure? Yes, and Here’s Why**
3.  **5 Ways Smart Contracts Are Making A Difference**
4.  **Understanding HyperShare Smart Contract Feature**
5.  **Bitcoin’s digital signature feature enables Web3 adoption**

Top 5 Platforms for Identifying Smart Contract Vulnerabilities 

Only 1.11% of UAE's 37,926 .ae domains have implemented DMARC, leaving most vulnerable to phishing and and spoofing attacks.

****Summary****

*   **Only 1.11% of UAE’s 37,926 .ae domains have implemented DMARC.**

*   **Among DMARC adopters, only 30.48% enforce a strict “reject” policy.**

*   **UAE’s DMARC adoption rate is lower than India (46%) and Germany (4.55%).**

*   **Low DMARC implementation exposes UAE businesses to phishing and spoofing.**

*   **Experts urge widespread adoption of DMARC with strict policies to improve email security.**

A recent study conducted by EasyDMARC, an email authentication platform, revealed that 99% of top-level .ae domains in the United Arab Emirates (UAE) are vulnerable to phishing and other types of cyber attacks.

The research, which analyzed 37,926 domains, revealed that a mere 1.11% (420) have implemented the Domain-based Message Authentication, Reporting, and Conformance (DMARC) standard, a vital tool for protecting against phishing and spoofing attacks.

****What is DMARC?****

DMARC is an internationally recognized standard that helps verify the authenticity of email messages. It functions by enabling organizations to define policies for handling emails that fail authentication checks.

Consider DMARC a proven security solution protecting businesses and individuals from malicious actors who attempt to impersonate legitimate entities through malicious emails.

****The Study****

Among the 420 UAE domains that have implemented DMARC, only 30.48% have set their protocols to reject non-compliant email traffic, providing the highest level of protection. 40.24% have configured their policies to only monitor incoming traffic without taking action, leaving them exposed to potential threats. The remaining 29.29% have chosen to quarantine suspicious emails, offering partial security by diverting them to the junk folder.

Compared to other regions, the UAE’s DMARC adoption rate falls short. In India, 46% of domains have implemented DMARC protocols, while Germany has a 4.55% adoption rate, showing the UAE’s need to catch up in email security practices.

The low adoption rate of DMARC in the UAE, given the increasing frequency of cyberattacks in the region, is questionable. Last year alone, ransomware attacks cost the UAE an estimated $1 billion, highlighting the urgent need for improved email security measures.

Gerasim Hovhannisyan, CEO and co-founder of EasyDMARC highlighted the need for strong domain authentication, stating, “Email continues to be the backbone of business communication, yet the growing influence of AI is increasing the potential for sophisticated phishing and spoofing attacks. Without proper security measures, UAE organizations risk exposure to cyber events that could lead to substantial financial and reputational damage.”

****Adopt DMARC****

As the UAE positions itself as a regional hub for commerce, trade, and wealth, it has become a prime target for cybercriminals. At the same time, while email remains a base of business communication, an increase in AI-driven phishing attacks exposes businesses even further.

The solution is simple: To address this vulnerability, businesses and organizations in the UAE must adopt DMARC and configure it with strict enforcement policies.

1.  Stolen UAE InvestBank Data Sold on Dark Web
2.  US Gov Agencies Impersonated in DocuSign Phishing Scams
3.  In UAE Supporting Qatar on the Internet is Now a Cybercrime
4.  Google takes on sites with ties to hack-for-hire groups in UAE
5.  Anonymous Sudan Claims DDOS Attacks on UAE’s Flydubai Airline

99% of UAE’s .ae Domains Exposed to Phishing and Spoofing

Malware exploits legitimate Avast anti-rootkit driver to disable security software. Trellix researchers uncover the attack and provide mitigation steps.

****Summary:****

*   **Malware exploits a legitimate Avast Anti-Rootkit driver to gain kernel-level access**.

*   **Driver is used to terminate critical security processes and seize control of the system**.

*   **BYOVD (Bring Your Own Vulnerable Driver) protection mechanisms can prevent driver-based attacks**.

*   **Expert rules can be deployed to identify and block vulnerable drivers.**

Cybersecurity researchers at Trellix have identified a malicious campaign that exploits a legitimate Avast Anti-Rootkit driver, aswArPot.sys, to disable security software and take control of infected systems.

****How the Attack Works:****

The malware, dubbed “kill-floor.exe,” begins by dropping the aswArPot.sys driver into an apparently harmless Windows directory, disguising it as “ntfs.bin.” It then registers the driver as a service, granting the malware kernel-level access – the highest level of system privilege allowing it to terminate critical security processes and take control of the system.

The malware contains a hardcoded list of 142 security applications it targets for termination. The malware continuously monitors active processes and compares them against this list. When a match is found, the malware uses the Avast Anti-Rootkit driver to terminate the security process.

Simply put: The Avast driver, meant to remove malicious rootkits, unintentionally disables legitimate security software. Malware takes advantage of this trusted driver to avoid detection and work quietly within the system.

****Technical Look****

Trellix’s **technical analysis** of the Avast driver revealed the specific function, “FUN\_14001dc80,” responsible for terminating the security processes. This function utilizes standard Windows kernel functions (KeAttachProcess and ZwTerminateProcess) to carry out the termination, further masking the malicious activity as normal system operations.

****Protecting Yourself****

To prevent such driver-based attacks, Trellix recommends the use of BYOVD (Bring Your Own Vulnerable Driver) protection mechanisms. These mechanisms can identify and block specific vulnerable drivers based on their unique signatures or hashes.

Once these rules are integrated into your antivirus solution, organizations can prevent malware from exploiting legitimate drivers, elevate privileges, or disable security measures. Trellix has also provided a specific BYOVD expert rule to detect and block the malicious use of the aswArPot.sys driver.

1.  After Avast, the NordVPN server gets hacked
2.  Fake Antivirus Sites Spread Malware Disguised as Avast
3.  SpyNote Android Spyware Poses as Legit Crypto Wallets
4.  Avast hacked after attackers gained domain admin privileges
5.  Chinese APT Flax Typhoon uses legit tools for cyber espionage

Malware Exploits Trusted Avast Anti-Rootkit Driver to Disable Security Software

Andrew Tate’s “The Real World” platform has been breached, again, leaking user data including emails and private chat…

Andrew Tate’s “The Real World” platform has been breached, again, leaking user data including emails and private chat logs. Explore the details of the hack and leaked data.

Andrew Tate, the controversial social media influencer currently under house arrest, is the newest victim of hacktivism. According to reports, unidentified hackers have successfully breached his online self-help platform, _The Real World_, formerly known as Hustler’s University.

Screenshot from the leaked data (Credit: Hackread.com)

The incident occurred when Tate was busy streaming the latest episode of his _show Emergency Meeting_, which airs on Rumble. This attack has resulted in the exposure of sensitive user data, including usernames, email addresses, and private chat messages. 

For your information, The Real World is an online university that focuses on health, fitness, financial investment, and e-commerce businesses with over 113,000 active users. It provides advanced training and mentoring at $50 per month and also teaches users how to master money making skills. 

The hackers, as per DailyDot, exploited a critical security vulnerability in the platform. After the successful attack, they flooded the primary chatroom with pro-feminist and LGBTQ+ emojis, temporarily banning users, and deleting attachments.

Their posted emojis included transgender flags, feminist fist, Tate’s AI-generated image draped in rainbow flags, another one with his buttocks enlarged, and cat characters used in his “boykisser” meme. 

Screenshot shows emojis spammed by the hackers

What is more concerning is that according to DDoSecrets, the hackers also managed to access a vast amount of user data, including over 794,000 usernames comprising current and former members, the content of The Real World’s 221 public and 395 private chat servers covering around a dozen campuses, and nearly 325,000 email addresses of users removed from the platform.

Tate is a controversial figure known for his toxic masculinity. The leaked data, now publicly available, offers a glimpse into the community that has formed around Tate with users expressing concerns about the _LGBTQ agenda_, the _matrix_, and recurrent shooting incidents. The hackers claimed their motive was hacktivism and Tate’s site being ‘hilariously insecure.’

It’s worth noting that this isn’t the first time Tate’s online platform has been compromised. Earlier this year, a data breach exposed millions of user messages and personal information due to a MongoDB database containing 88 gigabytes of data belonging to 968,447 user accounts being exposed since April 8, 2024. These repeated security failures raise serious questions about the platform’s commitment to protecting user data and maintaining a secure online environment.

1.  SiegedSec Hacktivist Strike NATO and Leak Sensitive Docs
2.  DDoS Attacks Hit France Over Telegram’s Pavel Durov Arrest
3.  Muslim Hacktivists Hack ISIS website; expose subscribers list
4.  Hacktivists Shut Down Donald Trump Hotel Collections Website
5.  RansomHub Hits Planned Parenthood Hack, Steals 93GB of Data
6.  SiegedSec Hits Heritage Foundation; Leaks Data Over “Project 2025”

Source

HackRead