Search This Blog
Powered by Blogger.

Blog Archive

Labels

About Me

Load More
Trendy Right Now

Popular Posts

Showing posts with label Trending. Show all posts
trending news
Cyber Security News Trending trending news

“They're Just People—But Dangerous Ones”: Trellix's John Fokker Unpacks the Blurred Battlefield of Cybercrime at RSA 2025

 

At the RSA Conference 2025, John Fokker, head of threat intelligence at the Trellix Advanced Research Center, issued a stark reminder to the cybersecurity community that the behind of every cyberattack is a human being and the boundaries between criminals and nation-states are rapidly dissolving. Drawing from his experience as a former officer in the Dutch high-tech crime unit, Fokker urged cybersecurity professionals to stop viewing threats as faceless or purely technical. “Cybercriminals are not abstract concepts,” he said. “They’re individuals—ordinary people who happen to be doing bad things behind a keyboard.” 

His keynote speech stressed the importance of not overlooking basic vulnerabilities in the rush to guard against sophisticated attacks. “Attackers still go for the low-hanging fruit—weak passwords, missing patches, and lack of multi-factor authentication,” he noted. A central theme of his address was the convergence of criminal networks and state-backed operations. “What once were clearly separated entities—financially motivated hackers and state actors...are now intertwined,” Fokker said. “Nation-states are increasingly using proxies or outright criminals to carry out espionage and disruption campaigns.” Fokker illustrated this through a case study involving the notorious Black Basta ransomware group. 

He referenced internal communications that surfaced in an investigation, revealing the group’s leader “Oleg" formerly known as “Tramp” in the Conti gang. Oleg was reportedly arrested upon arriving in Armenia from Moscow last year, but escaped custody just days later. According to leaked chats, he claimed Russian officials orchestrated his return using a so-called “green corridor,” allegedly coordinated by a senior government figure referred to as “number one.” While Fokker clarified that these claims remain unverified, he emphasized they are a troubling sign of potential collaboration between state entities and criminal gangs. 

Still, he reminded attendees that attackers are not infallible. He recounted a failed ransomware attack by Black Basta on a U.S. healthcare organization, where the group’s encryption tool malfunctioned. “They had to fall back on threatening to leak data when the original extortion method broke down,” Fokker explained, highlighting that even seasoned attackers are prone to critical errors.
Read more »
Trending
AI ChatGPT Podcast Technology Trending

Investing in AI? Don’t Forget the Cyber Locks! VCs Advice.


The OpenAI Data Breach: A Wake-Up Call for Seed VCs

Security breaches are common in the current industry of artificial intelligence (AI) and machine learning (ML). However, when a prominent player like OpenAI falls victim to such an incident, it sends shockwaves through the tech community. This blog post delves into the recent OpenAI data breach and explores its impact on seed venture capitalists (VCs).

The Incident

OpenAI, known for its cutting-edge research in AI and its development of powerful language models, recently disclosed a security breach. Hackers gained unauthorized access to some of OpenAI’s internal systems, raising concerns about data privacy and security. While OpenAI assured users that no sensitive information was compromised, the incident highlights the vulnerability of AI companies to cyber threats.

Seed VCs on High Alert

Seed VCs, who invest in early-stage startups, should pay close attention to this breach. Here’s why:

Dependency on AI Companies

Seed VCs often collaborate with AI companies, providing funding and mentorship. As AI technologies become integral to various industries, VCs increasingly invest in startups leveraging AI/ML. The OpenAI breach underscores the need for due diligence when partnering with such firms.

Data Privacy Risks

Startups working with AI models generate and handle vast amounts of data. Seed VCs must assess the data security practices of their portfolio companies. A breach could harm the startup and impact the VC’s reputation and relationships with other investors.

Intellectual Property Concerns

Seed VCs invest in innovative ideas and technologies. If a startup’s IP is compromised due to lax security practices, it affects the VC’s investment. VCs should encourage startups to prioritize security and protect their intellectual assets.

Mitigating Risks: Seed VCs can take proactive steps

1. Due Diligence: Before investing, thoroughly evaluate a startup’s security protocols. Understand how they handle data, who has access, and their response plan in case of a breach.

2. Collaboration with AI Firms: Engage in open conversations with AI companies about security measures. VCs can influence best practices by advocating for robust security standards.

3. Education: Educate portfolio companies about security hygiene. Regular audits and training sessions can help prevent breaches.

Read more »
Subscribe to: Posts (Atom)