👋 Hello! Welcome to Cybersecurity Decrypted. In this week’s issue:
- 🇺🇸 US Treasury victim to an email hack
- 🎣 A huge surge in E-ZPass phishing messages
- 🤖 An AI hacker tool is automating cybercrime
And our favorite story of the week? Everest Ransomware gang was hacked over the weekend. The attacker replaced their dark web leak site content with the message: “Don’t do crime CRIME IS BAD xoxo from Prague.” Not all heroes wear capes. 🦸🏻‍♂️
You can listen to a Decrypted briefing every week in your favorite podcast app. Subscribe here.
Want more stories like this? Subscribe to Decrypted.
đź“° Top Stories
- A US Treasury department has revealed that the emails of executives and other employees were hacked in a breach first discovered in February. The breach was blamed on “long held organizational and structural deficiencies.” 🔗
- There has been a major surge in phishing SMS and iMessages impersonating toll agencies like E-ZPass. The goal of these messages is to steal personal information and credit card details. Separately, Microsoft has warned of phishing campaigns impersonating tax-related communications via email. Tell friends and family to stay alert. đź”—
- Google DeepMind has released a new report evaluating the emerging capabilities of AI based on over 12,000 real world examples of cyberattacks using AI. The report outlines where cyber protections fall short. The key takeaway? AI models will be used to enhance cyberattacks and businesses must be ready. đź”—
📡 Threat Watch
- There’s a new “autonomous” AI-powered hacking tool that is helping hackers to develop and launch phishing campaigns, vulnerability exploits, and ransomware attacks, say threat researchers. The “XanthoroxAI” malware platform was discovered last month. 🔗
- CISA has warned a threat actor technique named “fast flux” is doing the rounds. This involves attackers linking domain names to multiple IP addresses in order to keep malicious infrastructure hidden. 🔗
- More than half of all cybersecurity incidents last year were identity-based attacks, with Active Directory being a leading target. Half of all identity attacks involved ransomware. Our advice? Get MFA installed ASAP! đź”—
- AI powered spear-phishing is here – and it’s apparently more effective than human-generated campaigns. In their tests, security awareness provider Hoxhunt found that AI-generated spear-phishing campaigns are 24% more effective at getting users to click on phishing messages. 🔗
- The State Bar of Texas has warned it has suffered a data breach. The INC ransomware gang claimed to have attacked the State Bar of Texas back in March. đź”—
🚨 Industry News
- RSAC Conference has announced the Top 10 finalists for the 20th Annual innovation Sandbox Contest. Expert Insights will be meeting several of the winners later this month in San Francisco. đź”—
- GenAI governance and security startup Aurascape have emerged from stealth with a $50 million USD funding round. Look out for an interview with the Aurascape team on the Expert Insights Podcast in the next few weeks. đź”—
- AI cybersecurity company Adaptive Security has announced a $43 million USD funding round, led by OpenAI. Adaptive Security simulates AI powered attacks and provides training for deepfake phishing attacks. đź”—
- Google is planning to release automated AI agents to help SOC teams reduce manual cybersecurity investigation tasks, the company announced at their Google Cloud Next conference. đź”—
- Oracle has now reportedly confirmed it has been the victim of a data breach and has been privately informing customers that some of its cloud systems were impacted, reports SecurityWeek. đź”—
🏛️ Cybersecurity Policy
- NIST (National Institute for Standards and Technology) has announced that it will mark all CVEs published before Jan 1, 2018 as “deferred” within the national vulnerability database. The move is designed to make it easier to prioritize more recent vulnerabilities. There is reportedly a current backlog of thousands of vulnerabilities. 🔗
- President Trump has fired Timothy Haugh, the head of the National Security Agency (NSA) and Cyber Command. Axios reports that this move may “open the door” to split up the two agencies. 🔗
- The EU has announced that it is planning to “ease the burden” of GDPR data regulations on small businesses by simplifying and possibly removing some requirements. 🔗
🌎 Global News
- Pro-Russian and pro-Palestinian hackers are launching cyber-attacks against state agencies and organizations in the UK every single week, reports the Times. Most attacks are crude and low impact, but GCHQ has warned of a growing threat. đź”—
- Law enforcement agencies in Europe and North America have detained five customers of the “Smokeloader” pay-per-install botnet, Europol has announced. This is part of the follow-up to “Operation Endgame”, a massive botnet takedown conducted in May last year. 🔗
- A court in the UK has revealed that Apple is suing the British Government over a legal order for the company to allow law enforcement to access encrypted iCloud accounts. Apple has since removed the end-to-end encryption feature for iCloud in the UK. đź”—
- Poland’s Prime Minister Donald Tusk has said his party was hit by a cyber-attack earlier this week as the party gears up for a general election in May. The hackers were likely linked to Russia and Belarus. 🔗
🎙️ Expert Insights: Latest From Us
Welcome to Expert Insights 2.0!
This week, Expert Insights revealed a major rebrand – designed to help you cut through the noise and make smarter, faster, more confident cybersecurity decisions.
What’s New?
- A more intuitive experience – Find the right tools, faster
- Expert-driven analysis – Clearer, sharper insights
- A growing community of professionals – Real-world experiences, shared
- A rebrand that reflects our purpose: Where Security Meets Scrutiny
What this means for you:
Clarity. Confidence. And decisions backed by real-world expertise.
And there’s lots more exciting announcements to come soon! Read more:
That’s all for this week! 👋
Expert Insights’ Cybersecurity Resources
- Top RMM Solutions For MSPs
- Top Mobile Device Management (MDM) Solutions
- Top Email Security Gateways
- Top Email Security Solutions For Office 365
- Top Identity And Access Management Solutions
- Top Phishing Protection Solutions
- Top Phishing Simulation And Testing Solutions
- Top Cyber Threat Intelligence Solutions
