The IT Nerd

Cybersixgill, the global cyber threat intelligence data provider, announced today new enhancements to Cybersixgill IQ, its generative AI solution launched less than two months ago.

As generative AI undergoes rapid evolution, so is Cybersixgill continuously pushing IQ and cyber threat intelligence (CTI) into new territory. Harnessing state-of-the-art generative AI technologies, Cybersixgill IQ makes CTI accessible to organizations at any security maturity level and addresses a multitude of user personas and cybersecurity challenges.

The new Cybersixgill IQ enhancements are built on the premise that as good as CTI is, it is critical to match intelligence with insights that matter to each company’s specific context. Leveraging generative AI, Cybersixgill IQ’s unique threat intelligence, embedded with its Attack Surface Management module, delivers contextual insights, allowing organizations to make significant strides in combating the most pertinent threats. Additionally, the solution overcomes issues of data trust found in other generative AI offerings and adheres to data privacy regulations by protecting users’ data and never sharing it with the generative AI model or any third parties. 

Business-specific Insights and Custom Reports to Strengthen Cyber Defenses

Cybersixgill IQ is an end-to-end solution that seamlessly integrates into customers’ existing CTI workflows, supplementing and enhancing the company’s deep, dark web threat intelligence through its intuitive portal or API. The generative AI solution solves many pain points of overburdened security teams, such as addressing alert fatigue, sifting through overwhelming volumes of threat data, and managing and monitoring an ever-expanding attack surface. The combination of CTI, ASM – whether Cybersixgill’s ASM module or that of another provider – and generative AI means organizations can receive the most relevant data and intelligence for their business, industry, region, and other factors. 

Additional Cybersixgill IQ enhancements now available include:

• A custom report builder to streamline data collection, analysis, and dissemination. Key capabilities include:
  • Aggregates data, including screenshots, collected across Cybersixgil’s Investigative Portal
  • Enables generation of reports based on the collected data for leaders and practitioners across the organization
• Entity Navigator has new intuitive features to accelerate investigations, including:
  • Provides clear and consolidated information to individual threat intelligence entities, including APTs, IoCs, malware, and more
  • Improves incident response, threat analysis, and threat-hunting use cases by offering seamless cross-referencing and correlation between entities 
• Credentials module that consolidates compromised credentials from repositories and stealer logs, arming security teams against unauthorized access risks. The module includes:
  • Complete, unified view of compromised access vectors, including stolen email credentials and accounts accessed by stealer malware
  • Advanced threat insights and analysis to uncover vital host information and identify and attribute compromised access to specific malware brands

Cybersixgill demonstrates the new IQ enhancements at Black Hat USA 2023 in Business Meeting Room #485. For more information or to schedule a meeting, please visit https://cybersixgill.com/events/black-hat-2023. 

Dov Lerner, Head of Threat Research of global threat intelligence firm, Cybersixgill, has released a report that delves into the major role Telegram played in the last year of the Ukraine conflict. 

According to Dov, chatter on Telegram tended to follow events in the war. War-related posts in Russian or Ukrainian peaked at over 122,000 per week in mid-October, coinciding with the strike against the Crimean bridge and subsequent Russian missile attacks.

You can read this fascinating report here.

As mass layoffs and unemployment rates continue to rise to its peak, people are clamouring to find jobs and even resorting to alternatives: gaining access shortcuts to certification on the dark web, including fake certificates and diplomas, cheating services for exams, and leaked courses. This is according to a new report from Dov Lerner, Head of Threat Research at Cybersixgill. In the report it is noted that there is a 73% Increase in Leaked Courses Advertised on Underground Markets. 

You can read the full report here.

With increasing sanctions against cryptocurrencies, deflating value and increased attention from law enforcement, cryptocurrency is still the top vehicle for cybercriminals to launder money. Surprisingly, the Dark Web is swarming with counterfeit currency/banknotes impacting individuals and businesses on a large scale.

According to a new report from Dov Lerner, Head of Threat Research at Cybersixgill, there was a 91% increase in the number of deep and dark web market listings advertising counterfeit banknotes, with the top 10% of cybercriminals posting on it dominating 80% of the conversation.

You can read the full report here.

Cybersixgill has published a new report analyzing how scammers commit refund fraud to steal from retailers on the heels of the RH-ISAC releasing its cyber threat trends, which highlights return fraud as a key area of concern that’s trending in the retail and hospitality industry during this holiday season. 

Threat Intelligence Researcher at Cybersixgill, Adi Bleih, examines refunding tactics increasingly growing in popularity on underground forums, where scammers share how they make cash by defrauding retailers, including a breakdown of the top 10 most mentioned brands on the dark web for retail fraud in 2022.

The report is worth your time to read. Especially if you’re selling online this holiday season.

Cybersixgill has found that hackers are selling compromised sports streaming passwords on the underground. Specifically, over the past 2 years, Cybersixgill has found 31,324 posts sharing or selling streaming accounts on underground forums, markets, and messaging platforms and 17,978 posts in access markets that included credentials for a streaming service of pro sports leagues such as the NBA, NFL, MBL, and NHL.

Knowing that games have been increasingly broadcasted on cable television and subscription-only networks that cost hundreds of dollars, hackers are broadening their scope of techniques to harvest credentials. 

You can find out more about this here.

It’s the time of year where we often get gift cards for people. But after reading this report from Cybersixgill, I might rethink that.

Adi Bleh, threat analyst at global threat intelligence firm, Cybersixgill, has found that cybercriminals are using automated hacking tools to generate gift cards for top brands, including Amazon, Netflix, PayPal, Spotify, and Sony. In addition to creating these fake gift cards to steal from retailers, Adi has also uncovered that cybercriminals are using gift cards to launder money and evade law enforcement. 

So, how do you protect yourself? Here’s some tips from Cybersixgill:

Consumers should check their gift card balance regularly and report any suspected fraudulent activity to the relevant retailer. 

Retailers and gift card issuers, meanwhile, should monitor the tools available on the underground so they can create countermeasures. They should use more complex codes to prevent generators from enumerating the numbers, and they should implement controls to detect and block checkers from validating a large quantity of codes. Furthermore, they should monitor their gift cards’ internal traffic to detect unusual expenses, locations, multiple cards held by one customer, and other activities that indicate fraudulent activity.

I can easily see this becoming a huge problem as we approach the holiday season. Thus both retailers and consumers need to be on guard.