CyberWire Daily - The end of the line for Garantex.
Episode Date: March 7, 2025Law enforcement shutters Garantex crypto exchange. NTT discloses breach affecting corporate customers. Malvertising campaign hits nearly a million devices. AI’s role in Canada’s next election. Sca...mmers target Singapore’s PM in AI fraud. Botnets exploit critical IP camera vulnerability. In our International Women's Day and Women’s History Month special, join Liz Stokes as she shares the inspiring stories of women shaping the future of cybersecurity. And how did Insider threats turn a glitch into a goldmine? Remember to leave us a 5-star rating and review in your favorite podcast app. Miss an episode? Sign-up for our daily intelligence roundup, Daily Briefing, and you’ll never miss a beat. And be sure to follow CyberWire Daily on LinkedIn. CyberWire Guest In this special International Women’s Day edition, we shine a spotlight on the incredible women in and around our network who are shaping the future of cybersecurity. Join Liz Stokes as we celebrate Selena Larson, Threat Researcher at Proofpoint, and co-host of Only Malware in the Building, Gianna Whitver, CEO & Co-Founder of the Cybersecurity Marketing Society and co-host of the Breaking Through in Cybersecurity Marketing podcast, Maria Velasquez, Chief Growth Officer & Co-Founder of the Cybersecurity Marketing Society and co-host of the Breaking Through in Cybersecurity Marketing podcast, Chris Hare, Project Management Specialist and Content Developer at N2K Networks, and host of CertByte, Ann Lang, Project Manager at N2K Networks, Jennifer Eiben, Executive Producer at N2K Networks, and Maria Varmazis, host of the T-Minus Space Daily show at N2K Networks for their achievements, resilience, and the invaluable contributions they make to keeping our digital world secure. Selected Reading Russian crypto exchange Garantex’s website taken down in apparent law enforcement operation (The Record) Data breach at Japanese telecom giant NTT hits 18,000 companies (BleepingComputer) Malvertising campaign leads to info stealers hosted on GitHub (Microsoft) Canadian intelligence agency warns of threat AI poses to upcoming elections (The Record) Deepfakes of Singapore PM Used to Sell Crypto, Residency Program (Bloomberg) Edimax Camera Zero-Day Disclosed by CISA Exploited by Botnets (SecurityWeek) Magecart: How Akamai Protected a Global Retailer Against a Live Attack (Akamai) Cybercrime 'crew' stole $635,000 in Taylor Swift concert tickets (BleepingComputer) Share your feedback. We want to ensure that you are getting the most out of the podcast. Please take a few minutes to share your thoughts with us by completing our brief listener survey as we continually work to improve the show. Want to hear your company in the show? You too can reach the most influential leaders and operators in the industry. Here’s our media kit. Contact us at cyberwire@n2k.com to request more info. The CyberWire is a production of N2K Networks, your source for strategic workforce intelligence. © N2K Networks, Inc. Learn more about your ad choices. Visit megaphone.fm/adchoices
Transcript
Discussion (0)
You're listening to the CyberWire Network, powered by N2K.
We've all been there.
You realize your business needs to hire someone yesterday.
How can you find amazing candidates fast?
Well, it's easy.
Just use indeed.
When it comes to hiring, Indeed is all you need.
Stop struggling to get your job post noticed.
Indeed's Sponsored Jobs helps you stand out and hire fast.
Your post jumps to the top of search results, so the right candidates see it first.
And it works.
Sponsored jobs on Indeed get 45% more applications than non-sponsored ones.
One of the things I love about Indeed is how fast it makes hiring.
And yes, we do actually use Indeed for hiring here at N2K Cyberwire.
Many of my colleagues here came to us through Indeed.
Plus, with sponsored jobs there are no subscriptions, no long-term contracts.
You only pay for results.
How fast is Indeed?
Oh, in the minute or so that I've been talking to you, 23 hires were made on Indeed, according
to Indeed data worldwide.
There's no need to wait any longer.
Speed up your hiring right now with Indeed.
And listeners to this show will get a $75 sponsored job credit to get
your jobs more visibility at indeed.com slash cyber wire. Just go to indeed.com slash cyber
wire right now and support our show by saying you heard about indeed on this podcast. Indeed.com
slash cyber wire. Terms and conditions apply. Hiring, indeed, is all you need.
Law enforcement shutters Garantex crypto exchange.
NTT discloses breach affecting corporate customers.
Malvertising campaign hits nearly a million devices.
AI's role in Canada's next election.
Scammers target Singapore's PM and AI fraud.
Botnets exploit critical IP camera vulnerability.
In our International Women's Day and Women's History Month special, join producer Liz Stokes as she shares the inspiring stories of women who are shaping the future of cybersecurity.
And how did insider threats turn a glitch into a goldmine?
Today is Friday, March 7th, 2025. I'm Maria Varmazes from N2K's own T-Minus Space Daily podcast in for Dave Bittner.
And this is your CyberWire Intel Briefing. Thanks for rounding out the first week of March with us.
Let's get into your Friday intel briefing.
The U.S. Secret Service, working with international law enforcement partners, has seized domains
used by the Russian cryptocurrency exchange Garantax, which was frequently used by ransomware
gangs for money laundering.
A Secret Service spokesman told the Register that the U.S. Secret Service has seized website domains associated with the administration and operation of Russian cryptocurrency exchange Garantex.
It's part of an ongoing investigation. We are unable to provide additional comments at this time and will release additional information when available.
A notice on the exchange's website states everyone's favorite seizure notice.
The domain for GarantX has been seized by the United States Secret Service pursuant
to a seizure warrant obtained by the United States Attorney's Office for the Eastern
District of Virginia under the authority of 18 U.S.C. sections 981 and 982.
Stablecoin operator Tether has also blocked GarantX wallets as part of the EU sanctions
levied last week.
Japanese telecom giant NTT Communications Corporation has disclosed a breach that affected
nearly 18,000 of its corporate customers, according to a report from Bleeping Computer.
The breach, which was discovered in February, affected names, contract numbers, phone numbers,
email addresses, physical addresses, and service usage information.
The hackers gained access to NTT's order information distribution system, which holds
information on corporate customers.
NTT says some of the information, quote, might have been leaked externally.
Microsoft says a malvertising campaign impacted nearly one million devices around the world,
originating on illegal streaming websites.
Malvertising Redirectors on these sites sent users to a GitHub repository designed to trick them into installing malware as part of a tech support scam.
Microsoft states that once the redirection to GitHub occurred, the malware hosted on GitHub established the initial foothold on the user's device
and functioned as a dropper for additional payload stages and running malicious code. The additional
payloads included information stealers to collect system and browser information
on the compromised device, of which most were either Luma Stealer or an updated
version of Doanarium. Canada's Communications Security Establishment, or
CSE, warns that foreign adversaries and hacktivists are likely to exploit
generative
artificial intelligence to influence voters ahead of the next federal election.
The agency anticipates the use of AI-generated deepfakes—realistic but fabricated videos
and images depicting politicians and officials—to deceive the public and sow discord.
These deepfakes can misrepresent events or statements potentially leading to political
polarization.
The CSE's report highlights that such AI-driven disinformation campaigns are expected to become more prevalent within the next two years,
posing a significant threat to democratic processes.
Singapore's Prime Minister, Lawrence Wong, has alerted the public to the proliferation of deepfake videos misusing his likeness to promote
fraudulent services, including cryptocurrency schemes and permanent residency application
services.
In a Facebook post dated March 7, 2025, PM Wong emphasized that these AI-generated videos
are scams and urged citizens to refrain from engaging with such content or sharing personal
information.
The U.S. Cybersecurity and Infrastructure Agency, otherwise known as CISA, has published
an advisory on an actively exploited vulnerability affecting Edimax IP cameras.
The flaw can lead to remote code execution and received a CVSS score of 9.3.
Security Week reports that multiple Mirai-based botnets are exploiting the vulnerability.
Researchers at Akamai who discovered this flaw told Security Weeks that attackers have been exploiting it since fall of last year.
And speaking of Akamai, Akamai recently thwarted a Magecart attack targeting a global retailer's e-commerce platform.
Magecart groups specialize in injecting malicious scripts into websites to steal customers' payment information during transactions.
In this incident, Akamai's security team detected unusual activity and promptly identified
the malicious code embedded in the retailer's website.
By collaborating closely with the retailer, Akamai facilitated the swift removal of the
threat, safeguarding customer data and preserving the retailer's reputation.
This case underscores the critical importance of continuous monitoring and rapid response
mechanisms in defending against sophisticated web-based threats.
And that's your Friday Intel Briefing, everybody.
Coming up after the break, we celebrate International Women's Day a little bit early as we shine
a spotlight on incredible women in and around our network, of course shaping the future
of cybersecurity, and stick around for how insider threats turn a glitch into a gold
mine. And now, a message from Black Cloak.
Did you know the easiest way for cybercriminals to bypass your company's defenses is by targeting
your executives and their families at home. Black Cloak's award-winning digital executive protection platform
secures their personal devices, home networks, and connected lives.
Because when executives are compromised at home, your company is at risk.
In fact, over one-third of new members discover they've already been breached.
Protect your executives and their families 24-7-365 with
Black Cloak. Learn more at blackcloak.io.
Cyber threats are more sophisticated than ever. Passwords? They're outdated and can
be cracked in a minute. Cyber criminals are intercepting SMS codes and bypassing authentication
apps. While businesses invest in network security, they often overlook the front door, the login.
Ubico believes the future is passwordless. Ubiquis offer unparalleled protection against
phishing for individuals, SMBs and enterprises. They deliver a fast, frictionless experience that users love.
Ubico is offering N2K followers a limited buy one get one offer.
Visit ubico.com slash N2K to unlock this deal.
That's Y-U-B-I-C-O.
Say no to modern cyber threats.
Upgrade your security today.
Tomorrow is International Women's Day, by the way, and throughout Women's History Month,
we're celebrating the brilliant women
shaping cybersecurity.
So let's join producer Liz Stokes
as we shine a light on their achievements,
resilience,
and the vital role they play in keeping our digital world secure.
So today we're sharing their voices, our voices, and the stories of perseverance, success,
and the impact that they're making every day.
March 8th is International Women's Day, and today we want to take a moment to celebrate
the amazing women in cybersecurity who are breaking barriers, driving innovation, and
making this industry stronger every day.
Cybersecurity is a field that thrives on resilience, determination, and collaboration, qualities
that so many women in our community exemplify.
Some have navigated
non-traditional paths to get here, some have overcome challenges that tested
their strength, and some are actively working to make this space more
inclusive and supportive for those who follow. For many, success in this field
isn't just about individual achievement. It's about lifting others up, breaking
down barriers, and ensuring the next generation
has an easier path forward.
Today we're sharing their voices.
Their stories of perseverance, success, and inspiration.
Hello, my name is Maria Velazquez, and I'm the chief growth officer and co-founder of
the Cybersecurity Marketing Society.
I've been in cybersecurity marketing for about 10 10 years now and as a minority woman, immigrant,
and someone who's had to defy a lot of odds to get here, I know this journey
isn't always easy. But I also know I wouldn't be here without the incredible
women who've supported me, challenged me, and helped shape me. Not just as a
cybersecurity professional, a marketing professional, but as a woman,
a wife, and a mother to two amazing daughters.
So today, we're shining a light on those stories, the mentors, the friends, the trailblazers
who remind us that we belong in this space because when one of us rises, we all do.
I hope a lot of women today are going to celebrate, uplift, and keep each other moving together.
My name is Jennifer Ibane and I'm the executive producer here at N2K Cyberwire. I was one of the founders of the
Cyberwire back in 2016. One of five people and the only woman. That's how my story was in cybersecurity for quite some time. I started back in 2012.
I was one of a handful of women I'd find at industry events and in conversations.
And I really feel that is still the case in some instances, but it definitely is improving.
In my role curating voices for our podcasts, I really try to elevate and highlight women
doing amazing things in our industry. So that typical dynamic of men dominating conversations in cybersecurity changes.
It's my personal mission and I feel my professional duty to strive to include
diverse voices across our network of podcasts.
My goal is always to have women's and other minority voices from our industry
heard as the thought leaders that they are on our shows.
We prefer to share the mic with others who bring different perspectives to the constantly
changing fabric of cybersecurity and the challenges that we all face.
I hope our network and the voices that we share continue to represent our audiences
and that it's as diverse as those that we serve, not just for International Women's
Day and not just for Women's History
Month, but always.
Saliha Larsen Cybersecurity is an industry built on problem
solving and persistence.
Many of the women leading the way today didn't take the traditional path, but that's exactly
what makes their contributions so impactful.
Selena Larsen I'm Selena Larsen, staff that researcher at
Proofpoint.
I used to be a journalist before I started working as a cybersecurity practitioner, and
core skills like communication, research, writing, and problem solving have been integral
to my success as an intelligence analyst.
I'm just one of many people, including many women, who have non-traditional backgrounds
in this industry, and our diversity of experiences directly contributes to more secure ecosystems.
It's not always easy.
Sexism and various prejudices are still a problem, which I hope my colleagues in this
industry work to call out and eradicate to build a safer, more secure world.
But I am also lucky that on my journey, I've learned a lot by asking questions, speaking
up and finding mentors and collaborators to work on interesting problem sets together.
Working in the cybersecurity industry is great because I know at the end of the day, the
work that I do directly contributes to bad actors having bad days.
Every woman in cybersecurity has a story, some of triumph, some of resilience, and some
that remind us why this work is so important.
My name is Anne Lang, and I am the lead technical editor at N2K CyberVista.
So the most alarming moment from my career was not the time that I went to change out the hard drive in a computer and I unscrewed the case and I had approximately 1,000 live
baby praying mantises explode out and fall in my lap. It was actually the day that I was looking
on some genealogy forums online and I discovered that a well-meaning relative of mine had posted
my full name, my date of birth, my town of birth, and my mother's maiden
name to this public forum that wouldn't let me take the information down. I feel like end user
training is actually one of the most important cybersecurity practices because as consumers,
we interact every single day with websites and information collection devices
and machines that we don't quite know the capability of and that we aren't always trained
to handle in a secure manner.
So I am really grateful that that is exactly what my job allows me to do.
For many women, breaking into cybersecurity required persistence, boldness, and the willingness
to ask for a seat at the table, and sometimes build that table themselves.
Hello, my name is Gianna Whitver, and I am co-founder and CEO of the Cybersecurity
Marketing Society, which is a community for marketers in cybersecurity.
My career has been interesting.
There's been a lot of jumping around.
I started off at IBM working on deal teams,
selling middleware and servers and mainframes,
took a long break to go explore
commercial real estate investment development,
and I landed into cyber for the very first time by basically being persistent.
So I had met someone who worked at a cyber company.
I said, do you need marketing help?
They said, maybe.
And I followed up with them every two weeks for the next four months
until they gave me a job.
Now I run my own company and along with my co-founder, Maria Velasquez, we advocate for marketers in the industry
and also women in the industry.
We have a huge community now to rely on.
I think that being a woman in cybersecurity
means sometimes you have to stand up more for yourself,
say a little bit more, speak up, be seen, be heard, but most
importantly, reach your hand out and grab onto the hands of others.
I love the cybersecurity industry.
I think it's one of the most important in this industry.
Everyone in cyber is trying to do good, and we can also do good for each other.
Cybersecurity isn't just about protecting networks and data.
It's about people, the ones securing our world today and the ones paving the way for our future.
Chris here, project management specialist and content developer at N2K Networks.
I consider myself a newer member of the cybersecurity industry, and I feel
privileged to have a seat
at this important table.
I've been in the technology industry for more than 15 years and it's given me a wealth
of opportunity to learn and find my place as a subject matter expert and writer.
I celebrate International Women's Day with my peers as an opportunity to shine a light
on the efforts of the many female pioneers who paved our way here, as well as to those who are carving out the path today, and to the many more who
will make the world a better place tomorrow. No matter what age you are or
where you live, you will be welcomed and supported.
Haria Varmaza is here. I'm host of T-Minus Space Daily here at N2K Networks, and I'm
also co-host of Hacking Humans and an occasional guest host on the CyberWire.
And I say it all the time because I believe it from the bottom of my heart, but InfoSec
professionals are some of the most fascinating people out there.
Yes, you listening.
And what field better understands the importance of looking in unexpected places for the biggest
surprises than we do?
In my career, the women that I've worked with, incident responders, vulnerability researchers,
pen testers, responsible disclosure advocates, sales engineers, marketing professionals,
policy wonks, locksport enthusiasts, they have all taught me how to show up in ways
that are authentic and not just fit the mold of what I might think a cybersecurity practitioner should look like or act like or dress like or even sound like.
Women showing up to do this hard work, no matter how we get here, make this industry
stronger and make our world safer. Whatever the day-to-day challenges may hold in our
careers or in the culture at large, that is an immutable fact at the core of what we do.
So never lose sight of it.
Today, we're celebrating all the women in cybersecurity,
the leaders, the learners, the fighters, and the innovators.
We honor your resilience, your brilliance,
and your unwavering commitment
to making this industry stronger.
To all the mentors, the trailblazers, the change makers, thank you.
And to every woman watching, listening, or working in cybersecurity today,
just remember, you belong here.
Happy International Women's Day.
International Women's Day.
And thank you to all of the incredible women out there in cybersecurity and in every field who are breaking barriers,
driving innovation, and leading with strength and resilience.
Your contributions make a lasting impact and the industry is stronger because of you.
Keep pushing forward, inspiring others, and shaping the future.
Hey everybody, Dave here.
Have you ever wondered where your personal information is lurking online?
Like many of you, I was concerned about my data being sold by data brokers.
So I decided to try DeleteMe.
I have to say, DeleteMe is a game changer.
Within days of signing up, they started removing my personal information from hundreds of data
brokers. I finally have peace of mind knowing my data privacy is protected.
DeleteMe's team does all the work for you with detailed reports so you know exactly
what's been done.
Take control of your data and keep your private life private by signing up for DeleteMe.
Now at a special discount for our listeners, Today get 20% off your delete me plan when you go to joindeleteeme.com slash n2k and
use promo code n2k at checkout.
The only way to get 20% off is to go to joindeleteeme.com slash n2k and enter code n2k at checkout.
That's joindeleteeme.com slash N2K, code N2K.
Two insiders at a StubHub contractor pulled off a digital ticket heist worthy of a Hollywood
script that is until they got caught. Prosecutors
say Tyrone Rose, 20, and Shamara Simmons, 31, working for Sutherland Global Services
in Jamaica, exploited a security loophole to intercept nearly 1,000 high-demand tickets,
including Taylor Swift's Eras Tour, raking in $635,000 before the scam fell apart. Their
trick was sneaking into a restricted StubHub system and rerouting ticket download
links to themselves and their co-conspirators.
And by the way, the stolen stash wasn't just Swifties' golden passes.
Ed Sheeran, Adele, NBA Games, and the US Open were all on their list.
But the scheme hit a snag when a key accomplice passed
away, leaving a digital trail for investigators to then follow. Now, both suspects face grand
larceny, computer tampering, and conspiracy charges with up to 15 years in prison on the
line. It's a hard lesson on how insider threats can turn a glitch into a goldmine until the
House of Cards collapses.
And that's the CyberWire.
For links to all of today's stories, check out our daily briefing
at thecyberwire.com. Be sure to check out this week's Research Saturday, where Dave
Bittner sits down with Silas Cutler, principal security researcher at Census, asking,
Will the real Volt Typhoon please stand up? That's Research Saturday. Check it out.
We'd love to know what you think of this podcast. Your feedback ensures we deliver the insights that keep you a step ahead in the rapidly
changing world of cybersecurity.
If you like the show, please share our rating and review in your podcast app.
Please also fill out the survey in the show notes or send an email to cyberwire at n2k.com.
We're privileged that N2K CyberWire is part of the daily routine of the most influential
leaders and operators in the public and private sector, from the Fortune 500 to many of the world's preeminent
intelligence and law enforcement agencies.
N2K makes it easy for companies to optimize your biggest investment, your people.
We make you smarter about your teams while making your teams smarter.
Learn how at n2k.com.
N2K's senior producer is Alice Carruth.
Our Cyberwire producer is Liz Stokes, or mixed
by Trey Hester, with original music and sound design by Elliot Peltsman.
Our executive producer is Jennifer Iben, Peter Kilpe is our publisher, and I'm Maria Varmazes,
subbing in for Dave Bittner, who should be back on Monday.
Thanks for listening, have a wonderful weekend!
And now a message from our sponsor Zscaler, the leader in cloud security. Enterprises have spent billions of dollars on firewalls and VPNs, yet breaches continue
to rise by an 18% year-over-year increase in ransomware attacks and a $75 million record
payout in 2024.
These traditional security tools expand your attack surface with public-facing IPs that
are exploited by bad actors more easily than ever with AI tools.
It's time to rethink your security.
Zscaler Zero Trust plus AI stops attackers by hiding your attack surface, making apps
and IPs invisible, eliminating lateral movement, connecting users only to specific apps, not the entire network,
continuously verifying every request based on identity and context, simplifying security
management with AI-powered automation, and detecting threats using AI to analyze over
500 billion daily transactions.
Hackers can't attack what they can't see.
Protect your organization with Zscaler Zero Trust and AI.
Learn more at zscaler.com slash security.