Security Boulevard

Creator, Author and Presenter: Curtis Mitchell, xD, United States Census Bureau

Additional Authors: Gary Howarth And Justin Wagner, NIST; Jess Stahl, Census; Christine Task And Karan Bhagat, Knexus; Amy Hilla And Rebecca Steinberg, MITRE

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel.

Permalink

The post USENIX 2025: PEPR ’25 – Establishing Privacy Metrics For Genomic Data Analysis appeared first on Security Boulevard.

Strange factors: Yet another security problem plaguing SonicWall customers.

The post ‘Aggressive’ Akira Ransomware Blitz Clubs SonicWall 2FA to DEATH appeared first on Security Boulevard.

Microsoft used AI-based tools in Defender for Office 365 to detect and block a phishing campaign in which Security Copilot determined the malicious code was likely written by a LLM, marking the latest incident in which AI security tools were used to combat an AI-based cyberattack.

The post Microsoft Sniffs Out AI-Based Phishing Campaign Using Its AI-Based Tools appeared first on Security Boulevard.

via the comic artistry and dry wit of Randall Munroe, creator of XKCD

Permalink

The post Randall Munroe’s XKCD ‘’Biology Department” appeared first on Security Boulevard.

Creator, Author and Presenter: Marc-Antoine Paré

Our thanks to USENIX for publishing their Presenter’s outstanding USENIX Enigma ’23 Conference content on the organization’s’ YouTube channel.

Permalink

The post USENIX 2025: PEPR ’25 – My $5MM Differential Privacy Visualizations appeared first on Security Boulevard.

Authorities in 14 African countries arrested 260 people, seized 1,235 electronic devices and took down 18 criminal infrastructures in a sprawling Interpol operation aimed at the growing global problem of romance and sextortion scams being run via social media and other platforms. The operation is part of a larger effort to address the problem of scam centers, which started in Southeast Asia but are spreading globally.

The post African Authorities Arrest 260 Suspects in Romance, Sextortion Scams appeared first on Security Boulevard.

Let's have a look at how to integrate NHI Governance with AWS IAM to get detailed security insights into your dashboard.

The post How to Use NHI Governance as Your Central Dashboard to Monitor AWS IAM appeared first on Security Boulevard.

The November 10th deadline for Cybersecurity Maturity Model Certification (CMMC) compliance is approaching fast. For CISOs, risk managers, and compliance leaders across the defense industrial base, this date represents more than a regulatory milestone;  it’s a make-or-break moment for securing and maintaining DoD contracts.

Don't let manual compliance processes slow down your ability to meet this deadline. Compliance shouldn't cost your organization the risk of losing contracts. Keep reading to learn what you must do before the November 10th deadline and recommendations for streamlining compliance. 

The post CMMC Compliance: What Your Need to Know Ahead of November 10 appeared first on Security Boulevard.

In today's digital landscape, organizations face an unprecedented volume of cybersecurity alerts on a daily basis. While these alerts are crucial for maintaining security, their sheer volume can overwhelm security teams, a phenomenon known as alert fatigue. This issue not only hampers the effectiveness of cybersecurity measures but also poses significant risks to business operations, financial performance, and organizational reputation. As CEOs and CFOs, understanding and addressing this challenge is imperative to safeguard your organization's assets and ensure sustained growth.​

The post Cybersecurity Alert Overload is a CEO’s Problem; Here’s How to Fix It appeared first on Security Boulevard.

Notion just released version 3.0, complete with AI agents. Because the system contains Simon Willson’s lethal trifecta, it’s vulnerable to data theft though prompt injection.

First, the trifecta:

The lethal trifecta of capabilities is:

• Access to your private data—one of the most common purposes of tools in the first place!
• Exposure to untrusted content—any mechanism by which text (or images) controlled by a malicious attacker could become available to your LLM
• The ability to externally communicate in a way that could be used to steal your data (I often call this “exfiltration” but I’m not confident that term is widely understood.)...

The post Abusing Notion’s AI Agent for Data Theft appeared first on Security Boulevard.

Alan warns that cybersecurity is stuck in a “Maginot Line” mindset — clinging to outdated tools while attackers weaponize AI, supply chain compromises, and polymorphic malware. He argues for AI-native defenses, real agentic automation, and stronger supply chain vetting to keep pace with modern threats.

The post The Security Maginot Line: Fighting Tomorrow’s Cyber Attacks With Yesterday’s Tech appeared first on Security Boulevard.

Explore how passwordless authentication improves security by removing password-related risks. Learn about different methods and implementation best practices.

The post The Role of Passwordless Authentication in Security appeared first on Security Boulevard.

Learn how to use progressive profiling to collect user data without friction. Discover strategies for timing, consent, autofill, and local form design.

The post Progressive Profiling Without Friction: Collecting Only What Helps appeared first on Security Boulevard.

Discover how AI helps educational platforms predict and prevent security breaches with real-time detection, predictive analytics, and automated response.

The post How AI Can Predict and Prevent Security Breaches in Educational Platforms appeared first on Security Boulevard.

Santa Clara, Calif. Sep 29, 2025 – NSFOCUS, a global provider of intelligent hybrid security solutions, announced today that it has attained ISO 28000:2022 Security and Resilience – Security Management Systems (SMS) certification. ISO 28000 is an international standard for supply chain security. It specifies the requirements for a management system to protect all links in […]

The post NSFOCUS Earns ISO 28000:2022 Security and Resilience – Security Management Systems Certification appeared first on NSFOCUS, Inc., a global network and cyber security leader, protects enterprises and carriers from advanced cyber attacks..

The post NSFOCUS Earns ISO 28000:2022 Security and Resilience – Security Management Systems Certification appeared first on Security Boulevard.

 Last week the United Nations General Assembly kicked off in New York City.  On the first day, a strange US Secret Service press conference revealed that they had seized 300 SIM Servers with 100,000 SIM cards. Various media outlets jumped on the idea that this was some state-sponsored sleeper cell waiting to destroy telecommunication services around New York.  Like me, you may have immediately wondered why some of the photos showed sophisticated racks of servers on shelves while others showed a hodge podge of devices strewn about the bare floor of an otherwise empty apartment. 

photos extracted from USSS reporting SIM Pools on Telegram  Beginning in late 2024, every cell phone in the USA started getting hit hard with annoying messages claiming to be informing us of undelivered packages. In early 2025, this morphed into the famous "Toll Road" phishing messages which started off with messages supposedly about unpaid tolls in Massachusetts Easy Pass and now imitate every toll road system in America. Because the goals of these SMishing messages were to load credit cards onto phones and use them to steal money, DarkTower spent quite a bit of time studying the infrastructure, which is primarily advertised and sold in Telegram channels that we call "Chinese Guarantee Syndicates." I've conducted several briefings about these systems, and have mentioned previously in this blog how they sell SMS-blasting telecom equipment (See: Chinese SMS Spammers Go Mobile ). The devices found around the NYC tri-state area are a slightly different application of SMS-blasting.

The most famous of the Chinese Guarantee Syndicates, Haowang Guarantee, is part of the US-sanctioned Huione Pay, "The Largest Illicit Online Marketplace" according to Elliptic and WIRED. Haowang has shifted their business to Tudou Danbao, but their vendors continue to offer SMS Modem Pools and associated hardware and software as part of their Crime-as-a-Service empire.  Here's an ad for one such vendor (with its translation):

Let's look at the Telegram channel of Annie, a China-based seller of SMS equipment.  (In Chinese, these are called "Cat Pools" -- I'll explain why at the bottom of this article.)  Most of the posts I'll show are from Chinese-language Telegram channels, so I'll include an English translation. @Annie068a operates a channel dedicated to selling SMS Gateway equipment

Annie offers SMS Modem Pools in a variety of sizes

SMS Modem Pools have a variety of configurations.  The most basic has 8 modem ports with slots for one SIM card each. On the opposite end of the scale, is a 64 port modem with capacity for 512 SIM cards. (Many of those found by the USSS seem to be 32-port modems with 256 SIM cards.) When there are more SIM cards than modem ports message sending rotates between SIM cards.  What does Annie suggest you might use your SMS Pool for?  Mostly "Marketing."

The concept, as Annie explains, is that you can route messages from anywhere in the world and have them sent from an SMS pool sitting in the United States and being sent from a US-based SIM, thus having a US telephone number displayed in the caller id.

SMS Pools for Fraud and Phishing Other Telegram channels are more blatant with suggesting the type of "Marketing" that one might do with the ability to send Bulk SMS messages to other countries.  The Telegram channel "Mini Bulk SMS" provides examples, such as imitating the Irish bank AIB to send phishing emails, or imitating BMF in Austria, Binance in Italy, or doing an Apple refund scam in the US. In SouthEast Asia a major use of Bulk SMS is advertising to gamblers. 

An English-speaking Bulk SMS provider, KathyBulkSMS, also is quite blatant about the criminal nature of the messages she suggests.  Her service also has the ability to send using "Short Message Code" caller IDs. She particularly recommends imitating Coinbase if spamming in the US and says that her recent campaign, sending 170,000 such messages via Verizon, AT&T, and T-Mobile, was "very effective."

Kathy gives other examples, such as imitating Binance and National Australia Bank for the Australian market, but her channel has suggestions for many countries, including Netflix and Crypto campaigns for:  Greece Portugal Austria Ireland Japan Slovakia South Korea and Spain.
  Cheap SMS Modem Pools and Cheaper SIMs Not to bust the "Nation-state" theories too hard, but this gear is ridiculously cheap. You can buy most of it used on places like eBay, but the various business-to-business services like "Made In China" have great prices.  Here are a couple examples: a 16-modem 512 SIM-slot 4G SMS Gateway is $1,000.  A 64-modem 512 SIM-slot 4G/3G/2G offering send and receive SMS can range from $2,400 to $4,000 depending on the configuration and software included.

But what about the SIM cards? Don't worry, there are many Facebook groups, and many more Telegram channels that will hook you up. The Telegram user @Zoom557 posts to many Facebook groups using the new criminal-friendly "Anonymous Poster" service. On Telegram he is excited about the new $5 SIM cards offered 

BaronLiu also uses Facebook to push his Telegram SIM card offerings. 

Here are a few of the Facebook groups (all in Chinese) that specialize in SIM card selling. Notice the sizes: 2500 members, 3600 members, 6400 members, and 8700 members. Most of these groups also offer mass account creation and social media spamming services. 

One Telegram vendor of SIM cards was proud to be supplying a variety of US SIM cards.

The same vendor shared the photo below.  This isn't USSS in New York.  This is a deployment in Thailand using a SIM pool to provide Thai-WhatsApp numbers to customers around the world. 

Do eSIMs change the game? Durov has you covered:  Never one to shy away from offering anonymized criminal services to the masses, Pavel Durov has announced that you can now buy world-wide eSIMs from a special app inside Telegram called @Mobile. After choosing your region and country, you choose the eSim you want, and then can purchase it paying with Pavel's built-in cryptocurrency, TON, or a credit card if you want to be easily traced by law enforcement.

What about those SMS Cats?  One of the earliest "famous" SMS-phishers who was doing Toll Road phishing was "Darcula." When Darcula's server was unavailable in the summer of 2024, he recommended people use the server "magic-cat.world" to upgrade their software.  Darcula also used a cat as his Telegram profile image.

Darcula was well-and-truly doxed by the excellent researchers at Mnemonic.io -- Erlend Leiknes and Harrison Sand.  I've spoken to them both and they did a great job tearing apart Darcula's code and mapping out the credit card theft associated with it!   While Darcula was certainly a major player, "Little Gray Cat" was my favorite SMisher at the beginning of our work.  He loved to show off his "Machine Room" full of iPhones all sending automated (and end-to-end encrypted) Toll Road and Package non-Delivery phish.

It wasn't until recently I realized the story of why our SMS phishers have so many "Cat-named" things has to do with the slang for the word "modem." The Chinese term for modem is 调制解调器 (tiáo zhì jiě tiáo qì). Because that's quite a mouthful, young techies began to refer to their modem simply as 猫 (māo).  Here are some of the "Cat" terms I've learned in this research:

A "Cat Card" is a SIM card.  This is the term to search on Chinese Telegram to find people selling SIM cards and related services.  An "SMS Cat" is device hosting an SMS number either for "marketing/phishing" or for "verification farming." (Verification Farming uses the destination-country SMS number to receive authentication codes. Group-IB's excellent "SMS Pumping" article mentions that "In late 2022, Elon Musk revealed that Twitter was losing around $60 million per year due to SMS pumping fraud. The activity was attributed to 390 telecom operators that allowed bot accounts to exploit Twitter’s two-factor authentication (2FA) system, generating fake SMS traffic to inflate their own revenue.") A "Cat Control Platform" is the software, hosted on Windows or Linux, that connects to the 

A "Cat Number" is a virtual number ... it may be in an SMS Pool, but it might also be a Google Voice number or other virtual number.  A "Cat Pool" as we've already discussed, is an SMS Modem Pool.

The post SMS Pools and what the US Secret Service Really Found Around New York appeared first on Security Boulevard.

Singapore, Singapore, 29th September 2025, CyberNewsWire

The post ThreatBook Launches Best-of-Breed Advanced Threat Intelligence Solution appeared first on Security Boulevard.

Episode 400! In this special milestone edition of the Shared Security Podcast, we look back at 16 years of conversations on security, privacy, and technology. From our very first episodes in 2009 to today’s AI-driven threats, we cover the topics that defined each era, the surprises along the way, and the lessons that still matter. […]

The post Milestone Episode 400: Reflecting on 16 Years of Shared Security appeared first on Shared Security Podcast.

The post Milestone Episode 400: Reflecting on 16 Years of Shared Security appeared first on Security Boulevard.

What Makes Non-Human Identities Crucial in Cloud Security? How do organizations manage the unique challenges posed by non-human identities? Non-human identities (NHIs) are critical components of robust security strategies. Conceived as virtual entities consisting of encrypted passwords, tokens, or keys—collectively known as “secrets”—NHIs resemble the role of a passport, with permissions acting as visas granted […]

The post Feel Secure: Advanced Techniques in Secrets Vaulting appeared first on Entro.

The post Feel Secure: Advanced Techniques in Secrets Vaulting appeared first on Security Boulevard.

How Can Organizations Adapt Their Security Strategies for Hybrid Cloud Environments? Organizations face unique challenges while managing their hybrid clouds. But how can they efficiently adapt their security strategies to maintain robust protection? Hybrid cloud security has become a crucial component of modern business operations, requiring adaptable strategies that address multifaceted security concerns. One of […]

The post Adapting Your Security Strategy for Hybrid Cloud Environments appeared first on Entro.

The post Adapting Your Security Strategy for Hybrid Cloud Environments appeared first on Security Boulevard.