INE Named to Training Industry’s 2025 Top 20 Online Learning Library List
Cary, United States, 11th August 2025, CyberNewsWire
The post INE Named to Training Industry’s 2025 Top 20 Online Learning Library List appeared first on Security Boulevard.
Cary, United States, 11th August 2025, CyberNewsWire
The post INE Named to Training Industry’s 2025 Top 20 Online Learning Library List appeared first on Security Boulevard.
In Nigeria, scammers who specialize in Romance Scams and BEC are called "Yahoo Boys." In Ghana, the term for the same activity is "Sakawa." Several Ghanaian headlines are talking about this case with headlines such as "Multimillion dollar Sakawa" or "Sakawa Chairman Busted" or "Sakawa Kingpin Bows to Extradition!"
On 08AUG2025 the US Attorney's office in the Southern District of New York announced the extradition of four Ghanaian scammers who stole more than $100 Million via Romance Scams and Business Email Compromise.
https://www.justice.gov/usao-sdny/pr/ghanaian-nationals-extradited-roles-criminal-organization-stole-more-100-millionThe names likely are not well known in the US, but the first two are creating a stir in some parts of Ghana: Isaac Boateng, Inusah Ahmed, Derrick Van Yeboah, and Patrick Kwame Asare.
Inusah Ahmed, also known as Pascal, and "Agony" is the owner of the PAC Academy Football Club in the Ashanti region of Ghana. Ghana Soccer quotes one source as saying "Pascal was not just the owner; he was the heart and soul of PAC Academy. This is a huge blow!"
https://ghanasoccernet.com/pac-academy-fc-faces-uncertain-future-amid-owner-inusah-ahmed-pascals-arrest-over-alleged-internet-fraudIsaac Kofi Oduro Boateng, better known as "Kofi Boat," claims to be the owner of ICEFOOD, a frozen food company specializing in chicken and fish in Ghana. But he is better known as the "godfather" of singer Shatta Wale.
Kofi BoatShatta, whose real name is Charles Nii Armah, was featured on the Beyonce track "Already" on her 2019 Lion King album. Last week he had his 2019 Lamborghini Urus seized by the government of Ghana, after the FBI informed them it was purchased with stolen funds.
https://www.bbc.com/news/articles/cq687q927r7o Ghana and the City of Lexington BECThe source of those Lambo funds was Nana Kwabena Amuah, another Ghanian, who performed a $3.9 Million Business Email Compromise against the city of Lexington, Kentucky. When Amuah was arrested in 2023, he posted bail and four days later was arrested attempting to flee to Canada on an Amtrak train.
In an unusual court document, 58 victims of Amuah's BEC crimes are listed with complete street address and the amount of money stolen. Victims are identified in Alabama, Arizona, California, Colorado, Florida, Georgia, Iowa, Illinois, Michigan, Minnesota, Missouri, North Carolina, Oklahoma, Pennsylvania, Tennessee, Texas, Vermont, Wisconsin, the United Kingdom and Switzerland. Collectively they were tricked into sending $4,743,443 to Amuah and his co-conspirator, Shimea Maret McDonald. McDonald had opened a shell company, Gretson Company LLC, and had bank accounts at many major banks in that name that were used to receive the funds.
Victim Restitution Worksheet (1-20 of 58)There were others arrested in this ring, including Samuel Kwadwo Osei, who was recruited into "Sakawa" by a Nigerian computer programmer, Sapphire Egemasi, who the Nigerian media calls a "Tech Queen." Nigerian blogger Linda Ikeji (who I've followed for many years) shared this photo of Sapphire:
https://www.lindaikejisblog.com/2025/6/fbi-arrests-nigerian-tech-queen-sapphire-egemasi-over-alleged-fraud-in-us-2.htmlSamuel Kwadwo Osei ("Tuga"), Derick Nii Ashitey, Chinemezu Sapphire Egemasi, and Fred Brobbey Awuah were all charged in the same ring as McDonald and Amuah.
Osei laundered funds through his BofA account in the name "Lasko Company LLC."
Ashitey operated from the United Kingdom. Sapphire operated from Nigeria, while Awuah resided in the Netherlands.
My favorite paragraph in the Pulse story "Accra socialite Dada Joe Remix nabbed in alleged FBI sting" reads: "Since news of the arrest broke, panic has reportedly gripped Accra’s elite social circles. Several prominent figures allegedly involved in cryptocurrency, forex trading, and high-end real estate have gone underground. Phones have reportedly been switched off, luxury homes have fallen silent, flights are rumoured to be hastily booked, and inner circles – including partners, baby mamas, and close associates – are allegedly being coached on what to say should they be questioned."
The post Ghanaian fraudsters arrested for BEC/Sakawa appeared first on Security Boulevard.
Why is Machine Identity Security Essential? Do you find that businesses underestimate the significance of machine identity security? When innovation accelerates and we move our activities more to the cloud, securing machine identities, or non-human identities (NHIs), has become a growing focus among cybersecurity professionals. With widespread adoption of cloud services, financial services, healthcare, travel, […]
The post Securing Machine Identities: Best Practices appeared first on Entro.
The post Securing Machine Identities: Best Practices appeared first on Security Boulevard.
What comes to mind when we think of compliance in cybersecurity? For many, it’s a focus on human identities: creating secure passwords, providing access control, and educating employees on security best practices. However, there’s a growing recognition that to truly ensure cloud security compliance, we must also turn our attention to Non-Human Identities (NHIs). The […]
The post Ensuring Compliance Through Enhanced NHI Security appeared first on Entro.
The post Ensuring Compliance Through Enhanced NHI Security appeared first on Security Boulevard.
Creator/Author/Presenter: Jordan Mecom
Our deep appreciation to Security BSides - San Francisco and the Creators/Authors/Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s events held at the lauded CityView / AMC Metreon - certainly a venue like no other; and via the organization's YouTube channel.
Additionally, the organization is welcoming volunteers for the BSidesSF Volunteer Force, as well as their Program Team & Operations roles. See their succinct BSidesSF 'Work With Us' page, in which, the appropriate information is to be had!
The post BSidesSF 2025: Confidential Computing: Protecting Customer Data In The Cloud appeared first on Security Boulevard.
Here we have another cautionary tale about off-shoring customer service when faced with the reality of Call Center Scams that commit fraud via Tech Support Scams and Government Impersonation. In this case, FirstIdea, an Indian company is charged with committing fraud against at least 100 victims from Australia and the UK.
FirstIdea.us, according to their website, provides Debt Collection services for ADP, Aetna, Aramark, BASF, Bic, CareOne, CostCo, Horizon Blue Cross Blue Shielf, JPMorgan Chase, Kessler, Siemens, Sony, and others.
firstidea.us website "Our Clients" pageIndia's Central Bureau of Investigation (CBI) recently announced Operation Chakra V, which claims Microsoft Digital Crimes Unit, the US's Federal Bureau of Investigations (FBI), Japan's National Police Agency, and the UK's National Crime Agency (NCA) as partners. The Operation has had many focuses and has been ongoing for several months, including a bust of an Amazon-imitating call center today (10AUG2025).
One of the most significant findings was announced last month, as 37 were arrested with the announcement that 850,000 money mule accounts (8.5 Lakh) had been opened at 743 bank branches. That announcement pointed out a total disregard for KYC (India calls it Customer Due Diligence) and widespread failure to file STRs (Suspicious Transaction Reports.)
While there are dozens of articles that could be written about the successes of Operation Chakhra V, I want to focus on a ring-leader arrested in raids in Noida on July 7th. According to CBI's First Information Report (FIR) (similar to a Criminal Complaint in the US) Nishant Walia, Arjun Prakash, and Arjita Chopra were considered Significant Persons in a fraudulent Call Center operation.
Nishant Walia operated FirstIdea Solutions where Arjun Prakash was listed as a director. Nishant and Arjun were co-directors at several companies, including Marvello Infotech, FirstIdea Solutions, and DroidOne InfoSol.
While the date on the Scammer.info post shows Nishant Walia was "in the game" as early as May 2020, a UK court document actually puts the timeline even earlier. In a case against one Baljinder Singh in a document dated 04JUL2019, we find that "Devine Technical Services Ltd" based in the UK was linked to "an Indian company which purported to provide online technical support for computer users." In that earlier case it is explained "The nature of the fraud was that computer users were made to think that their machines had been infected with viruses or had been subject to hacking and were encouraged to pay for the services of the IT support company." Mr. Singh was charged with money laundering, receiving payments totaling £300,188 from victims of the scam and forwarding the proceeds (minus his commission) to Nishant Walia in India.
https://crimeline.co.uk/wp-content/uploads/2019/09/singh2019ewcacrim1428.pdfDozens of Indian media outlets shared the story of Nishant's arrest, calling him a "Key Operative" a "Kingpin" or a "Leader" of a "Cyberfraud syndicate."
https://www.thehindu.com/news/national/cbi-arrests-key-operative-of-cyber-fraud-syndicate-targeting-uk-and-australian-citizens/article69788011.eceWhile Nishant has been arrested by the CBI and charged with running a major fraud call center operation, Arjun Prakash claims to have moved to Hawaiian Gardens, California and began operating as the "Business Owner & Chief Executive Officer" of FirstIdea, sharing the firstidea.us website in his LinkedIn profile, but claiming to have worked their consistently for 9 years and 10 months (since October 2015) making it clear that this is the same organization.
According to business registration documents, Arjun left the company, opening a debt collection service in the US using the domain "firstidea.us" which he registered in 2015 using his personal gmail account (arjunprakash11@gmail.com) and later renewed using the company gmail (firstideasolutionsinc@gmail.com). Clearly, despite resigning his directorship, Arjun was still part of the company.
linkedin.com/in/aazur (now deleted)We have seen this pattern repeatedly where a company establishes an off-shore relationship for a business process operation that requires the sharing of #PII, and then operators of that same call center are subsequently accused of running fraudulent call centers.
The post Operation Chakra V: Call Center Scammers and your PII appeared first on Security Boulevard.
Explore federated identity management using OpenID Connect for secure enterprise single sign-on. Learn about benefits, implementation, and how it enhances security and user experience.
The post Federated Identity Management using OpenID Connect appeared first on Security Boulevard.
Learn effective passkey recovery and management strategies for secure, user-friendly passwordless authentication. Implement fallback methods and enhance security.
The post Passkeys recovery and management strategies appeared first on Security Boulevard.
“If I had an hour to solve a problem, I would spend 55 minutes thinking about the problem and five minutes finding the solution.”
- Albert Einstein
Introduction:I'm a big fan of graphing password cracking sessions. It's a good way to figure out what's working and what isn't by highlighting trends that get lost in the final "cracking success" number. The very first thing I look for in these graphs is saw-tooth steps. This is an easy way to spot potential improvements. If you suddenly see a quick run of cracks in your password cracking success rate, which is what these saw-tooth steps represent, that implies you can optimize your cracking session by moving that attack earlier in your workflow. Now you need to temper that with the realization that no two password sets are exactly the same, you don't want to overtrain your cracking sessions on one particular dataset, and often these improvements come about because you learn some target specific information part-way through your cracking session. But all that being said, these saw-tooth steps are a great place to start your investigations.
These saw-tooth steps are very evident in the current OMEN cracking sessions as you can see in the graph below. This post will cover my investigation into making OMEN better based on these observations. But if you take anything away from this post, it's really that you should graph your cracking sessions, (ideally using a linear and not logarithmic scale), as chances are it will help you optimize your cracking techniques as well.
OMEN Background:At a high level OMEN is simply another Markov based password guess generator. What makes it stand out from other Markov approaches though is in how it calculates probability thresholds for generating guesses. Rather than ordering likely "next characters" in an array or queue and selecting the next most likely option (such as Hashcat's Markov or "roughly" like JtR's Incremental), or multiplying probabilities together and using a probability threshold (like JtR's --Markov option), OMEN instead assigns each transition a "cost" between 0-10, and then allocates a total "guessing budget" for generating guesses based on the current "level" it is at. So for an OMEN level 4 guess, it would have a "budget" of 4 it needs to spend on all the transitions when creating a guess. The nice thing about this is that when calculating an OMEN guess, you only need to do integer addition. This is a huge bonus from a speed perspective since multiplying floats (like JtR's Markov) is expensive. This approach also gives you much more granular control about the different probability costs associated with a transition compared to using an array based ranking which is what Hashcat does.
The key thing to keep in mind are there are 4 items that OMEN can spend its budget on, of which 3 are currently in use:
Note: You can also do something similar with Hashcat giving it the flag "--outfile-format=2,4" which will output the plaintext password followed by the guess number. Another option to make parsing easier is to save the hex_plain vs. the raw plaintext using the flag "--outfile-format=3,4". This can be annoying as it requires the extra step of decoding the plaintext password to do any manual analysis, but that's often a lot less annoying than dealing with parsing issues.
Hashcat Feature Request: (NOTE: This may be outdated since the new version of Hashcat has a ton of improvements) It would be nice if Hashcat honored the ordering of the --output-format listing so I could put in "--outfile-format=4,2" and it would print the guess number first. Right now, it ignores the ordering and will put the plaintext password first if you use that command.
Moving on, one nice thing about using py-omen is it has a "test" mode which allows you to paste in strings and see how they would be parsed by OMEN. For example, this is me analyzing the cracked password "talishka"
Here you can see that a length 8 guess had a cost of 1. The initial IP "tal" had a cost of 2. The rest of the costs are from the transitions with the ISH->K being the big cost with a price of 3. The total level that this guess would be generated at would be 8 (aka 1 + 2 + 1+ 1+ 3).
I then put "break points" in my graph by having my OMEN implementation output a debug statement whenever it made a major transition (first when the level increased, and then when things like the IP or length changed). This allowed checkpass to note in a cracking session when those transitions occurred. This was super helpful since I could put dots on my graph and start to really understand what was happening when those sawtooth improvements kicked in.
Looking through the sawtooth portions of the graph for an attack using the RockYou1 training set and the RockYou32 test set, I noticed that the transitions and IP tended to be all over the place, but that the length costs were relatively low. Basically the OMEN guesser did really well when it spent its level price on anything BUT length. What this seemed to imply was that the cost for longer passwords was not being weighted in an optimal fashion. Or to put it another way, making longer guesses probably needed to be more costly.
So let's test this out. As a totally non-scientific test to basically "muck around with the data to quickly test a hypothesis", I manually modified the OMEN ruleset trained on the RockYou1 training data and increased the cost of any length that wasn't already at a 0 cost by 1. So if the cost was 0 it stayed 0, but if the cost was 1, it was now 2. If it was 2, it was now 3. Etc. I then reran a test against the RockYou32 test set and then compared the results.
It's not pretty, but it certainly represents an improvement. Now this is only one test against one dataset. And it was a short test at that. But as a first quick test the results were promising enough that it convinced me it was worth spending a bit more time refining the improvement before running longer and more diverse tests.
Increasing the Cost of OMEN Lengths:At this point, my theory was that the cost of longer passwords was too low in the current OMEN implementation. In the default OMEN algorithm, the "Length Cost" is based on how likely passwords of that length are to be found in the training set. For example: If length 7 passwords are the most comment in the training set, then the OMEN "Length Cost" for 7 character passwords would be 0. Let's assume though that length 6 and length 8 passwords showed up at relatively the same frequency in the training set. In this example, they might be frequent enough that they would be assigned an OMEN "Length Cost" of 1. This means the OMEN cost of generating a length 6 and 8 password would be the same, even though it seems like you'd have better success making a length 6 guess vs. a longer length 8 guess when using brute force techniques.
One area where the longer OMEN generated passwords might get more cost is that the "Conditional Probability" costs of adding extra letters may not be 0. But many of the high probability CP costs ARE zero, which means you can add as many as you want and they won't increase the overall cost. This leaves us two options to make it so that in the above example length 8 guesses have a higher cost than length 6 guesses:There's plusses and minuses to both approaches. I wish I could say I weighed those out, ran multiple tests, and settled on a specific implementation, but I picked option #1 of adding an additional cost for each extra character to the "Length Cost" since it was the easiest to do. The new approach is described below:
Updated Length Cost Training Algorithm:
For my next test, I used the updated Length Cost calculation, and assigned it a cost-factor of 1. Therefore each additional character added to an OMEN guess increased the cost of the guess by 1. This is in addition to the other weighting/cost factors so there is still a "base" extra cost for non-frequent lengths as well. Running the same test as above, with training on the RockYou1 dataset and testing against the RockYou32 set yielded the following results:
I'll be up front, I was not expecting this much of an improvement. Now on a longer cracking session, I expect to two lines to converge more. This modification doesn't impact the types of guesses OMEN generates. It just makes OMEN generate shorter guesses sooner. Still, cracking more passwords quickly is always a welcome change (from the perspective of the red team member that is).
But if we're getting nitpicky, (and this whole post is evidence that I am), even in this new graph there still are sawtooth steps. They are much smaller, but they are still there. Let's see then if modifying the length cost factor improves things even more. I wanted to check if a cost factor of 1 was either too high or too low, so I ran two more tests, one with a cost factor of 2 (so each additional character added 2 to the cost), and the other with a cost factor of 0.5 (where it would be rounded down to the nearest integer). Here are the results:
Giving OMEN a length cost factor of 1.0 worked the best, though 0.5 was close. This implies there's still a lot of value of trying length 6/7/8 passwords vs. overly focusing on passwords length 5 and lower. Now this doesn't answer the question about how to smooth out the remaining sawtooth steps, but this seems good enough for now. The next thing to do is to run this test on a different password dataset. For this test, I ran the base OMEN algorithm against an OMEN with a length cost factor of 1, both trained on Rockyou1 against the full list of cracked LinkedIn passwords.
Once again, the results point to a noticeable improvement. The LinkedIn set is a much tougher one to crack, as evidence by the significantly lower success rate, so seeing the modified OMEN attack do better against it is a good indicator that the modifications represent a real improvement vs. being a fluke.
Next, I was excited to see if I could fold these improvements into my PCFG toolset. The PCFG toolset also uses OMEN for its brute-force guess generation so it can create "words" not seen in the training set. Therefore I was able to copy paste the changes from py-OMEN into the PCFG code and train the OMEN portion using a length cost of 1. When I then ran a cracking session (trained on RockYou1) against the LinkedIn list using the "base" PCFG ruleset and the modified PCFG ruleset the following results were produced:
Breaking down these results, the base PCFG does better than the previously modified OMEN attack. That's not surprising, since the PCFG guess generator uses a lot of mangling rules that make it hard for any pure-brute force attack to keep up with it, (at least for shorter cracking sessions). But by adding a length cost factor into the OMEN algorithm that the PCFG toolset uses, I was really impressed by how much more effective it made the PCFG attack.
This seems like a clear win, so I pushed these changes to the core PCFG toolset and they will be available starting with version 4.8 of the pcfg-trainer. I also updated the Default PCFG ruleset to include these changes. That way if you run a standard attack the changes will already be applied. If you are using a custom ruleset that you trained yourself, you'll need to retrain that custom ruleset for the changes to take effect though.
The TLDR of this entire blog post is that the PCFG password cracker has gotten better. But as I said at the start of the blog post, I hope if you take anything away from this entry, it is the value of graphing out cracking sessions to understand what is going on. There is still a lot of room for improvement. Finding those improvements though really depends on someone going "huh, that looks weird" and digging into it.The post OMEN Improvements appeared first on Security Boulevard.
Columbia University has confirmed that a cyberattack exposed personal information for close to 870,000 people, including current and former students, applicants, employees, and others connected to the school. The attack began in mid-May but didn’t come to light until a system outage in late June. From there, it took several weeks of investigation to figure […]
The post Columbia University Breach Affects Nearly 870,000 People appeared first on Centraleyes.
The post Columbia University Breach Affects Nearly 870,000 People appeared first on Security Boulevard.
Air France and KLM have disclosed that a cyberattack targeting one of their third-party service providers led to unauthorized access to certain customer information. The incident, detected in late July 2025, affected a system used for customer service interactions, exposing non-sensitive personal details such as names, contact information, Flying Blue frequent-flyer numbers and statuses, and […]
The post Air France and KLM Confirm Customer Data Exposure in Third-Party Breach appeared first on Centraleyes.
The post Air France and KLM Confirm Customer Data Exposure in Third-Party Breach appeared first on Security Boulevard.
Are Your Cloud-Based Non-Human Identities Adequately Secured? With industries across the globe increasingly migrate their operations to cloud-based platforms, a critical question arises: “How secure are your Non-Human Identities (NHIs) in these digital spaces?” This concern extends across a range of sectors, including financial services, healthcare, travel, DevOps, and SOC teams, all of which rely […]
The post How Secure Are Your Non-Human Identities in the Cloud? appeared first on Entro.
The post How Secure Are Your Non-Human Identities in the Cloud? appeared first on Security Boulevard.
Why Should Machine Identity Management be a Part of Your Cybersecurity Strategy? The paradigm has shifted in cybersecurity. More and more, organizations are coming to the realization that focusing solely on human identities is not enough to stave off the increasingly sophisticated threats. So, what is the missing link? Machine Identity Management (MIM), a critical […]
The post Maximizing Machine Identity Protection Efforts appeared first on Entro.
The post Maximizing Machine Identity Protection Efforts appeared first on Security Boulevard.
Is there a Silver Lining to the Cloud of Cyberthreats? The rise in cyberattacks can paint a bleak picture of the future of cybersecurity. However, such an outlook does not take into account the enormous strides being made within the field itself. Indeed, evolving data protection offers several reasons for optimism. One such cause for […]
The post Why Be Optimistic About Future Cybersecurity? appeared first on Entro.
The post Why Be Optimistic About Future Cybersecurity? appeared first on Security Boulevard.
LinkedIn is a great communication tool for business professionals that informs, provides opportunities, and fosters collaboration — which is exactly why it is attractive to sophisticated cyber adversaries, including aggressive nation state actors, who use LinkedIn for nefarious activities such as information gathering, target profiling, human-asset engagement, fraud, social engineering, and trust building.
Urgent and time sensitive messages, especially regarding career opportunities, target cognitive vulnerabilities and are leveraged by attackers to manipulate victims.
Use the tool, but know the dangers and take necessary precautions.
Use critical thinking and common sense — don’t be an easy victim or useful idiot.
Stay updated on cybersecurity trends and risk patterns. If unsure about a situation, ask cybersecurity professionals (we live for this stuff and are also on LinkedIn)!
The post Tips to Protect Yourself on LinkedIn from Fraud, Social Engineering, and Espionage appeared first on Security Boulevard.
Creators/Authors/Presenters: Jackie Bow, Peter Sanford
Our deep appreciation to Security BSides - San Francisco and the Creators/Authors/Presenters for publishing their BSidesSF 2025 video content on YouTube. Originating from the conference’s events held at the lauded CityView / AMC Metreon - certainly a venue like no other; and via the organization's YouTube channel.
Additionally, the organization is welcoming volunteers for the BSidesSF Volunteer Force, as well as their Program Team & Operations roles. See their succinct BSidesSF 'Work With Us' page, in which, the appropriate information is to be had!
The post BSidesSF 2025: AI’s Bitter Lesson For SOCs: Let Machines Be Machines appeared first on Security Boulevard.
Twitter recently suffered a data breach due to misconfigured settings in its application programming interface (API). As a result, hackers accessed the personal data of 5.4 million users and leaked it on an online forum. The stolen data was later put up for sale by threat actors for $30,000. Incidents like this serve as a […]
The post How Secure Code Review Strengthen Web Apps Security? appeared first on Kratikal Blogs.
The post How Secure Code Review Strengthen Web Apps Security? appeared first on Security Boulevard.
Explore cutting-edge identity strategies for secure access, including passwordless authentication, adaptive access control, and decentralized identity. Learn how to enhance your organization's security posture.
The post Mastering Identity Modern Strategies for Secure Access appeared first on Security Boulevard.
Why is Secrets Management Essential in Today’s Cybersecurity Landscape? One prevailing question often emerges among cybersecurity professionals: Why is secrets management crucial to our digital? In essence, secrets management – the process of managing and safeguarding digital keys, certificates, and passwords – has rapidly become a prime concern in cybersecurity and data protection. NHIs and […]
The post Choosing the Right Secrets Management Solution appeared first on Entro.
The post Choosing the Right Secrets Management Solution appeared first on Security Boulevard.
Are Your Cybersecurity Measures Equipped to Handle Evolving Threats? Do you often question the adequacy of your cybersecurity measures against constantly shifting of digital threats? The key lies in comprehensively managing Non-Human Identities (NHIs) and Secrets Security Management. It is a crucial aspect of cybersecurity often overlooked, leaving gaping holes in the defense of many […]
The post Can Your Cybersecurity Handle Evolving Threats? appeared first on Entro.
The post Can Your Cybersecurity Handle Evolving Threats? appeared first on Security Boulevard.