Today Phishing for Answers analyzes some of the most important cybersecurity trends of 2023 in Latin America. Read our analysis of the region’s most significant threats and adversaries, as well as what to expect in 2024.

Hackers rarely divulge their secrets, but there are exceptions to every rule. Meet Guacamaya, a hacktivist group that has stolen approximately 25 TB of data from Latin American governments, armed forces, and companies. Not only does this group publicize all of its exfiltrated information, but they even record videos showing their code and procedures used during attacks. Read more about this one-of-a-kind threat actor in the next post of our Hacker Spotlight series.

Which cyber adversary targets South American victims, relies on commodity malware, and is constantly soaring to new heights? Meet Blind Eagle, one of the most sophisticated known threat actors operating in Latin America. As part of our Hacker Spotlight series, Phishing for Answers covers a range of regional cybercriminal groups to bring awareness to the threat landscape in Latin America.

When it comes to online data protection and regulation, Brazil is leading the charge in South America. Find out more about the Brazilian General Data Protection Law (“the GDPR of South America”) and how the country’s policymakers are currently combatting disinformation on social media platforms.

This week, we introduce Part 2 of our series about Andy Greenberg’s book, Tracers in the Dark. Find out how a team of law enforcement agents used cryptocurrency analysis to take down one of the largest darknet sites in history.

For years, criminals used Bitcoin to encrypt and anonymize their activities on the dark net - until investigators found a way to trace these payments. In Part 1 of our two-part series about Andy Greenberg’s book, Tracers in the Dark, we analyze how law enforcement regained the ability to hunt down digital crime lords.

To begin the new year, Phishing for Answers analyzes some of the largest cyberattacks of 2022 and how they disrupted the industry. Read our brief rundown of this year’s major breaches, the hackers that orchestrated them, and what to expect in 2023.

Week 5 of our #latamhackers series discusses the expansion of regional malware to overseas operators. Today, we analyze how Latin American hackers create custom malware and then sell it to groups outside of the region. This series is a 5-week collection of posts about the most commonly observed techniques used by hackers in Latin America.

Week 4 of our #latamhackers series is all about geographic targeting. This week we discuss how hackers in Latin America exploit VPNs and other tools to target victims based on location. This series is a 5-week collection of posts about the most commonly observed techniques used by hackers in Latin America.

Week 3 of our #latamhackers series is all about reliance on user execution. This week we discuss how hackers in Latin America tend to rely on user execution to spread malware. This series is a 5-week collection of posts about the most commonly observed techniques used by hackers in Latin America.

Week 2 of our #latamhackers series is all about commodity malware. Today, we analyze how Latin American hackers rely on publicly available tooling and malware to exploit victims. This series is a 5-week collection of posts about the most commonly observed techniques used by hackers in Latin America.

In the spirit of Cybersecurity Awareness Month, Phishing for Answers is launching its #latamhackers series. This is a 5-week series of posts about the most commonly observed techniques used by hackers in Latin America. Week 1 is all about phishing - find out how phishing in Latin America compares to the rest of the world!

For decades, zero-day exploits have been hunted by criminal hackers, security firms, and even national governments. In this quarter’s Cybersecurity Book Club choice, This is How They Tell Me the World Ends, author Nicole Perlroth details the secretive world of zero-day hacking and its impact on global cyber warfare.

Today Phishing for Answers interviews Sarah Albert, a small business owner whose Instagram accounts were hacked in May 2022. Sarah describes how fraudsters took control of her social media, messaged her contacts, and cost her weeks of lost income. Find out more about how she ultimately recovered as well as her new security practices following the cyberattack.

Remember LAPSUS$, the group of teenage hackers that breached Microsoft, Okta, T-Mobile and the Brazilian Ministry of Health? Although most of LAPSUS$ leaders were arrested earlier this year, the cybersecurity community can still learn from these cybercriminals. Through the use of intelligence methodologies and cyber threat intelligence (CTI) frameworks, we explore the capabilities of this hacking unit.

The digital world is currently at a standstill, waiting to see if Elon Musk will successfully acquire Twitter. Learn more about what the potential acquisition means for social media, free speech, and the future of tech in general.

What would happen if hackers turned off the electricity in a major metropolitan area? Or if they tried to poison drinking water by tampering with a water treatment plant? Unfortunately, we don’t have to imagine what would happen, as these refer to real events. Today, Phishing for Answers discusses Russian threats to critical infrastructure, what happens when the cyber and physical worlds collide, and how the world can respond.

For anyone who recently purchased a new phone, you might have noticed the phone settings reading “5G” instead of “4G.” Who cares, right? In reality, the transition to the fifth-generation (5G) wireless cellular standard is more important than one might think. The adoption of 5G technologies not only means increased bandwidth and interconnectivity, but it also presents new security risks to devices, users, and even wildlife populations.

Conti, one of Russia’s most notorious ransomware gangs, recently declared their support for the Kremlin in the ongoing war. Two days later, this cybercriminal group was hacked by a suspected Ukrainian researcher. Find out more about how this powerful ransomware group received a dose of its own medicine.

The Russian invasion of Ukraine has sparked involvement at every layer of the cyber world, including underground hacking groups. Within anonymized networks and dark web forums, hackers are increasingly engaging in Ukraine- and Russia-related activities. These cybercriminal groups are profiting by selling stolen data on the darknet and are even being recruited to aid in both sides of the war. Read more to learn about how covert hacking groups are playing an important role in the Russia-Ukraine conflict.