Security Affairs

NOVEMBER 27, 2021

HAEICHI-II: Interpol arrested 1,003 individuals charged for several cybercrimes, including romance scams, investment frauds, and online money laundering. of), Laos, Malaysia, Maldives, Philippines, Romania, Singapore, Slovenia, Spain, Thailand, and Vietnam) between June and September 2021. Pierluigi Paganini.

Cybercrime 138

Cybercrime Scams Banking Malware 138

Security Affairs

SEPTEMBER 2, 2022

Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp.

Cybercrime 133

Cybercrime Malware Backups Manufacturing 133

Security Affairs

NOVEMBER 19, 2021

million from ransom payments since July 2021. A study conducted by Swiss security firm Prodaft with the support of blockchain analysis firm Elliptic revealed that the operators of the Conti ransomware have earned at least $25.5 million from attacks and subsequent ransoms carried out since July 2021. million, of which $6.2

Ransomware 145

Ransomware Cybercrime Malware Hacking 145

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. On Sunday, Feb. hospitals and healthcare providers.”.

Ransomware 305

Ransomware Healthcare Cybercrime Government 305

Krebs on Security

DECEMBER 19, 2024

The makers of Acunetix, Texas-based application security vendor Invicti Security , confirmed Silent Push’s findings, saying someone had figured out how to crack the free trial version of the software so that it runs without a valid license key. co — first came online in February 2023. 2023 on the forum Cracked.

Hacking 149

Hacking Cybercrime Advertising Data breaches 149

Security Affairs

SEPTEMBER 3, 2021

USCYBERCOM is urging organizations to patch a critical CVE-2021-26084 flaw in Atlassian Confluence Server and Data Center, ahead of the Labor Day weekend. . US Cyber Command (USCYBERCOM) has issued an alert to warn US organizations to address Atlassian Confluence CVE-2021-26084 vulnerability immediately, ahead of the Labor Day weekend.

Authentication 140

Authentication Cryptocurrency Hacking Government 140

Security Affairs

FEBRUARY 18, 2022

Qualys experts found a new Linux privilege escalation vulnerability, tracked as CVE-2021-44731, in Canonical’s Snap Package Manager. Canonical’s Snap software packaging and deployment system are affected by multiple vulnerabilities, including a privilege escalation flaw tracked as CVE-2021-44731 (CVSS score 7.8).

Software 136

Software Hacking Cybercrime Information Security 136

Security Affairs

DECEMBER 17, 2021

The botnet has been active since at least 2016, but in August the criminal organization behind the Phorpiex botnet have shut down their operations and put the source code of the bot for sale on a cybercrime forum in on a dark web. We managed to find 60 unique Bitcoin wallets and 37 Ethereum wallets used by the Phorpiex crypto-clipper.

Cryptocurrency 136

Cryptocurrency Cybercrime Malware Hacking 136

Security Affairs

DECEMBER 23, 2021

Crooks discovered how to bypass the patch for a recent Microsoft Office vulnerability (CVE-2021-40444) and are using it to distribute Formbook malware. Cybercriminals have found a way to bypass the patch for a recent Microsoft Office vulnerability tracked as CVE-2021-40444 (CVSS score of 8.8). Pierluigi Paganini.

Malware 145

Malware Hacking Ransomware Cybercrime 145

Krebs on Security

APRIL 27, 2023

This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information. That data later wound up for sale on a top cybercrime forum. Huntington Bank has disabled the leaky TCF Bank Salesforce website. ”

Banking 330

Banking Government Information Security Authentication 330

Security Affairs

OCTOBER 26, 2021

“Unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021. The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, the information technology sector, and the transportation sector.”

Ransomware 145

Ransomware Firmware Antivirus Accountability 145

Security Affairs

DECEMBER 8, 2021

The Mirai -based Moobot botnet is rapidly spreading by exploiting a critical command injection flaw, tracked as CVE-2021-36260 , in the webserver of several Hikvision products. The Moobot was first documented by Palo Alto Unit 42 researchers in February 2021, the recent attacks demonstrated that its authors are enhancing their malware.

Firmware 145

Firmware DDOS Malware IoT 145

Security Affairs

NOVEMBER 21, 2024

Justice Department charged five suspects linked to the Scattered Spider cybercrime gang with wire fraud conspiracy. Justice Department charged five alleged members of the cybercrime gang Scattered Spider (also known as UNC3944 , 0ktapus ) with conspiracy to commit wire fraud. ” reads the press release published by DoJ.

Cybercrime 75

Cybercrime Identity Theft Cryptocurrency Phishing 75

Security Affairs

JULY 12, 2022

Microsoft experts believe that the AiTM phishing campaign was used to target more than 10,000 organizations since September 2021. The post Large-scale AiTM phishing campaign targeted +10,000 orgs since 2021? appeared first on Security Affairs. ” Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Phishing 145

Phishing Authentication Social Engineering Passwords 145

Security Affairs

APRIL 25, 2022

Google’s Project Zero researchers reported that 58 zero-day were discovered in 2021 (28 zero-day were detected in 2020), which marks a record for the company since it started tracking these issues in mid 2014. Google researchers reported that the exploitation of the zero-days they saw in 2021 was not different from the past.

Ransomware 127

Ransomware Hacking Software Risk 127

Security Affairs

MARCH 23, 2024

An operation conducted by the Federal Criminal Police Office in Germany (BKA) and the Frankfurt cybercrime combating unit (ZIT) led to the seizure of the infrastructure of the darknet marketplace Nemesis Market in Germany and Lithuania. Crimemarket was a prominent platform for trading illegal drugs, narcotics, and cybercrime services.

Marketing 138

Marketing Cybercrime DDOS Internet 138

Security Affairs

OCTOBER 16, 2021

TrickBot operators are back and expand the distribution channels with partnership with cybercrime affiliates. The gang support other cybercrime groups such as known Hive0105, Hive0106 (aka TA551 or Shathak), and Hive0107, supporting them in expanding their malware campaigns. ” reads the post published by IBM X-Force.

Malware 140

Malware Cybercrime DDOS Social Engineering 140

Security Affairs

DECEMBER 19, 2022

The Glupteba botnet is back, researchers reported a surge in infection worldwide after Google disrupted its operation in 2021. In December 2021, Google announced it has taken down the infrastructure operated by the Glupteba botnet, it also sued Russian nationals Dmitry Starovikov and Alexander Filippov for creating and operating the botnet.

DNS 120

DNS Antivirus Cryptocurrency Software 120

Security Affairs

DECEMBER 13, 2022

Twitter confirmed that the recent leak of members’ profile information resulted from the 2021 data breach disclosed in August 2022. Twitter confirmed that the recent data leak of millions of profiles resulted from the 2021 data breach that the company disclosed in August 2022. ” the source told 9to5Mac.

Data breaches 115

Data breaches Accountability Media Hacking 115

Security Affairs

MARCH 13, 2024

In our commitment to full transparency, we wish to inform you of a recent security incident involving a third-party vendor managing employee attendance data. The threat actor announced the hack on a popular cybercrime forum, he claimed the theft of about 2869 files.

Data breaches 142

Data breaches Computers and Electronics Hacking Cybercrime 142

Security Affairs

MAY 25, 2022

The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime group as a result of an international operation. The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime gang (aka TMT ) after a year-long investigation codenamed “Operation Delilah.”

Cybercrime 145

Cybercrime Healthcare Cybersecurity Phishing 145

Security Affairs

OCTOBER 21, 2021

Evil Corp cybercrime gang is using a new ransomware called Macaw Locker to evade US sanctions that prevent victims from paying the ransom. The Evil Corp cybercrime group (aka the Dridex gang Indrik Spider , the Dridex gang, and TA505 ) has been active in cybercrime activities since 2007.

Ransomware 144

Ransomware Cybercrime Banking Encryption 144

Krebs on Security

MARCH 7, 2022

In 2020, researchers from Athens University School of Information Sciences and Technology in Greece showed (PDF) how ransomware-as-a-service offerings might one day be executed through smart contracts. Before that, Jeffrey Ladish , an information security consultant based in Oakland, Calif., ” Stern wrote.

Ransomware 247

Ransomware Cryptocurrency DDOS Scams 247

Security Affairs

JUNE 30, 2021

“DoubleVPN was heavily advertised on both Russian and English-speaking underground cybercrime forums as a means to mask the location and identities of ransomware operators and phishing fraudsters. “On 29th of June 2021, law enforcement took down DoubleVPN. SecurityAffairs – hacking, cybercrime ). Pierluigi Paganini.

VPN 144

VPN Cybercrime Encryption Advertising 144

Security Affairs

NOVEMBER 1, 2021

CVE-2021-20016 , CVE-2021-20021 , CVE-2021-20022 , CVE-2021-2002 ) or using compromised credentials. SecurityAffairs – hacking, cybercrime). The post HelloKitty ransomware gang also targets victims with DDoS attacks appeared first on Security Affairs. ” continues the alert. Pierluigi Paganini.

DDOS 145

DDOS Ransomware Cybercrime Encryption 145

Security Affairs

DECEMBER 18, 2023

“Cashout bank logs” typically refer to a type of cybercrime where individuals gain unauthorized access to banking information, often through phishing attacks or hacking, and then use that information to withdraw money or make unauthorized transactions. Do you want to know how do we protect against info stealers?

Banking 140

Banking Cybercrime Malware Accountability 140

Security Affairs

OCTOBER 8, 2021

A broad explanation of this threat is included in the Cyber Security Assessment Netherlands (CSBN) 2021, which was shared with the Chamber in June by the Minister of Justice and Security. Security Security Agenda (NCSA) and the integrated approach to cybercrime.” ” continues the letter.

Ransomware 143

Ransomware Cybercrime Government Cyber Attacks 143

Security Affairs

JANUARY 12, 2022

2021-11-26 04:34:54 2021-11-26 10:05:15 149.154.167.91 2021-12-05 12:06:03 2021-12-05 13:19:35 149.154.167.91 2021-12-09 16:18:46 2021-12-09 20:00:13 149.154.167.91 2021-12-22 18:38:18 2021-12-23 11:33:58. . “Some telemetry data is shown below. IP Address Start Time End Time 149.154.167.91

Malware 145

Malware Manufacturing Cryptocurrency Cybercrime 145

Security Affairs

MAY 26, 2021

Last week, French authorities have seized the dark web marketplace Le Monde Parallèle, it is another success of national police in the fight against cybercrime. French authorities seized the dark web marketplace Le Monde Parallèle, the operation is another success of national police in the fight against cybercrime activity in the dark web.

Cybercrime 145

Cybercrime Cryptocurrency Banking Mobile 145

Security Affairs

MARCH 30, 2024

AT&T confirmed that a data breach impacted 73 million current and former customers after its data were leaked on a cybercrime forum. The seller, who goes online with the moniker MajorNelson, claims that the data was obtained from an unnamed AT&T division by @ ShinyHunters in 2021. The archive contains 73.481.539 records. “It

Data breaches 145

Data breaches Telecommunications Cybercrime Hacking 145

Security Affairs

APRIL 8, 2022

A Ukrainian man was sentenced in the US to 5 years in prison for his criminal activity in the cybercrime group FIN7. for high-level hacking activity in the cybercrime group FIN7 (aka Carbanak Group and the Navigator Group). Iarmak is the third member of the FIN7 cybercrime group to be sentenced in the U.S. in May 2020.

Cybercrime 138

Cybercrime Hacking Software Phishing 138

Security Affairs

MAY 2, 2024

In November 2021, the US Department of Justice charged Vasinskyi, REvil ransomware affiliate, for orchestrating the ransomware attacks on Kaseya MSP platform that took place on July 4, 2021. victims, and we are disrupting the broader cybercrime ecosystem.”

Ransomware 135

Ransomware Cryptocurrency Cybercrime Encryption 135

Security Affairs

DECEMBER 26, 2021

“As announced on Monday, 20 December 2021, the Inetum Group was the target of a ransomware cyberattack on Sunday, 19 December 2021, which impacted certain operations in France, but not in any of the other countries where the Group operates.” ” reads the press release published by the company.

Ransomware 145

Ransomware Cybercrime Advertising Information Security 145

Security Affairs

SEPTEMBER 4, 2021

FIN7 cybercrime gang used weaponized Windows 11 Alpha-themed Word documents to drop malicious payloads, including a JavaScript backdoor. The attacks took space between late June and late July 2021, experts noticed that the infection process stops when detecting Russian, Ukrainian, or several other Eastern European languages.

Cybercrime 145

Cybercrime Retail Phishing Hacking 145

Security Affairs

JULY 7, 2024

CapraTube Remix | Transparent Tribe’s Android Spyware Targeting Gamers, Weapons Enthusiasts Supply Chain Compromise Leads to Trojanized Installers for Notezilla, RecentX, Copywhiz Caught in the Net: Using Infostealer Logs to Unmask CSAM Consumers I am Goot (Loader) Exposing FakeBat loader: distribution methods and adversary infrastructure MerkSpy: (..)

Malware 129

Malware Spyware Cybercrime Ransomware 129

Security Affairs

SEPTEMBER 27, 2021

Researchers from vpnMentor recently published a report that sheds the light on the use of Telegram in the cybercrime ecosystem. vpnMentor researchers joined several cybercrime-focused Telegram groups and discovered a vast network of more 1,000s individuals sharing data leaks and dumps and discussing how to exploit them in illegal activities.

Cybercrime 143

Cybercrime Hacking Mobile DDOS 143

Security Affairs

JULY 13, 2024

In October 2022, Swiss police arrested Penchukov in Geneva, also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. In 2012, Vyacheslav Igorevich Penchukov was accused of being a member of a cybercrime gang known as JabberZeus crew. Since May 2019, Penchukov had a prominent role in the Zeus operation.

Cybercrime 136

Cybercrime Banking Malware Hacking 136