Security Affairs

NOVEMBER 3, 2021

Experts warn of the availability in the cybercrime underground of offers for initial access to networks of players in global supply chains. In August 2021 , an affiliate of the Conti ransomware gang claimed access to corporate networks belonging to a U.S. In October 2021 , a threat actor claimed access to the network of a U.S.-based

Cybercrime 134

Cybercrime VPN Ransomware Hacking 134

Security Affairs

AUGUST 20, 2022

TA558 cybercrime group is behind a malware campaign targeting hospitality, hotel, and travel organizations in Latin America. Researchers from Proofpoint are monitoring a malware campaign conducted by a cybercrime group, tracked as TA558, that is targeting hospitality, hotel, and travel organizations in Latin America.

Cybercrime 98

Cybercrime Malware Phishing Internet 98

Security Affairs

SEPTEMBER 2, 2022

Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp.

Cybercrime 124

Cybercrime Malware Backups Manufacturing 124

Security Affairs

OCTOBER 30, 2021

INTERPOL published the African Cyberthreat Assessment Report 2021, a report that analyzes evolution of cybercrime in Africa. A new report published by INTERPOL, titled the African Cyberthreat Assessment Report 2021 , sheds the light on cybercrime in Africa. of the overall number.

Cybercrime 89

Cybercrime Scams DDOS Banking 89

Security Affairs

NOVEMBER 27, 2021

HAEICHI-II: Interpol arrested 1,003 individuals charged for several cybercrimes, including romance scams, investment frauds, and online money laundering. of), Laos, Malaysia, Maldives, Philippines, Romania, Singapore, Slovenia, Spain, Thailand, and Vietnam) between June and September 2021. Pierluigi Paganini.

Cybercrime 131

Cybercrime Scams Banking Malware 131

Security Affairs

MARCH 13, 2021

The fire at the OVH datacenter in Strasbourg also impacted the command and control infrastructure used by several nation-state APT groups and cybercrime gangs. The servers were used by cybercrime gangs and APT groups, including Iran-linked Charming Kitten and APT39 groups, the Bahamut cybercrime group, and the Vietnam-linked OceanLotus APT.

Cybercrime 145

Cybercrime Malware Hacking Accountability 145

Security Affairs

DECEMBER 11, 2021

Accenture researchers detailed the activity of a new sophisticated cybercrime group, called Karakurt, behind recent cyberattacks. The activity of the group was first spotted in June 2021, but the group has been more active in Q3 2021. In June 2021 the gang registered the domains hosting its leak sites, karakurt[.]group

Cybercrime 114

Cybercrime VPN Ransomware Hacking 114

Security Affairs

OCTOBER 3, 2021

The Biden administration announced it will work with 30 countries, including NATO allies and G7 partners, to curb global cybercrime. President Joe Biden announced that the US will work with 30 countries to curb cybercrime and dismantle ransomware gangs that are targeting organizations worldwide. Pierluigi Paganini.

Cybercrime 118

Cybercrime Artificial Intelligence Ransomware Cryptocurrency 118

Security Boulevard

MAY 25, 2021

I've decided to make my Cybercrime Forum Data Set for 2019 and 2021 exclusively available online for free in order for me to speed the dissemination process and to possibly empower security researchers and vendors with the necessary information to help them stay on the top of their game in terms of current and emerging cyber threats including U.S

Cybercrime 59

Cybercrime Cyber threats Hacking Software 59

Security Affairs

JUNE 17, 2021

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. “The intrusion that is detailed in this post began on May 18, 2021, which occurred days after the publicly reported shutdown of the overall DARKSIDE program ( Mandiant Advantage background ).

Cybercrime 111

Cybercrime Ransomware Software Antivirus 111

Security Affairs

SEPTEMBER 9, 2021

Evidence collected by the experts suggests that the campaign began on July 25, 2021, threat actors used a large set of open-source tools in the attacks. In January 2021, the cybercrime gang launched a new campaign targeting Kubernetes environments with the Hildegard malware. Pierluigi Paganini.

Cybercrime 123

Cybercrime Cryptocurrency Penetration Testing Malware 123

Security Affairs

SEPTEMBER 16, 2021

Microsoft revealed that multiple threat actors are exploiting the recently patched Windows MSHTML remote code execution security flaw (CVE-2021-40444 ). The campaigns observed August 2021 likely employed emails impersonating contracts and legal agreements, the messages used documents that were hosted on file-sharing sites. .

Ransomware 125

Ransomware Cybercrime Hacking Information Security 125

Security Affairs

NOVEMBER 19, 2021

million from ransom payments since July 2021. A study conducted by Swiss security firm Prodaft with the support of blockchain analysis firm Elliptic revealed that the operators of the Conti ransomware have earned at least $25.5 million from attacks and subsequent ransoms carried out since July 2021. million, of which $6.2

Ransomware 143

Ransomware Cybercrime Malware Hacking 143

Security Affairs

FEBRUARY 20, 2022

The Threat Report Portugal: Q4 2021 compiles data collected on the malicious campaigns that occurred from July to September, Q4, of 2021. 0xSI_f33d is part of the official VirusTotal ingestors since July 2021 allowing the community to verify threats worldwide provided by this feed. Phishing and Malware Q4 2021.

Threat Reports 98

Threat Reports Phishing Malware Banking 98

Security Affairs

FEBRUARY 13, 2022

Organizations have paid more than $600 million in cryptocurrency during 2021, nearly one-third to the Conti ransomware gang. and Australia have published a joint advisory warning of an increased globalised threat of ransomware worldwide in 2021. Last week, cybersecurity agencies from the U.K., added the company. .”

Ransomware 98

Ransomware Cryptocurrency Cybercrime Malware 98

Security Affairs

FEBRUARY 18, 2022

Qualys experts found a new Linux privilege escalation vulnerability, tracked as CVE-2021-44731, in Canonical’s Snap Package Manager. Canonical’s Snap software packaging and deployment system are affected by multiple vulnerabilities, including a privilege escalation flaw tracked as CVE-2021-44731 (CVSS score 7.8).

Software 128

Software Hacking Cybercrime Information Security 128

Security Affairs

FEBRUARY 23, 2021

FireEye experts linked a series of attacks targeting Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. Security experts from FireEye linked a series of cyber attacks against organizations running Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11.

Cybercrime 125

Cybercrime Software Ransomware Cyber Attacks 125

Security Affairs

MAY 2, 2021

The Threat Report Portugal: Q1 2021 compiles data collected on the malicious campaigns that occurred from January to March, Q1, of 2021. Threat Report Portugal Q1 2021: Phishing and malware by numbers. Phishing and Malware Q1 2021. In terms of malware, the Javali trojan banker was spotlighted in Q1 2021.

Threat Reports 108

Threat Reports Phishing Malware Data collection 108

Security Affairs

JUNE 30, 2022

A former Canadian government IT worker admitted to being a high-level member of the Russian cybercrime group NetWalker. to charges related to his involvement with the Russian cybercrime group NetWalker. SecurityAffairs – hacking, Ex-Canadian government employee admits to be a member of the Russian cybercrime gang NetWalkerNetWalker).

Cybercrime 98

Cybercrime Government Ransomware Cryptocurrency 98

Cisco Security

AUGUST 12, 2021

Cisco Secure returned as a supporting partner of the Black Hat USA 2021 Network Operations Center (NOC) for the 5 th year ; joining conference producer Informa Tech and its other security partners. Threat Grid (Secure Malware Analytics). AMP for Endpoints (Secure Endpoint). CyberCrime Tracker. urlscan.io.

DNS 145

DNS Firewall Malware Mobile 145

SC Magazine

MAY 1, 2021

For 2021, the judges took on a record number of submissions, identifying which products, people and companies stood out during a tumultuous year. Click here to see the full list of 2021 SC Award finalists. She also served as the deputy chief information officer of the White House.

Computers and Electronics 126

Computers and Electronics Technology Education Information Security 126

Security Affairs

DECEMBER 23, 2021

Crooks discovered how to bypass the patch for a recent Microsoft Office vulnerability (CVE-2021-40444) and are using it to distribute Formbook malware. Cybercriminals have found a way to bypass the patch for a recent Microsoft Office vulnerability tracked as CVE-2021-40444 (CVSS score of 8.8). Pierluigi Paganini.

Malware 145

Malware Hacking Ransomware Cybercrime 145

Security Affairs

DECEMBER 17, 2021

The botnet has been active since at least 2016, but in August the criminal organization behind the Phorpiex botnet have shut down their operations and put the source code of the bot for sale on a cybercrime forum in on a dark web. We managed to find 60 unique Bitcoin wallets and 37 Ethereum wallets used by the Phorpiex crypto-clipper.

Cryptocurrency 128

Cryptocurrency Cybercrime Malware Hacking 128

Security Affairs

SEPTEMBER 3, 2021

USCYBERCOM is urging organizations to patch a critical CVE-2021-26084 flaw in Atlassian Confluence Server and Data Center, ahead of the Labor Day weekend. . US Cyber Command (USCYBERCOM) has issued an alert to warn US organizations to address Atlassian Confluence CVE-2021-26084 vulnerability immediately, ahead of the Labor Day weekend.

Authentication 135

Authentication Cryptocurrency Hacking Government 135

Security Affairs

JUNE 13, 2021

The Anti-Phishing Working Group (APWG) revealed that the number of phishing websites peaked at record levels in the first quarter of 2021. The Anti-Phishing Working Group (APWG) has published its new Phishing Activity Trends Report related to the first quarter of 2021. Reported Phishing Websites for Q1 2021.

Phishing 126

Phishing Advertising Cryptocurrency Encryption 126

Security Affairs

SEPTEMBER 30, 2021

Threat actors are actively exploiting the recently disclosed CVE-2021-26084 RCE vulnerability in Atlassian Confluence deployments. At the end of August, Atlassian released security patches to address the critical CVE-2021-26084 flaw that affects the Confluence enterprise collaboration product. link] — U.S.

Cryptocurrency 115

Cryptocurrency Authentication Malware Marketing 115

Security Affairs

MARCH 23, 2024

An operation conducted by the Federal Criminal Police Office in Germany (BKA) and the Frankfurt cybercrime combating unit (ZIT) led to the seizure of the infrastructure of the darknet marketplace Nemesis Market in Germany and Lithuania. Crimemarket was a prominent platform for trading illegal drugs, narcotics, and cybercrime services.

Marketing 131

Marketing Cybercrime DDOS Internet 131

SecureList

MAY 12, 2021

There is, of course, a documented porosity between the ransomware ecosystem and other cybercrime domains such as carding or point-of-sale (PoS) hacking. But it is worth pointing out that not all members of this ecosystem originate from the cybercrime underworld. REvil operators have demanded the highest ransoms in 2021.

Ransomware 132

Ransomware Encryption Malware Cybercrime 132

Security Affairs

DECEMBER 19, 2022

The Glupteba botnet is back, researchers reported a surge in infection worldwide after Google disrupted its operation in 2021. In December 2021, Google announced it has taken down the infrastructure operated by the Glupteba botnet, it also sued Russian nationals Dmitry Starovikov and Alexander Filippov for creating and operating the botnet.

DNS 111

DNS Antivirus Cryptocurrency Software 111

Security Affairs

DECEMBER 31, 2022

Researchers from Jama Network analyzed trends in ransomware attacks on US hospitals, clinics, and health care delivery organizations between 2016 and 2021. From 2016 to 2021, the annual number of ransomware attacks passed from 43 to 91. . From 2016 to 2021, the annual number of ransomware attacks passed from 43 to 91. .

Healthcare 98

Healthcare Ransomware Backups Hacking 98

Security Affairs

JUNE 9, 2023

Researchers discovered that the Clop ransomware gang was looking for a zero-day exploit in the MOVEit Transfer since 2021. Kroll security experts discovered that the Clop ransomware gang was looking for a zero-day exploit in the MOVEit Transfer since 2021. ” reads the analysis published by the security firm.

Ransomware 98

Ransomware Hacking Retail Internet 98

Security Affairs

JANUARY 1, 2022

Which are the most-read cyber stories of 2021? The development team behind the Linux Mint distro has fixed a security flaw that could have allowed users to bypass the OS screensaver. Experts discovered a Local Privilege Escalation, tracked as CVE-2021-33909, that could allow attackers to get root access on most Linux distros.

Hacking 116

Hacking VPN Passwords Ransomware 116

Security Affairs

DECEMBER 13, 2022

Twitter confirmed that the recent leak of members’ profile information resulted from the 2021 data breach disclosed in August 2022. Twitter confirmed that the recent data leak of millions of profiles resulted from the 2021 data breach that the company disclosed in August 2022. ” the source told 9to5Mac.

Data breaches 108

Data breaches Accountability Media Hacking 108

Security Affairs

JULY 12, 2022

Microsoft experts believe that the AiTM phishing campaign was used to target more than 10,000 organizations since September 2021. The post Large-scale AiTM phishing campaign targeted +10,000 orgs since 2021? appeared first on Security Affairs. ” Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Phishing 144

Phishing Authentication Social Engineering Passwords 144

Security Affairs

DECEMBER 18, 2023

“Cashout bank logs” typically refer to a type of cybercrime where individuals gain unauthorized access to banking information, often through phishing attacks or hacking, and then use that information to withdraw money or make unauthorized transactions. Do you want to know how do we protect against info stealers?

Banking 133

Banking Cybercrime Malware Accountability 133

Security Affairs

APRIL 25, 2022

Google’s Project Zero researchers reported that 58 zero-day were discovered in 2021 (28 zero-day were detected in 2020), which marks a record for the company since it started tracking these issues in mid 2014. Google researchers reported that the exploitation of the zero-days they saw in 2021 was not different from the past.

Ransomware 118

Ransomware Hacking Software Risk 118

Security Affairs

OCTOBER 26, 2021

“Unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021. The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, the information technology sector, and the transportation sector.”

Ransomware 144

Ransomware Firmware Antivirus Accountability 144