Malwarebytes

FEBRUARY 6, 2024

The report reveals that, awash with money, the number of known Big Game attacks surged by 68% in 2023, thanks to Ransomware-as-a-Service groups like LockBit and ALPHV. And like broader, law-abiding “Business” at large, cybercrime has settled on a collection of tools that work.

Ransomware 137

Ransomware Cybercrime Malware Social Engineering 137

The Hacker News

JUNE 20, 2023

Over 100,000 compromised OpenAI ChatGPT account credentials have found their way on illicit dark web marketplaces between June 2022 and May 2023, with India alone accounting for 12,632 stolen credentials.

Accountability 127

Accountability Cybercrime 127

SecureList

MAY 6, 2024

With trillions of dollars of digital payments made every year, it is no wonder that attackers target electronic wallets, online shopping accounts and other financial assets, inventing new techniques and reusing good old ones. Online shopping brands were the most popular lure, accounting for 41.65% of financial phishing attempts.

Phishing 138

Phishing Banking Mobile Scams 138

Security Affairs

DECEMBER 23, 2023

The LockBit ransomware claims to have hacked accountancy firm Xeinadin threatens to leak the alleged stolen data. The LockBit ransomware claims responsibility for hacking the Xeinadin accountancy firm and threatens to disclose the alleged stolen data. Account balances. Xeinadin has over 60,000 clients across the UK and Ireland.

Accountability 144

Accountability Ransomware Data breaches Hacking 144

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Hacking 258

Hacking Accountability Government Social Engineering 258

SecureList

NOVEMBER 28, 2022

Below, we present a number of key ideas about what the consumer-oriented threat landscape will look like in 2023, and describe how users could be lured into cybertraps with fake content and third-party apps. The larger the subscription base, the greater the number of fraudulent key-selling schemes and attempts at stealing accounts.

Education 143

Education Phishing Scams Social Engineering 143

Krebs on Security

JANUARY 10, 2024

Dellone says the crooks then used his phone number to break into his account at Coinbase and siphon roughly $100,000 worth of cryptocurrencies. 2023 story here about how experts now believe it’s likely hackers are cracking open some of the password vaults stolen in the 2022 data breach at LastPass. federal court.”

Cryptocurrency 308

Cryptocurrency Government Cybercrime Accountability 308

Security Affairs

AUGUST 20, 2024

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported.

Data breaches 126

Data breaches Cybercrime Financial Services Hacking 126

Security Affairs

DECEMBER 8, 2024

On December 25, 2023, a ransomware attack hit the Anna Jaques Hospital. In 2023, upon discovering the cyber attack, the Anna Jaques Hospital took the impacted systems down and launched an investigation into the security breach. The hospital revealed that the security breach exposed sensitive health data for over 316,000 patients.

Data breaches 125

Data breaches Insurance Healthcare Ransomware 125

Krebs on Security

JANUARY 30, 2024

stole at least $800,000 from at least five victims between August 2022 and March 2023. In each attack, the victims saw their email and financial accounts compromised after suffering an unauthorized SIM-swap, wherein attackers transferred each victim’s mobile phone number to a new device that they controlled. According to an Aug.

Social Engineering 340

Social Engineering Mobile Passwords Cybercrime 340

Krebs on Security

DECEMBER 19, 2024

Silent Push said Araneida is being advertised by an eponymous user on multiple cybercrime forums. Araneida Scanner’s Telegram channel bragging about how customers are using the service for cybercrime. According to an August 2023 report (PDF) from the U.S. co — first came online in February 2023.

Hacking 149

Hacking Cybercrime Advertising Data breaches 149

Security Affairs

APRIL 27, 2024

Threat actors accessed more than 19,000 online accounts on a California state platform for welfare programs. Threat actors breached over 19,000 online accounts on a California state platform dedicated to welfare programs. Your account may have been one of those accessed.” ” continues the notification.

Accountability 143

Accountability Passwords Data breaches Hacking 143

Security Affairs

JANUARY 1, 2024

These are the Top 2023 Security Affairs cybersecurity stories … enjoy it. RESEARCHER DISCOVERED A NEW LOCK SCREEN BYPASS BUG FOR ANDROID 14 AND 13 Researchers discovered a lock screen bypass bug in Android 14 and 13 that could expose sensitive data in users’ Google accounts.

Cybersecurity 140

Cybersecurity Spyware Data breaches Passwords 140

Anton on Security

APRIL 20, 2023

The famous Mandiant 2023 M-Trends (NOT G-Trends, mind you…) report is out, and here are some of the things that I found to be surprising and NOT surprising :-) Mandiant M-Trends 2023 Detection by Source SURPRISING “Mandiant experts note a decrease in the percentage of global intrusions involving ransomware between 2021 and 2022.

Social Engineering 130

Social Engineering Ransomware Cybercrime Cyber Attacks 130

Security Affairs

FEBRUARY 13, 2024

Maintainers behind the Ransomfeed platform have released Q3 Report 2023 including activities of 185 criminal groups operating worldwide. This report offers an exhaustive account of ransomware threats in the third quarter of 2023, spotlighting activities monitored by the OSINT Ransomfeed platform.

Ransomware 139

Ransomware Data collection Hacking Cybersecurity 139

eSecurity Planet

JANUARY 5, 2023

After a year that saw massive ransomware attacks and open cyber warfare, the biggest question in cybersecurity for 2023 will likely be how much of those attack techniques get commoditized and weaponized. 2023, he predicted, “will not be any easier when it comes to keeping users’ data safe and private.”

Ransomware 145

Ransomware CISO Software Cybercrime 145

Krebs on Security

AUGUST 15, 2024

On July 21, 2024, denizens of the cybercrime community Breachforums released more than 4 terabytes of data they claimed was stolen from nationalpublicdata.com, a Florida-based company that collects data on consumers and processes background checks. billion rows of records — they claimed was taken from nationalpublicdata.com. .”

Hacking 352

Hacking Data breaches Identity Theft Accountability 352

Krebs on Security

APRIL 18, 2023

In January 2023, the Faceless service website said it was willing to pay for information about previously undocumented security vulnerabilities in IoT devices. ” MRMURZA Faceless is a project from MrMurza , a particularly talkative member of more than a dozen Russian-language cybercrime forums over the past decade. In 2013, U.S.

Malware 274

Malware Passwords Accountability Advertising 274

Security Affairs

JANUARY 4, 2024

An internet outage impacted Orange Spain after a hacker gained access to the company’s RIPE account to misconfigure BGP routing. The hacker, who uses the moniker ‘Snow’, gained access to the RIPE account of Orange Spain and misconfigured the BGP routing causing an internet outage. I have fixed your RIPE admin account security.

Internet 138

Internet Internet Accountability Passwords 138

Krebs on Security

DECEMBER 4, 2024

Matveev’s hacker identities were remarkably open and talkative on numerous cybercrime forums. image: x.com/vxunderground The golden rule of cybercrime in Russia has always been that as long as you never hack, extort or steal from Russian citizens or companies, you have little to fear of arrest. “Mother Russia will help you.

Cybercrime 201

Cybercrime Ransomware Cryptocurrency Government 201

Thales Cloud Protection & Licensing

OCTOBER 2, 2023

Cybersecurity Awareness Month 2023 – What it is and why we should be aware madhav Tue, 10/03/2023 - 05:33 The inception of Cybersecurity Awareness Month in 2004 came at a critical juncture in our technological history. emphasized collective action and individual accountability. Protect IT."

Cybersecurity 148

Cybersecurity Cyber threats Authentication Phishing 148

Krebs on Security

APRIL 16, 2024

For nearly a dozen years, residents of South Carolina have been kept in the dark by state and federal investigators over who was responsible for hacking into the state’s revenue department in 2012 and stealing tax and bank account information for 3.6 million people. said investigators determined the breach began on Aug. ” On Oct.

Identity Theft 271

Identity Theft Banking Cybercrime Hacking 271

Krebs on Security

NOVEMBER 21, 2024

technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. That Joeleoli moniker registered on the cybercrime forum OGusers in 2018 with the email address joelebruh@gmail.com , which also was used to register accounts at several websites for a Joel Evans from North Carolina.

Identity Theft 228

Identity Theft Phishing Cryptocurrency Accountability 228

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Reliaquest says QakBot infections accounted for nearly one-third of all loaders observed in the wild during the first six months of this year.

Hacking 294

Hacking Malware Ransomware Government 294

Security Affairs

AUGUST 15, 2023

Researchers discovered credentials associated with cybercrime forums on roughly 120,000 computers infected with information stealers. Threat intelligence firm Hudson Rock has discovered credentials associated with cybercrime forums on roughly 120,000 computers infected with various information stealer malware.

Cybercrime 98

Cybercrime Passwords Data breaches Malware 98

Krebs on Security

OCTOBER 31, 2023

” Infoblox determined that until May 2023, domains ending in.info accounted for the bulk of new registrations tied to the malicious link shortening service, which Infoblox has dubbed “ Prolific Puma.” For example, when it was registered through NameSilo in July 2023, the domain 1ox[.]us US phishing domains.

Phishing 309

Phishing Telecommunications Malware Scams 309

Security Affairs

NOVEMBER 29, 2023

Cloud identity and access management solutions provider Okta revealed additional threat actor activity linked to the October 2023 breach. Okta provided additional details about the October 2023 breach and revealed additional threat actor malicious activities. On Thursday, October 19, Okta advised customers of a security incident.

Social Engineering 138

Social Engineering Authentication Engineering Accountability 138

CyberSecurity Insiders

DECEMBER 6, 2022

Netwrix, a cybersecurity vendor that makes data security easy, today released key IT security trends that will affect organizations of all sizes in 2023. Here are five specific trends for 2023 that you need to be aware of: The business of cybercrime will be further professionalized. For more information, visit www.netwrix.com.

Cybersecurity 116

Cybersecurity Cybercrime Social Engineering Risk 116

Security Affairs

JANUARY 11, 2024

The X account of cybersecurity firm Mandiant was likely hacked through a brute-force password attack, the company revealed. Last week, threat actors hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam. and “Check bookmarks when you get account back.”

Accountability 141

Accountability Hacking Cryptocurrency Cybersecurity 141

SecureList

MAY 11, 2023

Although early 2023 saw a slight decline in the number of ransomware attacks, they were more sophisticated and better targeted. Finally, other groups like Clop ramped up their activities over the course of last year, reaching their peak in early 2023 as they claimed to have hacked 130 organizations using a single zero-day vulnerability.

Ransomware 144

Ransomware Malware Architecture Telecommunications 144

Krebs on Security

NOVEMBER 2, 2023

One of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. Among the most common ways that thieves extract cash from stolen credit card accounts is through purchasing pricey consumer goods online and reselling them on the black market.

Cybercrime 312

Cybercrime Marketing Scams Retail 312

Krebs on Security

SEPTEMBER 30, 2023

According to a September 20, 2023 joint advisory from the FBI and the U.S. ” New York City-based cyber intelligence firm Flashpoint said the Snatch ransomware group was created in 2018, based on Truniger’s recruitment both on Russian language cybercrime forums and public Russian programming boards.

Ransomware 257

Ransomware Accountability Cybercrime Backups 257

Security Affairs

SEPTEMBER 8, 2024

WWH Club had over 353,000 users by 2023 and offered courses on fraud and cybercrime, generating profits through membership and tuition fees. Khodyrev and Kublitskii were also the administrators of many similar websites, including darkweb marketplaces, forums, and training centers to enable cybercrime.

Cybercrime 142

Cybercrime Accountability Banking Advertising 142

SecureWorld News

JUNE 21, 2023

Cybersecurity firm Group-IB recently uncovered a significant security breach involving ChatGPT accounts. These compromised accounts pose a serious risk to businesses, especially in the Asia-Pacific region, which has experienced the highest concentration of ChatGPT credentials for sale.

Accountability 124

Accountability Data collection Cyber threats Cybersecurity 124

Krebs on Security

JANUARY 8, 2024

In 2020, the United States brought charges against four men accused of building a bulletproof hosting empire that once dominated the Russian cybercrime industry and supported multiple organized cybercrime groups. From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a

Cybercrime 247

Cybercrime Banking Computers and Electronics DDOS 247

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. Chaput said that on May 4, 2023, someone unleashed a spam torrent targeting users on these Mastodon communities via “private mentions,” a kind of direct messaging on the platform.

Scams 284

Scams DDOS Cryptocurrency Accountability 284

Security Affairs

NOVEMBER 21, 2024

Justice Department charged five suspects linked to the Scattered Spider cybercrime gang with wire fraud conspiracy. Justice Department charged five alleged members of the cybercrime gang Scattered Spider (also known as UNC3944 , 0ktapus ) with conspiracy to commit wire fraud. ” reads the press release published by DoJ. .

Cybercrime 74

Cybercrime Identity Theft Cryptocurrency Phishing 74