Malwarebytes

FEBRUARY 6, 2024

The report reveals that, awash with money, the number of known Big Game attacks surged by 68% in 2023, thanks to Ransomware-as-a-Service groups like LockBit and ALPHV. And like broader, law-abiding “Business” at large, cybercrime has settled on a collection of tools that work.

Ransomware 137

Ransomware Cybercrime Malware Social Engineering 137

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking 311

Hacking Phishing Cybercrime Passwords 311

Security Affairs

JULY 18, 2024

The cybercrime group FIN7 is advertising a security evasion tool in multiple underground forums, cybersecurity company SentinelOne warns. in cybercrime forum. On March 28, 2023, “Stupor” advertised an AV killer tool for $10,000 on xss[.]is, Similar ads by users “killerAV” and “lefroggy” appeared on the RAMP and xss[.]is

Advertising 143

Advertising Cybercrime Hacking Ransomware 143

Security Affairs

JUNE 24, 2024

The cybercrime group ExCobalt targeted Russian organizations in multiple sectors with a previously unknown backdoor known as GoRed. Positive Technologies researchers reported that a cybercrime gang called ExCobalt targeted Russian organizations in multiple sectors with a previously unknown Golang-based backdoor known as GoRed.

Cybercrime 127

Cybercrime Telecommunications DNS Technology 127

Krebs on Security

MARCH 17, 2023

Federal Bureau of Investigation (FBI) this week arrested a New York man on suspicion of running BreachForums , a popular English-language cybercrime forum where some of the world biggest hacked databases routinely show up for sale. Pompompurin has been something of a nemesis to the FBI for several years. In April 2022, U.S.

Data breaches 334

Data breaches Cybercrime Insurance Internet 334

Security Affairs

MARCH 28, 2024

Google’s Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively exploited zero-day vulnerabilities in 2023. In 2023, Google (TAG) and Mandiant discovered 29 out of 97 vulnerabilities exploited in the wild. ” continues the report.

Government 143

Government Surveillance Cybercrime Ransomware 143

SecureList

MAY 6, 2024

Methodology In this report, we present an analysis of financial cyberthreats in 2023, focusing on banking Trojans and phishing pages that target online banking, shopping accounts, cryptocurrency wallets and other financial assets. Cryptocurrency phishing saw a 16% year-on-year increase in 2023, with 5.84 million in 2022.

Phishing 138

Phishing Banking Mobile Scams 138

Security Affairs

NOVEMBER 11, 2024

Amazon disclosed a data breach exposing employee data, with information allegedly stolen in the May 2023 MOVEit attacks. Amazon disclosed a data breach that exposed employee information after data was allegedly stolen during the May 2023 MOVEit attacks. Amazon was compromised in May, 2023 via a MoveIT 0day exploit.

Data breaches 133

Data breaches Hacking Technology Ransomware 133

Security Affairs

AUGUST 20, 2024

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported.

Data breaches 126

Data breaches Cybercrime Financial Services Hacking 126

Security Affairs

DECEMBER 8, 2024

On December 25, 2023, a ransomware attack hit the Anna Jaques Hospital. In 2023, upon discovering the cyber attack, the Anna Jaques Hospital took the impacted systems down and launched an investigation into the security breach. The hospital revealed that the security breach exposed sensitive health data for over 316,000 patients.

Data breaches 125

Data breaches Insurance Healthcare Ransomware 125

Security Affairs

FEBRUARY 13, 2024

Maintainers behind the Ransomfeed platform have released Q3 Report 2023 including activities of 185 criminal groups operating worldwide. This report offers an exhaustive account of ransomware threats in the third quarter of 2023, spotlighting activities monitored by the OSINT Ransomfeed platform.

Ransomware 139

Ransomware Data collection Hacking Accountability 139

Krebs on Security

NOVEMBER 1, 2024

We’ll also explore an array of cybercrime services aimed at phishers who target hotels that rely on the world’s most visited travel website. In November 2023, the security firm SecureWorks detailed how scammers targeted booking.com hospitality partners with data-stealing malware. million phishing attempts in 2023.”

Phishing 239

Phishing Accountability Artificial Intelligence Cybercrime 239

Security Affairs

JANUARY 1, 2024

These are the Top 2023 Security Affairs cybersecurity stories … enjoy it. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Top 2023 Security Affairs cybersecurity stories) TB OF DATA STOLEN FROM DIGITAL INTELLIGENCE FIRM CELLEBRITE LEAKED ONLINE 1.7

Cybersecurity 140

Cybersecurity Spyware Data breaches Passwords 140

The Hacker News

AUGUST 22, 2024

He was arrested in Georgia in December 2023 and has since been extradited to Deniss Zolotarjovs (aka Sforza_cesarini) has been charged with conspiring to commit money laundering, wire fraud and Hobbs Act extortion.

Cybercrime 140

Cybercrime 140

Krebs on Security

DECEMBER 19, 2024

Silent Push said Araneida is being advertised by an eponymous user on multiple cybercrime forums. Araneida Scanner’s Telegram channel bragging about how customers are using the service for cybercrime. According to an August 2023 report (PDF) from the U.S. co — first came online in February 2023.

Hacking 149

Hacking Cybercrime Advertising Data breaches 149

Krebs on Security

JANUARY 30, 2024

stole at least $800,000 from at least five victims between August 2022 and March 2023. In February 2023, LastPass disclosed that the intrusion involved a highly complex, targeted attack against a DevOps engineer who was one of only four LastPass employees with access to the corporate vault. .” Image credit: Amitai Cohen of Wiz.

Social Engineering 340

Social Engineering Mobile Passwords Cybercrime 340

Security Affairs

MARCH 13, 2024

Threat actors behind the ransomware attacks that hit Stanford University in 2023 gained access to 27,000 people. Stanford University confirmed that threat actors behind the September 2023 ransomware attack had access to 27,000 people. 27, 2023. . Stanford was breached last year by Clop Ransomware.

Ransomware 138

Ransomware Data breaches Passwords Hacking 138

Thales Cloud Protection & Licensing

OCTOBER 2, 2023

Cybersecurity Awareness Month 2023 – What it is and why we should be aware madhav Tue, 10/03/2023 - 05:33 The inception of Cybersecurity Awareness Month in 2004 came at a critical juncture in our technological history. As we are well and truly in the digital-first age, the need for robust cybersecurity measures is glaringly evident.

Cybersecurity 148

Cybersecurity Cyber threats Authentication Phishing 148

Krebs on Security

DECEMBER 4, 2024

Matveev’s hacker identities were remarkably open and talkative on numerous cybercrime forums. image: x.com/vxunderground The golden rule of cybercrime in Russia has always been that as long as you never hack, extort or steal from Russian citizens or companies, you have little to fear of arrest. “Mother Russia will help you.

Cybercrime 201

Cybercrime Ransomware Cryptocurrency Government 201

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Qakbot/Qbot was once again the top malware loader observed in the wild in the first six months of 2023. Source: Reliaquest.com.

Hacking 294

Hacking Malware Ransomware Government 294

Krebs on Security

JANUARY 24, 2023

First advertised in the cybercrime underground in 2014, RSOCKS was the web-based storefront for hacked computers that were sold as “proxies” to cybercriminals looking for ways to route their Web traffic through someone else’s device. He faces a maximum of 20 years in prison, and is currently scheduled to be sentenced on April 27, 2023.

Cybercrime 259

Cybercrime Advertising IoT Malware 259

Krebs on Security

JULY 10, 2024

The Russia-based cybercrime group dubbed “ Fin7 ,” known for phishing and malware attacks that have cost victim organizations an estimated $3 billion in losses since 2013, was declared dead last year by U.S. In May 2023, the U.S. authorities.

Phishing 294

Phishing Cybercrime Malware Software 294

Joseph Steinberg

MARCH 13, 2023

Join us on this insightful webinar as Joseph Steinberg, cybersecurity expert, thought leader, & advisor and Venky Raju, Field CTO of ColorTokens, discuss both the role of AI in cybercrime operations, as well as various measures that can be taken to help address the risks of such.

Artificial Intelligence 246

Artificial Intelligence Cybersecurity Cyber threats Cybercrime 246

Krebs on Security

JANUARY 10, 2024

14, 2023, a federal judge in the Eastern District of California granted Dellone permission to serve notice of his lawsuit directly to the suspected hackers’ bitcoin address — using a short message that was attached to roughly $100 worth of bitcoin Mora sent to the address. court orders, then it’s yours,” Bax said.

Cryptocurrency 308

Cryptocurrency Government Cybercrime Accountability 308

Security Affairs

NOVEMBER 21, 2024

Justice Department charged five suspects linked to the Scattered Spider cybercrime gang with wire fraud conspiracy. Justice Department charged five alleged members of the cybercrime gang Scattered Spider (also known as UNC3944 , 0ktapus ) with conspiracy to commit wire fraud. ” reads the press release published by DoJ.

Cybercrime 74

Cybercrime Identity Theft Cryptocurrency Phishing 74

Krebs on Security

OCTOBER 31, 2023

” Infoblox determined that until May 2023, domains ending in.info accounted for the bulk of new registrations tied to the malicious link shortening service, which Infoblox has dubbed “ Prolific Puma.” For example, when it was registered through NameSilo in July 2023, the domain 1ox[.]us domains registered daily.US

Phishing 309

Phishing Telecommunications Malware Scams 309

The Last Watchdog

NOVEMBER 7, 2023

Throughout 2023, we’ve witnessed numerous significant cyber incidents. Dark Web presence Another source that law enforcement agencies monitor is the Dark Web, which has become a haven for illegal activities, allowing cybercrime enterprises to operate on underground forums and websites. million individuals.

Cyber threats 208

Cyber threats Cybercrime Internet Internet 208

Security Affairs

OCTOBER 14, 2024

Dutch police dismantled Bohemia/Cannabia, two major dark web markets for illegal goods, drugs, and cybercrime services. These are two of the largest and longest-running dark web platforms for the trade of illegal goods, drugs, and cybercrime services.

Marketing 134

Marketing Cybercrime DDOS Cryptocurrency 134

SecureList

AUGUST 1, 2024

In 2023, there were 16 active partners, which explains the spike in activity, most notably in the spring and autumn of 2023 as evidenced by the PE timestamp. They are also very explicit about what types of organizations affiliates should infect: no less than $10 million in revenue and no hospitals or educational institutions.

Ransomware 118

Ransomware Cybercrime Education Malware 118

Security Affairs

SEPTEMBER 8, 2024

WWH Club had over 353,000 users by 2023 and offered courses on fraud and cybercrime, generating profits through membership and tuition fees. Khodyrev and Kublitskii were also the administrators of many similar websites, including darkweb marketplaces, forums, and training centers to enable cybercrime.

Cybercrime 142

Cybercrime Accountability Banking Advertising 142

Krebs on Security

AUGUST 5, 2024

But the Dark Angels didn’t even have a victim shaming site until April 2023. ” Dark Angels is thought to be a Russia-based cybercrime syndicate whose distinguishing characteristic is stealing truly staggering amounts of data from major companies across multiple sectors, including healthcare, finance, government and education. .

Ransomware 248

Ransomware Insurance Healthcare Education 248

Krebs on Security

APRIL 30, 2024

Finnish prosecutors quickly zeroed in on a suspect: Julius “Zeekill” Kivimäki , a notorious criminal hacker convicted of committing tens of thousands of cybercrimes before he became an adult. After being charged with the attack in October 2022, Kivimäki fled the country.

DDOS 279

DDOS Cybercrime Hacking Passwords 279

Schneier on Security

JULY 17, 2024

According to Google, Google Cloud was slammed by more RPS in two minutes than Wikipedia saw traffic during September 2023. Google Cloud reported the same attack peaked at an astonishing 398 million RPS. So, how big is that number?

Internet 312

Internet Internet DDOS Cybercrime 312

Krebs on Security

JUNE 29, 2023

Group-IB has since moved its headquarters to Singapore, and in April 2023 the company announced it had fully exited the Russian market. ” “Dmitry Volkov, co-founder and CEO, sold his stake in Group-IB’s Russia-based business to the company’s local management,” the statement reads.

Cybersecurity 287

Cybersecurity Cybercrime Hacking Technology 287

Penetration Testing

NOVEMBER 4, 2024

Netcraft’s latest research details HookBot, a sophisticated Android-based banking Trojan that’s steadily advancing its footprint in the cybercrime world.

Cybercrime 119

Cybercrime Banking Cybersecurity Penetration Testing 119

Krebs on Security

NOVEMBER 14, 2024

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator , the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. Mr. Shefel did not respond to requests for comment in advance of that December 2023 profile.

Retail 235

Retail Advertising Cryptocurrency Marketing 235

Security Affairs

FEBRUARY 2, 2024

Operation Synergia was led by Interpol and ran from September to November 2023 involving law enforcement agencies from 50 countries. The international law enforcement operation was launched to curb the escalation and professionalisation of transnational cybercrime. ” reads the press release published by Interpol.

Cybercrime 137

Cybercrime Banking Phishing Malware 137