Accountability, Cybercrime and Education

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Krebs on Security

FEBRUARY 4, 2021

Facebook, Instagram , TikTok , and Twitter this week all took steps to crack down on users involved in trafficking hijacked user accounts across their platforms. Facebook said it targeted a number of accounts tied to key sellers on OGUsers, as well as those who advertise the ability to broker stolen account sales. THE MIDDLEMEN.

Accountability

Accountability Hacking Media Mobile

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

Krebs on Security

DECEMBER 16, 2019

Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “ Evil Corp ” and stole roughly $100 million from businesses and consumers. LOW FRIENDS IN HIGH PLACES.

Cybercrime

Cybercrime Banking Small Business Accountability

Pennsylvania State Education Association data breach impacts 500,000 individuals

Security Affairs

MARCH 20, 2025

A data breach at the Pennsylvania State Education Association exposed the personal information of over 500,000 individuals. The Pennsylvania State Education Association (PSEA) suffered a data breach that impacted 517,487 individuals. PSEA is affiliated with the National Education Association (NEA).

Education

Education Data breaches Identity Theft Insurance

Operation Heart Blocker: International Police Disrupt Phishing Network

SecureWorld News

FEBRUARY 3, 2025

In a significant victory against cybercrime, U.S. Cybercrime as a service: an evolving threat As cybercriminals continue to develop more sophisticated and accessible tools, law enforcement agencies worldwide are struggling to keep pace. For every criminal group disrupted, multiple others remain active or emerge to take their place."

Phishing

Phishing Cybercrime Scams Authentication

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. In 2017, crooks launched a phishing campaign against universities to compromise.edu accounts. ” reads the alert published by the FBI.

Cybercrime

Cybercrime Education Accountability Phishing

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. Department of Defense. USDoD’s InfraGard sales thread on Breached.

Hacking

Hacking Energy and Utilities Cybercrime Accountability

Gmail Under Siege: FBI Warns of Unusual AI-Driven Phishing Attacks

eSecurity Planet

FEBRUARY 10, 2025

Since early 2022, there has been a 49 percent rise in phishing attempts capable of evading filters, with AI-generated threats accounting for nearly 5 percent of these attacks. This surge highlights a broader trend toward automation in cybercrime and signals that no email platform is immune.

Phishing

Phishing Artificial Intelligence Password Management Accountability

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Krebs on Security

MAY 14, 2021

The crime gang announced it was closing up shop after its servers were seized and someone drained the cryptocurrency from an account the group uses to pay affiliates. The new restrictions came as some Russian cybercrime forums began distancing themselves from ransomware operations altogether.

Ransomware

Ransomware Cryptocurrency Cybercrime Healthcare

Alabama State Department of Education suffered a data breach following a blocked attack

Security Affairs

JULY 7, 2024

Alabama’s education superintendent disclosed a data breach following a hacking attempt on the Alabama State Department of Education. The Alabama State Department of Education announced it had thwarted a ransomware attack on June 17, however, threat actors accessed some data and disrupted services before the attack was stopped.

Education

Education Data breaches Hacking Banking

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Krebs on Security

MARCH 31, 2022

On Tuesday, KrebsOnSecurity warned that hackers increasingly are using compromised government and police department email accounts to obtain sensitive customer data from mobile providers, ISPs and social media companies. 30, Bug posted a sales thread to the cybercrime forum Breached[.]co Today, one of the U.S.

Government

Government Accountability Education Media

Arrest in ‘Ransom Your Employer’ Email Scheme

Krebs on Security

NOVEMBER 22, 2021

“According to this actor, he had originally intended to send his targets—all senior-level executives—phishing emails to compromise their accounts, but after that was unsuccessful, he pivoted to this ransomware pretext,” Abnormal’s Crane Hassold wrote. Source: FBI/IC3 2020 Internet Crime Report.

Scams

Scams Cybercrime Banking Identity Theft

Who Is the Network Access Broker ‘Babam’?

Krebs on Security

DECEMBER 3, 2021

Since the beginning of 2020, Babam has set up numerous auctions on the Russian-language cybercrime forum Exploit , mainly selling virtual private networking (VPN) credentials stolen from various companies. The username associated with that account was “ bo3dom.” com back in 2011, and sanjulianhotels[.]com com (2017).

Ransomware

Ransomware Passwords Accountability Cybercrime

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

Additionally, there are also Russian cybercrime organizations that are not state-sponsored but are allowed to operate. Although there’s no one magic solution to eliminating cyberattacks and cybercrime risks, there are steps you can take to reduce the chances of becoming a victim. Accounting for humans.

Cybersecurity

Cybersecurity Cybercrime Education Government

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches

Data breaches Cryptocurrency Artificial Intelligence Cybercrime

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Security Affairs

MAY 5, 2021

A new cybercrime gang, tracked as UNC2529 , has targeted many organizations in the US and other countries using new sophisticated malware. FireEye’s Mandiant unit observed two distinct waves of attacks carried out by the cybercrime group in December 2020. The post UNC2529, a new sophisticated cybercrime gang that targets U.S.

Cybercrime

Cybercrime Malware Manufacturing Retail

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

But by all accounts, few attacks from those gangs have come close to the amount of firepower wielded by a pro-Russia group calling itself “ NoName057(16).” He also co-runs SURBL , an anti-abuse service that flags domains and Internet address ranges that are strongly associated with spam and cybercrime activity, including DDoS.

DDOS

DDOS Internet Internet Government

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

Security Affairs

MARCH 17, 2021

The FBI has issued an alert to warn about an increase in PYSA ransomware attacks on education institutions in the US and UK. The FBI has issued Tuesday an alert to warn about an increase in PYSA ransomware attacks against education institutions in the United States and the United Kingdom. Pierluigi Paganini.

Education

Education Ransomware Encryption Antivirus

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years. These services, too, have been outsourced.

Cybercrime

Cybercrime Banking Malware Ransomware

Law enforcement seized the Genesis Market cybercrime marketplace

Security Affairs

APRIL 5, 2023

The price for a stolen account was very cheap, paying a few dollars crooks were able to use it for a specific period. Genesis Market provided access to accounts of the most popular services, including Amazon, eBay, Facebook, Gmail, Netflix, PayPal, Spotify, and Zoom.

Marketing

Marketing Cybercrime Accountability Education

Cybercrime and Fraud on the Rise During COVID-19 Pandemic

Identity IQ

JANUARY 24, 2021

As many Americans’ personally identifiable information goes digital, it’s becoming increasingly vulnerable to hacks and theft by cybercriminals who profit from access to online accounts. Cybercrime annual revenue currently totals $1.5

Cybercrime

Cybercrime Identity Theft Scams Data breaches

Audi Got Hacked: What Cybercrimals Do with Your Information and How to Protect It

Identity IQ

JUNE 15, 2021

A small number of records included additional data like dates of birth, Social Security numbers and account numbers. Once hackers obtain this personal data, they can use your credentials to access your financial and other accounts online in what is called credential stuffing. Monitor your bank and other financial accounts.

Cybercrime

Cybercrime Identity Theft Hacking Data breaches

Cybercrime group exploits Windows zero-day in ransomware attacks

Security Affairs

APRIL 11, 2023

The experts pointed out that while the majority of zero-days they have discovered in the past were used by APT groups, this zero-day was exploited by a sophisticated cybercrime group. This group is known to have used similar CLFS driver exploits in the past that were likely developed by the same author.

Cybercrime

Cybercrime Ransomware Education Media

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

Webroot

MARCH 3, 2025

March is a time for leprechauns and four-leaf clovers, and as luck would have it, its also a time to learn how to protect your private data from cybercrime. During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure.

Consumer Protection

Consumer Protection Identity Theft Scams Social Engineering

BEC Attacks: Protecting Against the Most Insidious Cybercrime

SecureWorld News

DECEMBER 2, 2021

BEC attacks start because an actor steals information, then uses social engineering techniques to get the victim to transfer funds into a false account. Before the victim knows it, they have been conned into transferring their entire life's savings or some of their business's budget into a malicious hacker's bank account.

Cybercrime

Cybercrime Healthcare Social Engineering Banking

We Infiltrated a Counterfeit Check Ring! Now What?

Krebs on Security

JUNE 30, 2021

Such is the curse of the fraud fighter known online by the handles “ Brianna Ware ” and “ BWare ” for short, a longtime member of a global group of volunteers who’ve infiltrated a cybercrime gang that disseminates counterfeit checks tied to a dizzying number of online scams. ” SHRINKING FROM THE FIREHOSE?

Scams

Scams Banking Accountability Cybercrime

Cybersecurity CEO: 5 Cybercrime Trends to Watch for in 2021

Herjavec Group

DECEMBER 16, 2020

What should C-suite executives account for in their cybersecurity roadmaps and risk registers? Ransomware, the fastest-growing type of cybercrime, will claim a new victim? Sadly, in 2020, we saw the first instance of human loss as a direct result of cybercrime – ransomware to be exact. Originally posted on Cybercrime Magazine.

Cybercrime

Cybercrime Cybersecurity Digital transformation CISO

Crooks broke into AT&T email accounts to empty their cryptocurrency wallets

Security Affairs

APRIL 30, 2023

Threat actors are gaining access to AT&T email accounts in an attempt to hack into the victim’s cryptocurrency exchange accounts. Hackers are breaking into the AT&T email accounts and then using the access they are logging into the victim’s cryptocurrency exchange accounts to drain their crypto funds, TechCrunch reported.

Cryptocurrency

Cryptocurrency Accountability Passwords Hacking

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

Security Affairs

FEBRUARY 10, 2022

Spanish National Police has arrested eight alleged members of a crime organization who were able to steal money from the bank accounts of the victims through SIM swapping attacks. Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts.

Banking

Banking Accountability Mobile Cryptocurrency

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

Security Boulevard

FEBRUARY 14, 2025

And get the latest on ransomware trends and on cybercrime legislation and prevention! Thats a key takeaway from Cybercrime: A Multifaceted National Security Threat, a report releaesd this week by Googles Threat Intelligence Group. bill seeks tougher punishments for cybercrimes A bill introduced by two U.S.

Banking

Banking Cybercrime Cybersecurity Ransomware

This Simple Hack Could Tank Your Business

Adam Levin

JULY 24, 2020

percent of 15,000 domain names probed directed users to websites associated with some form of cybercrime, including hacking, phishing, online fraud, or spamming. As in virtually every cyber risk, one path to risk mitigation here is education and training. A recent study by cybersecurity company Sophos Labs found that roughly 2.7

Hacking

Hacking Phishing Risk Accountability

Q&A: Here’s why VPNs are likely to remain a valuable DIY security tool for consumers, SMBs

The Last Watchdog

JULY 11, 2022

It is astounding that billions of online accounts have been breached over the past 18 years and that US consumer accounts are by far the most compromised. accounts have been breached so far. More than two thirds of American accounts are leaked with the password, putting breached users in danger of account takeover.

VPN

VPN Data breaches Internet Internet

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

Security Affairs

APRIL 24, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, PaperCut ) The post Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws appeared first on Security Affairs.

Cybercrime

Cybercrime Software Education Ransomware

Security Affairs newsletter Round 510 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 9, 2025

US Justice Department says cybercrime forum allegedly affected 17 million Americans Cybercrime is increasingly complex.

Spyware

Spyware Cybercrime Scams Social Engineering

Protecting People, Not Just Data

Javvad Malik

JULY 5, 2024

Oliver’s story brings into sharp focus the real-world consequences of cybercrime – the stress, the uncertainty, and the potential health complications that can arise from delayed medical procedures. It also means fostering a culture of transparency and accountability.

Healthcare

Healthcare Data breaches Cybersecurity Cybercrime

Vice Society Ransomware Attackers Targeted Dozens of Schools in 2022

The Hacker News

DECEMBER 7, 2022

The Vice Society cybercrime group has disproportionately targeted educational institutions, accounting for 33 victims in 2022 and surpassing other ransomware families like LockBit, BlackCat, BianLian, and Hive.

Ransomware

Ransomware Retail Manufacturing Healthcare

Remcos RAT campaign targets US accounting and tax return preparation firms

Security Affairs

APRIL 16, 2023

Microsoft warns of a new Remcos RAT campaign targeting US accounting and tax return preparation firms ahead of Tax Day. Tax Day, Microsoft has observed a new Remcos RAT campaign targeting US accounting and tax return preparation firms. Ahead of the U.S. The phishing attacks began in February 2023, the IT giant reported. LNK) files.

Accountability

Accountability Phishing Financial Services Surveillance

RockYou2024: The Largest Password Compilation (10 Billion) Ever Leaked

SecureWorld News

JULY 8, 2024

The number represents a significant portion of the world's online user base, raising concerns about the security of countless online accounts across various platforms. For individual users, the exposure of passwords means an increased risk of account takeovers, identity theft, and fraud. Ensure that new passwords are strong and unique.

Passwords

Passwords Password Management Education Accountability

New Ransom Payment Schemes Target Executives, Telemedicine

Krebs on Security

DECEMBER 8, 2022

.” While CLOP as a money making collective is a fairly young organization, security experts say CLOP members hail from a group of Threat Actors (TA) known as “TA505,” which MITRE’s ATT&CK database says is a financially motivated cybercrime group that has been active since at least 2014.

Healthcare

Healthcare Backups Ransomware Insurance

Cybercrime Year in Review: 2013

SiteLock

AUGUST 27, 2021

bank accounts in 2012 by cybercrooks using malware like keyloggers. And if any of those were business accounts, the business owners were probably on the hook for all the losses. That very same week, other security researchers found that out of 44 popular antivirus products tested, only one was able to detect a keylogger.

Cybercrime

Cybercrime Small Business Antivirus Malware

Consumer cyberthreats: predictions for 2023

SecureList

NOVEMBER 28, 2022

The larger the subscription base, the greater the number of fraudulent key-selling schemes and attempts at stealing accounts. In-game items and money are some of the prime goals for attackers stealing players’ accounts. Education platforms and the learning process. Online education platforms will attract more cybercrime.

Education

Education Phishing Scams Social Engineering

North Korea hackers impersonating Coinbase to lure employees and customers

CyberSecurity Insiders

AUGUST 17, 2022

We already know that North Korea leader Kim Jong Un is fulfilling his nuclear ambitions by stealing currency from banks, stealing cryptocurrency from individual accounts, and raiding crypto exchanges to steal currency. And only after completing 6 years of education, they are inducted into the group as official hackers. .

Social Engineering

Social Engineering Cryptocurrency Education Cybercrime

Database of the FBI’s InfraGard US Critical Infrastructure Intelligence portal available for sale

Security Affairs

DECEMBER 15, 2022

The portal of the FBI’s InfraGard US Critical Infrastructure Intelligence was hacked, and data is available for sale on a cybercrime forum. The attacker applied for an account in November and by early December the account had been surprisingly approved. Critical Infrastructure. “InfraGard, a program run by the U.S.

Cybercrime

Cybercrime Accountability Hacking Education

GUEST ESSAY: Sure steps to achieve a robust employee cybersecurity awareness training regimen

The Last Watchdog

OCTOBER 24, 2022

Employees are the first line of defense against cybercrime and should understand how to recognize phishing emails and what to do if they suspect them. In addition, educating employees about cybersecurity issues can help to reinforce the security-minded culture of the organization and change employee behaviour.

Passwords

Passwords Security Awareness Data breaches Cybersecurity

EvilExtractor, a new All-in-One info stealer appeared on the Dark Web

Security Affairs

APRIL 24, 2023

EvilExtractor is a new “all-in-one” info stealer for Windows that is being advertised for sale on dark web cybercrime forums. The tool was developed by a company named Kodex, which claims that the tool was developed for an educational purpose. EvilExtractor is a modular info-stealer, it exfiltrates data via an FTP service.

Cybercrime

Cybercrime Malware Education Phishing

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Inside ‘Evil Corp,’ a $100M Cybercrime Menace

Trending Sources

Pennsylvania State Education Association data breach impacts 500,000 individuals

Operation Heart Blocker: International Police Disrupt Phishing Network

FBI: Compromised US academic credentials available on various cybercrime forums

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Gmail Under Siege: FBI Warns of Unusual AI-Driven Phishing Attacks

DarkSide Ransomware Gang Quits After Servers, Bitcoin Stash Seized

Alabama State Department of Education suffered a data breach following a blocked attack

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Arrest in ‘Ransom Your Employer’ Email Scheme

Who Is the Network Access Broker ‘Babam’?

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware

Stark Industries Solutions: An Iron Hammer in the Cloud

FBI warns of PYSA Ransomware attacks against Education Institutions in US and UK

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

Law enforcement seized the Genesis Market cybercrime marketplace

Cybercrime and Fraud on the Rise During COVID-19 Pandemic

Audi Got Hacked: What Cybercrimals Do with Your Information and How to Protect It

Cybercrime group exploits Windows zero-day in ransomware attacks

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

BEC Attacks: Protecting Against the Most Insidious Cybercrime

We Infiltrated a Counterfeit Check Ring! Now What?

Cybersecurity CEO: 5 Cybercrime Trends to Watch for in 2021

Crooks broke into AT&T email accounts to empty their cryptocurrency wallets

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

Cybersecurity Snapshot: CISA Calls for Stamping Out Buffer Overflow Vulnerabilities, as Europol Tells Banks To Prep For Quantum Threat

This Simple Hack Could Tank Your Business

Q&A: Here’s why VPNs are likely to remain a valuable DIY security tool for consumers, SMBs

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

Security Affairs newsletter Round 510 by Pierluigi Paganini – INTERNATIONAL EDITION

Protecting People, Not Just Data

Vice Society Ransomware Attackers Targeted Dozens of Schools in 2022

Remcos RAT campaign targets US accounting and tax return preparation firms

RockYou2024: The Largest Password Compilation (10 Billion) Ever Leaked

New Ransom Payment Schemes Target Executives, Telemedicine

Cybercrime Year in Review: 2013

Consumer cyberthreats: predictions for 2023

North Korea hackers impersonating Coinbase to lure employees and customers

Database of the FBI’s InfraGard US Critical Infrastructure Intelligence portal available for sale

GUEST ESSAY: Sure steps to achieve a robust employee cybersecurity awareness training regimen

EvilExtractor, a new All-in-One info stealer appeared on the Dark Web

Stay Connected