Accountability, Cybercrime and Information Security

Microsoft seized the US infrastructure of the Storm-1152 cybercrime group

Security Affairs

DECEMBER 14, 2023

Microsoft’s Digital Crimes Unit seized multiple domains used by cybercrime group Storm-1152 to sell fraudulent Outlook accounts. Microsoft’s Digital Crimes Unit seized multiple domains used by a cybercrime group, tracked as Storm-1152, to sell fraudulent accounts. ” concludes the announcement.

Cybercrime

Cybercrime Accountability Media Technology

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Security Affairs

NOVEMBER 21, 2024

Justice Department charged five suspects linked to the Scattered Spider cybercrime gang with wire fraud conspiracy. Justice Department charged five alleged members of the cybercrime gang Scattered Spider (also known as UNC3944 , 0ktapus ) with conspiracy to commit wire fraud. ” reads the press release published by DoJ. .

Cybercrime

Cybercrime Identity Theft Cryptocurrency Phishing

Fake CISO Profiles on LinkedIn Target Fortune 500s

Krebs on Security

SEPTEMBER 30, 2022

Someone has recently created a large number of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. If you were confused at this point, you might ask Google who it thinks is the current Chief Information Security Officer of Chevron. of spam and scam.”

CISO

CISO Cybercrime Accountability Information Security

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” ” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in.

Cybercrime

Cybercrime VPN Malware Ransomware

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Security Affairs

FEBRUARY 2, 2025

and Dutch authorities seized 39 domains and servers linked to the HeartSender cybercrime group based in Pakistan. A joint law enforcement operation led to the seizure of 39 domains tied to a Pakistan-based HeartSender cybercrime group (aka Saim Raza and Manipulators Team) known for selling hacking and fraud tools.

Cybercrime

Cybercrime Advertising Phishing Hacking

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

The makers of Acunetix, Texas-based application security vendor Invicti Security , confirmed Silent Push’s findings, saying someone had figured out how to crack the free trial version of the software so that it runs without a valid license key. co — first came online in February 2023. 2023 on the forum Cracked.

Hacking

Hacking Cybercrime Advertising Data breaches

A large botnet targets M365 accounts with password spraying attacks

Security Affairs

FEBRUARY 24, 2025

A botnet of 130,000+ devices is attacking Microsoft 365 accounts via password-spraying, bypassing MFA by exploiting basic authentication. SecurityScorecard researchers discovered a botnet of over 130,000 devices that is conducting password-spray attacks against Microsoft 365 (M365) accounts worldwide.

Passwords

Passwords Accountability Authentication Malware

U.S. authorities seized cybercrime marketplace Rydox

Security Affairs

DECEMBER 13, 2024

Department of Justice (DoJ) announced the seizure of the cybercrime marketplace Rydox (“rydox.ru” and “rydox[.]cc”). Department of Justice (DoJ) seized Rydox, a cybercrime marketplace for selling stolen personal data and fraud tools. cc”). Thousands of U.S. victims were affected. Attorney Eric G.

Cybercrime

Cybercrime Identity Theft Cryptocurrency Hacking

DoJ charged 19 individuals in a transnational cybercrime investigation xDedic Marketplace

Security Affairs

JANUARY 8, 2024

19 individuals worldwide were charged in a transnational cybercrime investigation of the now defunct xDedic marketplace. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, cybercrime) ” reads the press release published by DoJ.

Cybercrime

Cybercrime Identity Theft Government Hacking

Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum

Security Affairs

AUGUST 20, 2024

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported.

Data breaches

Data breaches Cybercrime Financial Services Hacking

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Security Affairs

NOVEMBER 24, 2024

seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime. PopeyeTools was a dark web marketplace specializing in selling stolen credit cards and cybercrime tools, facilitating fraud and illicit online activities since 2016. million in revenue. million in revenue.

Cybercrime

Cybercrime Cryptocurrency Banking Accountability

Hackers may have accessed thousands of accounts on the California state welfare platform

Security Affairs

APRIL 27, 2024

Threat actors accessed more than 19,000 online accounts on a California state platform for welfare programs. Threat actors breached over 19,000 online accounts on a California state platform dedicated to welfare programs. Your account may have been one of those accessed.” ” continues the notification.

Accountability

Accountability Passwords Data breaches Hacking

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. Chaput said that at one point last week the volume of bot accounts being registered for the crypto spam campaign started overwhelming the servers that handle new signups at Mastodon.social.

Scams

Scams DDOS Cryptocurrency Accountability

Many Public Salesforce Sites are Leaking Private Data

Krebs on Security

APRIL 27, 2023

Until being contacted by this reporter on Monday, the state of Vermont had at least five separate Salesforce Community sites that allowed guest access to sensitive data, including a Pandemic Unemployment Assistance program that exposed the applicant’s full name, Social Security number, address, phone number, email, and bank account number.

Banking

Banking Government Information Security Authentication

Hacker hijacked Orange Spain RIPE account causing internet outage to company customers

Security Affairs

JANUARY 4, 2024

An internet outage impacted Orange Spain after a hacker gained access to the company’s RIPE account to misconfigure BGP routing. The hacker, who uses the moniker ‘Snow’, gained access to the RIPE account of Orange Spain and misconfigured the BGP routing causing an internet outage. I have fixed your RIPE admin account security.

Internet

Internet Internet Accountability Passwords

Crooks hacked Mandiant X account to push cryptocurrency scam

Security Affairs

JANUARY 4, 2024

The X account of cybersecurity giant Mandiant was hacked, attackers used it to impersonate the Phantom crypto wallet and push a cryptocurrency scam. Crooks hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam. “Sorry, change password please.”

Cryptocurrency

Cryptocurrency Scams Accountability Hacking

LockBit ransomware gang claims to have breached accountancy firm Xeinadin

Security Affairs

DECEMBER 23, 2023

The LockBit ransomware claims to have hacked accountancy firm Xeinadin threatens to leak the alleged stolen data. The LockBit ransomware claims responsibility for hacking the Xeinadin accountancy firm and threatens to disclose the alleged stolen data. Account balances. Client legal information. Customer financials.

Accountability

Accountability Ransomware Data breaches Hacking

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

Additionally, there are also Russian cybercrime organizations that are not state-sponsored but are allowed to operate. Although there’s no one magic solution to eliminating cyberattacks and cybercrime risks, there are steps you can take to reduce the chances of becoming a victim. Accounting for humans.

Cybersecurity

Cybersecurity Cybercrime Education Government

BingoMod Android RAT steals money from victims’ bank accounts and wipes data

Security Affairs

JULY 31, 2024

BingoMod is a new Android malware that can wipe devices after stealing money from the victims’ bank accounts. Researchers at Cleafy discovered a new Android malware, called ‘BingoMod,’ that can wipe devices after successfully stealing money from the victims’ bank accounts.

Banking

Banking Accountability Malware Mobile

X Account of leading cybersecurity firm Mandiant was hacked because not adequately protected

Security Affairs

JANUARY 11, 2024

The X account of cybersecurity firm Mandiant was likely hacked through a brute-force password attack, the company revealed. Last week, threat actors hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam. and “Check bookmarks when you get account back.”

Accountability

Accountability Hacking Cryptocurrency Cybersecurity

Microsoft disrupted a global cybercrime ring abusing Azure OpenAI Service

Security Affairs

MARCH 1, 2025

These individuals are members of a global cybercrime ring tracked as Storm-2139 by Microsoft. The defendants used exposed customer credentials scraped from public sources to unlawfully access accounts with certain generative AI services. The case demonstrates legal actions power in dismantling cybercrime networks.

Cybercrime

Cybercrime Technology Hacking Accountability

Conti Ransomware Group Diaries, Part I: Evasion

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. On Sunday, Feb. ” GAP #1.

Ransomware

Ransomware Healthcare Cybercrime Government

Info stealers and how to protect against them

Security Affairs

DECEMBER 18, 2023

. “Cashout bank logs” typically refer to a type of cybercrime where individuals gain unauthorized access to banking information, often through phishing attacks or hacking, and then use that information to withdraw money or make unauthorized transactions. Do you want to know how do we protect against info stealers?

Banking

Banking Cybercrime Malware Accountability

German police seized the darknet marketplace Nemesis Market

Security Affairs

MARCH 23, 2024

An operation conducted by the Federal Criminal Police Office in Germany (BKA) and the Frankfurt cybercrime combating unit (ZIT) led to the seizure of the infrastructure of the darknet marketplace Nemesis Market in Germany and Lithuania. The Nemesis Market recently reached over 150,000 users and over 1,100 seller accounts registered worldwide.

Marketing

Marketing Cybercrime DDOS Internet

Feds indicted two alleged administrators of WWH Club dark web marketplace

Security Affairs

SEPTEMBER 8, 2024

WWH Club had over 353,000 users by 2023 and offered courses on fraud and cybercrime, generating profits through membership and tuition fees. Khodyrev and Kublitskii were also the administrators of many similar websites, including darkweb marketplaces, forums, and training centers to enable cybercrime.

Cybercrime

Cybercrime Accountability Banking Advertising

France’s second-largest telecoms provider Free suffered a cyber attack

Security Affairs

OCTOBER 28, 2024

Free disclosed a cyber attack over the weekend after a threat actor attempted to sell the stolen data on a popular cybercrime forum. The seller listed two databases for sale one containing 19,192,948 customer accounts and another including 5.11 ” “Thus, this information should be taken cautiously until confirmed.

Cyber Attacks

Cyber Attacks Telecommunications Data breaches Banking

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

The cybersecurity firm’s recommendations for malware victims are: Consult an expert : For thorough malware removal and system security, seek professional help if needed. Change passwords : After malware removal, update passwords for key accounts (email, banking, work, social media) and enable two-factor authentication.

Identity Theft

Identity Theft Passwords Malware Banking

US offers $2.5M reward for Belarusian man involved in mass malware distribution

Security Affairs

AUGUST 28, 2024

million for information leading to the arrest and/or conviction in any country of Volodymyr Kadariya for his alleged participation in a significant malware organization.” Department of State is offering a reward of up to $2.5 ” reads the announcement published by US Department of State. ” reads the notice.

Malware

Malware Computers and Electronics Cybercrime Internet

Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JUNE 30, 2024

Threat actors compromised 1,590 CoinStats crypto wallets Experts observed approximately 120 malicious campaigns using the Rafel RAT LockBit claims the hack of the US Federal Reserve Ransomware threat landscape Jan-Apr 2024: insights and challenges ExCobalt Cybercrime group targets Russian organizations in multiple sectors Threat actor attempts to sell (..)

Cybercrime

Cybercrime Hacking Ransomware Data breaches

GUEST ESSAY: Sure steps to achieve a robust employee cybersecurity awareness training regimen

The Last Watchdog

OCTOBER 24, 2022

. • Create security awareness for employees. One of the most important ways to protect against data breaches is to increase employee security awareness. Employees are the first line of defense against cybercrime and should understand how to recognize phishing emails and what to do if they suspect them.

Passwords

Passwords Security Awareness Data breaches Cybersecurity

Australian man charged for Evil Twin Wi-Fi attacks on domestic flights

Security Affairs

JULY 2, 2024

“The man, 42, is expected to appear in Perth Magistrates Court today (28 June, 2024) to face nine charges for alleged cybercrime offences.” These harvested cfedentials could be used to access victims’ personal information and bank details. ” AFP Western Command Cybercrime Detective Inspector Andrea Coleman said.

Wireless

Wireless Cybercrime Banking VPN

DarkGate malware campaign abuses Skype and Teams

Security Affairs

OCTOBER 16, 2023

The researchers speculate the originating accounts of the instant messaging applications were compromised through the leaked credentials available on cybercrime forums. The message sent to the victims from a compromised Skype account contains a VBS script with a filename following the following format: <filename.pdf> www.skype[.]vbs.

Malware

Malware Cryptocurrency Accountability Cybercrime

Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID operations

Security Affairs

JULY 13, 2024

In October 2022, Swiss police arrested Penchukov in Geneva, also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. In 2012, Vyacheslav Igorevich Penchukov was accused of being a member of a cybercrime gang known as JabberZeus crew.

Cybercrime

Cybercrime Banking Malware Hacking

Florida man sentenced to prison for SIM Swapping conspiracy that led to theft of $1M in cryptocurrency

Security Affairs

OCTOBER 30, 2023

Persad and his co-conspirators hacked the email accounts of the victims, hijacked their cell phone numbers, and took over their online cryptocurrency accounts. Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts.

Cryptocurrency

Cryptocurrency Accountability Hacking Cybercrime

Mastermind behind 1.8 million cryptojacking scheme arrested in Ukraine

Security Affairs

JANUARY 14, 2024

The compromised account holders face huge cloud bills due to the abuse of their clod resources. The investigation started in January 2023 when a cloud provider approached Europol and shared information regarding compromised cloud user accounts. ” continues the press release.

Cryptocurrency

Cryptocurrency Cybercrime Accountability Authentication

ShinyHunters is selling data of 30 million Santander customers

Security Affairs

MAY 31, 2024

ShinyHunters claims to have stolen information for 30 million customers, employees, and bank account data. No transactional data, nor any credentials that would allow transactions to take place on accounts are contained in the database, including online banking details and passwords. continues the statement.

Banking

Banking Data breaches Cybercrime Passwords

U.S. cannabis dispensary STIIIZY disclosed a data breach

Security Affairs

JANUARY 11, 2025

After discovering the security breach, the company investigated the incident and notified law enforcement. “On November 20, 2024, we were notified by a vendor of point-of-sale processing services for some of our retail locations that accounts with their organization had been compromised by an organized cybercrime group.”

Data breaches

Data breaches Retail Cybercrime Government

Security Affairs newsletter Round 464 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 24, 2024

surfaces in the threat landscape Pokemon Company resets some users’ passwords Ukraine cyber police arrested crooks selling 100 million compromised accounts New AcidPour wiper targets Linux x86 devices. Is it a Russia’s weapon? Players hacked during the matches of Apex Legends Global Series.

Malware

Malware Cybercrime Hacking Cyber threats

Spanish police arrested an alleged member of the Scattered Spider group

Security Affairs

JUNE 17, 2024

A joint law enforcement operation led to the arrest of a key member of the cybercrime group known as Scattered Spider. Spanish police arrested a 22-year-old British national who is suspected of being a key member of the cybercrime group known as Scattered Spider (also known as UNC3944 , 0ktapus ). ” reported the Murcia Today.

Cybercrime

Cybercrime Hacking Social Engineering Cryptocurrency

Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 13, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

VPN

VPN Cybercrime Ransomware Hacking

Spain police dismantled a cybercriminal group who stole the data of 4 million individuals

Security Affairs

OCTOBER 23, 2023

. “The investigation began at the beginning of this year by specialized agents of the Central Cybercrime Unit, when they identified a criminal network that illegally accessed databases of various financial and credit entities, entering different amounts of money into client accounts from the credit institution.

Computers and Electronics

Computers and Electronics Scams Cybercrime Phishing

Two Sudanese nationals indicted for operating the Anonymous Sudan group

Security Affairs

OCTOBER 17, 2024

The feds also seized the accounts containing the source code for their DDoS tools. With the FBI’s mix of unique authorities, capabilities, and partnerships, there is no limit to our reach when it comes to combating all forms of cybercrime and defending global cybersecurity.”

DDOS

DDOS Cybercrime Government Hacking

Three men plead guilty to running MFA bypass service OTP.Agency

Security Affairs

SEPTEMBER 3, 2024

These OTPs, used in multi-factor authentication, allowed criminals to bypass security and access victims’ bank accounts to steal funds. Cybercriminals paid a monthly subscription fee to OTP.Agency, which provided tools for socially engineering victims and tricked them into revealing one-time passcodes or personal information.

Banking

Banking Social Engineering Accountability Authentication

Law enforcement Operation HAECHI IV led to the seizure of $300 Million

Security Affairs

DECEMBER 20, 2023

The investigators used INTERPOL’s Global Rapid Intervention of Payments (I-GRIP) to detect online fraudulent transactions, and then froze the associated bank and virtual asset service provider (VASP) accounts. Police in member countries froze the assets and investigations are ongoing.

Scams

Scams eCommerce Banking Cybercrime

Microsoft seized the US infrastructure of the Storm-1152 cybercrime group

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Trending Sources

Fake CISO Profiles on LinkedIn Target Fortune 500s

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

A large botnet targets M365 accounts with password spraying attacks

U.S. authorities seized cybercrime marketplace Rydox

DoJ charged 19 individuals in a transnational cybercrime investigation xDedic Marketplace

Toyota disclosed a data breach after ZeroSevenGroup leaked stolen data on a cybercrime forum

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Hackers may have accessed thousands of accounts on the California state welfare platform

Interview With a Crypto Scam Investment Spammer

Many Public Salesforce Sites are Leaking Private Data

Hacker hijacked Orange Spain RIPE account causing internet outage to company customers

Crooks hacked Mandiant X account to push cryptocurrency scam

LockBit ransomware gang claims to have breached accountancy firm Xeinadin

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

BingoMod Android RAT steals money from victims’ bank accounts and wipes data

X Account of leading cybersecurity firm Mandiant was hacked because not adequately protected

Microsoft disrupted a global cybercrime ring abusing Azure OpenAI Service

Conti Ransomware Group Diaries, Part I: Evasion

Info stealers and how to protect against them

German police seized the darknet marketplace Nemesis Market

Feds indicted two alleged administrators of WWH Club dark web marketplace

France’s second-largest telecoms provider Free suffered a cyber attack

International law enforcement operation dismantled RedLine and Meta infostealers

US offers $2.5M reward for Belarusian man involved in mass malware distribution

Security Affairs newsletter Round 478 by Pierluigi Paganini – INTERNATIONAL EDITION

GUEST ESSAY: Sure steps to achieve a robust employee cybersecurity awareness training regimen

Australian man charged for Evil Twin Wi-Fi attacks on domestic flights

DarkGate malware campaign abuses Skype and Teams

Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID operations

Florida man sentenced to prison for SIM Swapping conspiracy that led to theft of $1M in cryptocurrency

Mastermind behind 1.8 million cryptojacking scheme arrested in Ukraine

ShinyHunters is selling data of 30 million Santander customers

U.S. cannabis dispensary STIIIZY disclosed a data breach

Security Affairs newsletter Round 464 by Pierluigi Paganini – INTERNATIONAL EDITION

Spanish police arrested an alleged member of the Scattered Spider group

Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

Spain police dismantled a cybercriminal group who stole the data of 4 million individuals

Two Sudanese nationals indicted for operating the Anonymous Sudan group

Three men plead guilty to running MFA bypass service OTP.Agency

Law enforcement Operation HAECHI IV led to the seizure of $300 Million

Stay Connected