Advertising, Hacking and Information Security

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

Cyber threat analysts at Silent Push said they recently received reports from a partner organization that identified an aggressive scanning effort against their website using an Internet address previously associated with a campaign by FIN7 , a notorious Russia-based hacking group. ” Orn advertising Araneida Scanner in Feb.

Hacking

Hacking Cybercrime Advertising Data breaches

Cybercrime group FIN7 advertises new EDR bypass tool on hacking forums

Security Affairs

JULY 18, 2024

The cybercrime group FIN7 is advertising a security evasion tool in multiple underground forums, cybersecurity company SentinelOne warns. SentinelOne researchers warn that the financially motivated group FIN7 is using multiple pseudonyms to advertise a security evasion tool in several criminal underground forums.

Advertising

Advertising Cybercrime Hacking Ransomware

Ukraine President enforces Information Security Strategy

CyberSecurity Insiders

DECEMBER 29, 2021

Amid extreme concerns related to cyber warfare from Russia, Ukraine’s President Volodymyr Zelensky announced a new information security strategy policy was launched and came into effect early this week. The post Ukraine President enforces Information Security Strategy appeared first on Cybersecurity Insiders.

Information Security

Information Security Cryptocurrency Scams Cyber Attacks

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. Authorities in the United States, Germany, the Netherlands and the U.K.

Advertising

Advertising Cybercrime System Administration Hacking

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Security Affairs

FEBRUARY 2, 2025

A joint law enforcement operation led to the seizure of 39 domains tied to a Pakistan-based HeartSender cybercrime group (aka Saim Raza and Manipulators Team) known for selling hacking and fraud tools. The HeartSender group advertised its tools as fully undetectable by antispam software.

Cybercrime

Cybercrime Advertising Phishing Hacking

BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums

Security Affairs

OCTOBER 3, 2023

Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023. Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that’s appeared in the threat landscape.

Advertising

Advertising Cybercrime Malware Cryptocurrency

FTC charged Avast with selling users’ browsing data to advertising companies

Security Affairs

FEBRUARY 22, 2024

The antivirus firm is accused of selling the data to advertising companies without user consent. According to the complaint, the cybersecurity firm was advertising its products as privacy-friendly. “Respondents sold the browsing information that they purported to protect, in many instances without notice to users.”

Advertising

Advertising Antivirus Data collection Software

Banshee macOS stealer supports new evasion mechanisms

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malicious code was advertised on cybercrime forums for $3,000 per month. The malware can collect cookies, logins and browsing history, but from Safari only cookies can be collected.

Malware

Malware Advertising Antivirus Cybercrime

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Security Affairs

NOVEMBER 24, 2024

To advertise the marketplace, PopeyeTools allegedly promised to refund or replace purchased credit cards that were no longer valid at the time of sale. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Cybercrime

Cybercrime Cryptocurrency Banking Accountability

REvil ransomware gang hacked gaming firm Gaming Partners International

Security Affairs

OCTOBER 31, 2020

The REvil ransomware operators made the headlines again, this time the gang claims to have hacked the Gaming Partners International (GPI). “Absolutely all servers and working computers of the company are hacked and encrypted. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Hacking

Hacking Ransomware Advertising Encryption

15 SpyLoan Android apps found on Google Play had over 8 million installs

Security Affairs

NOVEMBER 30, 2024

Some of the malicious apps were promoted through deceptive advertising on social media. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Google Play) Some apps were suspended by Google from Google Play while others were updated by the developers.

Social Engineering

Social Engineering Media Mobile Scams

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

Security Affairs

OCTOBER 14, 2024

Some sellers on Bohemia advertised they were shipping the products from the Netherlands. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, dark web) million euros.

Marketing

Marketing Cybercrime DDOS Cryptocurrency

Crooks hacked Mandiant X account to push cryptocurrency scam

Security Affairs

JANUARY 4, 2024

The X account of cybersecurity giant Mandiant was hacked, attackers used it to impersonate the Phantom crypto wallet and push a cryptocurrency scam. Crooks hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam.

Cryptocurrency

Cryptocurrency Scams Accountability Hacking

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

JANUARY 24, 2023

The plea comes just months after Emelyantsev was extradited from Bulgaria, where he told investigators, “America is looking for me because I have enormous information and they need it.” “Thanks to you, we are now developing in the field of information security and anonymity!,” Kloster’s blog enthused. “We

Cybercrime

Cybercrime Advertising IoT Malware

Atomic macOS Stealer is advertised on Telegram for $1,000 per month

Security Affairs

APRIL 29, 2023

Atomic macOS Stealer is a new information stealer targeting macOS that is advertised on Telegram for $1,000 per month. Cyble Research and Intelligence Labs (CRIL) recently discovered a Telegram channel advertising a new information-stealing malware, named Atomic macOS Stealer (AMOS).

Advertising

Advertising Passwords Malware Password Management

HP Device Manager flaws expose Windows systems to hack

Security Affairs

OCTOBER 4, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, HP). The post HP Device Manager flaws expose Windows systems to hack appeared first on Security Affairs. Pierluigi Paganini.

Hacking

Hacking Accountability Passwords Advertising

NATO is checking its systems to determine the impact of SolarWinds hack

Security Affairs

DECEMBER 19, 2020

agency that regulates medicines and medical devices is a client, while AstraZeneca Plc , the company behind a potential Covid-19 vaccine, recently advertised for a senior consultant role that required experience working with SolarWinds’ products.” SecurityAffairs – hacking, SolarWinds). . “The U.K.

Hacking

Hacking Government Advertising Marketing

Phishing-as-a-Service Rockstar 2FA continues to be prevalent

Security Affairs

NOVEMBER 29, 2024

Authors advertise Rockstar 2FA as a phishing-as-a-service toolkit that bypasses 2FA, harvests cookies, and features FUD links, antibot tools, and custom themes. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, phishing)

Phishing

Phishing Accountability Authentication Advertising

Dutch Police shut down bulletproof hosting provider Zservers and seized 127 servers

Security Affairs

FEBRUARY 17, 2025

Alexander Igorevich Mishinand Aleksandr Sergeyevich Bolshakovare the two Russian nationals and administrators of Zservers. “ Zservers , headquartered in Barnaul, Russia, has advertised BPH services on known cybercriminal forums to evade law enforcement investigations and takedowns, as well as scrutiny from cybersecurity firms.

Cybercrime

Cybercrime Ransomware Hacking Advertising

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

.” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Energetic Bear). Pierluigi Paganini.

Government

Government Hacking Advertising Passwords

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” ” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in.

Cybercrime

Cybercrime VPN Malware Ransomware

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Since then, the same spammers have used this method to advertise more than 100 different crypto investment-themed domains. In September 2018, a user by the name “ ципа ” (phonetically “ Zipper ” in Russian) registered on the Russian hacking forum Lolzteam using the edgard0111012@gmail.com address.

Scams

Scams DDOS Cryptocurrency Accountability

Russians charged with hacking Mt. Gox exchange and operating BTC-e

Security Affairs

JUNE 9, 2023

Two Russian nationals have been charged with the hack of the cryptocurrency exchange Mt. Russian nationals Alexey Bilyuchenko (43) and Aleksandr Verner (29) have been charged with the hack of the cryptocurrency exchange Mt. Gox ) The post Russians charged with hacking Mt. Gox in 2011 and money laundering. ” reads the DoJ.

Hacking

Hacking Cryptocurrency Advertising Banking

X Account of leading cybersecurity firm Mandiant was hacked because not adequately protected

Security Affairs

JANUARY 11, 2024

The X account of cybersecurity firm Mandiant was likely hacked through a brute-force password attack, the company revealed. Last week, threat actors hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam. ” the company said on X.

Accountability

Accountability Hacking Cryptocurrency Cybersecurity

U.S. and Australian police arrested Firebird RAT author and operator

Security Affairs

APRIL 14, 2024

The Australian man developed and sold Firebird to customers on a dedicated hacking forum. The RAT allowed customers to access and control their victims’ computers remotely, its author advertised its stealing capabilities. The Australian man faces twelve counts of computer offenses. ” reported the DoJ.

Computers and Electronics

Computers and Electronics Advertising Cryptocurrency Malware

A data breach broker is selling account databases of 17 companies

Security Affairs

NOVEMBER 1, 2020

The threat actor is advertising the stolen data since October 28 on a hacker forum. The availability of the huge trove of account data was first reported by BleepingComputer , the threat actor told them that it is only acting as a broker and did not hack the seventeen companies. SecurityAffairs – hacking, account databases).

Data breaches

Data breaches Accountability Advertising Passwords

Researchers found alleged sensitive documents of NATO and Turkey

Security Affairs

OCTOBER 12, 2020

It is unclear if the threat actors acted for cyber espionage purposes or hacktivism, the content of the message advertising the leak suggests that it was the work of hacktivists, but we cannot exclude that it is the result of a nation-state actor. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Manufacturing Hacking Cyber Attacks

USPS Site Exposed Data on 60 Million Users

Krebs on Security

NOVEMBER 21, 2018

The API in question was tied to a Postal Service initiative called “ Informed Visibility ,” which according to the USPS is designed to let businesses, advertisers and other bulk mail senders “make better business decisions by providing them with access to near real-time tracking data” about mail campaigns and packages.

Accountability

Accountability Authentication Identity Theft Advertising

Hackers stole a six-figure amount from Swiss universities

Security Affairs

OCTOBER 5, 2020

Threat actors have hacked at least three Swiss universities, including the University of Basel and managed to drain employee salary transfers. According to our information, several universities in Switzerland have been affected,” explained Martina Weiss, Secretary General of the Rectors’ Conference of the Swiss Universities. .

Advertising

Advertising Phishing Cybercrime Hacking

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Security Affairs

NOVEMBER 4, 2020

It is still unclear if the funds were transferred by the owner themselves, or if someone has hacked the wallet. The wallet was monitored since 2015 because it was associated with hacking activities, it had been “ dormant ” since 2015. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency

Cryptocurrency Passwords Advertising Hacking

Qilin ransomware gang claimed responsibility for the Lee Enterprises attack

Security Affairs

MARCH 2, 2025

Headquartered in Davenport, Iowa, and listed on Nasdaq under the ticker LEE, Lee Enterprises describes itself as a leading source of trusted local news and information, with robust digital platforms and innovative advertising solutions.

Ransomware

Ransomware Cybercrime Encryption Healthcare

Crazy Evil gang runs over 10 highly specialized social media scams

Security Affairs

FEBRUARY 3, 2025

Crazy Evil actively recruits affiliates by advertising its cybercriminal network with specific skill requirements. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,cybercrime) Crazy Evil has earned over $5 million through phishing scams since 2021.

Scams

Scams Media Cryptocurrency Cybercrime

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

A China-linked threat actor used UEFI malware based on code from Hacking Team in attacks aimed at organizations with an interest in North Korea. The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. Pierluigi Paganini.

Firmware

Firmware Spyware Surveillance Hacking

The British government aims at improving its offensive cyber capability

Security Affairs

OCTOBER 13, 2020

The news is not surprising for people working in the cyber security sector, the British military claims to have had an offensive cyber capability for a decade. Intelligence experts pointed out that the British government already conducted offensive hacking operations, including the one that targeted the ISIS in 2017.

Government

Government Advertising Hacking Cyber Attacks

Staples discloses data breach exposing customer order data

Security Affairs

SEPTEMBER 14, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Staples). The post Staples discloses data breach exposing customer order data appeared first on Security Affairs. Pierluigi Paganini.

Data breaches

Data breaches Retail Identity Theft Advertising

Threat actors attempted to capitalize CrowdStrike incident

Security Affairs

JULY 20, 2024

HijackLoader, advertised as a private crypting service called ASMCrypt, is a modular, multi-stage loader designed to evade detection. The domains were used to advertise services to companies affected by the issue in return for a cryptocurrency payment.

Malware

Malware Advertising Cryptocurrency Cybersecurity

A powerful DDoS attack hit Hungarian banks and telecoms services

Security Affairs

SEPTEMBER 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Hungary). The post A powerful DDoS attack hit Hungarian banks and telecoms services appeared first on Security Affairs. Pierluigi Paganini.

DDOS

DDOS Banking Telecommunications Advertising

New MrbMiner malware infected thousands of MSSQL DBs

Security Affairs

SEPTEMBER 16, 2020

According to security firm Tencent, the team of hackers has been active over the past few months by hacking into Microsoft SQL Servers (MSSQL) to install a crypto-miner. “Tencent Security Threat Intelligence Center detected a new type of mining Trojan family MrbMiner. SecurityAffairs – hacking, MrbMiner).

Malware

Malware Advertising Cryptocurrency Accountability

Hackers targeted the US Census Bureau network, DHS report warns

Security Affairs

OCTOBER 11, 2020

” In the past, the US Census has been hit by attacks, such as hacks and DDoS attacks during a 2018 test of census systems attributed to Russia-linked hackers and a 2015 hack attributed to the Anonymous collective. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Let me suggest to read it.

Government

Government Advertising Hacking Data collection

Unknown FinSpy Mac and Linux versions found in Egypt

Security Affairs

SEPTEMBER 27, 2020

The new versions of FinSpy spyware were used by a new unknown hacking group, Amnesty International speculates the involvement of a nation-state actor that employed them since September 2019. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, FinSpy). Pierluigi Paganini.

Spyware

Spyware Surveillance Advertising Mobile

Hackers hit Luxottica, production stopped at two Italian plants

Security Affairs

SEPTEMBER 22, 2020

Security experts believe that threat actor exploited the above flaw to infect the systems at the company with ransomware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, malware).

Advertising

Advertising Retail Manufacturing Cyber Attacks

AvosLocker ransomware now targets Linux systems, including ESXi servers

Security Affairs

JANUARY 11, 2022

AvosLocker operators already advertised in the past a Linux variant, dubbed AvosLinux, of their malware claiming it was able to support Linux and ESXi servers. AvosLocker advertising their latest variants (avos2 / avoslinux) pic.twitter.com/4a1Sb8XQqJ — ??????? SecurityAffairs – hacking, AvosLocker). Pierluigi Paganini.

Ransomware

Ransomware Encryption Advertising Malware

Ransomware attack disabled Georgia County Election database

Security Affairs

OCTOBER 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Georgia county). The post Ransomware attack disabled Georgia County Election database appeared first on Security Affairs. Pierluigi Paganini.

Ransomware

Ransomware Advertising Media Government

Google researcher found BleedingTooth flaws in Linux Bluetooth

Security Affairs

OCTOBER 14, 2020

“A remote attacker in short distance can broadcast extended advertising data and cause denial of service or possibly arbitrary code execution with kernel privileges on victim machines if they are equipped with Bluetooth 5 chips and are in scanning mode. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Encryption Hacking Risk

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Cybercrime group FIN7 advertises new EDR bypass tool on hacking forums

Trending Sources

Ukraine President enforces Information Security Strategy

Meet the Administrators of the RSOCKS Proxy Botnet

Law enforcement seized the domains of HeartSender cybercrime marketplaces

BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums

FTC charged Avast with selling users’ browsing data to advertising companies

Banshee macOS stealer supports new evasion mechanisms

DoJ seized credit card marketplace PopeyeTools and charges its administrators

REvil ransomware gang hacked gaming firm Gaming Partners International

15 SpyLoan Android apps found on Google Play had over 8 million installs

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

Crooks hacked Mandiant X account to push cryptocurrency scam

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Atomic macOS Stealer is advertised on Telegram for $1,000 per month

HP Device Manager flaws expose Windows systems to hack

NATO is checking its systems to determine the impact of SolarWinds hack

Phishing-as-a-Service Rockstar 2FA continues to be prevalent

Dutch Police shut down bulletproof hosting provider Zservers and seized 127 servers

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Interview With a Crypto Scam Investment Spammer

Russians charged with hacking Mt. Gox exchange and operating BTC-e

X Account of leading cybersecurity firm Mandiant was hacked because not adequately protected

U.S. and Australian police arrested Firebird RAT author and operator

A data breach broker is selling account databases of 17 companies

Researchers found alleged sensitive documents of NATO and Turkey

USPS Site Exposed Data on 60 Million Users

Hackers stole a six-figure amount from Swiss universities

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Qilin ransomware gang claimed responsibility for the Lee Enterprises attack

Crazy Evil gang runs over 10 highly specialized social media scams

Second-ever UEFI rootkit used in North Korea-themed attacks

The British government aims at improving its offensive cyber capability

Staples discloses data breach exposing customer order data

Threat actors attempted to capitalize CrowdStrike incident

A powerful DDoS attack hit Hungarian banks and telecoms services

New MrbMiner malware infected thousands of MSSQL DBs

Hackers targeted the US Census Bureau network, DHS report warns

Unknown FinSpy Mac and Linux versions found in Egypt

Hackers hit Luxottica, production stopped at two Italian plants

AvosLocker ransomware now targets Linux systems, including ESXi servers

Ransomware attack disabled Georgia County Election database

Google researcher found BleedingTooth flaws in Linux Bluetooth

Stay Connected