Authentication and Cybercrime - Cyber Security Informer

Passwordless Authentication without Secrets!

Thales Cloud Protection & Licensing

OCTOBER 11, 2024

Passwordless Authentication without Secrets! This highlights an increasing demand for advanced authentication methods like passkeys and multi-factor authentication (MFA), which provide robust security for most use cases. Similarly, in retail and manufacturing, delays caused by authentication procedures reduce overall efficiency.

Authentication

Authentication Retail Healthcare Manufacturing

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Krebs on Security

JANUARY 31, 2025

On January 29, the FBI and the Dutch national police seized the technical infrastructure for a cybercrime service marketed under the brands Heartsender , Fudpage and Fudtools (and many other “fud” variations). “The Cybercrime Team is on the trail of a number of buyers of the tools,” the Dutch national police said.

Phishing

Phishing Cybercrime Advertising Malware

Three Top Russian Cybercrime Forums Hacked

Krebs on Security

MARCH 4, 2021

“Initial analysis of the leaked data pointed to its probable authenticity, as at least a portion of the leaked user records correlated with our own data holdings.” ” The attack on Maza comes just weeks after another major Russian crime forum got plundered. The administrator stated that on Feb.

Cybercrime

Cybercrime Hacking Passwords Accountability

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

We’ll also explore an array of cybercrime services aimed at phishers who target hotels that rely on the world’s most visited travel website. Booking.com said it now requires 2FA , which forces partners to provide a one-time passcode from a mobile authentication app (Pulse) in addition to a username and password.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

Operation Heart Blocker: International Police Disrupt Phishing Network

SecureWorld News

FEBRUARY 3, 2025

In a significant victory against cybercrime, U.S. Cybercrime as a service: an evolving threat As cybercriminals continue to develop more sophisticated and accessible tools, law enforcement agencies worldwide are struggling to keep pace. For every criminal group disrupted, multiple others remain active or emerge to take their place."

Phishing

Phishing Cybercrime Scams Authentication

Crime Shop Sells Hacked Logins to Other Crime Shops

Krebs on Security

JANUARY 21, 2022

Criminals ripping off other crooks is a constant theme in the cybercrime underworld; Accountz Club’s slogan — “the best autoshop for your favorite shops’ accounts” — just normalizes this activity by making logins stolen from users of various cybercrime shops for sale at a fraction of their account balances.

Hacking

Hacking Cybercrime Passwords Authentication

A Year Later, Cybercrime Groups Still Rampant on Facebook

Krebs on Security

APRIL 8, 2019

Almost exactly one year ago, KrebsOnSecurity reported that a mere two hours of searching revealed more than 100 Facebook groups with some 300,000 members openly advertising services to support all types of cybercrime, including spam, credit card fraud and identity theft. Facebook responded by deleting those groups.

Cybercrime

Cybercrime Passwords Identity Theft Accountability

FBI Hacker Dropped Stolen Airbus Data on 9/11

Krebs on Security

SEPTEMBER 13, 2023

The FBI responded by reverifying InfraGard members and by seizing the cybercrime forum where the data was being sold. In a post on the English language cybercrime forum BreachForums , USDoD leaked information on roughly 3,200 Airbus vendors, including names, addresses, phone numbers, and email addresses. But on Sept. But on Sept.

Cybercrime

Cybercrime Passwords Authentication Malware

A Day in the Life of a Prolific Voice Phishing Crew

Krebs on Security

JANUARY 7, 2025

Lookout researchers discovered multiple voice phishing groups were using a new phishing kit that closely mimicked the single sign-on pages for Okta and other authentication providers. As we’ll see in a moment, that phishing kit is operated and rented out by a cybercriminal known as “ Perm ” a.k.a. “ Annie.”

Phishing

Phishing Cryptocurrency Accountability Social Engineering

Internet Archive was breached twice in a month

Security Affairs

OCTOBER 21, 2024

The Internet Archive was breached again, attackers hacked its Zendesk email support platform through stolen GitLab authentication tokens. Hunt also verified the authenticity of the information included in the stolen archive. Hunt will add the information of the impacted users to HIBP very soon.

Internet

Internet Internet Data breaches Authentication

Cryptocurrencies and cybercrime: A critical intermingling

Security Affairs

APRIL 26, 2024

As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector Cryptocurrencies have revolutionized the financial world, offering new investment opportunities and decentralized transactions.

Cryptocurrency

Cryptocurrency Cybercrime Education Scams

News alert: SpyCloud operationalizes darknet data, pioneers shift to holistic identity threat protection

The Last Watchdog

FEBRUARY 4, 2025

This innovative approach empowers security teams to proactively protect against previously unseen risks, including the darknet exposures of identity and authentication data stolen about employees, consumers, and suppliers that have been beyond their visibility to date. We aim to stop identity-based threats once and for all.

Cybercrime

Cybercrime Phishing Accountability Malware

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

One English-speaking cybercriminal who goes by the nicknames “ Pwnstar ” and “ Pwnipotent ” has been selling fake EDR services on both Russian-language and English cybercrime forums. “I cannot 100% guarantee every order will go through,” Pwnstar explained. ” An ad from Pwnstar for fake EDR services.

Hacking

Hacking Accountability Government Social Engineering

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking

Hacking Phishing Cybercrime Passwords

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

The targeted SMS scams asked employees to click a link and log in at a website that mimicked their employer’s Okta authentication page. Some SMS phishing messages told employees their VPN credentials were expiring and needed to be changed; other phishing messages advised employees about changes to their upcoming work schedule. .”

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

The Rise of One-Time Password Interception Bots

Krebs on Security

SEPTEMBER 29, 2021

In February, KrebsOnSecurity wrote about a novel cybercrime service that helped attackers intercept the one-time passwords (OTPs) that many websites require as a second authentication factor in addition to passwords. OTP Agency took itself offline within hours of that story. The 2fa SMS Buster bot on Telegram. Image: Intel 471.

Passwords

Passwords Mobile Authentication Banking

A large botnet targets M365 accounts with password spraying attacks

Security Affairs

FEBRUARY 24, 2025

A botnet of 130,000+ devices is attacking Microsoft 365 accounts via password-spraying, bypassing MFA by exploiting basic authentication. The attackers targeted accounts protected with basic authentication bypassing multi-factor authentication. The attackers used basic authentication methods. ” continues the report.

Passwords

Passwords Accountability Authentication Malware

GUEST ESSAY: Massive NPD breach tells us its high time to replace SSNs as an authenticator

The Last Watchdog

SEPTEMBER 24, 2024

The growing threat of cybercrime, including ransomware attacks and large-scale data leaks, is also pushing individuals to take more control of their personal data. Credit monitoring services provide ongoing tracking of credit reports for suspicious activity, and some even offer insurance for identity theft-related losses.

Authentication

Authentication Identity Theft Banking Data breaches

Are You One of the 533M People Who Got Facebooked?

Krebs on Security

APRIL 6, 2021

It appears much of this database has been kicking around the cybercrime underground in one form or another since last summer at least. A cybercrime forum ad from June 2020 selling a database of 533 Million Facebook users. Usually, this is a mobile app like Authy or Google Authenticator that generates a one-time code.

Mobile

Mobile Accountability Passwords Authentication

U.S. Justice Department Cracks Down on Scattered Spider Phishing Ring

SecureWorld News

NOVEMBER 22, 2024

The United States Department of Justice (DOJ) has unsealed charges against five individuals accused of orchestrating sophisticated phishing campaigns tied to the notorious Scattered Spider cybercrime group.

Phishing

Phishing Identity Theft Cryptocurrency Cybercrime

Cisco states that the second data leak is linked to the one from October

Security Affairs

DECEMBER 30, 2024

Cisco confirmed the authenticity of the 4GB of leaked data, the data was compromised in a recent security breach, marking the second leak in the incident. Cisco confirmed the authenticity of the 4GB of leaked data, which was compromised in a recent security breach, marking it as the second leak in the incident.

Data breaches

Data breaches Cybercrime Authentication Technology

Understanding the Deepfake Threat

SecureWorld News

FEBRUARY 13, 2025

Traditionally, attackers relied on phishing emails to impersonate executives, but deepfakes now enable fraudsters to conduct real-time video and voice calls that appear authentic. Attacks on identity verification systems Bypassing biometric security: Many organizations use facial and voice recognition for authentication.

Social Engineering

Social Engineering Authentication Identity Theft Education

Election season raises fears for nearly a third of people who worry their vote could be leaked

Malwarebytes

OCTOBER 15, 2024

A focus on cybercrime While people hold a sense of distrust for election-related ads, they also revealed another emotion towards them: Fear. Finally, though Malwarebytes did not directly tie the concept of “cybercrime” to the election itself, survey participants were asked about “cyber interference.”

Scams

Scams Identity Theft Cybercrime Accountability

Hackers Steal Session Cookies to Bypass Multi-factor Authentication

eSecurity Planet

AUGUST 19, 2022

One new tactic hackers have been using is to steal cookies from current or recent web sessions to bypass multi-factor authentication (MFA). The “cookie-stealing cybercrime spectrum” is broad, the researchers wrote, ranging from “entry-level criminals” to advanced adversaries, using various techniques.

Authentication

Authentication Password Management Passwords Malware

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

Krebs on Security

FEBRUARY 26, 2025

At the end of 2023, malicious hackers learned that many companies had uploaded sensitive customer records to accounts at the cloud data storage service Snowflake that were protected with little more than a username and password (no multi-factor authentication needed).

Hacking

Hacking Government Identity Theft Accountability

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

Change passwords : After malware removal, update passwords for key accounts (email, banking, work, social media) and enable two-factor authentication. Authorities from the Netherlands, the United States, Belgium, Portugal, the United Kingdom and Australia took part in the operation.

Identity Theft

Identity Theft Passwords Malware Banking

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. “Because I used the person[‘s] phone that I’m impersonating.”

Hacking

Hacking Energy and Utilities Cybercrime Accountability

XE Group shifts from credit card skimming to exploiting zero-days

Security Affairs

FEBRUARY 10, 2025

The cybercrime group XE Group exploited a VeraCore zero-day to deploy reverse shells, web shells in recent attacks. CVE-2024-57968 allows remote authenticated users to upload files to unintended folders, while CVE-2025-25181 is an SQL injection flaw enabling remote SQL execution (no patch available).

Manufacturing

Manufacturing Cybercrime Passwords Authentication

How Phished Data Turns into Apple & Google Wallets

Krebs on Security

FEBRUARY 18, 2025

But a flurry of innovation from cybercrime groups in China is breathing new life into the carding industry, by turning phished card data into mobile wallets that can be used online and at main street stores. Thus, the authentication requirement for doing so defaulted to sending the customer a one-time code via SMS.

Phishing

Phishing Mobile Scams Retail

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

The missives asked users to click a link and log in at a phishing page that mimicked their employer’s Okta authentication page. Those who submitted credentials were then prompted to provide the one-time password needed for multi-factor authentication. A booking photo of Noah Michael Urban released by the Volusia County Sheriff.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

Gmail Under Siege: FBI Warns of Unusual AI-Driven Phishing Attacks

eSecurity Planet

FEBRUARY 10, 2025

This surge highlights a broader trend toward automation in cybercrime and signals that no email platform is immune. Since early 2022, there has been a 49 percent rise in phishing attempts capable of evading filters, with AI-generated threats accounting for nearly 5 percent of these attacks.

Phishing

Phishing Artificial Intelligence Password Management Accountability

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device. ” TMO UP! .”

Mobile

Mobile Phishing Authentication Advertising

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Krebs on Security

MARCH 10, 2020

That same email address was used to register the account “Isis” at several other top Russian-language cybercrime forums, including Damagelab, Zloy, Evilzone and Priv-8. ru , a cybercrime forum in its own right that called itself “ The Antichat Mafia.” It also was used in 2007 to register xeka[.]ru

Accountability

Accountability Advertising Hacking Cybercrime

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency

Cryptocurrency Hacking Phishing Cyber Attacks

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Krebs on Security

FEBRUARY 8, 2021

Brad Marden , superintendent of cybercrime operations for the Australian Federal Police (AFP), said their investigation into who was behind U-Admin began in late 2018, after Australian citizens began getting deluged with phishing attacks via mobile text messages that leveraged the software.

Phishing

Phishing Scams Banking Mobile

Would You Have Fallen for This Phone Scam?

Krebs on Security

APRIL 28, 2020

As it turned out, calling the phone number on the back of the credit card from the phone number linked with the card provided the most recent transactions without providing any form of authentication.” Dozens of cybercrime shops traffic in this stolen data, which is more traditionally used to defraud online merchants.

Scams

Scams Banking Accountability Financial Services

Local Networks Go Global When Domain Names Collide

Krebs on Security

AUGUST 23, 2024

The proliferation of new top-level domains (TLDs) has exacerbated a well-known security weakness: Many organizations set up their internal Microsoft authentication systems years ago using domain names in TLDs that didn’t exist at the time. ” Caturegli said setting up an email server record for memrtcc.ad

DNS

DNS Internet Internet Authentication

DEA Investigating Breach of Law Enforcement Data Portal

Krebs on Security

MAY 12, 2022

KrebsOnSecurity has learned the alleged compromise is tied to a cybercrime and online harassment community that routinely impersonates police and government officials to harvest personal information on their targets.

Government

Government Authentication Passwords Mobile

MikroTik botnet relies on DNS misconfiguration to spread malware

Security Affairs

JANUARY 16, 2025

The botnet uses compromised MikroTik devices as SOCKS proxies, masking malicious traffic origins and enabling other actors to exploit them without authentication, amplifying its scale. The botnet’s SOCKS proxy setup enables access for hundreds of thousands of compromised machines. ” reads the report published by Infoblox.

DNS

DNS Malware Firmware Authentication

Malvertising Is a Cybercrime Heavyweight, Not an Underdog

SecureWorld News

MARCH 29, 2024

A stepping stone to impactful cybercrime This tactic has tangible real-world implications. It's also imperative to verify website authenticity before interacting with its content. This tactic reduces the attack surface by limiting harmful code execution to a specific environment. Of course, good old vigilance won't go amiss.

Cybercrime

Cybercrime Advertising Engineering Antivirus

U.S. CISA adds CyberPanel flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

DECEMBER 6, 2024

Remote attackers could bypass authentication and execute arbitrary commands by exploiting a flaw in secMiddleware , which only validates POST requests. Cybersecurity and Infrastructure Security Agency (CISA)added the CyberPanelflaw CVE-2024-51378 (CVSS score: 10.0) to its Known Exploited Vulnerabilities (KEV) catalog. and ftp/views.py.

DNS

DNS Authentication Ransomware Hacking

NY Charges First American Financial for Massive Data Leak

Krebs on Security

JULY 23, 2020

The documents were available without authentication to anyone with a Web browser. According to the FBI, BEC scams are the most costly form of cybercrime today. First American’s stock price fell more than 6 percent the day after news of their data leak was published here. In the days that followed, the DFS and U.S.

Insurance

Insurance Financial Services Penetration Testing Scams

Security Affairs newsletter Round 499 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 24, 2024

CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office US DoJ charges five alleged members of the Scattered Spider cybercrime gang Threat actor (..)

Cybercrime

Cybercrime Artificial Intelligence Hacking VPN

Disneyland Malware Team: It’s a Puny World After All

Krebs on Security

NOVEMBER 16, 2022

A financial cybercrime group calling itself the Disneyland Team has been making liberal use of visually confusing phishing domains that spoof popular bank brands using Punycode , an Internet standard that allows web browsers to render domain names with non-Latin alphabets like Cyrillic.

Malware

Malware Banking Phishing DDOS

Passwordless Authentication without Secrets!

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Trending Sources

Three Top Russian Cybercrime Forums Hacked

Booking.com Phishers May Leave You With Reservations

Operation Heart Blocker: International Police Disrupt Phishing Network

Crime Shop Sells Hacked Logins to Other Crime Shops

A Year Later, Cybercrime Groups Still Rampant on Facebook

FBI Hacker Dropped Stolen Airbus Data on 9/11

A Day in the Life of a Prolific Voice Phishing Crew

Internet Archive was breached twice in a month

Cryptocurrencies and cybercrime: A critical intermingling

News alert: SpyCloud operationalizes darknet data, pioneers shift to holistic identity threat protection

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Feds Charge Five Men in ‘Scattered Spider’ Roundup

The Rise of One-Time Password Interception Bots

A large botnet targets M365 accounts with password spraying attacks

GUEST ESSAY: Massive NPD breach tells us its high time to replace SSNs as an authenticator

Are You One of the 533M People Who Got Facebooked?

U.S. Justice Department Cracks Down on Scattered Spider Phishing Ring

Cisco states that the second data leak is linked to the one from October

Understanding the Deepfake Threat

Election season raises fears for nearly a third of people who worry their vote could be leaked

Hackers Steal Session Cookies to Bypass Multi-factor Authentication

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

International law enforcement operation dismantled RedLine and Meta infostealers

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

XE Group shifts from credit card skimming to exploiting zero-days

How Phished Data Turns into Apple & Google Wallets

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Gmail Under Siege: FBI Warns of Unusual AI-Driven Phishing Attacks

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

Arrest, Raids Tied to ‘U-Admin’ Phishing Kit

Would You Have Fallen for This Phone Scam?

Local Networks Go Global When Domain Names Collide

DEA Investigating Breach of Law Enforcement Data Portal

MikroTik botnet relies on DNS misconfiguration to spread malware

Malvertising Is a Cybercrime Heavyweight, Not an Underdog

U.S. CISA adds CyberPanel flaw to its Known Exploited Vulnerabilities catalog

NY Charges First American Financial for Massive Data Leak

Security Affairs newsletter Round 499 by Pierluigi Paganini – INTERNATIONAL EDITION

Disneyland Malware Team: It’s a Puny World After All

Stay Connected