Cybercrime, Data collection and Hacking

New LightSpy spyware variant comes with enhanced data collection features targeting social media platforms

Security Affairs

FEBRUARY 26, 2025

Researchers found an updated LightSpy spyware with enhanced data collection features targeting social media platforms like Facebook and Instagram. have found an updated version of the LightSpy spyware that supports an expanded set of data collection features to target social media platforms like Facebook and Instagram.

Data collection

Data collection Spyware Media Surveillance

NationalPublicData.com Hack Exposes a Nation’s Data

Krebs on Security

AUGUST 15, 2024

We’ll also take a closer look at the data broker that got hacked — a background check company founded by an actor and retired sheriff’s deputy from Florida. ” On April 7, USDoD posted a sales thread on Breachforums for four terabytes of data — 2.9

Hacking

Hacking Data breaches Identity Theft Accountability

E-skimming campaign uses Unicode obfuscation to hide the Mongolian Skimmer

Security Affairs

OCTOBER 10, 2024

. “ The Mongolian Skimmer uses common techniques: DOM monitoring for sensitive input changes, data exfiltration via encoded tracking pixels, DevTools detection to evade debugging, data collection on page unload, cross-browser compatibility, and anti-debugging measures to avoid code tampering.

Data collection

Data collection Engineering Malware Hacking

Election season raises fears for nearly a third of people who worry their vote could be leaked

Malwarebytes

OCTOBER 15, 2024

The network of data brokers that political campaigns rely on to target voters with ads is enormous, as one Washington Post reporter found in 2020, with “3,000 data points on every voter.” Escaping this data collection regime has proven difficult for most people.

Scams

Scams Identity Theft Cybercrime Accountability

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

Security Affairs

NOVEMBER 16, 2018

According to Group-IB’s report findings, Asia is one of the most actively attacked regions in the world, the company presented latest cybercrime trends. Thirteen exchanges were hacked in 2017 and in the first three quarters of 2018, amounting to a total loss of $877 million. Attacks on Crypto. Pierluigi Paganini.

Cybercrime

Cybercrime Hacking Banking Phishing

Protonmail hacked …. a very strange scam attempt

Security Affairs

NOVEMBER 17, 2018

A hacker going online by the moniker AmFearLiathMor is claiming to have hacked the most popular end-to-end encrypted email service ProtonMail. At the time it is not clear if the hacker belongs to a cyber crime gang, it claims to have stolen a “significant” amounts of data from the company. The ransom demand ( archive.is

Scams

Scams Hacking Data collection Advertising

Confessions of an ID Theft Kingpin, Part I

Krebs on Security

AUGUST 26, 2020

Ngo got his treasure trove of consumer data by hacking and social engineering his way into a string of major data brokers. By the time the Secret Service caught up with him in 2013, he’d made over $3 million selling fullz data to identity thieves and organized crime rings operating throughout the United States.

Identity Theft

Identity Theft Computers and Electronics Hacking Accountability

Prominent US law firm Wolf Haldenstein disclosed a data breach

Security Affairs

JANUARY 16, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,data breach) The security breach occurred on December 13, 2023, but the company discovered the incident only on April 18, 2024, and has only now disclosed it due to the complexity of the digital forensic investigation.

Data breaches

Data breaches Identity Theft Consumer Protection Data collection

Crooks target DeepSeek users with fake sponsored Google ads to deliver malware

Security Affairs

MARCH 27, 2025

In January, Italys Data Protection Authority Garante asked the AI firm DeepSeek to clarify its data collection, sources, purposes, legal basis, and storage, citing potential risks to user data. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Deepseek)

Malware

Malware Data collection Advertising Media

A chink in the armor of China-based hacking group Nickel

Malwarebytes

DECEMBER 7, 2021

Microsoft has taken control of 42 web domains that a hacking group was using to try to breach its targets. Sadly, any setback to the Chinese hacking group or others will likely be temporary as the hackers will find and build new infrastructure to use in forthcoming attacks. An overview of Chinese hacking groups and their aliases.

Hacking

Hacking Malware Surveillance Data collection

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

Here’s a look at some of the more notable cybercrime stories from the past year, as covered by KrebsOnSecurity and elsewhere. Internal Revenue Service website for months: Anyone seeking to create an account to view their tax records online would soon be required to provide biometric data to a private company in Virginia — ID.me.

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

Microsoft disrupts China-based hacking group Nickel

Malwarebytes

DECEMBER 7, 2021

Microsoft has taken control of 42 web domains that a hacking group was using to try to breach its targets. Sadly, any setback to the Chinese hacking group or others will likely be temporary as the hackers will find and build new infrastructure to use in forthcoming attacks. An overview of Chinese hacking groups and their aliases.

Hacking

Hacking Malware Surveillance Data collection

Security Affairs newsletter Round 475 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JUNE 9, 2024

New York Times source code compromised via exposed GitHub token SolarWinds fixed multiple flaws in Serv-U and SolarWinds Platform Pandabuy was extorted twice by the same threat actor UAC-0020 threat actor used the SPECTR Malware to target Ukraine’s defense forces Chinese threat actor exploits old ThinkPHP flaws since October 2023 A new Linux (..)

Data breaches

Data breaches Banking Hacking Malware

Hackers targeted the US Census Bureau network, DHS report warns

Security Affairs

OCTOBER 11, 2020

Data collected by the agency is used by the federal government to allocate over $675 billion in federal funds to tribal, local, and state governments every year. The HTA report warns of an intensification of malicious activities conducted by both nation-states and cybercrime groups. SecurityAffairs – hacking, US Census Bureau).

Government

Government Advertising Hacking Data collection

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

These services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they can make it difficult to trace malicious traffic to its original source. A cached copy of flashupdate[.]net FORUM ACTIVITY?

VPN

VPN Computers and Electronics Antivirus Software

Silent Night Zeus botnet available for sale in underground forums

Security Affairs

MAY 23, 2020

The source code of the Zeus Trojan is available in the cybercrime underground since 2011 allowing crooks to develop their own release since. Data collected by the malware are then transferred to the operator’s command-and-control (C2) server. SecurityAffairs – Silent Night, hacking). Pierluigi Paganini.

Banking

Banking Advertising Malware Cybercrime

Hundreds of C-level executives credentials available for $100 to $1500 per account

Security Affairs

NOVEMBER 28, 2020

The news reported by ZDnet is not surprising, I have discovered several times such kind of offer, but it is important to raise awareness on the cybercrime-as-a-service model that could rapidly enable threat actors to carry out malicious activities. SecurityAffairs – hacking, executive). Exploit.in Pierluigi Paganini.

Accountability

Accountability Cybercrime Hacking Retail

Russian cybercriminal Aleksandr Brovko sentenced to 8 years in jail

Security Affairs

NOVEMBER 3, 2020

The scripts developed by the cyber criminal were used to parse log data collected from botnet and searched for personally identifiable information (PII) and account credentials. “Our office is committed to holding these criminals accountable and protecting our communities as cybercrime becomes an ever more prominent threat.”

Accountability

Accountability Banking Advertising Data collection

DRM Report Q2 2023 – Ransomware threat landscape

Security Affairs

OCTOBER 4, 2023

The data collected paints a vivid picture, revealing 1,736 ransomware claims, with 53 incidents specifically targeting Italy. Geographical data and affected sectors provide crucial insights into emerging trends and threats. Wrapping up: The second quarter of 2023 reflects a concerning surge in ransomware attacks globally.

Ransomware

Ransomware Data collection Cyber threats Hacking

Threat Report Portugal: Q2 2020

Security Affairs

AUGUST 14, 2020

The Threat Report Portugal: Q2 2020 compiles data collected on the malicious campaigns that occurred from April to Jun, Q2, of 2020. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Threat Reports

Threat Reports Phishing Banking Malware

Chinese threat actors extract big data and sell it on the dark web

SC Magazine

APRIL 19, 2021

The data allegedly originated from big data sources of the two most popular mobile network operators in China. Another threat actor in February 2021 offered website and application crawler data collection services on a Chinese-language cybercrime marketplace.

Big data

Big data Data collection Mobile Risk

Monitoring the dark web to identify threats to energy sector organizations

Security Affairs

MAY 17, 2023

The role of an initial access broker is essential in the cybercrime ecosystem, these actors facilitate the sale or exchange of compromised or stolen initial access to computer networks or systems. Marketplace and hacking forums offering initial access, enable crooks to speed up their attacks and monetize their cyber operations.

Energy and Utilities

Energy and Utilities Cybercrime Data collection Hacking

BORN Ontario data breach impacted 3.4 million newborns and pregnancy care patients

Security Affairs

SEPTEMBER 26, 2023

The organization confirmed that it was the victim of the massive hacking campaign targeting Progress MOVEit transfer systems that was conducted by the Clop ransomware group. In June, the Clop ransomware group claimed to have hacked hundreds of companies globally by exploiting MOVEit Transfer vulnerability.

Data breaches

Data breaches Healthcare Ransomware Hacking

Operation Night Fury: Group-IB helps take down a cybergang behind the infection of hundreds of websites all over the world

Security Affairs

JANUARY 27, 2020

This successful operation is just one example of how law enforcement are working with industry partners, adapting and applying new technologies to aid investigations and ultimately reduce the global impact of cybercrime,» concluded Mr Jones.” INTERPOL’s Director of Cybercrime. ” Craig Jones. ” Idam Wasiadi.

Cybercrime

Cybercrime Marketing eCommerce Advertising

How Cybercriminals Profit from a Data Breach

Identity IQ

MARCH 2, 2021

If you’re still under the impression that hacking is restricted to hoodie-wearing individuals in darkened rooms, then you might be vastly underestimating the scale the data breach problem. . Last year alone more than 300 million consumers were impacted by data breaches, according to the Identity Theft Resource Center.

Data breaches

Data breaches Identity Theft Cybercrime Data collection

Ransomfeed – Third Quarter Report 2023 is out!

Security Affairs

FEBRUARY 13, 2024

The data collected unearthed a total of 1771 ransomware claims, with 55 recorded incidents in Italy. The complete report is available here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – Hacking, ransomware )

Ransomware

Ransomware Data collection Hacking Accountability

Power Generator in South Africa hit with DroxiDat and Cobalt Strike

Security Affairs

AUGUST 11, 2023

” reads the report published by Data collected related to multiple incidents analyzed by Kaspersky suggest the attack was conducted by the Russian-speaking RaaS cybercrime Pistachio Tempest or FIN12. And, a Darkside affiliate hit Electrobras and Copel energy companies in Brazil in 2021.”

Malware

Malware Data collection Healthcare Cybercrime

inSicurezzaDigitale launches the Dashboard Ransomware Monitor

Security Affairs

JANUARY 9, 2023

All data collected by the dashboard can be exported in different formats and can be analyzed using useful graphics. SecurityAffairs – hacking, ransomware). . “The strength of this OSINT Italian project , quite unique in its kind, is the chance of following it with a standard, worldwide and easy RSS feed.”

Ransomware

Ransomware Data collection Hacking Cybersecurity

Security Affairs newsletter Round 304

Security Affairs

MARCH 7, 2021

jailbreaking tool Attackers took over the Perl.com domain in September 2020 Bug bounty hunter awarded $50,000 for a Microsoft account hijack flaw Clop ransomware gang leaks data allegedly stolen from cybersecurity firm Qualys Cyber Defense Magazine – March 2021 has arrived. SecurityAffairs – hacking, newsletter). Pierluigi Paganini.

Data breaches

Data breaches Data collection Ransomware Hacking

Malicious PyPI package posed as SentinelOne SDK to serve info-stealing malware

Security Affairs

DECEMBER 19, 2022

” The analysis of the changes between the versions of the malicious module revealed that threat actors modified it to improve the data collection algorithm and make it work on multiple platforms. SecurityAffairs – hacking, Python). . “The code likewise performs a directory listing of the root directory.”

Malware

Malware Data collection Software Hacking

Raspberry Robin operators are selling initial access to compromised enterprise networks to ransomware gangs

Security Affairs

OCTOBER 27, 2022

Data collected by Microsoft Defender for Endpoint shows that nearly 3,000 devices in almost 1,000 organizations have seen at least one RaspberryRobin payload-related alert in the last 30 days. SecurityAffairs – hacking, ransomware). The DEV-0950 attacks led to the deployment of the Cobalt Strike beacon. Pierluigi Paganini.

Ransomware

Ransomware Malware Data collection Encryption

New Version of Meduza Stealer Released in Dark Web

Security Affairs

DECEMBER 29, 2023

Under Christmas tree you can find great gifts such as significant improvements of user interface (panel), modal windows on loading and expansion of data collection objects. The New Year’s Update Before the New Year 2024, the Meduza team decided to please customers with an update.

Password Management

Password Management Cryptocurrency Passwords Authentication

Threat Report Portugal: Q1 2021

Security Affairs

MAY 2, 2021

The Threat Report Portugal: Q1 2021 compiles data collected on the malicious campaigns that occurred from January to March, Q1, of 2021. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Threat Reports

Threat Reports Phishing Malware Data collection

Talos wars of customizations of the open-source info stealer SapphireStealer

Security Affairs

SEPTEMBER 1, 2023

“In one case, we observed a SapphireStealer sample where the data collected using the previously described process was exfiltrated using the Discord webhook API, a method we previously highlighted here.” ” continues the report.

Malware

Malware Data collection Architecture Hacking

Two hacker groups attacked Russian banks posing as the Central Bank of Russia

Security Affairs

NOVEMBER 15, 2018

The group also carries out attacks through intermediaries by hacking banks’ partners, IT companies, and financial product providers. GIB Threat Intelligence cyber threats data collection system has been named one of the best in class by Gartner, Forrester, and IDC. Security Affairs – Central Bank of Russia, cybercrime ).

Banking

Banking Computers and Electronics Phishing Cybercrime

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Security Affairs

SEPTEMBER 18, 2020

CERT-GIB’s report is based on data collected and analyzed by the Threat Detection System (TDS) Polygon as part of operations to prevent and detect threats distributed online in H1 2020. SecurityAffairs – hacking, ransomware). Opened email lets spy in. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Phishing

Phishing Ransomware Spyware Banking

Online market for counterfeit goods in Russia has reached $1,5 billion

Security Affairs

OCTOBER 15, 2018

GIB Threat Intelligence cyber threats data collection system has been named one of the best in class by Gartner, Forrester, and IDC. Security Affairs – counterfeit goods, cybercrime ). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Marketing

Marketing Media Phishing Engineering

New set of Pakistani banks’ card dumps goes on sale on the dark web

Security Affairs

NOVEMBER 17, 2018

According to the head of the Federal Investigation Agency’s (FIA) cybercrime wing.almost all Pakistani banks were affected by a recent security breach. Group-IB experts discovered another large set of compromised payment cards details that was put on sale on Joker’s Stash, one of the most popular underground hubs of stolen card data, on Nov.

Banking

Banking Cybercrime Advertising Data collection

Threat Report Portugal: Q4 2021

Security Affairs

FEBRUARY 20, 2022

The Threat Report Portugal: Q4 2021 compiles data collected on the malicious campaigns that occurred from July to September, Q4, of 2021. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Threat Reports

Threat Reports Phishing Malware Banking

Healthcare – Patient or Perpetrator? – The Cybercriminals Within

Security Affairs

NOVEMBER 8, 2021

With copious amounts of data collected by healthcare facilities, cybercriminals often target such entities. Moreover, the healthcare industry collects unique data, known as Protected Health Information (PHI), which is extremely valuable. SecurityAffairs – hacking, supply chain attack). Pierluigi Paganini.

Healthcare

Healthcare Identity Theft Digital transformation Data collection

Threat Report Portugal: Q2 2022

Security Affairs

JULY 4, 2022

The Threat Report Portugal: Q2 2022 compiles data collected on the malicious campaigns that occurred from March to June, Q2, 2022. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Threat Reports

Threat Reports Phishing Malware Banking

Threat Report Portugal: Q3 & Q4 2022

Security Affairs

APRIL 6, 2023

The Threat Report Portugal: H2 2022 compiles data collected on the malicious campaigns that occurred from July to December, H2, 2022. The Portuguese Abuse Open Feed 0xSI_f33d is an open-sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Threat Reports

Threat Reports Phishing Malware Banking

Camera tricks: Privacy concerns raised after massive surveillance cam breach

SC Magazine

MARCH 10, 2021

A hacking collective compromised roughly 150,000 internet-connected surveillance cameras from Verkada, Inc., Such revelations create intrigue as to whether a more insidious actor could perform a similar hack in order to conduct industrial espionage by spying on development and production activity.

Surveillance

Surveillance IoT Accountability Passwords

New Android malicious library Goldoson found in 60 apps +100M downloads

Security Affairs

APRIL 15, 2023

The collected data is sent to the C2 server every two days, but the cycle depends on the remote configuration. The level of data collection depends on the permissions granted to the app using the malicious library.

Data collection

Data collection Mobile Malware Education

New LightSpy spyware variant comes with enhanced data collection features targeting social media platforms

NationalPublicData.com Hack Exposes a Nation’s Data

Trending Sources

E-skimming campaign uses Unicode obfuscation to hide the Mongolian Skimmer

Election season raises fears for nearly a third of people who worry their vote could be leaked

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

Protonmail hacked …. a very strange scam attempt

Confessions of an ID Theft Kingpin, Part I

Prominent US law firm Wolf Haldenstein disclosed a data breach

Crooks target DeepSeek users with fake sponsored Google ads to deliver malware

A chink in the armor of China-based hacking group Nickel

Happy 13th Birthday, KrebsOnSecurity!

Microsoft disrupts China-based hacking group Nickel

Security Affairs newsletter Round 475 by Pierluigi Paganini – INTERNATIONAL EDITION

Hackers targeted the US Census Bureau network, DHS report warns

A Deep Dive Into the Residential Proxy Service ‘911’

Silent Night Zeus botnet available for sale in underground forums

Hundreds of C-level executives credentials available for $100 to $1500 per account

Russian cybercriminal Aleksandr Brovko sentenced to 8 years in jail

DRM Report Q2 2023 – Ransomware threat landscape

Threat Report Portugal: Q2 2020

Chinese threat actors extract big data and sell it on the dark web

Monitoring the dark web to identify threats to energy sector organizations

BORN Ontario data breach impacted 3.4 million newborns and pregnancy care patients

Operation Night Fury: Group-IB helps take down a cybergang behind the infection of hundreds of websites all over the world

How Cybercriminals Profit from a Data Breach

Ransomfeed – Third Quarter Report 2023 is out!

Power Generator in South Africa hit with DroxiDat and Cobalt Strike

inSicurezzaDigitale launches the Dashboard Ransomware Monitor

Security Affairs newsletter Round 304

Malicious PyPI package posed as SentinelOne SDK to serve info-stealing malware

Raspberry Robin operators are selling initial access to compromised enterprise networks to ransomware gangs

New Version of Meduza Stealer Released in Dark Web

Threat Report Portugal: Q1 2021

Talos wars of customizations of the open-source info stealer SapphireStealer

Two hacker groups attacked Russian banks posing as the Central Bank of Russia

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Online market for counterfeit goods in Russia has reached $1,5 billion

New set of Pakistani banks’ card dumps goes on sale on the dark web

Threat Report Portugal: Q4 2021

Healthcare – Patient or Perpetrator? – The Cybercriminals Within

Threat Report Portugal: Q2 2022

Threat Report Portugal: Q3 & Q4 2022

Camera tricks: Privacy concerns raised after massive surveillance cam breach

New Android malicious library Goldoson found in 60 apps +100M downloads

Stay Connected