Schneier on Security

JANUARY 10, 2023

…within a few weeks of ChatGPT going live, participants in cybercrime forums—­some with little or no coding experience­—were using it to write software and emails that could be used for espionage, ransomware, malicious spam, and other malicious tasks.

Malware 65

Malware Encryption Cybercrime Passwords 65

Security Affairs

APRIL 26, 2024

As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector Cryptocurrencies have revolutionized the financial world, offering new investment opportunities and decentralized transactions.

Cryptocurrency 127

Cryptocurrency Cybercrime Education Scams 127

Security Affairs

APRIL 2, 2025

FIN7 cybercrime group has been linked to Anubis, a Python-based backdoor that provides remote access to compromised Windows systems. The backdoor, targeting Windows, uses AES-CBC encryption with base64 encoding and loads the payload via the exec function.

Antivirus 125

Antivirus Cybercrime Malware Encryption 125

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking 337

Hacking Cybercrime Phishing Passwords 337

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches 115

Data breaches Cybercrime Cyber Insurance Marketing 115

Krebs on Security

JANUARY 27, 2021

and Bulgarian authorities this week seized the darkweb site used by the NetWalker ransomware cybercrime group to publish data stolen from its victims. million last summer in exchange for a digital key needed to unlock files encrypted by the ransomware. The files encrypted with it cannot be decrypted.

Ransomware 337

Ransomware Cybercrime Antivirus Encryption 337

Thales Cloud Protection & Licensing

JANUARY 21, 2025

Three Keys to Modernizing Data Security: DSPM, AI, and Encryption andrew.gertz@t Tue, 01/21/2025 - 14:56 Discover how DSPM, AI, and encryption are transforming data security strategies, reducing vulnerabilities, and improving compliance. A DSPM moves the needle with integrated capabilities and comprehensive encryption.

Encryption 62

Encryption Unstructured Data Cyber threats Data privacy 62

Krebs on Security

JANUARY 7, 2025

” Perm is the current administrator of Star Fraud , one of the more consequential cybercrime communities on Telegram and one that has emerged as a foundry of innovation in voice phishing attacks. That is why I am not worried as we see criminals migrate to various ‘encrypted’ platforms that promise to ignore thepolice.

Phishing 339

Phishing Cryptocurrency Accountability Social Engineering 339

Krebs on Security

AUGUST 19, 2021

According to the latest figures (PDF) released by the FBI Internet Crime Complaint Center (IC3), the reported losses from BEC scams continue to dwarf other cybercrime loss categories, increasing to $1.86 billion in 2020. Image: FBI. For example, the Lockbit 2.0 “Would you like to earn millions of dollars? ” Image: Sophos.

Ransomware 363

Ransomware Social Engineering Cybercrime Scams 363

Security Affairs

JANUARY 10, 2025

The malicious code was advertised on cybercrime forums for $3,000 per month. A version discovered by Check Point in September relied on Apple’s XProtect encryption algorithm for obfuscation, allowing it to evade antivirus detection until its source code leak in November.

Malware 118

Malware Advertising Antivirus Cybercrime 118

Joseph Steinberg

JUNE 9, 2022

According to published reports, immediately after discovering the unauthorized encryption of data by ransomware on some district computers, technology personnel shut down the districtwide computer system, and commenced an investigation along with outside cybersecurity experts.

Ransomware 363

Ransomware Artificial Intelligence Education Cybercrime 363

Krebs on Security

MAY 13, 2024

This post examines the activities of Khoroshev’s many alter egos on the cybercrime forums, and tracks the career of a gifted malware author who has written and sold malicious code for the past 14 years. was used by a Russian-speaking member called Pin on the English-language cybercrime forum Opensc. Dmitry Yuryevich Khoroshev.

Ransomware 301

Ransomware Cybercrime Accountability Malware 301

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. The availability of the source in the cybercrime ecosystem can allow threat actors to develop their own version of the Hello Kitty ransomware. The HelloKitty gang has been active since January 2021.

Cybercrime 139

Cybercrime Ransomware DDOS Encryption 139

Security Affairs

JUNE 24, 2024

The cybercrime group ExCobalt targeted Russian organizations in multiple sectors with a previously unknown backdoor known as GoRed. Positive Technologies researchers reported that a cybercrime gang called ExCobalt targeted Russian organizations in multiple sectors with a previously unknown Golang-based backdoor known as GoRed.

Cybercrime 116

Cybercrime Telecommunications DNS Technology 116

Security Affairs

MARCH 21, 2025

Law Enforcement and Cybercrime Control Russian authorities may want to monitor criminal organizations, opposition groups, or foreign entities using Telegram. Given Telegrams end-to-end encryption and widespread use, an exploit that bypasses its security could be a game-changer for cyber espionage.

Government 144

Government Surveillance Mobile Hacking 144

Security Affairs

MARCH 8, 2025

The Akira ransomware gang exploited an unsecured webcam to bypass EDR and launch encryption attacks on a victim’s network. The ransomware group used an unsecured webcam to encrypt systems within atarget’s network, bypassing Endpoint Detection and Response (EDR). Akira successfully encrypted files across the network.

Ransomware 127

Ransomware IoT Encryption Passwords 127

Krebs on Security

MARCH 28, 2021

“web shells”) that various cybercrime groups worldwide have been using to commandeer any unpatched Exchange servers. Watson said the Krebsonsecurity file will attempt to open up an encrypted connection between the Exchange server and the above-mentioned IP address, and send a small amount of traffic to it each minute.

Hacking 363

Hacking Cybercrime DNS Internet 363

Krebs on Security

JULY 1, 2020

Emboldened by their successes, several ransomware gangs recently have started demanding two ransoms : One payment to secure a digital key that can unlock files, folders and directories encrypted by their malware, and a second to avoid having any stolen information published or shared with others. Maybe you disagree, dear readers?

Ransomware 350

Ransomware Cybercrime Encryption Malware 350

Krebs on Security

JANUARY 30, 2024

Among those was the encrypted messaging app Signal , which said the breach could have let attackers re-register the phone number on another device for about 1,900 users. LastPass said criminal hackers had stolen encrypted copies of some password vaults, as well as other personal information. On July 28 and again on Aug.

Social Engineering 357

Social Engineering Mobile Passwords Cybercrime 357

Krebs on Security

JUNE 16, 2021

First debuting in early 2019, CLOP is one of several ransomware groups that hack into organizations, launch ransomware that encrypts files and servers, and then demand an extortion payment in return for a digital key needed to unlock access. ? /.

Ransomware 358

Ransomware Cybercrime Malware Encryption 358

Security Affairs

OCTOBER 13, 2024

CISA adds Synacor Zimbra Collaboration flaw to its Known Exploited Vulnerabilities catalog China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems Google Pixel 9 supports new security features to mitigate baseband attacks International Press – Newsletter Cybercrime Indiana Man Pleads Guilty to Conspiracies Involving (..)

Data breaches 114

Data breaches Cryptocurrency Artificial Intelligence Cybercrime 114

Krebs on Security

MARCH 11, 2024

You’ll be surprised at the number of people that relied on our ‘auto-encrypt’ functionality. “Shadowcrew was the precursor to today’s Darknet Markets and laid the foundation for the way modern cybercrime channels still operate today,” Johnson said. “And yes, this is an extortion!!!!

Marketing 340

Marketing Scams Cryptocurrency Cybercrime 340

Security Affairs

MARCH 15, 2025

The malware, dubbed PackerE, downloads an encrypted DLL (PackerD1) that employs multiple anti-analysis techniques. It uses a configuration file with regex patterns to detect cryptocurrency wallet addresses and C2 addresses for downloading encrypted wallet lists (recovery.dat and recoverysol.dat).

Software 115

Software Cryptocurrency Malware Encryption 115

Security Affairs

NOVEMBER 17, 2024

CISA adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices China-linked threat actors compromised multiple telecos and spied on a limited number of U.S.

Cryptocurrency 109

Cryptocurrency Malware Hacking Ransomware 109

Krebs on Security

OCTOBER 8, 2020

But judging from the proliferation of help-wanted ads for offensive pentesters in the cybercrime underground, today’s attackers have exactly zero trouble gaining that initial intrusion: The real challenge seems to be hiring enough people to help everyone profit from the access already gained. THE DOCTOR IS IN.

Cybercrime 352

Cybercrime Malware VPN Ransomware 352

SecureList

FEBRUARY 5, 2025

It encrypts data with AES-256 in CBC mode before sending and decrypts server responses with AES-128 in CBC mode. The process of sending data to “rust” consists of three stages: Data is encrypted with AES-256 in CBC mode using the same key as in the case of the “http” server.

Malware 143

Malware Encryption Mobile Cryptocurrency 143

Security Affairs

FEBRUARY 13, 2025

The researchers pointed out that tools belonging to the arsenal of China-linked APT groups are often shared resources, however, many arent publicly available and arent usually associated with cybercrime activity. It also resembles Trend Micros documented PlugX type 2 variant, also linked to Fireant.

Ransomware 116

Ransomware Software Cybercrime Encryption 116

Security Affairs

DECEMBER 3, 2024

The threat actors had access to the company’s information technology systems and encrypted some of its data files. The preliminary investigation has revealed that a threat actor illegally accessed the Company’s information technology (“IT”) system and encrypted some of its data files.” ” reads the report filed with SEC.

Ransomware 116

Ransomware Encryption Technology Cybersecurity 116

Security Boulevard

FEBRUARY 14, 2025

And get the latest on ransomware trends and on cybercrime legislation and prevention! American Scientist) Quantum and the Threat to Encryption (SecurityWeek) Quantum Computing Advances in 2024 Put Security In Spotlight (Dark Reading) Quantum computing could threaten cybersecurity measures.

Banking 64

Banking Cybercrime Cybersecurity Ransomware 64

Krebs on Security

JANUARY 27, 2021

Authorities across Europe on Tuesday said they’d seized control over Emotet , a prolific malware strain and cybercrime-as-service operation. Investigators say the action could help quarantine more than a million Microsoft Windows systems currently compromised with malware tied to Emotet infections.

Malware 315

Malware Cybercrime Ransomware Banking 315

Krebs on Security

APRIL 6, 2021

It appears much of this database has been kicking around the cybercrime underground in one form or another since last summer at least. A cybercrime forum ad from June 2020 selling a database of 533 Million Facebook users. I also respond at Krebswickr on the encrypted messaging platform Wickr. billion active monthly users.

Mobile 359

Mobile Accountability Passwords Authentication 359

eSecurity Planet

APRIL 8, 2025

A new and dangerous AI-powered hacking tool is making waves across the cybercrime underworld and experts say it could change the way digital attacks are launched. But this isnt just another tweaked version of a chatbot.

Social Engineering 109

Social Engineering Phishing Engineering Education 109

Security Affairs

NOVEMBER 18, 2024

The healthcare center discovered that a threat actor accessed and encrypted files on their systems between September 5, 2024 and September 8, 2024. This investigation showed that an unknown person accessed and encrypted files on our systems between September 5, 2024 and September 8, 2024.”

Ransomware 122

Ransomware Insurance Encryption Healthcare 122

eSecurity Planet

MARCH 28, 2025

A sophisticated cybercrime service known as “Lucid” is exploiting vulnerabilities in Apples iMessage and Androids Rich Communication Services (RCS), allowing cyberthieves to conduct large-scale phishing attacks with alarming success.

Phishing 57

Phishing Scams Cybercrime Retail 57

Security Affairs

APRIL 6, 2025

A threat actor using the moniker rose87168 claimed to possess millions of data lines tied to over 140,000 Oracle Cloud tenants, including encrypted credentials. Oracle is privately notifying customers of a breach affecting usernames, passkeys, and encrypted passwords, with the FBI and CrowdStrike investigating the incident.

Data breaches 123

Data breaches Encryption Hacking Passwords 123

Krebs on Security

FEBRUARY 20, 2024

Kondratyev is also charged (PDF) with three criminal counts arising from his alleged use of the Sodinokibi (aka “ REvil “) ransomware variant to encrypt data, exfiltrate victim information, and extort a ransom payment from a corporate victim based in Alameda County, California. An FBI wanted poster for Matveev.

Ransomware 329

Ransomware Cybercrime Encryption Insurance 329

SecureList

AUGUST 1, 2024

Introduction Cybercriminals who specialize in ransomware do not always create it themselves. They have many other ways to get their hands on ransomware samples: buying a sample on the dark web, affiliating with other groups or finding a (leaked) ransomware variant. This requires no extraordinary effort, as source code is often leaked or published.

Ransomware 124

Ransomware Cybercrime Education Malware 124