Cybercrime, Hacking and Technology - Cyber Security Informer

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Hacking

Hacking Accountability Government Social Engineering

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey. Silent Push said Araneida is being advertised by an eponymous user on multiple cybercrime forums. Araneida Scanner. 2023 on the forum Cracked. .”

Hacking

Hacking Cybercrime Advertising Data breaches

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

Cisco confirms that data published by IntelBroker on a cybercrime forum was taken from the company DevHub environment. Cisco confirms that the data posted by IntelBroker on a cybercrime forum was stolen from its DevHub environment. ” Cisco states that the attackers obtained the data from a public-facing DevHub environment.

Cybercrime

Cybercrime Data breaches Technology Banking

Career Choice Tip: Cybercrime is Mostly Boring

Krebs on Security

MAY 29, 2020

But new research suggests that as cybercrime has become dominated by pay-for-service offerings, the vast majority of day-to-day activity needed to support these enterprises is in fact mind-numbingly boring and tedious, and that highlighting this reality may be a far more effective way combat cybercrime and steer offenders toward a better path.

Cybercrime

Cybercrime System Administration Marketing Malware

Ransomware attack hit Indian multinational Tata Technologies

Security Affairs

FEBRUARY 1, 2025

Indian multinational technology company Tata Technologies suspended some IT services following a ransomware attack. Indian multinational Tata Technologies , a Tata Motors subsidiary, suspended some IT services following a ransomware attack. Threat actors hit the company’s information technology (IT) infrastructure.

Technology

Technology Ransomware Engineering Manufacturing

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

Security Affairs

MARCH 5, 2025

Ransomware group Hunters International claims to have hacked Tata Technologies, threatening to leak 1.4 The Hunters International ransomware group claimed to have breached the Indian multinational technology company Tata Technologies, a Tata Motors subsidiary. TB of stolen data. The group claims the theft of 1.4

Technology

Technology Ransomware Engineering Manufacturing

How the FIN7 Cybercrime Gang Operates

Schneier on Security

SEPTEMBER 16, 2020

Looking at the process triangle (people, process, technology), their technology wasn’t sophisticated, but their people management and business processes were. They managed their resources and operations effectively, allowing them to successfully attack and exploit hundreds of victim organizations. Their business… is crime!

Cybercrime

Cybercrime Technology Hacking

UK Ad Campaign Seeks to Deter Cybercrime

Krebs on Security

MAY 28, 2020

The United Kingdom’s anti-cybercrime agency is running online ads aimed at young people who search the Web for services that enable computer crimes, specifically trojan horse programs and DDoS-for-hire services. law enforcement agents in connection with various cybercrime investigations. FLATTENING THE CURVE.

Cybercrime

Cybercrime DDOS Advertising Hacking

Russian cybercrime forums launch contests for cryptocurrency hacks

Security Affairs

JUNE 7, 2021

Cybercriminals in Russian underground forums have been invited to take part in competitions for hacking cryptocurrency and NFT. Several Russian underground forums have launched competitions for hacking cryptocurrency schema and Non-fungible token (NFT). SecurityAffairs – hacking, cryptocurrency hack). Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Cybercrime Hacking Technology

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. That InfraGard member, who is head of security at a major U.S.

Hacking

Hacking Energy and Utilities Cybercrime Accountability

The Silent Breach: How E-Waste Fuels Cybercrime

SecureWorld News

MARCH 27, 2025

In today's digital world, cybercrime is a threat to our private data and security. And with Americans owning an average of 24 electronic items in their homes , neglecting to dispose of these items correctly is putting individuals at significant risk of cybercrime. What is cybercrime?

Cybercrime

Cybercrime Computers and Electronics Passwords Hacking

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. “This is the most significant technological and financial operation ever led by the Department of Justice against a botnet,” said Martin Estrada , the U.S.

Hacking

Hacking Malware Ransomware Government

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities.

Retail

Retail Advertising Cryptocurrency Marketing

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

MARCH 24, 2025

The breach was detected in February , leading to notifications to the FBI, Virginia State Police, and the Virginia Information Technologies Agency. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, ransomware) Chief Deputy AG Steven Popps called it a sophisticated attack.

Ransomware

Ransomware Hacking Social Engineering VPN

Microsoft disrupted a global cybercrime ring abusing Azure OpenAI Service

Security Affairs

MARCH 1, 2025

Microsoft is taking legal action against these defendants, dismantling their operation, and curbing misuse of its AI technology. These individuals are members of a global cybercrime ring tracked as Storm-2139 by Microsoft. The case demonstrates legal actions power in dismantling cybercrime networks.

Cybercrime

Cybercrime Technology Hacking Accountability

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

FEBRUARY 10, 2020

Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. dubbed the “China Initiative Conference.”

Hacking

Hacking Identity Theft Government Phishing

This Simple Hack Could Tank Your Business

Adam Levin

JULY 24, 2020

Barely a day goes by without news of an elite hacking team creating a more stealth exploit– malware , elaborate spear-phishing attacks, trojans, and a killer array of ransomware that can take factories and other organizations offline, or even hobble entire cities. Cyberattacks are constantly getting more sophisticated.

Hacking

Hacking Phishing Risk Accountability

Thai police arrested Chinese hackers involved in SMS blaster attacks

Security Affairs

NOVEMBER 25, 2024

Thai authorities arrested members of two Chinese cybercrime organizations, one of these groups carried out SMS blaster attacks. “This “SMS blasting” attack relies on using technology that impersonates cellular base stations and is capable of transmitting thousands of messages to devices within a close geographical radius.”

Mobile

Mobile Scams Technology Telecommunications

France’s second-largest telecoms provider Free suffered a cyber attack

Security Affairs

OCTOBER 28, 2024

Free disclosed a cyber attack over the weekend after a threat actor attempted to sell the stolen data on a popular cybercrime forum. Recently, many cybercriminals have been creating profiles shortly before sharing information about hacks, attacks, or data leaks in France.” million mobile and fixed subscribers.

Cyber Attacks

Cyber Attacks Telecommunications Data breaches Banking

Cryptocurrencies and cybercrime: A critical intermingling

Security Affairs

APRIL 26, 2024

As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector Cryptocurrencies have revolutionized the financial world, offering new investment opportunities and decentralized transactions.

Cryptocurrency

Cryptocurrency Cybercrime Education Scams

GUEST ESSAY: NewsCorp hack shows cyber espionage, squelching of press freedom on the rise

The Last Watchdog

APRIL 5, 2022

As the dust settles following the recently disclosed hack of NewsCorp , important lessons are emerging for the cybersecurity and journalism communities. MFA can be challenging to implement for some organizations from a technology or cost perspective or due to user pushback. Related: How China challenged Google in Operation Aurora.

Hacking

Hacking Passwords Internet Internet

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

Krebs on Security

JUNE 29, 2023

Nikita Kislitsin , formerly the head of network security for one of Russia’s top cybersecurity firms, was arrested last week in Kazakhstan in response to 10-year-old hacking charges from the U.S. ”] Kislitsin was hired by Group-IB in January 2013, nearly six months after the Formspring hack. Department of Justice.

Cybersecurity

Cybersecurity Cybercrime Hacking Government

Top-Ranked New Jersey School District Cancels Final Exams Following Ransomware Cyberattack

Joseph Steinberg

JUNE 9, 2022

According to published reports, immediately after discovering the unauthorized encryption of data by ransomware on some district computers, technology personnel shut down the districtwide computer system, and commenced an investigation along with outside cybersecurity experts.

Ransomware

Ransomware Artificial Intelligence Education Cybercrime

Cisco states that the second data leak is linked to the one from October

Security Affairs

DECEMBER 30, 2024

In October 2024, Cisco confirmed that the data posted by the notorious threat actor IntelBroker on a cybercrime forum was stolen from its DevHub environment. DevHub is a platform designed for developers to access resources, tools, and APIs to build and integrate applications with Ciscos technologies.

Data breaches

Data breaches Cybercrime Authentication Technology

Microsoft seized the US infrastructure of the Storm-1152 cybercrime group

Security Affairs

DECEMBER 14, 2023

Microsoft’s Digital Crimes Unit seized multiple domains used by cybercrime group Storm-1152 to sell fraudulent Outlook accounts. Microsoft’s Digital Crimes Unit seized multiple domains used by a cybercrime group, tracked as Storm-1152, to sell fraudulent accounts. ” reads the announcement published by Microsoft.

Cybercrime

Cybercrime Accountability Media Technology

FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy

Krebs on Security

JUNE 18, 2020

An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and selling the data on the dark web.

Identity Theft

Identity Theft Healthcare Hacking Technology

ExCobalt Cybercrime group targets Russian organizations in multiple sectors

Security Affairs

JUNE 24, 2024

The cybercrime group ExCobalt targeted Russian organizations in multiple sectors with a previously unknown backdoor known as GoRed. Positive Technologies researchers reported that a cybercrime gang called ExCobalt targeted Russian organizations in multiple sectors with a previously unknown Golang-based backdoor known as GoRed.

Cybercrime

Cybercrime Telecommunications DNS Technology

A cyberattack disrupted operations of US chipmaker Microchip Technology

Security Affairs

AUGUST 22, 2024

Semiconductor manufacturer Microchip Technology announced that its operations were disrupted by a cyberattack. chipmaker Microchip Technology suffered a cyberattack that disrupted operations at several of its manufacturing plants. The company detected potentially suspicious activity involving its IT infrastructure on August 17, 2024.

Technology

Technology Manufacturing Hacking Cybersecurity

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

NOVEMBER 11, 2024

million records containing employee data on the hacking forum BreachForums. The multinational technology company confirmed that it has patched the vulnerability explored by the threat actors in the attack. The company said that the data was stolen from a third-party vendor. Amazon did not disclose the number of impacted employees.

Data breaches

Data breaches Hacking Ransomware Technology

U.S. cannabis dispensary STIIIZY disclosed a data breach

Security Affairs

JANUARY 11, 2025

. “On November 20, 2024, we were notified by a vendor of point-of-sale processing services for some of our retail locations that accounts with their organization had been compromised by an organized cybercrime group.” ” reads the notice of data breach published by the company on its website.

Data breaches

Data breaches Retail Cybercrime Government

Experts link Raspberry Robin Malware to Evil Corp cybercrime gang

Security Affairs

SEPTEMBER 2, 2022

Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp.

Cybercrime

Cybercrime Malware Backups Manufacturing

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

Security Affairs

DECEMBER 3, 2024

The threat actors had access to the company’s information technology systems and encrypted some of its data files. The preliminary investigation has revealed that a threat actor illegally accessed the Company’s information technology (“IT”) system and encrypted some of its data files.” ” reads the report filed with SEC.

Ransomware

Ransomware Encryption Technology Cybersecurity

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

Krebs on Security

JANUARY 17, 2024

The rapper and social media personality Punchmade Dev is perhaps best known for his flashy videos singing the praises of a cybercrime lifestyle. But until recently, there wasn’t much to support a conclusion that Punchmade was actually doing the cybercrime things he promotes in his songs. Punchmade Dev’s shop.

Cybercrime

Cybercrime Media Banking Accountability

Canada Charges Its “Most Prolific Cybercriminal”

Krebs on Security

DECEMBER 8, 2021

According to cyber intelligence firm Intel 471 , that dark_cl0ud6@hotmail.com address has been used in conjunction with the handle “ DCReavers2 ” to register user accounts on a half-dozen English-language cybercrime forums since 2008, including Hackforums , Blackhatworld, and Ghostmarket.

Cybercrime

Cybercrime Ransomware Accountability Advertising

When Efforts to Contain a Data Breach Backfire

Krebs on Security

AUGUST 16, 2022

Earlier this month, the administrator of the cybercrime forum Breached received a cease-and-desist letter from a cybersecurity firm. This identity has been highly active on Breached and its predecessor RaidForums for more than two years, mostly selling databases from hacked Mexican entities.

Data breaches

Data breaches Banking Cybercrime Marketing

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years. The year 2016 saw banks in Russia hacked one after another.

Cybercrime

Cybercrime Banking Malware Ransomware

Law enforcement arrested 31 suspects for stealing cars by hacking key fobs

Security Affairs

OCTOBER 18, 2022

An international law enforcement operation led by Europol disrupted a cybercrime ring focused on hacking wireless key fobs to steal cars. “The criminals targeted vehicles with keyless entry and start systems, exploiting the technology to get into the car and drive away.” SecurityAffairs – hacking, key fobs).

Hacking

Hacking Cybercrime Manufacturing Wireless

U.S. Justice Department Cracks Down on Scattered Spider Phishing Ring

SecureWorld News

NOVEMBER 22, 2024

The United States Department of Justice (DOJ) has unsealed charges against five individuals accused of orchestrating sophisticated phishing campaigns tied to the notorious Scattered Spider cybercrime group. As this case shows, phishing and hacking has become increasingly sophisticated and can result in enormous losses.

Phishing

Phishing Identity Theft Cryptocurrency Cybercrime

TalkTalk confirms data breach involving a third-party platform

Security Affairs

JANUARY 27, 2025

UK telecommunications firm TalkTalk disclosed a data breach after a threat actor announced the hack on a cybercrime forum. UK telecommunications company TalkTalk confirmed a data breach after a threat actor claimed responsibility for the cyber attack on a cybercrime forum and offered for sale alleged customer data.

Data breaches

Data breaches Telecommunications Cybercrime Hacking

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. technology companies during the summer of 2022. Multiple security firms soon assigned the hacking group the nickname “ Scattered Spider.” 9, 2024, U.S.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

Security Affairs newsletter Round 499 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 24, 2024

CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office US DoJ charges five alleged members of the Scattered Spider cybercrime gang Threat actor (..)

Cybercrime

Cybercrime Artificial Intelligence Hacking VPN

Iran and China-linked actors used ChatGPT for preparing attacks

Security Affairs

OCTOBER 11, 2024

Rather than using advanced hacking techniques, they exploited systems with default credentials to compromise target networks. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, OpenAI)

Malware

Malware Social Engineering Engineering Hacking

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Krebs on Security

MARCH 31, 2022

Senate’s most tech-savvy lawmakers said he was troubled by the report and is now asking technology companies and federal agencies for information about the frequency of such schemes. At issue are forged “emergency data requests,” (EDRs) sent through hacked police or government agency email accounts.

Government

Government Accountability Education Media

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Trending Sources

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Career Choice Tip: Cybercrime is Mostly Boring

Ransomware attack hit Indian multinational Tata Technologies

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

How the FIN7 Cybercrime Gang Operates

UK Ad Campaign Seeks to Deter Cybercrime

Russian cybercrime forums launch contests for cryptocurrency hacks

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

The Silent Breach: How E-Waste Fuels Cybercrime

U.S. Hacks QakBot, Quietly Removes Botnet Infections

An Interview With the Target & Home Depot Hacker

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Cloak ransomware group hacked the Virginia Attorney General’s Office

Microsoft disrupted a global cybercrime ring abusing Azure OpenAI Service

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

This Simple Hack Could Tank Your Business

Thai police arrested Chinese hackers involved in SMS blaster attacks

France’s second-largest telecoms provider Free suffered a cyber attack

Cryptocurrencies and cybercrime: A critical intermingling

GUEST ESSAY: NewsCorp hack shows cyber espionage, squelching of press freedom on the rise

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

Top-Ranked New Jersey School District Cancels Final Exams Following Ransomware Cyberattack

Cisco states that the second data leak is linked to the one from October

Microsoft seized the US infrastructure of the Storm-1152 cybercrime group

FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy

ExCobalt Cybercrime group targets Russian organizations in multiple sectors

A cyberattack disrupted operations of US chipmaker Microchip Technology

Amazon discloses employee data breach after May 2023 MOVEit attacks

U.S. cannabis dispensary STIIIZY disclosed a data breach

Experts link Raspberry Robin Malware to Evil Corp cybercrime gang

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

E-Crime Rapper ‘Punchmade Dev’ Debuts Card Shop

Canada Charges Its “Most Prolific Cybercriminal”

When Efforts to Contain a Data Breach Backfire

Russian-speaking cybercrime evolution: What changed from 2016 to 2021

Law enforcement arrested 31 suspects for stealing cars by hacking key fobs

U.S. Justice Department Cracks Down on Scattered Spider Phishing Ring

TalkTalk confirms data breach involving a third-party platform

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Security Affairs newsletter Round 499 by Pierluigi Paganini – INTERNATIONAL EDITION

Iran and China-linked actors used ChatGPT for preparing attacks

Fake Emergency Search Warrants Draw Scrutiny from Capitol Hill

Stay Connected