Security Affairs

JUNE 28, 2020

Asian media firm E27 suffered a security breach and hackers asked for a “donation” to provide information on the flaws they exploited in the attack. E27 described itself as Asia’s largest Tech media platform, it offers Asian technology startup news and a community where members can exchange opinions.

Media 145

Media Hacking Passwords Data breaches 145

Security Affairs

OCTOBER 16, 2024

“All information related to the cybercriminal has already been handed over to the authorities. Among them, it was possible to identify tax registration, email addresses, registered domains, IP addresses, social media accounts, telephone number and city. The man used of the same email and phrases across social media and forums.

Data breaches 125

Data breaches Media Cybercrime Accountability 125

Security Affairs

DECEMBER 14, 2023

Microsoft’s Digital Crimes Unit seized multiple domains used by cybercrime group Storm-1152 to sell fraudulent Outlook accounts. Microsoft’s Digital Crimes Unit seized multiple domains used by a cybercrime group, tracked as Storm-1152, to sell fraudulent accounts. ” reads the announcement published by Microsoft.

Cybercrime 134

Cybercrime Accountability Media Technology 134

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches 116

Data breaches Cybercrime Cyber Insurance Marketing 116

Security Affairs

OCTOBER 13, 2024

CISA adds Windows and Qualcomm bugs to its Known Exploited Vulnerabilities catalog Three new Ivanti CSA zero-day actively exploited in attacks Ukrainian national pleads guilty in U.S.

Data breaches 115

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 115

Security Affairs

MAY 1, 2025

A cybercrime group named Hive0117 is behind a fresh phishing campaign that targeted Russian organizations with a new version of the DarkWatchman malware, according to Russian cybersecurity firm F6. Hive0117 targets Russian firms in multiple sectors with phishing attacks using a modified version of the DarkWatchman malware.

Malware 85

Malware Phishing Telecommunications Retail 85

Security Affairs

OCTOBER 29, 2024

The cybersecurity firm’s recommendations for malware victims are: Consult an expert : For thorough malware removal and system security, seek professional help if needed. Change passwords : After malware removal, update passwords for key accounts (email, banking, work, social media) and enable two-factor authentication.

Identity Theft 124

Identity Theft Passwords Malware Banking 124

Security Affairs

JANUARY 24, 2022

’ In February 2008, the US authorities dismantled the global cybercrime organization tracked as Infraud Organization, which was involved in stealing and selling credit card and personal identity data. Its purported founder Andrey Novak is wanted in the US on the accusations of cybercrime. SecurityAffairs – hacking, cybercrime).

Cybercrime 121

Cybercrime Hacking Cryptocurrency Ransomware 121

Webroot

MARCH 3, 2025

March is a time for leprechauns and four-leaf clovers, and as luck would have it, its also a time to learn how to protect your private data from cybercrime. During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure.

Consumer Protection 92

Consumer Protection Identity Theft Scams Social Engineering 92

Security Affairs

DECEMBER 30, 2024

Cisco confirmed the authenticity of the 4GB of leaked data, which was compromised in a recent security breach, marking it as the second leak in the incident. “We are aware of some recent social media posts made by the actor. We have analyzed the post data, and it aligns with the known data set from October 14, 2024.”

Data breaches 123

Data breaches Cybercrime Authentication Technology 123

Security Affairs

NOVEMBER 23, 2024

Microsoft announced the disruption of the ONNX phishing service, another success against cybercrime which led to the seizure of 240 sites. Phishing kits are sold mainly via Telegram, complemented by instructional videos on social media platforms that guide buyers on purchasing and deploying them.

Phishing 72

Phishing Cybercrime Financial Services Media 72

Security Affairs

NOVEMBER 30, 2024

Some of the malicious apps were promoted through deceptive advertising on social media. “ SpyLoan apps exploit official app stores like Google Play, deceptive branding, and social media ads to appear credible. The researchers reported the apps to Google who notified the developers that their apps violate Google Play policies.

Social Engineering 128

Social Engineering Media Mobile Scams 128

Security Affairs

APRIL 26, 2025

. “New court documents reveal security cameras captured Bowie wandering around the hospital on August 6, where he tried to get into multiple offices until he stumbled upon two computers. ” reported the media outlet KOCO 5 News. One of those computers was for employees only.”

Malware 145

Malware Cybersecurity Healthcare Media 145

Security Affairs

NOVEMBER 10, 2024

CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog Canadian authorities arrested alleged Snowflake hacker Android flaw CVE-2024-43093 may be under limited, targeted exploitation July 2024 ransomware attack on the City of Columbus impacted 500,000 people Nigerian man Sentenced to 26+ years in real estate phishing scams Russian (..)

Ransomware 115

Ransomware Cybercrime Phishing Banking 115

Security Affairs

APRIL 5, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Genesis Market) The post Law enforcement seized the Genesis Market cybercrime marketplace appeared first on Security Affairs.

Marketing 98

Marketing Cybercrime Accountability Education 98

Security Affairs

APRIL 11, 2023

The experts pointed out that while the majority of zero-days they have discovered in the past were used by APT groups, this zero-day was exploited by a sophisticated cybercrime group. This group is known to have used similar CLFS driver exploits in the past that were likely developed by the same author.

Cybercrime 98

Cybercrime Ransomware Education Media 98

Security Affairs

DECEMBER 7, 2024

The CEO of the Croatian Port, Duko Grabovac, told local media outlet Novi list that despite threats actors stole some data, the incident had no impact on the operations at the post. Grabovac pointed out that his organization will not pay the ransom requested by the ransomware gang.

Ransomware 123

Ransomware Hacking Accountability Cyber Attacks 123

Security Affairs

NOVEMBER 30, 2024

Local media reported that the threat actors that call themselves “Waste” is responsible for the attack. .” The Bank of Uganda stated on Thursday it is relying on a police investigation into reports of offshore hackers stealing 62 billion shillings ($16.8M) from its accounts.

Banking 141

Banking Government Accountability Hacking 141

Krebs on Security

JUNE 18, 2021

We see a similar dynamic with social media platforms, where the “user” is not the customer at all but the product whose data is being bought and sold by these platforms. But the company never acted to fix it until the news media came calling. According to the FBI, BEC scams are the most costly form of cybercrime today.

Insurance 328

Insurance Risk Financial Services CISO 328

Security Affairs

JANUARY 2, 2022

According to South Korean media outlet Chosun, North Korean threat actors have stolen around $1.7 According to local media, US federal prosecutors believe that North Korea’s government considers cryptocurrency a long-term investment and it is amassing crypto funds through illegal activities. “Citing the U.S. 380 billion.

Cryptocurrency 141

Cryptocurrency Cybercrime Media Government 141

Security Affairs

FEBRUARY 3, 2025

“In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming.”

Media 114

Media Authentication Hacking Accountability 114

Security Affairs

MARCH 10, 2022

Vodafone announced to have launched an investigation after the Lapsus$ cybercrime group claimed to have stolen its source code. Early this week, the cybercrime group asked their subscribers in a poll on messaging app Telegram: “What should we leak next?” followed by three options: Vodafone source code. The poll will end on March 13. “We

Data breaches 124

Data breaches Cybercrime Media Hacking 124

Security Affairs

APRIL 24, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, PaperCut ) The post Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws appeared first on Security Affairs.

Cybercrime 98

Cybercrime Software Education Ransomware 98

Security Affairs

OCTOBER 11, 2024

The group used the chatbot to receive support in Android malware development and to create a scraper for the social media platform Instagram. OpenAI’s report also detailed the use of ChatGPT by another Iranian threat actor, tracked Storm-0817.

Malware 135

Malware Social Engineering Engineering Hacking 135

Security Affairs

MARCH 2, 2025

is a publicly traded American media company. Yet, the information weve uncovered might offer a different perspective. ” Qilin is a Russian-speaking cybercrime group operating a Ransomware-as-a-Service (RaaS) model since 2022. Lee Enterprises , Inc. The company reported to the SEC that a Feb.

Ransomware 76

Ransomware Cybercrime Encryption Healthcare 76

Security Affairs

FEBRUARY 9, 2025

US Justice Department says cybercrime forum allegedly affected 17 million Americans Cybercrime is increasingly complex. What are the risks?

Spyware 60

Spyware Cybercrime Scams Social Engineering 60

Security Affairs

DECEMBER 22, 2022

. “South Korea’s main spy agency, the National Intelligence Service, said North Korea’s capacity to steal digital assets is considered among the best in the world because of the country’s focus on cybercrimes since U.N. economic sanctions were toughened in 2017 in response to its nuclear and missile tests.” Citing the U.S.

Cryptocurrency 139

Cryptocurrency Cybercrime Media Government 139

Security Affairs

APRIL 23, 2025

The malware covertly monetizes social media bandwidth via this mechanism. Teneo allows users to earn rewards ( Teneo Points ) by running Community Nodes that scrape public data from social platforms like Facebook, X, Reddit, and TikTok. These points can be converted to $TENEO tokens.

Cryptocurrency 114

Cryptocurrency Malware Media Hacking 114

Security Affairs

AUGUST 27, 2024

. “All information related to the cybercriminal has already been handed over to the authorities. Among them, it was possible to identify tax registration, email addresses, registered domains, IP addresses, social media accounts, telephone number and city . Despite attempts to hide his identity by claiming U.S.

Media 125

Media Cybercrime Accountability Hacking 125

Security Affairs

SEPTEMBER 27, 2021

Researchers from vpnMentor recently published a report that sheds the light on the use of Telegram in the cybercrime ecosystem. vpnMentor researchers joined several cybercrime-focused Telegram groups and discovered a vast network of more 1,000s individuals sharing data leaks and dumps and discussing how to exploit them in illegal activities.

Cybercrime 138

Cybercrime Hacking Mobile DDOS 138

Krebs on Security

MARCH 7, 2022

In 2020, researchers from Athens University School of Information Sciences and Technology in Greece showed (PDF) how ransomware-as-a-service offerings might one day be executed through smart contracts. Before that, Jeffrey Ladish , an information security consultant based in Oakland, Calif., SQUID GAMES.

Ransomware 270

Ransomware Cryptocurrency DDOS Scams 270

Security Affairs

MARCH 8, 2025

Authorities recovered $31 Million Related to 2021 Uranium Finance cyber heist Serbian student activists phone hacked using Cellebrite zero-day exploit Qilin ransomware gang claimed responsibility for the Lee Enterprises attack Meta fired 20 employees for leaking information, more firings expected International Press Newsletter Cybercrime U.S.

Data breaches 67

Data breaches Hacking Artificial Intelligence Cybercrime 67

Security Affairs

JULY 2, 2024

“The man, 42, is expected to appear in Perth Magistrates Court today (28 June, 2024) to face nine charges for alleged cybercrime offences.” These harvested cfedentials could be used to access victims’ personal information and bank details. ” AFP Western Command Cybercrime Detective Inspector Andrea Coleman said.

Wireless 126

Wireless Cybercrime Banking VPN 126

Security Affairs

JANUARY 31, 2024

According to German media , one of the two operators was also involved in the operations of the site mega-downloads.net. Movie2k was a platform involved in the unauthorized distribution of copyrighted movies, TV shows, and other media content. It was operating between 2008 and 2013.

Media 127

Media Cybercrime Advertising Information Security 127

Security Affairs

JUNE 17, 2024

A joint law enforcement operation led to the arrest of a key member of the cybercrime group known as Scattered Spider. Spanish police arrested a 22-year-old British national who is suspected of being a key member of the cybercrime group known as Scattered Spider (also known as UNC3944 , 0ktapus ).

Cybercrime 127

Cybercrime Hacking Social Engineering Cryptocurrency 127

Security Affairs

MARCH 17, 2025

” Talos warned that threat actors can also track user behavior and conduct fingerprinting attacks by using the @media at-rule. Also, note that the invisible preheader text is completely irrelevant and appears benign (e.g., FOUR yummy soup recipes just for you!) to make it appear less suspicious to spam filters.”

Phishing 116

Phishing Engineering Media Hacking 116

Security Affairs

FEBRUARY 8, 2024

Several media reported that three million electric toothbrushes were compromised and recruited into a DDoS botnet. The newspaper quoted an employee of cybersecurity firm Fortinet as a source of the information. The news made the headlines and was reported by many other media outlets and websites without appropriate verification.

DDOS 141

DDOS IoT Media Internet 141