Cybercrime, Scams and Telecommunications

Thai police arrested Chinese hackers involved in SMS blaster attacks

Security Affairs

NOVEMBER 25, 2024

Thai authorities arrested members of two Chinese cybercrime organizations, one of these groups carried out SMS blaster attacks. Thai authorities uncovered call center gangs using fake “02” numbers to deceive citizens into scams and fraudulent investments, generating over 700 million calls.

Mobile

Mobile Scams Technology Telecommunications

China-based SMS Phishing Triad Pivots to Banks

Krebs on Security

APRIL 10, 2025

But experts say these groups are now directly targeting customers of international financial institutions, while dramatically expanding their cybercrime infrastructure and support staff. Phishers using multiple virtualized Android devices to orchestrate and distribute RCS-based scam campaigns. Image: Prodaft. Image: Prodaft.

Phishing

Phishing Banking Mobile Retail

Security Affairs newsletter Round 498 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 17, 2024

CISA adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices China-linked threat actors compromised multiple telecos and spied on a limited number of U.S.

Cryptocurrency

Cryptocurrency Malware Hacking Ransomware

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

US Harbors Prolific Malicious Link Shortening Service

Krebs on Security

OCTOBER 31, 2023

The top-level domain for the United States — US — is home to thousands of newly-registered domains tied to a malicious link shortening service that facilitates malware and phishing scams, new research suggests. The findings come close on the heels of a report that identified.US domains registered daily.US Department of Commerce.

Phishing

Phishing Telecommunications Malware Scams

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

Here’s a look at some of the more notable cybercrime stories from the past year, as covered by KrebsOnSecurity and elsewhere. 24, Russia invades Ukraine, and fault lines quickly begin to appear in the cybercrime underground. com, which was fed by pig butchering scams. Uber blames LAPSUS$ for the intrusion.

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

19-Year-Old man arrested for misusing leaked record from Optus Breach

Security Affairs

OCTOBER 6, 2022

The Australian Federal Police (AFP) arrested a 19-year-old teen from Sydney for attempting to use data from the Optus data breach in SMS scams. “ A Sydney man, 19, has been charged for allegedly attempting to misuse stolen Optus customer data in a text message blackmail scam.” million individuals. million individuals.

Data breaches

Data breaches Scams Telecommunications Financial Services

Voice Phishers Targeting Corporate VPNs

Krebs on Security

AUGUST 19, 2020

For now at least, they appear to be focusing primarily on companies in the financial, telecommunications and social media industries. Traditionally, the goal of these attacks has been gaining control over highly-prized social media accounts, which can sometimes fetch thousands of dollars when resold in the cybercrime underground.

Phishing

Phishing VPN Social Engineering Media

Security Affairs newsletter Round 442 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 22, 2023

North Korea-linked APT groups actively exploit JetBrains TeamCity flaw Multiple APT groups exploited WinRAR flaw CVE-2023-38831 Californian IT company DNA Micro leaks private mobile phone data Threat actors have been exploiting CVE-2023-4966 in Citrix NetScaler ADC/Gateway devices since August A flaw in Synology DiskStation Manager allows admin account (..)

Ransomware

Ransomware Telecommunications Data breaches Mobile

AT&T confirms 73 million people affected by data breach

Malwarebytes

APRIL 2, 2024

Telecommunications giant AT&T has finally confirmed that 73 million current and former customers have been caught up in a massive dark web data leak. The leaked data includes names, addresses, mobile phone numbers, dates of birth, and social security numbers.

Data breaches

Data breaches Passwords Phishing Accountability

Developing Your Business Email Compromise (BEC) Incident Response Plan

SecureWorld News

NOVEMBER 22, 2021

The Business Email Compromise (BEC) scam is one of the simplest and most damaging attacks businesses can face with losses ranging from hundreds to millions of dollars. According to the Federal Bureau of Investigation (FBI), losses due to BEC scams since 2013 total around $28 billion dollars and it is the most profitable cybercrime there is.

Scams

Scams Cybercrime Accountability Banking

News alert: AI-powered web scrapers from Oxylabs are breaking new ground in fraud detection

The Last Watchdog

OCTOBER 20, 2023

Enterprises in the finance, banking, and telecommunications sectors are the most susceptible to online fraud, but it can happen to any company,” said Vaidotas Sedys , Head of Risk Management at Oxylabs. Sedys concluded, “AI and ML technologies are vital in the fight against cybercrime, helping organizations identify anomalies.

Artificial Intelligence

Artificial Intelligence Identity Theft Telecommunications Big data

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

Scattered Spider previously targeted telecommunications firms, likely to support its SIM-swapping activities that facilitate account takeovers. In this report, we explore Scattered Spider’s evolution from low-level cybercrimes to partnering with ransomware groups to target major organizations.

Social Engineering

Social Engineering Engineering Accountability Backups

Scattered Spider x RansomHub: A New Partnership

Digital Shadows

OCTOBER 23, 2024

Scattered Spider previously targeted telecommunications firms, likely to support its SIM-swapping activities that facilitate account takeovers. In this report, we explore Scattered Spider’s evolution from low-level cybercrimes to partnering with ransomware groups to target major organizations.

Social Engineering

Social Engineering Engineering Accountability Backups

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

In each case, the goal of the attackers was the same: Phish T-Mobile employees for access to internal company tools, and then convert that access into a cybercrime service that could be hired to divert any T-Mobile user’s text messages and phone calls to another device. One of the groups that reliably posted “Tmo up!

Mobile

Mobile Phishing Authentication Advertising

Security Affairs newsletter Round 495 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 27, 2024

CISA adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812 Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment Internet Archive was breached twice in a month Unknown threat actors exploit Roundcube Webmail flaw (..)

Data breaches

Data breaches Healthcare Cybercrime Social Engineering

Hacker in Snowflake Extortions May Be a U.S. Soldier

Krebs on Security

NOVEMBER 26, 2024

However, this person’s identity may not remain a secret for long: A careful review of Kiberphant0m’s daily chats across multiple cybercrime personas suggests they are a U.S. However, Vars_Secc would be banned from XSS after attempting to sell access to the Russian telecommunications giant Rostelecom. [In Over 50 articles.

DDOS

DDOS Cybercrime Accountability Government

A Tumultuous Week for Federal Cybersecurity Efforts

Krebs on Security

JANUARY 27, 2025

The CSRB has so far produced three detailed reports, including an analysis of the Log4Shell vulnerability crisis, attacks from the cybercrime group LAPSUS$ , and the 2023 Microsoft Exchange Online breach. telecommunications providers at the hands of Chinese state-sponsored hackers. Sussman was acquitted in May 2022.

Cybersecurity

Cybersecurity Government Cryptocurrency Artificial Intelligence

Cyber Security Informer

Thai police arrested Chinese hackers involved in SMS blaster attacks

China-based SMS Phishing Triad Pivots to Banks

Webinars

Trending Sources

Security Affairs newsletter Round 498 by Pierluigi Paganini – INTERNATIONAL EDITION

Webinars

US Harbors Prolific Malicious Link Shortening Service

Happy 13th Birthday, KrebsOnSecurity!

19-Year-Old man arrested for misusing leaked record from Optus Breach

Voice Phishers Targeting Corporate VPNs

Security Affairs newsletter Round 442 by Pierluigi Paganini – INTERNATIONAL EDITION

AT&T confirms 73 million people affected by data breach

Developing Your Business Email Compromise (BEC) Incident Response Plan

News alert: AI-powered web scrapers from Oxylabs are breaking new ground in fraud detection

Scattered Spider x RansomHub: A New Partnership

Scattered Spider x RansomHub: A New Partnership

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Security Affairs newsletter Round 495 by Pierluigi Paganini – INTERNATIONAL EDITION

Hacker in Snowflake Extortions May Be a U.S. Soldier

A Tumultuous Week for Federal Cybersecurity Efforts

Stay Connected