Security Affairs

MAY 20, 2023

Luxottica has finally confirmed the 2021 data breach that exposed the personal information of 70 million customers. pic.twitter.com/62uQWT4YQB — Andrea Draghetti (@AndreaDraghetti) May 12, 2023 The most recent entry in the database is March 16th, 2021, a circumstance that suggests it is a new data breach suffered by Luxottica.

Data breaches 91

Data breaches Retail Hacking Ransomware 91

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. On Sunday, Feb. hospitals and healthcare providers.”.

Ransomware 274

Ransomware Healthcare Cybercrime Government 274

Security Affairs

APRIL 28, 2023

The malware allows operators to steal login credentials from popular services such as social media platforms and cryptocurrency wallets, then stolen data is sold on cybercrime forums by the operators. To prevent infections from malware like Cryptbot, Cybercrime Support Network recommends users to Download from well-known and trusted sources.

Malware 94

Malware Cybercrime Cryptocurrency Media 94

Security Affairs

MAY 29, 2022

The transnational cybercrime ring was engaged in the mass acquisition and sale of fraud-related goods and services, including stolen identities, compromised credit card data, and computer malware. Telusma pleaded guilty to one count of racketeering conspiracy on October 13, 2021. SecurityAffairs – hacking, cybercrime).

Cybercrime 130

Cybercrime Hacking Malware Cybersecurity 130

Security Affairs

APRIL 8, 2022

A Ukrainian man was sentenced in the US to 5 years in prison for his criminal activity in the cybercrime group FIN7. for high-level hacking activity in the cybercrime group FIN7 (aka Carbanak Group and the Navigator Group). Iarmak is the third member of the FIN7 cybercrime group to be sentenced in the U.S. in May 2020.

Cybercrime 108

Cybercrime Hacking Software Phishing 108

Krebs on Security

APRIL 27, 2023

This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information. That data later wound up for sale on a top cybercrime forum. Huntington Bank has disabled the leaky TCF Bank Salesforce website. ”

Banking 299

Banking Government Information Security Authentication 299

Security Affairs

JUNE 15, 2022

Privacy Affairs published the Dark Web Index, an analysis of prices for illegal services/products available in the black marketplaces and related to the period between February 2021 and June 2022. The document updates the information provided in the Dark Web Index 2022 report. verified account goes for $170 ($710 in 2021).

Identity Theft 95

Identity Theft Accountability DDOS Cybercrime 95

Security Affairs

MAY 2, 2023

The Monopoly Market was launched in 2019 and the German authorities seized the marketplace’s infrastructure in December 2021. “Europol has been compiling intelligence packages based on troves of evidence provided by German authorities, who successfully seized the marketplace’s criminal infrastructure in December 2021.

Marketing 83

Marketing Accountability Cybercrime Education 83

Security Affairs

APRIL 17, 2022

The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. Researchers from Fortinet discovered a new DDoS botnet, tracked as Enemybot, that has targeted several routers and web servers by exploiting known vulnerabilities. Upon installing the threat, the bot drops a file in /tmp/.pwned

DDOS 136

DDOS Architecture Malware Cybercrime 136

Security Affairs

MAY 30, 2022

The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”).

Malware 142

Malware DDOS IoT Cybercrime 142

Security Affairs

MAY 3, 2023

Over a nine-month period in 2018, the site performed at least 16 million checks, and over a 13-month period beginning in September 2021, the site performed at least 17 million checks.” ” reads the press release published by the DoJ. ” The indictment is the result of a law enforcement operation conducted by the U.S.

Cybercrime 90

Cybercrime Education Media Hacking 90

Herjavec Group

DECEMBER 15, 2021

Needless to say, in 2021 cybersecurity was front and center for individuals, enterprises, and governments alike. This forced security leaders and enterprise executives to assess their information security operations and overall cybersecurity posture to ensure their organizations were ready to face the challenges ahead.

Cybersecurity 52

Cybersecurity Digital transformation Ransomware Cyber Risk 52

Security Affairs

MAY 15, 2023

” In January 2021, SHARP was working on a team remediating the security incident, when he sent a ransom note to the company. SHARP (37) was arrested in December 2021, in March he pleaded guilty to posing as an anonymous hacker and a whistleblower to extort almost $2 million worth of cryptocurrency while working at Ubiquiti.

Marketing 93

Marketing Cybercrime Cryptocurrency Hacking 93

Security Affairs

MAY 31, 2022

Small states are easy targets due to the low level of security of their critical infrastructure due to the low budget to protect them. A similar attack was seen in May 2021, when the gang targeted Ireland’s publicly funded health care system and demanded a ransom of USD20 million.” ” reads the post published by Cyble.

Government 140

Government Ransomware Cybercrime Banking 140

Security Affairs

APRIL 6, 2022

The seizure of the Hydra Market is the result of an international investigation conducted by the Central Office for Combating Cybercrime (ZIT) in partnership with U.S. law enforcement authorities since August 2021. Hydra was a top Russian Darknet market famous among Russian speaking users that have been active since 2015.

Marketing 92

Marketing Cybercrime Advertising Hacking 92

Security Affairs

APRIL 6, 2022

The seizure of the Hydra Market is the result of an international investigation conducted by the Central Office for Combating Cybercrime (ZIT) in partnership with U.S. law enforcement authorities since August 2021. Treasury Department explained that the sanctions aim at disrupting the proliferation of cybercrime services.

Marketing 105

Marketing Cybercrime Advertising Hacking 105

Security Affairs

JANUARY 30, 2021

The FonixCrypter gang also closed its Telegram channel that was used to advertise the malware in the cybercrime underground. The security researcher Andrew Ivanov published technical details about this specific threat in a blog post. If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Ransomware 135

Ransomware Encryption Malware Cybercrime 135

Security Affairs

APRIL 30, 2023

The carrier has adopted security measures to prevent similar attacks, it also forced a password reset on some email accounts. TechCrunch reported that a cybercrime gang claims to have access to the entire AT&T employee database, which can allow them to access an internal AT&T portal for employees called OPUS.

Cryptocurrency 80

Cryptocurrency Accountability Passwords Hacking 80

Security Affairs

APRIL 27, 2022

The group’s activity returned to the levels that represented a peak in 2021, the gang rapidly reacted to the public disclosure of its communications, source code, and operational details. Despite these public disclosures, the number of Conti victims posted in March surged to the second-highest monthly total since January 2021.”

Ransomware 81

Ransomware Cybercrime Hacking Cybersecurity 81

Security Affairs

JUNE 2, 2022

The investigation involved law enforcement authorities of Australia, Belgium, Finland, Hungary, Ireland, Spain, Sweden, Switzerland, the Netherlands and the United States, with the coordination of international activity carried out by Europol’s European Cybercrime Centre (EC3). Follow me on Twitter: @securityaffairs and Facebook.

Spyware 90

Spyware Malware Banking Cybercrime 90

Security Affairs

APRIL 3, 2023

FortiGuard Labs researchers observed an ongoing hacking campaign targeting Cacti ( CVE-2022-46169 ) and Realtek ( CVE-2021-35394 ) vulnerabilities to spread ShellBot and Moobot malware. The Moobot botnet is actively exploiting critical vulnerabilities in Cacti, and Realtek in attacks in the wild.

DDOS 85

DDOS Malware Hacking Education 85

Security Affairs

APRIL 19, 2023

The man was arrested in Amsterdam in November 2021 and was extradited to the US in August 2022. According to a joint report published in January 2021 by security firms Advanced-intel and HYAS, Ryuk operators earned, at the time of publishing the analysis, more than $150 million worth of Bitcoin from ransom paid by their victims.

Ransomware 77

Ransomware Education Media Hacking 77

Security Affairs

MAY 21, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches 90

Data breaches Cybercrime Ransomware Passwords 90

Security Affairs

JULY 18, 2023

The cybercrime group FIN8 is using a revamped version of the Sardonic backdoor to deliver the BlackCat ransomware. In the past few years, the group has been observed using a number of ransomware threats, including the Ragnar Locker ransomware (June 2021), the White Rabbit ransomware (January 2022).

Ransomware 94

Ransomware Cybercrime Malware Hacking 94

Security Affairs

JUNE 16, 2022

The ALPHA/BlackCat gang has been active since at least December 2021 when malware researchers from Recorded Future and MalwareHunterTeam discovered their operation. ALPHV has been advertising the BlackCat Ransomware-as-a-Service (RaaS) on the cybercrime forums XSS and Exploit since early December. To nominate, please visit:?.

Ransomware 85

Ransomware Cybercrime Malware Advertising 85

Security Affairs

APRIL 5, 2023

For some, a cyber criminal matches some of the Hollywood tropes: a person sitting alone in a dimly lit room, furiously mashing on a keyboard to steal information from a person or company. Those days are behind us, however, as cybercrime is establishing itself as a business in and of itself.

Energy and Utilities 80

Energy and Utilities Cyber threats Risk Cyber Risk 80

Security Affairs

MAY 27, 2022

ERMAC was first spotted by researchers from Threatfabric in July 2021, it is based on the popular banking trojan Cerberus. “The Threat Actor behind ERMAC used the leaked code from a well-known malware variant named “Cerberus” and modified the code to sell the Android botnets in cybercrime forums. ” concludes Cyble.

Banking 142

Banking Malware Cybercrime Phishing 142

Security Affairs

APRIL 17, 2022

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.

Wireless 78

Wireless Data breaches Hacking Surveillance 78

Security Affairs

APRIL 30, 2022

In mid-November 2021 researchers from multiple cybersecurity firms ([Cryptolaemus], [GData], and [Advanced Intel]) reported that threat actors are using the TrickBot malware to drop an Emotet loader on infected devices. To nominate, please visit:? Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Ransomware 83

Ransomware Banking Cybercrime Malware 83

Security Affairs

JUNE 16, 2022

The ALPHA/BlackCat gang has been active since at least December 2021 when malware researchers from Recorded Future and MalwareHunterTeam discovered their operation. ALPHV has been advertising the BlackCat Ransomware-as-a-Service (RaaS) on the cybercrime forums XSS and Exploit since early December. Pierluigi Paganini.

Ransomware 104

Ransomware Cybercrime Malware Advertising 104

Security Affairs

APRIL 16, 2023

In 2021, CISA added Remcos to the list of top malware strains due to its use in mass phishing attacks using COVID-19 pandemic themes targeting businesses and individuals. The phishing attacks began in February 2023, the IT giant reported.

Accountability 91

Accountability Phishing Financial Services Surveillance 91

Security Affairs

MAY 15, 2023

RA Group isn’t the only gang that uses the leaked Babuk source code, recently SentinelLabs researchers have identified 10 ransomware families using VMware ESXi lockers based on the source code of the Babuk ransomware that was leaked in 2021.

Ransomware 87

Ransomware Encryption Cybercrime Insurance 87

Security Affairs

APRIL 6, 2022

(the “Company”) announced that it recently determined that a former employee downloaded certain reports of its subsidiary Cash App Investing LLC (“Cash App Investing”) on December 10, 2021 that contained some U.S. customer information. Securities and Exchange Commission (SEC). ” reads the FORM 8-K published by the U.S.

Data breaches 113

Data breaches Cryptocurrency Accountability Banking 113

Security Affairs

APRIL 27, 2023

The new variant of the encryptor targets Linux, NAS, and ESXi hosts, it appears to be based on the source code of Babuk ransomware that was leaked online in 2021. The Uptycs threat research team discovered the first ransomware binary attributed to the RTM ransomware-as-a-service (RaaS) provider.

Encryption 89

Encryption Ransomware Malware Education 89

Security Affairs

MAY 17, 2022

The Facestealer spyware was first spotted on July 2021 by Dr. Web researchers, the development team behind the threat has frequently changed its code. Trend Micro researchers also discovered 40 fake cryptocurrency miner apps that are variants of similar apps that they discovered in August 2021. To nominate, please visit:?

Spyware 92

Spyware Cryptocurrency VPN Malware 92

Security Affairs

MAY 17, 2023

On April 26, 2021, Matveev and his Babuk coconspirators hit the Metropolitan Police Department in Washington, D.C. Let today’s charges be a reminder to cybercriminals everywhere – my office is devoted to combatting cybercrime and will spare no resources in bringing to justice those who use ransomware attacks to target victims.”

Ransomware 78

Ransomware Healthcare Cybercrime Encryption 78

Security Affairs

JUNE 3, 2022

Clipminer was first spotted in early 2021, it likely spread via Trojanized downloads of cracked or pirated software. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, cryptocurrency).

Cryptocurrency 137

Cryptocurrency Malware Hacking Software 137