2022, Blog, Cybercrime and Hacking - Cyber Security Informer

Lockbit ransomware gang claims to have hacked cybersecurity giant Mandiant

Security Affairs

JUNE 6, 2022

LockBit ransomware gang claims to have hacked the cybersecurity firm Mandiant, which is investigating the alleged security breach. Mandiant is investigating the claims of the ransomware gang, the cybercrime group declared to have stolen 356841 files from the company and plans to leak them online. SecurityAffairs – hacking, Lockbit).

Hacking

Hacking Ransomware Cybersecurity Cybercrime

Law enforcement seized the Genesis Market cybercrime marketplace

Security Affairs

APRIL 5, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Genesis Market) The post Law enforcement seized the Genesis Market cybercrime marketplace appeared first on Security Affairs.

Marketing

Marketing Cybercrime Accountability Education

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. SecurityAffairs – hacking, FBI). Pierluigi Paganini.

Cybercrime

Cybercrime Education Accountability Phishing

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware

Security Affairs

MAY 20, 2023

FIN7 is a Russian criminal group (aka Carbanak ) that has been active since mid-2015, it focuses on restaurants, gambling, and hospitality industries in the US to harvest financial information that was used in attacks or sold in cybercrime marketplaces. They then use OpenSSH and Impacket to move laterally and deploy Clop ransomware.

Cybercrime

Cybercrime Ransomware Security Intelligence Hacking

Cybercrime group exploits Windows zero-day in ransomware attacks

Security Affairs

APRIL 11, 2023

The experts pointed out that while the majority of zero-days they have discovered in the past were used by APT groups, this zero-day was exploited by a sophisticated cybercrime group. This group is known to have used similar CLFS driver exploits in the past that were likely developed by the same author.

Cybercrime

Cybercrime Ransomware Education Media

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 9, 2024, U.S.

Social Engineering

Social Engineering Mobile Cybercrime Passwords

Ransomware activity and network access sales in Q3 2022

Security Affairs

NOVEMBER 1, 2022

KELA identified around 600 victims by analyzing ransomware actors’ blogs and negotiation portals, data leak sites and public reports. Compared to the second quarter of 2022, the activity decreased by 8%, falling from July to August but increasing from August to September. SecurityAffairs – hacking, cybercrime).

Ransomware

Ransomware Cybercrime Hacking Information Security

A cracked copy of Brute Ratel post-exploitation tool leaked on hacking forums

Security Affairs

SEPTEMBER 29, 2022

The Brute Ratel post-exploitation toolkit has been cracked and now is available in the underground hacking and cybercrime communities. Threat actors have cracked the Brute Ratel C4 (BRC4) post-exploitation toolkit and leaked it for free in the cybercrime underground. ” wrote Thomas. in, and Xss[.]is,

Hacking

Hacking Cybercrime Ransomware Antivirus

Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers

Security Affairs

JUNE 12, 2022

Ransomware gangs are actively exploiting CVE-2022-26134 remote code execution (RCE) flaw in Atlassian Confluence Server and Data Center. Multiple ransomware groups are actively exploiting the recently disclosed remote code execution (RCE) vulnerability, tracked as CVE-2022-26134 , affecting Atlassian Confluence Server and Data Center.

Ransomware

Ransomware Encryption Malware Hacking

ZingoStealer crimeware released for free in the cybercrime ecosystem

Security Affairs

APRIL 15, 2022

The cybercrime gang has been active since at least January 2020. ”” ZingoStealer first appeared in the threat landscape in March 2022 and according to the Talos experts it is currently undergoing active development. SecurityAffairs – hacking, cybercrime). To nominate, please visit:? Pierluigi Paganini.

Cybercrime

Cybercrime Malware Cryptocurrency Hacking

US dismantled and seized SSNDOB cybercrime marketplace

Security Affairs

JUNE 8, 2022

On June 7, 2022, seizure orders allowed to seize four domains used by the operators of the SSNDOB Marketplace ( ssndob.ws , ssndob.vip , ssndob.club , and blackjob.biz ), shutting down the website’s operation. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Cybercrime

Cybercrime Cryptocurrency Marketing Advertising

Snatch ransomware gang claims the hack of the food giant Kraft Heinz

Security Affairs

DECEMBER 15, 2023

The Snatch ransomware group announced it had hacked the food giant Kraft Heinz, the company is investigating the claims. The Snatch ransomware group claims to have hacked Kraft Heinz in August and on December 14, it added the company to the list of victims on its leak site.

Hacking

Hacking Ransomware Computers and Electronics Marketing

Let’s give a look at the Dark Web Price Index 2022

Security Affairs

JUNE 15, 2022

PrivacyAffairs released the Dark Web Index 2022, the document provides the prices for illegal services/products available in the black marketplaces. The document updates the information provided in the Dark Web Index 2022 report. The document updates the information provided in the Dark Web Index 2022 report. 50 in 2021).

Identity Theft

Identity Theft Accountability DDOS Cybercrime

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

JANUARY 24, 2023

First advertised in the cybercrime underground in 2014, RSOCKS was the web-based storefront for hacked computers that were sold as “proxies” to cybercriminals looking for ways to route their Web traffic through someone else’s device. Kloster’s blog enthused. “We A copy of the passport for Denis Emelyantsev, a.k.a.

Cybercrime

Cybercrime Advertising IoT Malware

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

Security Affairs

APRIL 24, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, PaperCut ) The post Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws appeared first on Security Affairs.

Cybercrime

Cybercrime Software Education Ransomware

Stormous ransomware gang claims to have hacked Coca-Cola

Security Affairs

APRIL 26, 2022

The Stormous ransomware gang claims to have hacked the multinational beverage corporation Coca-Cola Company. The Stormous ransomware gang announced with a post on its leak site to have hacked the multinational beverage corporation Coca-Cola Company. we hacked some of their servers and went over (161G) ! or 1.6467000 Bitcoin.”

Hacking

Hacking Ransomware Cybercrime Cybersecurity

Alleged Extortioner of Psychotherapy Patients Faces Trial

Krebs on Security

NOVEMBER 16, 2023

In a 2,200-page report, Finnish authorities laid out how they connected the extortion spree to Kivimäki, a notorious hacker who was convicted in 2015 of perpetrating tens of thousands of cybercrimes, including data breaches, payment fraud, operating a botnet and calling in bomb threats.

Cybercrime

Cybercrime Hacking Data breaches Banking

Palo Alto Networks devices affected by CVE-2022-0778 OpenSSL bug

Security Affairs

APRIL 7, 2022

Palo Alto Networks addressed a high-severity OpenSSL infinite loop vulnerability, tracked as CVE-2022-0778 , that affects some of its firewall, VPN, and XDR products. According to Palo Alto Networks, the CVE-2022-0778 vulnerability can be exploited by remote attackers to trigger a denial of service condition and crash vulnerable devices.

Firewall

Firewall VPN Cybercrime Software

Money Message ransomware group claims to have hacked IT giant MSI

Security Affairs

APRIL 6, 2023

Ransomware gang Money Message claims to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International). Ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International).

Hacking

Hacking Ransomware Manufacturing Education

Operation TOURNIQUET: Authorities shut down dark web marketplace RaidForums

Security Affairs

APRIL 12, 2022

The illegal dark web marketplace RaidForums has been shut down and its infrastructure seized as a result of the international law enforcement Operation TOURNIQUET coordinated by Europol’s European Cybercrime Centre. Europol will continue working with its international partners to make cybercrime harder – and riskier –to commit.

Cybercrime

Cybercrime Banking Accountability Hacking

China-Linked Cybercrime Group Attacks Asian Certificate Authority, Breaches Government Agencies

Security Boulevard

NOVEMBER 15, 2022

China-Linked Cybercrime Group Attacks Asian Certificate Authority, Breaches Government Agencies. Tue, 11/15/2022 - 15:14. The attacks revealed today used specific backdoors Symantec had previously attributed to Billbug in earlier blogs. brooke.crothers. Billbug is longstanding threat. Machine identity is essential for security.

Cybercrime

Cybercrime Government Software Hacking

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

Krebs on Security

SEPTEMBER 24, 2022

Denis Emelyantsev , as the apparent owner of RSOCKS, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. ” Kloster’s blog even included a group photo of RSOCKS employees.

Cybercrime

Cybercrime Data breaches Malware Ransomware

CISA adds CVE-2022-1388 flaw in F5 BIG-IP to its Known Exploited Vulnerabilities Catalog

Security Affairs

MAY 11, 2022

US Critical Infrastructure Security Agency (CISA) adds critical CVE-2022-1388 flaw in F5 BIG-IP products to its Known Exploited Vulnerabilities Catalog. Cybersecurity and Infrastructure Security Agency (CISA) has added critical CVE-2022-1388 flaw in F5 BIG-IP products to its Known Exploited Vulnerabilities Catalog. Pierluigi Paganini.

Internet

Internet Internet Hacking Cybersecurity

News Alert: HostingAdvice poll finds one in three Americans hacked upon visiting sketchy websites

The Last Watchdog

JULY 18, 2023

July 18, 2022 – Around 30,000 websites get hacked every day , with the majority of those cyberattacks due to human error. This has projected costs associated with cybercrimes to hit the tens of trillions by 2025, highlighting the vital need for web hosts to implement staunch security. Gainesville, Fla.,

Hacking

Hacking DDOS Small Business Spyware

Nation States Will Weaponize Social and Recruit Bad Guys with Benefits in 2022

McAfee

OCTOBER 31, 2021

McAfee Enterprise and FireEye recently released its 2022 Threat Predictions. In this blog, we take a deeper dive into the continuingly aggressive role Nation States will play in 2022. Unfortunately, cybercrime has nonrepudiation and threat actors can deny all knowledge and get away with it. By Raj Samani. Prevention.

Cybercrime

Cybercrime Government Malware Media

AdSense fraud campaign relies on 10,890 sites that were infected since September 2022

Security Affairs

FEBRUARY 14, 2023

The threat actors behind a massive AdSense fraud campaign infected 10,890 WordPress sites since September 2022. In November 2022, researchers from security firm Sucuri reported to have tracked a surge in WordPress malware redirecting website visitors to fake Q&A sites via ois[.]is. Website backdoors to maintain unauthorized access.

Malware

Malware DDOS Cryptocurrency Hacking

EvilExtractor, a new All-in-One info stealer appeared on the Dark Web

Security Affairs

APRIL 24, 2023

EvilExtractor is a new “all-in-one” info stealer for Windows that is being advertised for sale on dark web cybercrime forums. FortiGuard Labs observed this malware in a phishing email campaign on 30 March, which we traced back to the samples included in this blog.” ” reads the report published by Fortinet.

Cybercrime

Cybercrime Malware Education Phishing

Discord suffered a data after third-party support agent was hacked

Security Affairs

MAY 13, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Hacking

Hacking Data breaches Accountability Phishing

A Ukrainian man is the third FIN7 member sentenced in the United States

Security Affairs

APRIL 8, 2022

A Ukrainian man was sentenced in the US to 5 years in prison for his criminal activity in the cybercrime group FIN7. for high-level hacking activity in the cybercrime group FIN7 (aka Carbanak Group and the Navigator Group). Iarmak is the third member of the FIN7 cybercrime group to be sentenced in the U.S. in May 2020.

Cybercrime

Cybercrime Hacking Software Phishing

Conti ransomware claims to have hacked Peru MOF – Dirección General de Inteligencia (DIGIMIN)

Security Affairs

MAY 8, 2022

Conti Ransomware gang claims to have hacked the Peru MOF – Dirección General de Inteligencia (DIGIMIN) and stolen 9.41 SecurityAffairs – hacking, Peru). The post Conti ransomware claims to have hacked Peru MOF – Dirección General de Inteligencia (DIGIMIN) appeared first on Security Affairs. Pierluigi Paganini.

Ransomware

Ransomware Hacking Risk Cybersecurity

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

Security Affairs

APRIL 9, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter newsletter) The post Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition appeared first on Security Affairs. billion rubles.

Computers and Electronics

Computers and Electronics Backups Cybercrime Marketing

Threat actors target the infoSec community with fake PoC exploits

Security Affairs

MAY 22, 2022

The expert discovered a post where a researcher were sharing a fake Proof of Concept (POC) exploit code for an RPC Runtime Library Remote Code Execution flaw ( CVE-2022-26809 CVSS 9.8). You will get a backdoor [link] — Tuan Anh Nguyen (@haxor31337) May 19, 2022. SecurityAffairs – hacking, fake PoC). Pierluigi Paganini.

InfoSec

InfoSec Malware Cybercrime Information Security

Security Affairs newsletter Round 369 by Pierluigi Paganini

Security Affairs

JUNE 12, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog”). SecurityAffairs – hacking, newsletter). To nominate, please visit:?.

Ransomware

Ransomware DNS Cybercrime Hacking

Internationa police operation led to the arrest of the SilverTerrier gang leader

Security Affairs

MAY 25, 2022

The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime group as a result of an international operation. The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime gang (aka TMT ) after a year-long investigation codenamed “Operation Delilah.”

Cybercrime

Cybercrime Healthcare Cybersecurity Phishing

FBI and Ukrainian police seized 9 crypto exchanges used by cybercriminals

Security Affairs

MAY 2, 2023

. “Noncompliant virtual currency exchanges, which have a lax anti-money laundering program or collect minimal Know Your Customer information or none at all, serve as important hubs in the cybercrime ecosystem and are operating in violation of Title 18 United States Code, Sections 1960 and 1956.”

Cybercrime

Cybercrime Cryptocurrency Advertising Education

Experts warn of ransomware attacks against government organizations of small states

Security Affairs

MAY 31, 2022

Cyber Research Labs reported a rise in ransomware attacks in the second quarter of 2022, small states are more exposed to these attacks. They observed a total of 48 government organizations from 21 countries that were hit by 13 ransomware attacks in 2022. SecurityAffairs – hacking, ransomware). ” continues Cyble.

Government

Government Ransomware Cybercrime Banking

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

Security Affairs

APRIL 30, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter ) The post Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Cybercrime

Cybercrime Malware Hacking Accountability

US man sentenced to 4 years in prison for his role in Infraud scheme

Security Affairs

MAY 29, 2022

The transnational cybercrime ring was engaged in the mass acquisition and sale of fraud-related goods and services, including stolen identities, compromised credit card data, and computer malware. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Cybercrime

Cybercrime Hacking Malware Cybersecurity

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

Security Affairs

APRIL 23, 2022

The analysis of encryption techniques employed in the attack allowed the government experts to associate the campaign with the cybercrime group Trickbot. SecurityAffairs – hacking, Ukraine). To nominate, please visit:? Follow me on Twitter: @securityaffairs and Facebook. Follow me on Twitter: @securityaffairs and Facebook.

Phishing

Phishing Cybercrime Ransomware Encryption

ERMAC 2.0 Android Banking Trojan targets over 400 apps

Security Affairs

MAY 27, 2022

The source code of Cerberus was released in September 2020 on underground hacking forums after its operators failed an auction. The malware is available for rent on underground forums for $5000 per month since March 2022. Available for rent on underground forums for $5K/month since March 2022, ERMAC 2.0 116, 193.106.191[.]148,

Banking

Banking Malware Cybercrime Phishing

Google obtained a temporary court order against CryptBot distributors

Security Affairs

APRIL 28, 2023

The malware allows operators to steal login credentials from popular services such as social media platforms and cryptocurrency wallets, then stolen data is sold on cybercrime forums by the operators. To prevent infections from malware like Cryptbot, Cybercrime Support Network recommends users to Download from well-known and trusted sources.

Malware

Malware Cybercrime Cryptocurrency Media

Microsoft seized 41 domains used by Iran-linked Bohrium APT

Security Affairs

JUNE 6, 2022

The court filings can be found here: [link] — Amy Hogan-Burney (@CyberAmyHB) June 2, 2022. This activity was uncovered by Microsoft’s Threat Intelligence Center (MSTIC), which tracks the world’s nation-state and cybercrime actors so we can better protect our customers. — Amy Hogan-Burney (@CyberAmyHB) June 2, 2022.

Phishing

Phishing Manufacturing Education Cybercrime

Three Nigerian men arrested in INTERPOL Operation Killer Bee

Security Affairs

MAY 30, 2022

“Through its global police network and constant monitoring of cyberspace, INTERPOL had the globally sourced intelligence needed to alert Nigeria to a serious security threat where millions could have been lost without swift police action,” said INTERPOL’s Director of Cybercrime, Craig Jones. SecurityAffairs – hacking, cybercrime).

Cybercrime

Cybercrime Malware Hacking Cybersecurity

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. The homepage of Stark Industries Solutions.

DDOS

DDOS Internet Internet Government

Lockbit ransomware gang claims to have hacked cybersecurity giant Mandiant

Law enforcement seized the Genesis Market cybercrime marketplace

Webinars

Trending Sources

FBI: Compromised US academic credentials available on various cybercrime forums

Webinars

Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware

Cybercrime group exploits Windows zero-day in ransomware attacks

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Ransomware activity and network access sales in Q3 2022

A cracked copy of Brute Ratel post-exploitation tool leaked on hacking forums

Ransomware gangs are exploiting CVE-2022-26134 RCE in Atlassian Confluence servers

ZingoStealer crimeware released for free in the cybercrime ecosystem

US dismantled and seized SSNDOB cybercrime marketplace

Snatch ransomware gang claims the hack of the food giant Kraft Heinz

Let’s give a look at the Dark Web Price Index 2022

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

Stormous ransomware gang claims to have hacked Coca-Cola

Alleged Extortioner of Psychotherapy Patients Faces Trial

Palo Alto Networks devices affected by CVE-2022-0778 OpenSSL bug

Money Message ransomware group claims to have hacked IT giant MSI

Operation TOURNIQUET: Authorities shut down dark web marketplace RaidForums

China-Linked Cybercrime Group Attacks Asian Certificate Authority, Breaches Government Agencies

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

CISA adds CVE-2022-1388 flaw in F5 BIG-IP to its Known Exploited Vulnerabilities Catalog

News Alert: HostingAdvice poll finds one in three Americans hacked upon visiting sketchy websites

Nation States Will Weaponize Social and Recruit Bad Guys with Benefits in 2022

AdSense fraud campaign relies on 10,890 sites that were infected since September 2022

EvilExtractor, a new All-in-One info stealer appeared on the Dark Web

Discord suffered a data after third-party support agent was hacked

A Ukrainian man is the third FIN7 member sentenced in the United States

Conti ransomware claims to have hacked Peru MOF – Dirección General de Inteligencia (DIGIMIN)

Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition

Threat actors target the infoSec community with fake PoC exploits

Security Affairs newsletter Round 369 by Pierluigi Paganini

Internationa police operation led to the arrest of the SilverTerrier gang leader

FBI and Ukrainian police seized 9 crypto exchanges used by cybercriminals

Experts warn of ransomware attacks against government organizations of small states

Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition

US man sentenced to 4 years in prison for his role in Infraud scheme

Phishing attacks using the topic “Azovstal” targets entities in Ukraine

ERMAC 2.0 Android Banking Trojan targets over 400 apps

Google obtained a temporary court order against CryptBot distributors

Microsoft seized 41 domains used by Iran-linked Bohrium APT

Three Nigerian men arrested in INTERPOL Operation Killer Bee

Stark Industries Solutions: An Iron Hammer in the Cloud

Stay Connected