Security Affairs

APRIL 15, 2022

ZingoStealer is a new information-stealer developed by a threat actor known as Haskers Gang who released it for free after they attempted to sell the source code for $500. The cybercrime gang has been active since at least January 2020. SecurityAffairs – hacking, cybercrime). To nominate, please visit:? Pierluigi Paganini.

Cybercrime 84

Cybercrime Malware Cryptocurrency Hacking 84

Security Affairs

JUNE 12, 2022

Ransomware gangs are actively exploiting CVE-2022-26134 remote code execution (RCE) flaw in Atlassian Confluence Server and Data Center. Multiple ransomware groups are actively exploiting the recently disclosed remote code execution (RCE) vulnerability, tracked as CVE-2022-26134 , affecting Atlassian Confluence Server and Data Center.

Ransomware 126

Ransomware Encryption Malware Hacking 126

Security Boulevard

NOVEMBER 2, 2022

Dear blog readers, Do you know a lot about information security cybercrime research OSINT and threat intelligence gathering including cyber threat actors research? Who is Dancho Danchev and what is Dancho Danchev's Blog? The post Who Wants to Become a Guest Blogger At This Blog? Stay tuned!

Cybercrime 52

Cybercrime InfoSec Cyber threats Accountability 52

Security Affairs

JUNE 8, 2022

According to the authorities, the SSNDOB Marketplace has listed the personal information for approximately 24 million individuals in the United States, generating more than $19 million USD in sales revenue. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Cybercrime 92

Cybercrime Cryptocurrency Marketing Advertising 92

Krebs on Security

JANUARY 24, 2023

The plea comes just months after Emelyantsev was extradited from Bulgaria, where he told investigators, “America is looking for me because I have enormous information and they need it.” In June 2022, authorities in the United States, Germany, the Netherlands and the United Kingdom announced a joint operation to dismantle the RSOCKS botnet.

Cybercrime 227

Cybercrime Advertising IoT Malware 227

Security Affairs

APRIL 24, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, PaperCut ) The post Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws appeared first on Security Affairs.

Cybercrime 75

Cybercrime Software Education Ransomware 75

Krebs on Security

SEPTEMBER 24, 2022

A native of Omsk, Russia, Kloster came into focus after KrebsOnSecurity followed clues from the RSOCKS botnet master’s identity on the cybercrime forums to Kloster’s personal blog , which featured musings on the challenges of running a company that sells “security and anonymity services to customers around the world.”

Cybercrime 214

Cybercrime Data breaches Malware Ransomware 214

Security Affairs

JUNE 15, 2022

PrivacyAffairs released the Dark Web Index 2022, the document provides the prices for illegal services/products available in the black marketplaces. The document updates the information provided in the Dark Web Index 2022 report. The document updates the information provided in the Dark Web Index 2022 report.

Identity Theft 93

Identity Theft Accountability DDOS Cybercrime 93

Security Affairs

APRIL 7, 2022

Palo Alto Networks addressed a high-severity OpenSSL infinite loop vulnerability, tracked as CVE-2022-0778 , that affects some of its firewall, VPN, and XDR products. According to Palo Alto Networks, the CVE-2022-0778 vulnerability can be exploited by remote attackers to trigger a denial of service condition and crash vulnerable devices.

Firewall 93

Firewall VPN Cybercrime Software 93

Security Affairs

JULY 4, 2022

The Threat Report Portugal: Q2 2022 compiles data collected on the malicious campaigns that occurred from March to June, Q2, 2022. The Threat Report Portugal: Q2 2022 compiles data collected on the malicious campaigns that occurred from March to June, Q2, 2022. Phishing and Malware Q2 2022. in Q1 2022.

Threat Reports 80

Threat Reports Phishing Banking Malware 80

Krebs on Security

NOVEMBER 16, 2023

In a 2,200-page report, Finnish authorities laid out how they connected the extortion spree to Kivimäki, a notorious hacker who was convicted in 2015 of perpetrating tens of thousands of cybercrimes, including data breaches, payment fraud, operating a botnet and calling in bomb threats.

Cybercrime 219

Cybercrime Hacking Data breaches Banking 219

Security Affairs

MAY 11, 2022

US Critical Infrastructure Security Agency (CISA) adds critical CVE-2022-1388 flaw in F5 BIG-IP products to its Known Exploited Vulnerabilities Catalog. Cybersecurity and Infrastructure Security Agency (CISA) has added critical CVE-2022-1388 flaw in F5 BIG-IP products to its Known Exploited Vulnerabilities Catalog.

Internet 99

Internet Internet Hacking Cybersecurity 99

Security Affairs

MAY 22, 2022

The expert discovered a post where a researcher were sharing a fake Proof of Concept (POC) exploit code for an RPC Runtime Library Remote Code Execution flaw ( CVE-2022-26809 CVSS 9.8). You will get a backdoor [link] — Tuan Anh Nguyen (@haxor31337) May 19, 2022. The malware, disguised as a fake PoC code, was available on GitHub.

InfoSec 140

InfoSec Malware Cybercrime Information Security 140

Security Affairs

APRIL 12, 2022

The illegal dark web marketplace RaidForums has been shut down and its infrastructure seized as a result of the international law enforcement Operation TOURNIQUET coordinated by Europol’s European Cybercrime Centre. Europol will continue working with its international partners to make cybercrime harder – and riskier –to commit.

Cybercrime 141

Cybercrime Banking Accountability Hacking 141

Security Affairs

JUNE 6, 2022

Mandiant is investigating the claims of the ransomware gang, the cybercrime group declared to have stolen 356841 files from the company and plans to leak them online. The gang plans to release the stolen files on 06 June, 2022 at 22:35:00. ’ At this time, the domain mandiantyellowpress[.]com ransomware to evade sanctions.

Hacking 129

Hacking Ransomware Cybersecurity Cybercrime 129

Security Affairs

APRIL 24, 2023

EvilExtractor is a new “all-in-one” info stealer for Windows that is being advertised for sale on dark web cybercrime forums. FortiGuard Labs observed this malware in a phishing email campaign on 30 March, which we traced back to the samples included in this blog.” ” reads the report published by Fortinet.

Cybercrime 88

Cybercrime Malware Education Phishing 88

Security Affairs

FEBRUARY 14, 2023

The threat actors behind a massive AdSense fraud campaign infected 10,890 WordPress sites since September 2022. In November 2022, researchers from security firm Sucuri reported to have tracked a surge in WordPress malware redirecting website visitors to fake Q&A sites via ois[.]is. ” concludes the report.

Malware 77

Malware DDOS Cryptocurrency Hacking 77

Security Affairs

MAY 25, 2022

The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime group as a result of an international operation. The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime gang (aka TMT ) after a year-long investigation codenamed “Operation Delilah.”

Cybercrime 119

Cybercrime Healthcare Cybersecurity Phishing 119

Security Affairs

APRIL 18, 2023

A new malware, dubbed Domino, developed by the FIN7 cybercrime group has been used by the now-defunct Conti ransomware gang. IBM Security X-Force researchers recently discovered a new malware family, called Domino, which was created by developers associated with the FIN7 cybercriminal group (tracked by X-Force as ITG14).

Ransomware 77

Ransomware Cybercrime Malware Education 77

Security Affairs

MAY 2, 2023

. “Noncompliant virtual currency exchanges, which have a lax anti-money laundering program or collect minimal Know Your Customer information or none at all, serve as important hubs in the cybercrime ecosystem and are operating in violation of Title 18 United States Code, Sections 1960 and 1956.”

Cybercrime 89

Cybercrime Cryptocurrency Advertising Education 89

Security Affairs

SEPTEMBER 29, 2022

The Brute Ratel post-exploitation toolkit has been cracked and now is available in the underground hacking and cybercrime communities. Threat actors have cracked the Brute Ratel C4 (BRC4) post-exploitation toolkit and leaked it for free in the cybercrime underground. On 13 September 2022, an archive file called “bruteratel_1.2.2.Scandinavian_Defense.tar.gz”

Hacking 102

Hacking Cybercrime Ransomware Antivirus 102

Security Affairs

MAY 31, 2022

Cyber Research Labs reported a rise in ransomware attacks in the second quarter of 2022, small states are more exposed to these attacks. They observed a total of 48 government organizations from 21 countries that were hit by 13 ransomware attacks in 2022. The experts warn of ransomware attacks against government organizations.

Government 138

Government Ransomware Cybercrime Banking 138

Security Affairs

APRIL 28, 2023

The malware allows operators to steal login credentials from popular services such as social media platforms and cryptocurrency wallets, then stolen data is sold on cybercrime forums by the operators. To prevent infections from malware like Cryptbot, Cybercrime Support Network recommends users to Download from well-known and trusted sources.

Malware 92

Malware Cybercrime Cryptocurrency Media 92

Security Affairs

MAY 30, 2022

The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. The new variant of the bot includes exploits for the following security issues: CVE-2022-22954 : Critical RCE flaw in VMware Workspace ONE Access and VMware Identity Manager. CVE-2022-22947 : RCE flaw in Spring.

Malware 140

Malware DDOS IoT Cybercrime 140

Security Affairs

MAY 29, 2022

The transnational cybercrime ring was engaged in the mass acquisition and sale of fraud-related goods and services, including stolen identities, compromised credit card data, and computer malware. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Cybercrime 127

Cybercrime Hacking Malware Cybersecurity 127

Krebs on Security

APRIL 27, 2023

This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information. That data later wound up for sale on a top cybercrime forum. Huntington Bank has disabled the leaky TCF Bank Salesforce website. ” .

Banking 303

Banking Government Information Security Authentication 303

Security Affairs

APRIL 23, 2022

The analysis of encryption techniques employed in the attack allowed the government experts to associate the campaign with the cybercrime group Trickbot. To nominate, please visit:? Follow me on Twitter: @securityaffairs and Facebook.

Phishing 86

Phishing Cybercrime Ransomware Encryption 86

Security Affairs

JUNE 12, 2022

Every week the best security articles from Security Affairs for free in your email box. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Ransomware 113

Ransomware DNS Cybercrime Hacking 113

Security Affairs

MAY 30, 2022

“Through its global police network and constant monitoring of cyberspace, INTERPOL had the globally sourced intelligence needed to alert Nigeria to a serious security threat where millions could have been lost without swift police action,” said INTERPOL’s Director of Cybercrime, Craig Jones. To nominate, please visit:?.

Cybercrime 122

Cybercrime Malware Hacking Cybersecurity 122

Security Affairs

APRIL 8, 2022

A Ukrainian man was sentenced in the US to 5 years in prison for his criminal activity in the cybercrime group FIN7. for high-level hacking activity in the cybercrime group FIN7 (aka Carbanak Group and the Navigator Group). Iarmak is the third member of the FIN7 cybercrime group to be sentenced in the U.S. in May 2020.

Cybercrime 103

Cybercrime Hacking Software Phishing 103

Security Affairs

APRIL 9, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter newsletter) The post Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Computers and Electronics 81

Computers and Electronics Backups Cybercrime Marketing 81

Security Affairs

MAY 27, 2022

The malware is available for rent on underground forums for $5000 per month since March 2022. Available for rent on underground forums for $5K/month since March 2022, ERMAC 2.0 ESETresearch @LukasStefanko 1/3 pic.twitter.com/hGeD4ZSwve — ESET research (@ESETresearch) May 18, 2022. A new #Android banker ERMAC 2.0

Banking 140

Banking Malware Cybercrime Phishing 140

Security Affairs

APRIL 6, 2022

The seizure of the Hydra Market is the result of an international investigation conducted by the Central Office for Combating Cybercrime (ZIT) in partnership with U.S. Germany’s Federal Criminal Police Office, the Bundeskriminalamt (BKA), announced they have shut down Hydra, one of the world’s largest dark web marketplace.

Marketing 89

Marketing Cybercrime Advertising Hacking 89

Security Affairs

JUNE 6, 2022

The court filings can be found here: [link] — Amy Hogan-Burney (@CyberAmyHB) June 2, 2022. This activity was uncovered by Microsoft’s Threat Intelligence Center (MSTIC), which tracks the world’s nation-state and cybercrime actors so we can better protect our customers. — Amy Hogan-Burney (@CyberAmyHB) June 2, 2022.

Phishing 108

Phishing Manufacturing Education Cybercrime 108

Security Affairs

MAY 3, 2023

” said Meta Chief Information Security Officer Guy Rosen. . “ChatGPT is the new crypto.” Meta also revealed that its research teams are working on the adoption of generative AI to detect and block online influence campaigns.

Malware 94

Malware Education Accountability Media 94

Security Affairs

APRIL 30, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter ) The post Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Cybercrime 88

Cybercrime Malware Hacking Accountability 88

Security Affairs

APRIL 10, 2023

MERCURY (aka MuddyWater , SeedWorm and TEMP.Zagros ) has been active since at least 2017, in January 2022 the USCYBERCOM has officially linked the Iran-linked APT group to Iran’s Ministry of Intelligence and Security (MOIS). Threat actors masqueraded the attacks as a standard ransomware operation.

Ransomware 88

Ransomware Cybercrime VPN Education 88