Security Boulevard

MARCH 18, 2023

Dear blog readers, Did you already grab a copy of my 2019-2023 " Dancho Danchev's Blog - Mind Streams of Information Security Knowledge " Ebook which is 1.7GB compilation for free? The post Who Wants to Fuel Independent and High Quality OSINT/Cybercrime and Threat Intelligence Research? Stay tuned!

Cybercrime 96

Cybercrime Cyber threats Information Security 96

Security Affairs

JUNE 8, 2022

According to the authorities, the SSNDOB Marketplace has listed the personal information for approximately 24 million individuals in the United States, generating more than $19 million USD in sales revenue. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Cybercrime 98

Cybercrime Cryptocurrency Marketing Advertising 98

Security Affairs

APRIL 24, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, PaperCut ) The post Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws appeared first on Security Affairs.

Cybercrime 88

Cybercrime Software Education Ransomware 88

Security Boulevard

NOVEMBER 2, 2022

Dear blog readers, Do you know a lot about information security cybercrime research OSINT and threat intelligence gathering including cyber threat actors research? Who is Dancho Danchev and what is Dancho Danchev's Blog? The post Who Wants to Become a Guest Blogger At This Blog? Stay tuned!

Cybercrime 52

Cybercrime InfoSec Cyber threats Accountability 52

Security Affairs

APRIL 7, 2022

Palo Alto Networks addressed a high-severity OpenSSL infinite loop vulnerability, tracked as CVE-2022-0778 , that affects some of its firewall, VPN, and XDR products. According to Palo Alto Networks, the CVE-2022-0778 vulnerability can be exploited by remote attackers to trigger a denial of service condition and crash vulnerable devices.

Firewall 100

Firewall VPN Cybercrime Software 100

Security Affairs

JUNE 15, 2022

PrivacyAffairs released the Dark Web Index 2022, the document provides the prices for illegal services/products available in the black marketplaces. The document updates the information provided in the Dark Web Index 2022 report. The document updates the information provided in the Dark Web Index 2022 report.

Identity Theft 98

Identity Theft Accountability DDOS Cybercrime 98

Krebs on Security

JANUARY 24, 2023

The plea comes just months after Emelyantsev was extradited from Bulgaria, where he told investigators, “America is looking for me because I have enormous information and they need it.” In June 2022, authorities in the United States, Germany, the Netherlands and the United Kingdom announced a joint operation to dismantle the RSOCKS botnet.

Cybercrime 223

Cybercrime Advertising IoT Malware 223

Security Affairs

MAY 11, 2022

US Critical Infrastructure Security Agency (CISA) adds critical CVE-2022-1388 flaw in F5 BIG-IP products to its Known Exploited Vulnerabilities Catalog. Cybersecurity and Infrastructure Security Agency (CISA) has added critical CVE-2022-1388 flaw in F5 BIG-IP products to its Known Exploited Vulnerabilities Catalog.

Internet 116

Internet Internet Hacking Cybersecurity 116

Krebs on Security

SEPTEMBER 24, 2022

A native of Omsk, Russia, Kloster came into focus after KrebsOnSecurity followed clues from the RSOCKS botnet master’s identity on the cybercrime forums to Kloster’s personal blog , which featured musings on the challenges of running a company that sells “security and anonymity services to customers around the world.”

Cybercrime 204

Cybercrime Data breaches Malware Ransomware 204

Security Affairs

MAY 22, 2022

The expert discovered a post where a researcher were sharing a fake Proof of Concept (POC) exploit code for an RPC Runtime Library Remote Code Execution flaw ( CVE-2022-26809 CVSS 9.8). You will get a backdoor [link] — Tuan Anh Nguyen (@haxor31337) May 19, 2022. The malware, disguised as a fake PoC code, was available on GitHub.

InfoSec 144

InfoSec Malware Cybercrime Information Security 144

Security Affairs

APRIL 12, 2022

The illegal dark web marketplace RaidForums has been shut down and its infrastructure seized as a result of the international law enforcement Operation TOURNIQUET coordinated by Europol’s European Cybercrime Centre. Europol will continue working with its international partners to make cybercrime harder – and riskier –to commit.

Cybercrime 145

Cybercrime Banking Accountability Hacking 145

Security Affairs

FEBRUARY 14, 2023

The threat actors behind a massive AdSense fraud campaign infected 10,890 WordPress sites since September 2022. In November 2022, researchers from security firm Sucuri reported to have tracked a surge in WordPress malware redirecting website visitors to fake Q&A sites via ois[.]is. ” concludes the report.

Malware 90

Malware DDOS Hacking Cryptocurrency 90

Security Affairs

JUNE 6, 2022

Mandiant is investigating the claims of the ransomware gang, the cybercrime group declared to have stolen 356841 files from the company and plans to leak them online. The gang plans to release the stolen files on 06 June, 2022 at 22:35:00. ’ At this time, the domain mandiantyellowpress[.]com ransomware to evade sanctions.

Hacking 141

Hacking Ransomware Cybersecurity Cybercrime 141

Krebs on Security

NOVEMBER 16, 2023

In a 2,200-page report, Finnish authorities laid out how they connected the extortion spree to Kivimäki, a notorious hacker who was convicted in 2015 of perpetrating tens of thousands of cybercrimes, including data breaches, payment fraud, operating a botnet and calling in bomb threats.

Cybercrime 214

Cybercrime Hacking Data breaches Banking 214

Security Affairs

APRIL 24, 2023

EvilExtractor is a new “all-in-one” info stealer for Windows that is being advertised for sale on dark web cybercrime forums. FortiGuard Labs observed this malware in a phishing email campaign on 30 March, which we traced back to the samples included in this blog.” ” reads the report published by Fortinet.

Cybercrime 96

Cybercrime Malware Education Phishing 96

Security Affairs

MAY 25, 2022

The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime group as a result of an international operation. The Nigeria Police Force has arrested the suspected leader of the SilverTerrier cybercrime gang (aka TMT ) after a year-long investigation codenamed “Operation Delilah.”

Cybercrime 135

Cybercrime Healthcare Cybersecurity Phishing 135

Security Affairs

SEPTEMBER 29, 2022

The Brute Ratel post-exploitation toolkit has been cracked and now is available in the underground hacking and cybercrime communities. Threat actors have cracked the Brute Ratel C4 (BRC4) post-exploitation toolkit and leaked it for free in the cybercrime underground. On 13 September 2022, an archive file called “bruteratel_1.2.2.Scandinavian_Defense.tar.gz”

Hacking 111

Hacking Cybercrime Ransomware Antivirus 111

Security Affairs

MAY 2, 2023

. “Noncompliant virtual currency exchanges, which have a lax anti-money laundering program or collect minimal Know Your Customer information or none at all, serve as important hubs in the cybercrime ecosystem and are operating in violation of Title 18 United States Code, Sections 1960 and 1956.”

Cybercrime 97

Cybercrime Cryptocurrency Advertising Education 97

Security Affairs

JUNE 12, 2022

Every week the best security articles from Security Affairs for free in your email box. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Ransomware 130

Ransomware DNS Cybercrime Hacking 130

Security Affairs

MAY 31, 2022

Cyber Research Labs reported a rise in ransomware attacks in the second quarter of 2022, small states are more exposed to these attacks. They observed a total of 48 government organizations from 21 countries that were hit by 13 ransomware attacks in 2022. The experts warn of ransomware attacks against government organizations.

Government 144

Government Ransomware Cybercrime Banking 144

Security Affairs

APRIL 23, 2022

The analysis of encryption techniques employed in the attack allowed the government experts to associate the campaign with the cybercrime group Trickbot. To nominate, please visit:? Follow me on Twitter: @securityaffairs and Facebook.

Phishing 97

Phishing Cybercrime Ransomware Encryption 97

Security Affairs

APRIL 8, 2022

A Ukrainian man was sentenced in the US to 5 years in prison for his criminal activity in the cybercrime group FIN7. for high-level hacking activity in the cybercrime group FIN7 (aka Carbanak Group and the Navigator Group). Iarmak is the third member of the FIN7 cybercrime group to be sentenced in the U.S. in May 2020.

Cybercrime 119

Cybercrime Hacking Software Phishing 119

Security Affairs

MAY 30, 2022

“Through its global police network and constant monitoring of cyberspace, INTERPOL had the globally sourced intelligence needed to alert Nigeria to a serious security threat where millions could have been lost without swift police action,” said INTERPOL’s Director of Cybercrime, Craig Jones. To nominate, please visit:?.

Cybercrime 136

Cybercrime Malware Hacking Cybersecurity 136

Security Affairs

MAY 29, 2022

The transnational cybercrime ring was engaged in the mass acquisition and sale of fraud-related goods and services, including stolen identities, compromised credit card data, and computer malware. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS.

Cybercrime 136

Cybercrime Hacking Malware Cybersecurity 136

Security Affairs

APRIL 28, 2023

The malware allows operators to steal login credentials from popular services such as social media platforms and cryptocurrency wallets, then stolen data is sold on cybercrime forums by the operators. To prevent infections from malware like Cryptbot, Cybercrime Support Network recommends users to Download from well-known and trusted sources.

Malware 98

Malware Cybercrime Cryptocurrency Media 98

Security Affairs

MAY 30, 2022

The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. The new variant of the bot includes exploits for the following security issues: CVE-2022-22954 : Critical RCE flaw in VMware Workspace ONE Access and VMware Identity Manager. CVE-2022-22947 : RCE flaw in Spring.

Malware 144

Malware DDOS IoT Cybercrime 144

Security Affairs

APRIL 9, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter newsletter) The post Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Computers and Electronics 93

Computers and Electronics Backups Cybercrime Marketing 93

Security Affairs

APRIL 6, 2022

The seizure of the Hydra Market is the result of an international investigation conducted by the Central Office for Combating Cybercrime (ZIT) in partnership with U.S. Germany’s Federal Criminal Police Office, the Bundeskriminalamt (BKA), announced they have shut down Hydra, one of the world’s largest dark web marketplace.

Marketing 99

Marketing Cybercrime Advertising Hacking 99

Security Affairs

MAY 29, 2022

Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. I ask you to vote for me again (even if you have already done it), because this vote is for the final.

InfoSec 116

InfoSec Spyware DDOS Firewall 116

Security Affairs

JUNE 6, 2022

The court filings can be found here: [link] — Amy Hogan-Burney (@CyberAmyHB) June 2, 2022. This activity was uncovered by Microsoft’s Threat Intelligence Center (MSTIC), which tracks the world’s nation-state and cybercrime actors so we can better protect our customers. — Amy Hogan-Burney (@CyberAmyHB) June 2, 2022.

Phishing 123

Phishing Manufacturing Education Hacking 123

Security Affairs

MAY 27, 2022

The malware is available for rent on underground forums for $5000 per month since March 2022. Available for rent on underground forums for $5K/month since March 2022, ERMAC 2.0 ESETresearch @LukasStefanko 1/3 pic.twitter.com/hGeD4ZSwve — ESET research (@ESETresearch) May 18, 2022. A new #Android banker ERMAC 2.0

Banking 143

Banking Malware Cybercrime Phishing 143

Krebs on Security

APRIL 27, 2023

This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information. That data later wound up for sale on a top cybercrime forum. Huntington Bank has disabled the leaky TCF Bank Salesforce website. ” .

Banking 295

Banking Government Information Security Authentication 295

Security Affairs

APRIL 17, 2022

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.

Wireless 89

Wireless Data breaches Hacking Surveillance 89

Security Affairs

JUNE 7, 2022

Mandiant researchers associate multiple LockBit ransomware attacks with the notorious Evil Corp Cybercrime Group. The researchers also noticed that the group shares numerous overlaps with the cybercrime gang Evil Corp. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g.

Ransomware 140

Ransomware Cybercrime Malware Hacking 140

Security Affairs

APRIL 10, 2023

MERCURY (aka MuddyWater , SeedWorm and TEMP.Zagros ) has been active since at least 2017, in January 2022 the USCYBERCOM has officially linked the Iran-linked APT group to Iran’s Ministry of Intelligence and Security (MOIS). Threat actors masqueraded the attacks as a standard ransomware operation.

Ransomware 96

Ransomware Cybercrime VPN Education 96

Security Affairs

APRIL 30, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter ) The post Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Cybercrime 97

Cybercrime Malware Hacking Accountability 97

Security Affairs

APRIL 17, 2022

The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. Researchers from Fortinet discovered a new DDoS botnet, tracked as Enemybot, that has targeted several routers and web servers by exploiting known vulnerabilities. Upon installing the threat, the bot drops a file in /tmp/.pwned

DDOS 142

DDOS Architecture Malware Cybercrime 142