Security Affairs

AUGUST 20, 2022

TA558 cybercrime group is behind a malware campaign targeting hospitality, hotel, and travel organizations in Latin America. Researchers from Proofpoint are monitoring a malware campaign conducted by a cybercrime group, tracked as TA558, that is targeting hospitality, hotel, and travel organizations in Latin America.

Cybercrime 86

Cybercrime Malware Phishing Internet 86

Security Affairs

NOVEMBER 28, 2023

The Daixin Team group claims to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data. In October 2022, CISA, the FBI, and the Department of Health and Human Services (HHS) warned that the Daixin Team cybercrime group is actively targeting U.S.

Hacking 113

Hacking VPN Ransomware Cybercrime 113

Security Affairs

MAY 20, 2023

FIN7 is a Russian criminal group (aka Carbanak ) that has been active since mid-2015, it focuses on restaurants, gambling, and hospitality industries in the US to harvest financial information that was used in attacks or sold in cybercrime marketplaces. They then use OpenSSH and Impacket to move laterally and deploy Clop ransomware.

Cybercrime 82

Cybercrime Ransomware Security Intelligence Hacking 82

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. The FBI has observed incidents of stolen higher education credential information posted on publically accessible online forums or listed for sale on criminal marketplaces. “If

Cybercrime 124

Cybercrime Education Accountability Phishing 124

Security Affairs

OCTOBER 17, 2022

Interpol has announced the arrests of 75 individuals as part of a coordinated international operation against an organized cybercrime ring called Black Axe. Interpol arrested 75 individuals as part of a coordinated global operation, codenamed Operation Jackal, against the cybercrime ring Black Axe. and the U.S.) million from victims.

Cybercrime 91

Cybercrime Scams Banking Mobile 91

Security Affairs

JUNE 6, 2022

LockBit ransomware gang claims to have hacked the cybersecurity firm Mandiant, which is investigating the alleged security breach. Mandiant is investigating the claims of the ransomware gang, the cybercrime group declared to have stolen 356841 files from the company and plans to leak them online. ransomware to evade sanctions.

Hacking 125

Hacking Ransomware Cybersecurity Cybercrime 125

Security Affairs

JANUARY 20, 2024

Conor Brian Fitzpatrick, the admin of the BreachForums hacking forum, has been sentenced to 20 years supervised release. Conor Brian Fitzpatrick , the admin of the BreachForums hacking forum, was sentenced to 20 years of supervised release. Fitzpatrick was released on a $300,000 bond signed by his parents.

Hacking 95

Hacking Cybercrime Government Software 95

Security Affairs

NOVEMBER 22, 2022

Aurora Stealer is an info-stealing malware that was first advertised on Russian-speaking underground forums in April 2022. In October and November 2022, the researchers analyzed several hundreds of collected samples and identified dozens of active C2 servers. . SecurityAffairs – hacking, Aurora Stealer). Pierluigi Paganini.

Cybercrime 89

Cybercrime Malware Cryptocurrency Advertising 89

Security Affairs

SEPTEMBER 2, 2022

Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp.

Cybercrime 99

Cybercrime Malware Backups Manufacturing 99

Security Affairs

APRIL 11, 2023

The experts pointed out that while the majority of zero-days they have discovered in the past were used by APT groups, this zero-day was exploited by a sophisticated cybercrime group. This group is known to have used similar CLFS driver exploits in the past that were likely developed by the same author.

Cybercrime 87

Cybercrime Ransomware Education Media 87

Security Affairs

APRIL 5, 2023

The authorities are searching for information about the administrators of the platform, a circumstance that suggests that the FBI has yet to identify them.

Marketing 79

Marketing Cybercrime Accountability Education 79

Security Affairs

NOVEMBER 1, 2022

Compared to the second quarter of 2022, the activity decreased by 8%, falling from July to August but increasing from August to September. In Q3 2022, the most prolific ransomware and data leak actors in Q3 were LockBit , Black Basta , Hive , Alphv(aka BlackCat) and the new entry BianLian group. SecurityAffairs – hacking, cybercrime).

Ransomware 87

Ransomware Cybercrime Hacking Information Security 87

Security Affairs

MARCH 5, 2022

Anonymous announced to have hacked more than 2,500 websites linked to the Russian and Belarusian governments, state-owned media outlets spreading disinformation, Russian private organizations, banks, hospitals, airports. FckPutin #FreeUkraine pic.twitter.com/NJZiLx5c0d — Anonymous TV (@YourAnonTV) March 3, 2022.

Hacking 143

Hacking Government Banking Media 143

Security Affairs

SEPTEMBER 29, 2022

The Brute Ratel post-exploitation toolkit has been cracked and now is available in the underground hacking and cybercrime communities. Threat actors have cracked the Brute Ratel C4 (BRC4) post-exploitation toolkit and leaked it for free in the cybercrime underground. SecurityAffairs – hacking, Brute Ratel). in, and Xss[.]is,

Hacking 98

Hacking Cybercrime Ransomware Antivirus 98

Security Affairs

NOVEMBER 17, 2022

A suspected leader of the Zeus cybercrime gang, Vyacheslav Igorevich Penchukov (aka Tank), was arrested by Swiss police. Swiss police last month arrested in Geneva Vyacheslav Igorevich Penchukov (40), also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. SecurityAffairs – hacking, Zeus).

Cybercrime 86

Cybercrime Banking Identity Theft Hacking 86

Security Affairs

SEPTEMBER 16, 2022

— Uber Comms (@Uber_Comms) September 16, 2022. According to the New York Times , the threat actors hacked an employee’s Slack account and used it to inform internal personnel that the company had “suffered a data breach” and provided a list of allegedly hacked internal databases. “I

Hacking 127

Hacking Data breaches Engineering Information Security 127

Security Affairs

JULY 16, 2023

The owner of the BreachForums Conor Brian Fitzpatrick, aka Pompompurin, pleads guilty to hacking charges. BreachForums functioned as a cybercrime marketplace, enabling its members to engage in the solicitation, sale, purchase, and exchange of illicitly obtained or compromised data, along with various contraband items.

Hacking 79

Hacking Cybercrime Information Security 79

Security Affairs

DECEMBER 22, 2022

The Government of Pyongyang focuses on crypto hacking to fund its military program following harsh U.N. “South Korea’s main spy agency, the National Intelligence Service, said North Korea’s capacity to steal digital assets is considered among the best in the world because of the country’s focus on cybercrimes since U.N.

Cryptocurrency 122

Cryptocurrency Cybercrime Media Government 122

Security Affairs

NOVEMBER 3, 2022

Sentinel Labs found evidence that links the Black Basta ransomware gang to the financially motivated hacking group FIN7. Security researchers at Sentinel Labs shared details about Black Basta ‘s TTPs and assess it is highly likely the ransomware operation has ties with FIN7. SecurityAffairs – hacking, FIN7).

Cybercrime 90

Cybercrime Ransomware Antivirus Malware 90

Security Affairs

DECEMBER 13, 2022

LockBit ransomware gang hacked the California Department of Finance and threatens to leak data stolen from its systems. On December 12, the California Department of Finance confirmed the security incident with a statement. “The intrusion was proactively identified through coordination with state and federal security partners.

Hacking 121

Hacking Ransomware Cybersecurity Technology 121

Security Affairs

OCTOBER 18, 2022

An international law enforcement operation led by Europol disrupted a cybercrime ring focused on hacking wireless key fobs to steal cars. The police operation took place on October 10, 2022, arrested suspects are from across 22 locations in the three nations. SecurityAffairs – hacking, key fobs). Pierluigi Paganini.

Hacking 83

Hacking Cybercrime Manufacturing Wireless 83

Security Affairs

JULY 8, 2022

The operators behind the TrickBot malware are systematically targeting Ukraine since the beginning of the war in February 2022. Between mid-April and mid-June of 2022, the Trickbot group has conducted at least six campaigns against entities in Ukraine. SecurityAffairs – hacking, Ukraine). ” concludes IBM.

Cybercrime 86

Cybercrime Malware DDOS Ransomware 86

Security Affairs

APRIL 15, 2022

ZingoStealer is a new information-stealer developed by a threat actor known as Haskers Gang who released it for free after they attempted to sell the source code for $500. The cybercrime gang has been active since at least January 2020. SecurityAffairs – hacking, cybercrime). To nominate, please visit:?

Cybercrime 79

Cybercrime Malware Cryptocurrency Hacking 79

Security Affairs

MARCH 21, 2022

Microsoft is investigating claims that the Lapsus$ hacking group breached its internal Azure DevOps source code repositories. Microsoft announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. SecurityAffairs – hacking, Microsoft).

Hacking 89

Hacking Telecommunications InfoSec Cybercrime 89

Security Affairs

APRIL 6, 2023

The Threat Report Portugal: H2 2022 compiles data collected on the malicious campaigns that occurred from July to December, H2, 2022. The Threat Report Portugal: Q3 & Q4 2022 compiles data collected on the malicious campaigns that occurred from Jully to December, Q3 and Q4, 2022. in Q2 2022.

Threat Reports 76

Threat Reports Phishing Malware Banking 76

Security Affairs

JANUARY 5, 2024

Researchers from cybersecurity firm KELA reported that a threat actor announced on a cybercrime forum the sale of the source code and a cracked version of the Zeppelin ransomware builder for $500. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ransomware)

Ransomware 98

Ransomware Hacking Encryption Malware 98

Security Affairs

JUNE 12, 2022

Ransomware gangs are actively exploiting CVE-2022-26134 remote code execution (RCE) flaw in Atlassian Confluence Server and Data Center. Multiple ransomware groups are actively exploiting the recently disclosed remote code execution (RCE) vulnerability, tracked as CVE-2022-26134 , affecting Atlassian Confluence Server and Data Center.

Ransomware 122

Ransomware Encryption Malware Hacking 122

Security Affairs

JUNE 8, 2022

According to the authorities, the SSNDOB Marketplace has listed the personal information for approximately 24 million individuals in the United States, generating more than $19 million USD in sales revenue. Dismantling illicit marketplaces that threaten the privacy and security of the American public is a priority of the FBI.”.

Cybercrime 88

Cybercrime Cryptocurrency Marketing Advertising 88

Security Affairs

APRIL 28, 2024

Hackers may have accessed thousands of accounts on the California state welfare platform Brokewell Android malware supports an extensive set of Device Takeover capabilities Experts warn of an ongoing malware campaign targeting WP-Automatic plugin Cryptocurrencies and cybercrime: A critical intermingling Kaiser Permanente data breach may have impacted (..)

Cybercrime 90

Cybercrime Spyware Data breaches Antivirus 90

Security Affairs

MARCH 11, 2022

Anonymous announced to have hacked the Russian Federal Service for Supervision of Communications, Information Technology and Mass Media, also known as Roskomnadzor. OpRussia [link] — Anonymous TV (@YourAnonTV) March 10, 2022. com/wiki/Roskomnadzor — Anonymous TV (@YourAnonTV) March 10, 2022. ddosecrets[.]com/wiki/Roskomnadzor

Hacking 108

Hacking Media Authentication Technology 108

Security Affairs

JUNE 15, 2022

PrivacyAffairs released the Dark Web Index 2022, the document provides the prices for illegal services/products available in the black marketplaces. The document updates the information provided in the Dark Web Index 2022 report. The document updates the information provided in the Dark Web Index 2022 report.

Identity Theft 90

Identity Theft Accountability DDOS Cybercrime 90

Krebs on Security

NOVEMBER 16, 2023

In a 2,200-page report, Finnish authorities laid out how they connected the extortion spree to Kivimäki, a notorious hacker who was convicted in 2015 of perpetrating tens of thousands of cybercrimes, including data breaches, payment fraud, operating a botnet and calling in bomb threats.

Cybercrime 218

Cybercrime Hacking Data breaches Banking 218

Security Affairs

DECEMBER 15, 2023

The Snatch ransomware group announced it had hacked the food giant Kraft Heinz, the company is investigating the claims. The Snatch ransomware group claims to have hacked Kraft Heinz in August and on December 14, it added the company to the list of victims on its leak site.

Hacking 106

Hacking Ransomware Computers and Electronics Marketing 106

Security Affairs

JANUARY 23, 2024

The Black Basta ransomware gang claimed to have hacked the UK water utility Southern Water, a major player in the UK water industry. The gang published some screenshots as proof of the attack, including passports, ID cards, and personal information of some employees. The bad news is that Black Bast has fixed the issue.

Hacking 109

Hacking Encryption Ransomware Insurance 109

Security Affairs

JANUARY 2, 2023

These are the most-read cybersecurity articles that have been published by SecurtiyAffairs in 2022. 3 – Anonymous hacked the Russian Defense Ministry and is targeting Russian companies. Anonymous collective has hacked the Russian Defense Ministry and leaked the data of its employees in response to the Ukraine invasion.

Cybersecurity 69

Cybersecurity Firewall Banking Hacking 69

Security Affairs

JULY 4, 2022

The Threat Report Portugal: Q2 2022 compiles data collected on the malicious campaigns that occurred from March to June, Q2, 2022. The Threat Report Portugal: Q2 2022 compiles data collected on the malicious campaigns that occurred from March to June, Q2, 2022. Phishing and Malware Q2 2022. in Q1 2022.

Threat Reports 75

Threat Reports Phishing Banking Malware 75

Krebs on Security

JANUARY 24, 2023

The plea comes just months after Emelyantsev was extradited from Bulgaria, where he told investigators, “America is looking for me because I have enormous information and they need it.” In June 2022, authorities in the United States, Germany, the Netherlands and the United Kingdom announced a joint operation to dismantle the RSOCKS botnet.

Cybercrime 227

Cybercrime Advertising IoT Malware 227