Cybercrime, Hacking, Passwords and VPN - Cyber Security Informer

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. In May 2021, over 36,000 email and password combinations for.edu email accounts were offered for sale on a publically available instant messaging platform. Pierluigi Paganini.

Cybercrime

Cybercrime Education Accountability Phishing

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. Usually, these users have no idea their systems are compromised.

Malware

Malware VPN Internet Internet

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. According to the company, most of the username and password combinations are available for free, and 5 billion of the above credentials are “unique.” Pierluigi Paganini.

Cybercrime

Cybercrime Antivirus Marketing Accountability

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Security Affairs

OCTOBER 12, 2020

US government networks are under attack, threat actors chained VPN and Windows Zerologon flaws to gain unauthorized access to elections support systems. An attacker could also exploit the flaw to disable security features in the Netlogon authentication process and change a computer’s password on the domain controller’s Active Directory.

VPN

VPN Government Authentication Advertising

Cisco was hacked by the Yanluowang ransomware gang

Security Affairs

AUGUST 10, 2022

Upon achieving an MFA push acceptance, the attacker had access to the VPN in the context of the targeted user. “Initial access to the Cisco VPN was achieved via the successful compromise of a Cisco employee’s personal Google account. SecurityAffairs – hacking, Yanluowang ransomware). Pierluigi Paganini.

Ransomware

Ransomware Hacking VPN Phishing

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Security Affairs

JUNE 17, 2021

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. Experts noticed that in this supply chain attack, UNC2465 did not deliver the Darkside ransomware as the final payload, but they not exclude that the cybercrime group could move to a new RaaS operation.

Cybercrime

Cybercrime Ransomware Antivirus Software

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

Riley Kilmer is co-founder of Spur.us , a company that tracks thousands of VPN and proxy networks, and helps customers identify traffic coming through these anonymity services. ” MRMURZA Faceless is a project from MrMurza , a particularly talkative member of more than a dozen Russian-language cybercrime forums over the past decade.

Malware

Malware Passwords Accountability Advertising

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 4, 2024

Ransomware Revenue Down As More Victims Refuse to Pay Energy giant Schneider Electric hit by Cactus ransomware attack Hundreds Of Network Operators’ Credentials Found Circulating In Dark Web Fla.

Identity Theft

Identity Theft VPN Malware Ransomware

Security Affairs newsletter Round 465 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MARCH 31, 2024

Statistics for H2 2023 AT&T says personal data from 73 million current and former account holders leaked onto dark web US critical infrastructure cyberattack reporting rules inch closer to reality Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Artificial Intelligence

Artificial Intelligence Scams Hacking Cybercrime

Okta warns of unprecedented scale in credential stuffing attacks on online services

Security Affairs

APRIL 28, 2024

From March 18, 2024, to April 16, 2024, Duo Security and Cisco Talos observed large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services.

VPN

VPN Accountability Firewall Data breaches

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

JULY 11, 2020

A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces. The Russian man stole roughly 117 million user records, including usernames, passwords, and emails. SecurityAffairs – hacking, cybercrime).

Hacking

Hacking Cybercrime Data breaches Advertising

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

911 says its network is made up entirely of users who voluntarily install its “free VPN” software. In this scenario, users indeed get to use a free VPN service, but they are often unaware that doing so will turn their computer into a proxy that lets others use their Internet address to transact online. “The 911[.]re

VPN

VPN Computers and Electronics Antivirus Software

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

At least a dozen patriotic Russian hacking groups have been launching DDoS attacks since the start of the war at a variety of targets seen as opposed to Moscow. is a company that tracks VPNs and proxy services worldwide. “And at least two of them explained that Stark offered them free VPN services that they were reselling.”

DDOS

DDOS Internet Internet Government

Akira ransomware targets Finnish organizations

Security Affairs

JANUARY 13, 2024

NAS (Network-Attached Storage) servers that are often used for backups on the network have been hacked and wiped, as have automatic tape backup devices, and in almost every case we know of, all backups have been lost. Cisco investigated the hacking campaign with the help of Rapid7. concludes the alert.

Ransomware

Ransomware Backups VPN Authentication

7 Cyber Safety Tips to Outsmart Scammers

Webroot

FEBRUARY 26, 2024

Cybercrime isn’t just a futuristic Hollywood plotline, it’s a real threat that targets everyone—from wide-eyed kids to seasoned adults and wise grandparents. They’ll try to sweet-talk you into clicking on suspicious links or divulging sensitive information like passwords or credit card details. And guess what?

Scams

Scams VPN Passwords Phishing

Wazawaka Goes Waka Waka

Krebs on Security

FEBRUARY 14, 2022

In January, KrebsOnSecurity examined clues left behind by “ Wazawaka ,” the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. 26, 2020, a new user named Biba99 registered on the English language cybercrime forum RaidForums. This post is an attempt to remedy that.

VPN

VPN Ransomware Cybercrime Accountability

Security Affairs newsletter Round 434 by Pierluigi Paganini – International edition

Security Affairs

AUGUST 27, 2023

military procurement system Spoofing an Apple device and tricking users into sharing sensitive data Israel and US to Invest $3.85 Million in projects for critical infrastructure protection through the BIRD Cyber Program N. military procurement system Spoofing an Apple device and tricking users into sharing sensitive data Israel and US to Invest $3.85

Cybercrime

Cybercrime Hacking Cryptocurrency Ransomware

Who is Watching You and Why?

Approachable Cyber Threats

OCTOBER 5, 2023

“Why do hackers want to hack our webcams?” Hackers may also access webcams to perform other types of cybercrime, such as identity theft, fraud, or extortion. Use strong passwords : Choosing a robust password that cannot be easily guessed is one of the most important actions that can be taken.

Passwords

Passwords Identity Theft VPN Authentication

Who’s Behind the GandCrab Ransomware?

Krebs on Security

JULY 8, 2019

“In one year, people who worked with us have earned over US $2 billion,” read the farewell post by the eponymous GandCrab identity on the cybercrime forum Exploit[.]in in threads asking for urgent help obtaining access to hacked businesses in South Korea. Vpn-service[.]us Vpn-service[.]us

Ransomware

Ransomware Accountability Cybercrime Passwords

Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code

Krebs on Security

APRIL 22, 2022

KrebsOnSecurity recently reviewed a copy of the private chat messages between members of the LAPSUS$ cybercrime group in the week leading up to the arrest of its most active members last month. White is viewing the page via a T-Mobile employee’s virtual machine. “So, if they see [that] they think I’m hacking.”

Mobile

Mobile Computers and Electronics VPN Marketing

The Importance of Data Security and Privacy for Individuals and Businesses in the Digital Age

IT Security Guru

MARCH 28, 2023

Having a cybersecurity plan ensures that you remain protected against data breaches, phishing scams , and other cybercrimes. One thing you should know here is that simple passwords are easier to crack; therefore, setting up a complex password is necessary. A VPN removes your IP address and switches your location.

VPN

VPN Passwords Internet Internet

Akira ransomware targets Finnish organizations

Security Affairs

JANUARY 13, 2024

NAS (Network-Attached Storage) servers that are often used for backups on the network have been hacked and wiped, as have automatic tape backup devices, and in almost every case we know of, all backups have been lost. Cisco investigated the hacking campaign with the help of Rapid7. concludes the alert.

Ransomware

Ransomware Backups VPN Authentication

Who Is the Network Access Broker ‘Babam’?

Krebs on Security

DECEMBER 3, 2021

More commonly, that access is purchased from a cybercriminal broker who specializes in acquiring remote access credentials — such as usernames and passwords needed to remotely connect to the target’s network. Verified was hacked at least twice in the past five years, and its user database posted online. com and wwwpexpay[.]com.

Ransomware

Ransomware Passwords Accountability Cybercrime

Iranian threat actors attempt to buy stolen data of US organizations, FBI warns

Security Affairs

NOVEMBER 11, 2021

Iranian nation-state actors are attempting to buy info available for sale in the cybercrime underground to launch attacks against US organizations. “ This actor has also demonstrated interest in obtaining unauthorized access to SCADA systems using common default passwords.” SecurityAffairs – hacking, Iran).

VPN

VPN Cybercrime Passwords Firewall

Voice Phishers Targeting Corporate VPNs

Krebs on Security

AUGUST 19, 2020

But one increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees. SCHOOL OF HACKS. The employee phishing page bofaticket[.]com. Image: urlscan.io.

Phishing

Phishing VPN Social Engineering Media

Internet Safety Month: Avoiding the consequences of unsafe Internet practices

Malwarebytes

JUNE 3, 2022

By focusing on this context, we hope that you’ll come away with a stronger understanding about, for instance, why you should use a password manager rather than that you should use a password manager. Do use strong passwords. Today, we’re going to share stories about the consequences of unsafe Internet practices.

Internet

Internet Internet Scams Passwords

A Closer Look at the LAPSUS$ Data Extortion Group

Krebs on Security

MARCH 23, 2022

Microsoft and identity management platform Okta both this week disclosed breaches involving LAPSUS$ , a relatively new cybercrime group that specializes in stealing data from big companies and threatening to publish it unless a ransom demand is paid. “The world is full of targets that are not used to being targeted this way.”

Social Engineering

Social Engineering Accountability Mobile Passwords

It’s official, Lapsus$ gang compromised a Microsoft employee’s account

Security Affairs

MARCH 23, 2022

Microsoft confirmed that Lapsus$ extortion group has hacked one of its employees to access and steal the source code of some projects. Microsoft confirmed that Lapsus$ extortion group has hacked one of its employees to access and steal the source code of some projects. SecurityAffairs – hacking, Microsoft). Pierluigi Paganini.

Accountability

Accountability VPN Social Engineering Hacking

Microsoft disrupts China-based hacking group Nickel

Malwarebytes

DECEMBER 7, 2021

Microsoft has taken control of 42 web domains that a hacking group was using to try to breach its targets. Sadly, any setback to the Chinese hacking group or others will likely be temporary as the hackers will find and build new infrastructure to use in forthcoming attacks. An overview of Chinese hacking groups and their aliases.

Hacking

Hacking Malware Surveillance Data collection

A chink in the armor of China-based hacking group Nickel

Malwarebytes

DECEMBER 7, 2021

Microsoft has taken control of 42 web domains that a hacking group was using to try to breach its targets. Sadly, any setback to the Chinese hacking group or others will likely be temporary as the hackers will find and build new infrastructure to use in forthcoming attacks. An overview of Chinese hacking groups and their aliases.

Hacking

Hacking Malware Surveillance Data collection

Is Your Small Business Safe Against Cyber Attacks?

CyberSecurity Insiders

MARCH 21, 2021

All businesses online and brick-and-mortar must have a cyber security plan in place because it is crucial for keeping your user data including passwords, and credit card numbers, secure and protected. . Some key points in a cyber security plan that you must consider are as follows: Strong passwords . Two-factor authentication .

Small Business

Small Business Cyber Attacks VPN Backups

Daixin Team targets health organizations with ransomware, US agencies warn

Security Affairs

OCTOBER 22, 2022

US government agencies warned that the Daixin Team cybercrime group is actively targeting the U.S. CISA, the FBI, and the Department of Health and Human Services (HHS) warned that the Daixin Team cybercrime group is actively targeting U.S. The threat actors obtained the VPN credentials through phishing attacks.

Ransomware

Ransomware VPN Cybercrime Accountability

Who is the Network Access Broker ‘Wazawaka?’

Krebs on Security

JANUARY 11, 2022

More commonly, the infected PC or stolen VPN credentials the gang used to break in were purchased from a cybercriminal middleman known as an initial access broker. This post examines some of the clues left behind by “ Wazawaka ,” the hacker handle chosen by a major access broker in the Russian-speaking cybercrime scene.

DDOS

DDOS Accountability Cybercrime Ransomware

Russian national Yevgeniy Aleksandrovich Nikulin sentenced to 88 months in prison

Security Affairs

SEPTEMBER 30, 2020

Russian national Yevgeniy Aleksandrovich Nikulin was sentenced to 88 months in prison for hacking LinkedIn, Dropbox, and Formspring in 2012. The Russian national Yevgeniy Aleksandrovich Nikulin was sentenced to 88 months in prison in the United States for hacking LinkedIn, Dropbox, and Formspring in 2012. Pierluigi Paganini.

Identity Theft

Identity Theft Cybercrime Advertising Hacking

Security Affairs newsletter Round 377

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4 SecurityAffairs – hacking, newsletter). Pierluigi Paganini.

Spyware

Spyware Manufacturing Small Business Surveillance

Gift Card Gang Extracts Cash From 100k Inboxes Daily

Krebs on Security

SEPTEMBER 2, 2021

Here’s the story of a cybercrime group that compromises up to 100,000 email inboxes per day, and apparently does little else with this access except siphon gift card and customer loyalty program data that can be resold online. ” On top of that, it’s also difficult to know how much activity you’re not seeing. .

Accountability

Accountability Authentication Passwords Hacking

A week in security (June 7 – June 13)

Malwarebytes

JUNE 14, 2021

Can two VPN “wrongs” make a right? Last week on Malwarebytes Labs: Amazon SIdewalk starts sharing your WiFi data tomorrow, thanks White hat, black hat, grey hat hackers: what’s the difference ? Stay safe, everyone! The post A week in security (June 7 – June 13) appeared first on Malwarebytes Labs.

Cybercrime

Cybercrime Scams VPN Phishing

New AVrecon botnet remained under the radar for two years while targeting SOHO Routers

Security Affairs

JULY 14, 2023

Lumen Black Lotus Labs uncovered a long-running hacking campaign targeting SOHO routers with a strain of malware dubbed AVrecon. Threat actors behind the campaign aimed at building a botnet to use for a range of criminal activities from password spraying to digital advertising fraud. ” reads the analysis published by Lumen.

Malware

Malware Advertising Cybercrime Passwords

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

Security Affairs

JANUARY 24, 2024

The ransomware attack reported in late 2023, targeted organizations’ networks using poorly secured VPN gateway on Cisco ASA or FTD devices. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking , Akira ransomware attack)

Ransomware

Ransomware VPN Government Retail

Who is Watching You and Why?

Approachable Cyber Threats

OCTOBER 5, 2023

“Why do hackers want to hack our webcams?” Hackers may also access webcams to perform other types of cybercrime, such as identity theft, fraud, or extortion. Use strong passwords : Choosing a robust password that cannot be easily guessed is one of the most important actions that can be taken.

Passwords

Passwords Identity Theft VPN Authentication

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

Security Affairs

MARCH 21, 2023

The attackers were able to send funds from hot wallets and download user names and password hashes. “Please keep your CAS behind a firewall and VPN. Terminals should also connect to CAS via VPN. With VPN/Firewall attackers from open internet cannot access your server and exploit it. ” continues the notice.

Cryptocurrency

Cryptocurrency VPN Manufacturing Firewall

How did the DOJ Recover Million$ of the Colonial Pipeline Ransom?

SecureWorld News

JUNE 8, 2021

Department of Justice (DOJ) made a surprise announcement this week: it was able to recover more than $2 million worth of ransom money Colonial Pipeline paid to a cybercrime gang. For example, an employee using the same password for multiple accounts. An outdated VPN account that had its password leaked on the dark web.

Ransomware

Ransomware Passwords VPN Accountability

North Korean Hackers Expose Own IP Addresses in JumpCloud Breach

SecureWorld News

JULY 25, 2023

A recent report from Mandiant sheds light on the hacking unit operated by North Korea's Reconnaissance General Bureau (RGB), which primarily targets cryptocurrency companies in an effort to fund the country's sanctioned nuclear weapons program. North Korean threat actors have been linked to a breach of enterprise software company JumpCloud.

Cryptocurrency

Cryptocurrency VPN Cybercrime Engineering

Security Affairs most-read cyber stories of 2021

Security Affairs

JANUARY 1, 2022

The popular whistleblower Edward Snowden recommends customers of ExpressVPN VPN service to stop using it. email and password pairs leaked online. The Largest compilation of emails and passwords (COMB), more than 3.2 billion login credentials, has been leaked on a popular hacking forum. COMB breach: 3.2B ransomware attack.

Hacking

Hacking VPN Passwords Ransomware

FBI: Compromised US academic credentials available on various cybercrime forums

Who and What is Behind the Malware Proxy Service SocksEscort?

Webinars

Trending Sources

15 billion credentials available in the cybercrime marketplaces

Webinars

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Cisco was hacked by the Yanluowang ransomware gang

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Giving a Face to the Malware Proxy Service ‘Faceless’

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 465 by Pierluigi Paganini – INTERNATIONAL EDITION

Okta warns of unprecedented scale in credential stuffing attacks on online services

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

A Deep Dive Into the Residential Proxy Service ‘911’

Stark Industries Solutions: An Iron Hammer in the Cloud

Akira ransomware targets Finnish organizations

7 Cyber Safety Tips to Outsmart Scammers

Wazawaka Goes Waka Waka

Security Affairs newsletter Round 434 by Pierluigi Paganini – International edition

Who is Watching You and Why?

Who’s Behind the GandCrab Ransomware?

Leaked Chats Show LAPSUS$ Stole T-Mobile Source Code

The Importance of Data Security and Privacy for Individuals and Businesses in the Digital Age

Akira ransomware targets Finnish organizations

Who Is the Network Access Broker ‘Babam’?

Iranian threat actors attempt to buy stolen data of US organizations, FBI warns

Voice Phishers Targeting Corporate VPNs

Internet Safety Month: Avoiding the consequences of unsafe Internet practices

A Closer Look at the LAPSUS$ Data Extortion Group

It’s official, Lapsus$ gang compromised a Microsoft employee’s account

Microsoft disrupts China-based hacking group Nickel

A chink in the armor of China-based hacking group Nickel

Is Your Small Business Safe Against Cyber Attacks?

Daixin Team targets health organizations with ransomware, US agencies warn

Who is the Network Access Broker ‘Wazawaka?’

Russian national Yevgeniy Aleksandrovich Nikulin sentenced to 88 months in prison

Security Affairs newsletter Round 377

Gift Card Gang Extracts Cash From 100k Inboxes Daily

A week in security (June 7 – June 13)

New AVrecon botnet remained under the radar for two years while targeting SOHO Routers

Akira ransomware attack on Tietoevry disrupted the services of many Swedish organizations

Who is Watching You and Why?

Crooks stole more than $1.5M worth of Bitcoin from General Bytes ATMs

How did the DOJ Recover Million$ of the Colonial Pipeline Ransom?

North Korean Hackers Expose Own IP Addresses in JumpCloud Breach

Security Affairs most-read cyber stories of 2021

Stay Connected