SecureWorld News

JULY 8, 2024

The name "RockYou2024" pays homage to the infamous RockYou data breach of 2009, which exposed 32 million passwords due to insecure storage practices. Knowledge is a powerful tool in protecting against cybercrime. Fast forward to 2024, and the scale of the latest leak dwarfs its predecessor by several orders of magnitude.

Passwords 127

Passwords Password Management Accountability Education 127

SecureList

FEBRUARY 1, 2022

Number of data leaks from medical organizations, 2009–2020. With the active development of telehealth, medicine will only become a more commonly used bait, just as the digitalization of banks has turned banking phishing into one of the most popularly used types of phishing. Source: HIPAA Journal.

Phishing 145

Phishing Healthcare IoT Authentication 145

Cisco Security

JANUARY 10, 2023

But the topic will continue to be in focus as we move into 2023, with insurers demanding greater attribution – aka the science of identifying the perpetrator of a cybercrime by comparing the evidence gathered from an attack with evidence gathered from earlier attacks that have been attributed to known perpetrators to find similarities.

CISO 142

CISO Insurance Cyber Insurance Phishing 142

Malwarebytes

DECEMBER 5, 2022

It's been active since 2009 and is responsible for many high profile attacks. In January of 2022 the Malwarebytes Intelligence Team uncovered a campaign where Lazarus conducted spear phishing attacks weaponized with malicious documents that used a familiar job opportunities theme. Lazarus Group.

Cryptocurrency 93

Cryptocurrency Malware Scams Cybercrime 93

BH Consulting

NOVEMBER 15, 2022

Detective Inspector Gerard Doyle of the Garda Siochana National Cybercrime Bureau urged victims not to pay the ransom. Even small details like using financial hooks as part of a phishing awareness campaign can come across as poor taste at a time of rising consumer prices, she said. Our position is, you shouldn’t pay a ransom.

Insurance 59

Insurance Social Engineering CISO Ransomware 59

Krebs on Security

DECEMBER 16, 2019

Justice Department this month offered a $5 million bounty for information leading to the arrest and conviction of a Russian man indicted for allegedly orchestrating a vast, international cybercrime network that called itself “ Evil Corp ” and stole roughly $100 million from businesses and consumers. LOW FRIENDS IN HIGH PLACES.

Cybercrime 288

Cybercrime Banking Small Business Accountability 288

Krebs on Security

JANUARY 11, 2022

This post examines some of the clues left behind by “ Wazawaka ,” the hacker handle chosen by a major access broker in the Russian-speaking cybercrime scene. Wazawaka has been a highly active member of multiple cybercrime forums over the past decade, but his favorite is the Russian-language community Exploit.

DDOS 335

DDOS Accountability Cybercrime Ransomware 335

Krebs on Security

JULY 20, 2021

.” Over the course of his 15-year cybercriminal career, Severa would emerge as a pivotal figure in the cybercrime underground , serving as the primary moderator of a spam community that spanned multiple top Russian cybercrime forums. Severa was a moderator on the Russian spam community Spamdot[.]biz.

Antivirus 347

Antivirus Cybercrime Identity Theft Scams 347

Krebs on Security

NOVEMBER 15, 2022

Wanted Ukrainian cybercrime suspect Vyacheslav “Tank” Penchukov (right) was arrested in Geneva, Switzerland. Ultimately, Penchukov’s political connections helped him evade prosecution by Ukrainian cybercrime investigators for many years. This was enough to positively identify Tank as Penchukov, Warner said.

Banking 331

Banking Small Business Accountability Cybercrime 331

eSecurity Planet

DECEMBER 3, 2021

Brian Krebs is an independent investigative reporter known for his coverage of technology, malware , data breaches , and cybercrime developments. Krebs wrote for The Washington Post between 1995 and 2009 before launching his current blog KrebsOnSecurity.com. Brian Krebs | @briankrebs. Enable 2FA and get a password manager.

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139