Security Boulevard

MARCH 18, 2023

Dear blog readers, Did you already grab a copy of my 2019-2023 " Dancho Danchev's Blog - Mind Streams of Information Security Knowledge " Ebook which is 1.7GB compilation for free? Did you already grab a copy of my Twitter 2017-2023 Ebook compilation for free? Accepting BitCoin Donations appeared first on Security Boulevard.

Cybercrime 96

Cybercrime Cyber threats Information Security 96

Security Affairs

APRIL 2, 2025

In July 2017, Dr.Web researchers discovered many smartphonemodels were shipped with the dreaded Triada trojan such as Leagoo M5 Plus, Leagoo M8, Nomu S10, and Nomu S20. Researchers at Dr.Web discovered the Triada Trojan pre-installed on newly shipped devices of several minor brands, including Advan, Cherry Mobile, Doogee, and Leagoo.

Malware 118

Malware Cryptocurrency Mobile Firmware 118

Security Affairs

FEBRUARY 14, 2020

An American was charged with money laundering while operating the dark web Helix Bitcoin mixer service between 2014 and 2017. Larry Dean Harmon (36), from Akron, Ohio, was charged with laundering more than $310 million worth of Bitcoin while he was operating a Darknet-based cryptocurrency laundering service between 2014 and 2017.

Advertising 135

Advertising Cryptocurrency Cybercrime Engineering 135

Security Affairs

APRIL 24, 2023

Truebot has been active since 2017 and some researchers linked it to the Russian Silence Group , while a recent investigation linked it to threat actor TA505 (aka Evil Corp). .” The researchers noticed that the domain hosting the tools employed in the attack, windowservicecemter[.]com, com, was registered on April 12, 2023.

Cybercrime 98

Cybercrime Software Education Ransomware 98

Security Affairs

DECEMBER 17, 2024

The threat actors attempted to exploit multiple vulnerabilities in DVRs, including CVE-2017-7921, CVE-2018-9995 , CVE-2020-25078, CVE-2021-33044 , and CVE-2021-36260. In March 2024, threat actors behind this campaign started targeting Internet of Things (IoT) devices in the US, Australia, Canada, New Zealand, and the United Kingdom.

Architecture 106

Architecture Internet Internet Malware 106

Security Affairs

FEBRUARY 6, 2024

“According to the indictment, between 2011 and July 2017, Aliaksandr Klimenka, 42, allegedly controlled BTC-e, a digital currency exchange, with Alexander Vinnik and others.” BTC-e was popular in the cybercrime ecosystem, it was an illegal platform because it was not registered as a money services business with the U.S.

Cryptocurrency 126

Cryptocurrency Spyware Cybercrime Hacking 126

Security Affairs

APRIL 8, 2022

A Ukrainian man was sentenced in the US to 5 years in prison for his criminal activity in the cybercrime group FIN7. for high-level hacking activity in the cybercrime group FIN7 (aka Carbanak Group and the Navigator Group). Iarmak is the third member of the FIN7 cybercrime group to be sentenced in the U.S. in May 2020.

Cybercrime 129

Cybercrime Hacking Software Phishing 129

Security Affairs

AUGUST 16, 2024

Many Google Pixel devices shipped since September 2017 have included a vulnerable app that could be exploited for malicious purposes. Many Google Pixel devices shipped since September 2017 have included dormant software that could be exploited by attackers to compromise them. ” reads the report. ” reads the report.

Hacking 142

Hacking Firmware Mobile Penetration Testing 142

Security Affairs

OCTOBER 29, 2020

The government agencies receive information about imminent attacks, threat actors are using the TrickBot botnet to deliver the infamous ransomware to the infected systems. “CISA, FBI, and HHS have credible information of an increased and imminent cybercrime threat to U.S. hospitals and healthcare providers.

Healthcare 145

Healthcare Ransomware Cybercrime Advertising 145

Security Affairs

MARCH 17, 2020

Security experts from FireEye published an interesting report on the Ransomware deployment trends, it revealed that most of the attacks (76%) against the enterprise sector occur outside working hours. FireEye compiled the report using data from dozens of ransomware infections that it has investigated from 2017 to 2019.

Ransomware 143

Ransomware Advertising Malware Cybercrime 143

Security Affairs

OCTOBER 19, 2020

In 2017, Greek Police arrested the Russian national Alexander Vinnik and they accused the man of running the BTC-e Bitcoin exchange to launder more than US$4bn worth of the cryptocurrency. SecurityAffairs – hacking, cybercrime). Vinnik is also accused to be responsible for the failure of the Japanese bitcoin exchange Mt.

Advertising 132

Advertising Hacking Cybercrime Cryptocurrency 132

Security Affairs

APRIL 6, 2022

The seizure of the Hydra Market is the result of an international investigation conducted by the Central Office for Combating Cybercrime (ZIT) in partnership with U.S. Hydra quickly rose to become the most prominent Russian-language darknet market after the closure of a key competitor in 2017. SecurityAffairs – hacking, cybercrime).

Marketing 129

Marketing Cybercrime Advertising Hacking 129

Security Affairs

JANUARY 21, 2025

This botnet also uses some existing exploits ( CVE-2024-7029 , CVE-2017-17215 ) to download the next-stage payloads.” . “Mirai malware, here dubbed as Murdoc Botnet, is a prominent malware family for *nix systems. It mainly targets vulnerable AVTECH and Huawei devices. ” reads the advisory.

IoT 80

IoT Malware Hacking Cybercrime 80

Security Affairs

DECEMBER 22, 2022

. “South Korea’s main spy agency, the National Intelligence Service, said North Korea’s capacity to steal digital assets is considered among the best in the world because of the country’s focus on cybercrimes since U.N. economic sanctions were toughened in 2017 in response to its nuclear and missile tests.” Citing the U.S.

Cryptocurrency 139

Cryptocurrency Cybercrime Media Government 139

Security Affairs

AUGUST 13, 2021

The news was first reported by TheRecord website, the master decryption keys work for victims that were infected between July 2017 and early 2021. “The keys have been verified as authentic by Michael Gillespie , a malware analyst at security firm Emsisoft and the creator of the ID-Ransomware service.”

Ransomware 143

Ransomware Authentication Malware Hacking 143

Security Affairs

AUGUST 12, 2021

CrowdStrike recently observed a malicious activity associated with Magniber ransomware , a threat that has been active since 2017. “CrowdStrike recently observed new activity related to a 2017 ransomware family, known as Magniber, using the PrintNighmare vulnerability on victims in South Korea. ” CrowdStrike concludes.

Ransomware 121

Ransomware Encryption Cybercrime Hacking 121

Krebs on Security

JULY 18, 2023

LeakedSource was advertised on a number of popular cybercrime forums as a service that could help hackers break into valuable or high-profile accounts. LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals. us, but denied being the operator of LeakedSource.

Hacking 242

Hacking Accountability Data breaches Marketing 242

Security Affairs

NOVEMBER 12, 2019

The analysis of a malicious email revealed a possible raising interest of the TA505 cybercrime gang in system integrator companies. The domain validtree.com is registered through namecheap.com on 2017-12-07T15:55:27Z but recently renewed on 2019-10-16T05:35:18Z. I am a computer security scientist with an intensive hacking background.

Cybercrime 61

Cybercrime Computers and Electronics Penetration Testing Malware 61

Security Affairs

SEPTEMBER 16, 2022

We don’t have an estimate right now as to when full access to tools will be restored, so thank you for bearing with us,” Latha Maripuri, Uber’s chief information security officer, told NYT via email. This is not the first time that the company suffered a security breach.

Hacking 143

Hacking Data breaches Information Security Engineering 143

Security Affairs

MAY 20, 2019

The LeakedSource website was launched in late 2015, in January 2017 the popular data breach notification website has been raided by feds. “I am immensely proud of this outcome as combatting cybercrime is an operational priority for us.” SecurityAffairs – cybercrime, LeakedSource). Pierluigi Paganini.

Cybercrime 93

Cybercrime Data breaches Advertising Passwords 93

Security Affairs

JULY 14, 2020

“The new finding came to light over the weekend after a hacker put up for sale the hotel’s data in an ad published on a dark web cybercrime marketplace.” The hacker claims to have obtained the database from the hack of the DataViper monitoring service operated by the security firm Night Lion Security.

Data breaches 145

Data breaches Advertising Hacking Cybercrime 145

Security Affairs

MAY 30, 2022

The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. The botnet was first discovered by Fortinet in March, the DDoS botnet targeted several routers and web servers by exploiting known vulnerabilities. The botnet targets multiple architectures, including arm, bsd, x64, and x86.

Malware 145

Malware DDOS IoT Cybercrime 145

Security Affairs

MARCH 29, 2020

.” reads the post published by “This, in turn, would result in the broader proliferation among multiple cybercrime groups, and an eventual surge in attacks.” ” The availability of the source code online will allow threat actors to create their own versions and start distributing them.

Ransomware 142

Ransomware Hacking Advertising Malware 142

Security Affairs

OCTOBER 16, 2023

The researchers speculate the originating accounts of the instant messaging applications were compromised through the leaked credentials available on cybercrime forums.

Malware 135

Malware Cryptocurrency Accountability Cybercrime 135

Security Affairs

NOVEMBER 28, 2019

Security experts at Kaspersky have published a report on a targeted cybercrime malware campaign, tracked as RevengeHotels, that hit hotels, hostels, hospitality and tourism companies. In some cases threat actors used CVE-2017-0199 exploit to deliver customized versions of RevengeRAT , NjRAT , NanoCoreRAT , 888 RAT and others.

Cybercrime 131

Cybercrime Malware Advertising Phishing 131

Security Affairs

AUGUST 27, 2024

.” CrowdStrike’s investigation reveals that USDoD’s leader, Luan BG, has been a hacktivist active since at least 2017. The link between Luan’s hacktivism and cybercrime was established due to his bad Operational security (opsec).

Media 124

Media Cybercrime Accountability Hacking 124

Security Affairs

APRIL 6, 2022

The seizure of the Hydra Market is the result of an international investigation conducted by the Central Office for Combating Cybercrime (ZIT) in partnership with U.S. “Hydra quickly rose to become the most prominent Russian-language darknet market after the closure of a key competitor in 2017. billion euros in 2020 alone.

Marketing 103

Marketing Cybercrime Advertising Hacking 103

Security Affairs

SEPTEMBER 4, 2019

Schuchman , Vamp, and Drake created the Satori botnet in between July and August 2017. Between September an October 2017, Schuchman and his accomplices developed a new version of Satori named Okiru. In November 2017 the trio created a new version named Masuta , that targeted GPON routers. SecurityAffairs – Satori, cybercrime).

IoT 106

IoT DDOS Internet Internet 106

Security Affairs

DECEMBER 12, 2021

Koshkin was arrested in California in September 2019 , while Tsurkan was arrested in April 2017. At the time the FBI dismantled the Kelihos botnet, in 2017, the malicious infrastructure was composed of at least 50,000 compromised devices around the world.

Antivirus 103

Antivirus Malware Cybercrime Cyber threats 103

Security Affairs

JANUARY 22, 2025

This botnet also uses some existing exploits ( CVE-2024-7029 , CVE-2017-17215 ) to download the next-stage payloads. Mirai malware, here dubbed as Murdoc Botnet, is a prominent malware family for *nix systems. It mainly targets vulnerable AVTECH and Huawei devices. reads the advisory.

DDOS 67

DDOS Malware Internet Internet 67

Security Affairs

JUNE 26, 2020

Schuchman, Vamp, and Drake created the Satori botnet in between July and August 2017. Between September an October 2017, Schuchman and his accomplices developed a new version of Satori named Okiru. In November 2017 the trio created a new version named Masuta , that targeted GPON routers. ” continues the DoJ.

DDOS 145

DDOS IoT Advertising Internet 145

Security Affairs

OCTOBER 7, 2019

The data has been available for sale in the cybercrime underground since February. HIBP also included data from a data breach suffered by Sephora Southeast Asia in January 2017 that exposed data for 780,073 customers, including customer’s dates of birth, email addresses, ethnicities, genders, names, and physical attributes.

Data breaches 101

Data breaches Passwords Advertising Cybercrime 101

Security Affairs

JULY 27, 2019

In August 2017, he was arrested in Las Vegas after attending the Def Con hacking conference and was detained by the FBI in the state of Nevada. In August 2017, Marcus Hutchins pleaded not guilty to charges of creating and selling malware at a hearing in Milwaukee, Wisconsin. . SecurityAffairs – Marcus Hutchins, cybercrime).

Banking 102

Banking Advertising Malware Cybercrime 102

Security Affairs

NOVEMBER 19, 2021

Experts speculate the operators are members of a Russia-based cybercrime group known as Wizard Spider. ” The consolidation cluster was first active in December 2017 when it received one incoming payment of 1.8 Since August 2020, the group has launched its leak site to threaten its victim to release the stolen data.

Ransomware 142

Ransomware Cybercrime Malware Hacking 142

Security Affairs

AUGUST 11, 2023

A variant of the Gafgyt botnet is actively attempting to exploit a vulnerability, tracked as CVE-2017-18368 (CVSS v3: 9.8), impacting the end-of-life Zyxel P660HN-T1A router. Zyxel addressed the vulnerability in 2017 with the release of new firmware, however, the vendor warned that a Gafgyt variant was exploiting the flaw in 2019.

Firmware 98

Firmware Hacking Cybercrime Information Security 98

Security Affairs

MARCH 14, 2024

The company did not share details about the attack or its scope, but a few weeks later the Akira ransomware group claimed to have stolen 100 GB of information from the company. Stolen data included corporate files and personal information Nissan refused to pay the ransom and the cybercrime group published the alleged stolen files.

Data breaches 127

Data breaches Identity Theft Financial Services Cybercrime 127

Security Affairs

APRIL 17, 2022

The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. Researchers from Fortinet discovered a new DDoS botnet, tracked as Enemybot, that has targeted several routers and web servers by exploiting known vulnerabilities. Upon installing the threat, the bot drops a file in /tmp/.pwned

DDOS 144

DDOS Architecture Malware Cybercrime 144