2021, Cybercrime and Information Security

Moldovan citizen sentenced in connection with the E-Root cybercrime marketplace case

Security Affairs

MARCH 15, 2024

US DoJ sentenced a Moldovan national (31) to 42 months in federal prison for operating the E-Root cybercrime marketplace. Diaconu was operating the E-Root cybercrime marketplace. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, cybercrime)

Cybercrime

Cybercrime Cryptocurrency Advertising Passwords

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. The availability of the source in the cybercrime ecosystem can allow threat actors to develop their own version of the Hello Kitty ransomware. The HelloKitty gang has been active since January 2021.

Cybercrime

Cybercrime Ransomware DDOS Encryption

Russian cybercrime forums launch contests for cryptocurrency hacks

Security Affairs

JUNE 7, 2021

. “Over the past month, operators of one of the top Russian-language cybercrime forums have been running a “contest,” calling for the community to submit papers that examine how to target cryptocurrency-related technology.” ” reads a post published by Intel 471. ” Follow me on Twitter: @securityaffairs and Facebook.

Cryptocurrency

Cryptocurrency Cybercrime Hacking Technology

TA558 cybercrime group targets hospitality and travel orgs

Security Affairs

AUGUST 20, 2022

TA558 cybercrime group is behind a malware campaign targeting hospitality, hotel, and travel organizations in Latin America. Researchers from Proofpoint are monitoring a malware campaign conducted by a cybercrime group, tracked as TA558, that is targeting hospitality, hotel, and travel organizations in Latin America.

Cybercrime

Cybercrime Malware Phishing Internet

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. In May 2021, cybercriminals offered more than 36,000 login credentials for.edu email accounts and advertised the data on an instant messaging platform. Pierluigi Paganini.

Cybercrime

Cybercrime Education Accountability Phishing

The newer cybercrime triad: TrickBot-Emotet-Conti

Security Affairs

NOVEMBER 20, 2021

“Most likely because no other groups were able to replicate such capabilities, after leaving cyberspace in January 2021, Emotet left a vacuum that was not filled even with MASSLOADER, also known as Hancitor. “Emotet’s return is not coincidental, it is caused by major shifts in the overall cybercrime domain.

Cybercrime

Cybercrime Ransomware Banking Malware

Cybercrime underground flooded with offers for initial access to shipping and logistics orgs

Security Affairs

NOVEMBER 3, 2021

Experts warn of the availability in the cybercrime underground of offers for initial access to networks of players in global supply chains. In August 2021 , an affiliate of the Conti ransomware gang claimed access to corporate networks belonging to a U.S. In October 2021 , a threat actor claimed access to the network of a U.S.-based

Cybercrime

Cybercrime VPN Ransomware Hacking

Experts link Raspberry Robin Malware to Evil Corp cybercrime gang

Security Affairs

SEPTEMBER 2, 2022

Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp.

Cybercrime

Cybercrime Malware Backups Manufacturing

HAEICHI-II: Interpol arrested +1,000 suspects linked to various cybercrimes

Security Affairs

NOVEMBER 27, 2021

HAEICHI-II: Interpol arrested 1,003 individuals charged for several cybercrimes, including romance scams, investment frauds, and online money laundering. of), Laos, Malaysia, Maldives, Philippines, Romania, Singapore, Slovenia, Spain, Thailand, and Vietnam) between June and September 2021. Pierluigi Paganini.

Cybercrime

Cybercrime Scams Banking Malware

The fire in the OVH datacenter also impacted APTs and cybercrime groups

Security Affairs

MARCH 13, 2021

The fire at the OVH datacenter in Strasbourg also impacted the command and control infrastructure used by several nation-state APT groups and cybercrime gangs. The servers were used by cybercrime gangs and APT groups, including Iran-linked Charming Kitten and APT39 groups, the Bahamut cybercrime group, and the Vietnam-linked OceanLotus APT.

Cybercrime

Cybercrime Malware Hacking Accountability

New ‘Karakurt’ cybercrime gang focuses on data theft and extortion

Security Affairs

DECEMBER 11, 2021

Accenture researchers detailed the activity of a new sophisticated cybercrime group, called Karakurt, behind recent cyberattacks. The activity of the group was first spotted in June 2021, but the group has been more active in Q3 2021. In June 2021 the gang registered the domains hosting its leak sites, karakurt[.]group

Cybercrime

Cybercrime VPN Ransomware Hacking

Reading INTERPOL the African Cyberthreat Assessment Report 2021

Security Affairs

OCTOBER 30, 2021

INTERPOL published the African Cyberthreat Assessment Report 2021, a report that analyzes evolution of cybercrime in Africa. A new report published by INTERPOL, titled the African Cyberthreat Assessment Report 2021 , sheds the light on cybercrime in Africa. of the overall number.

Cybercrime

Cybercrime Scams DDOS Banking

The worst cyber attacks of 2021

Security Affairs

JANUARY 3, 2022

Which are the cyber attacks of 2021 that had the major impact on organizations worldwide in terms of financial losses and disruption of the operations? The systems at the company were infected with the Phoenix Locker, a variant of ransomware tracked as Hades that was part of the arsenal of the cybercrime group known as Evil Corp.

Cyber Attacks

Cyber Attacks Ransomware Insurance Hacking

The Biden administration will work with 30 countries to curb global cybercrime

Security Affairs

OCTOBER 3, 2021

The Biden administration announced it will work with 30 countries, including NATO allies and G7 partners, to curb global cybercrime. President Joe Biden announced that the US will work with 30 countries to curb cybercrime and dismantle ransomware gangs that are targeting organizations worldwide. Pierluigi Paganini.

Cybercrime

Cybercrime Artificial Intelligence Ransomware Cryptocurrency

Cybercrime Forum Data Set for 2019 and 2021 – Free Direct Download Technical Collection Copy Available! Grab a Copy Today!

Security Boulevard

MAY 25, 2021

I've decided to make my Cybercrime Forum Data Set for 2019 and 2021 exclusively available online for free in order for me to speed the dissemination process and to possibly empower security researchers and vendors with the necessary information to help them stay on the top of their game in terms of current and emerging cyber threats including U.S

Cybercrime

Cybercrime Cyber threats Hacking Software

TeamTNT cybercrime gang expands its arsenal to target thousands of orgs worldwide

Security Affairs

SEPTEMBER 9, 2021

Evidence collected by the experts suggests that the campaign began on July 25, 2021, threat actors used a large set of open-source tools in the attacks. In January 2021, the cybercrime gang launched a new campaign targeting Kubernetes environments with the Hildegard malware. Pierluigi Paganini.

Cybercrime

Cybercrime Cryptocurrency Penetration Testing Malware

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Security Affairs

JUNE 17, 2021

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. “The intrusion that is detailed in this post began on May 18, 2021, which occurred days after the publicly reported shutdown of the overall DARKSIDE program ( Mandiant Advantage background ).

Cybercrime

Cybercrime Ransomware Antivirus Software

Organizations paid at least $602 million to ransomware gangs in 2021

Security Affairs

FEBRUARY 13, 2022

Organizations have paid more than $600 million in cryptocurrency during 2021, nearly one-third to the Conti ransomware gang. and Australia have published a joint advisory warning of an increased globalised threat of ransomware worldwide in 2021. Last week, cybersecurity agencies from the U.K., added the company. .”

Ransomware

Ransomware Cryptocurrency Cybercrime Malware

Microsoft warns of attacks exploiting recently patched Windows MSHTML CVE-2021-40444 bug

Security Affairs

SEPTEMBER 16, 2021

Microsoft revealed that multiple threat actors are exploiting the recently patched Windows MSHTML remote code execution security flaw (CVE-2021-40444 ). The campaigns observed August 2021 likely employed emails impersonating contracts and legal agreements, the messages used documents that were hosted on file-sharing sites. .

Ransomware

Ransomware Cybercrime Hacking Information Security

German police seized the darknet marketplace Nemesis Market

Security Affairs

MARCH 23, 2024

An operation conducted by the Federal Criminal Police Office in Germany (BKA) and the Frankfurt cybercrime combating unit (ZIT) led to the seizure of the infrastructure of the darknet marketplace Nemesis Market in Germany and Lithuania. Crimemarket was a prominent platform for trading illegal drugs, narcotics, and cybercrime services.

Marketing

Marketing Cybercrime DDOS Internet

Ex-Canadian government employee admits to being a member of the Russian cybercrime gang NetWalker

Security Affairs

JUNE 30, 2022

A former Canadian government IT worker admitted to being a high-level member of the Russian cybercrime group NetWalker. to charges related to his involvement with the Russian cybercrime group NetWalker. SecurityAffairs – hacking, Ex-Canadian government employee admits to be a member of the Russian cybercrime gang NetWalkerNetWalker).

Cybercrime

Cybercrime Government Ransomware Cryptocurrency

FIN11 cybercrime group is behind recent wave of attacks on FTA servers

Security Affairs

FEBRUARY 23, 2021

FireEye experts linked a series of attacks targeting Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. Security experts from FireEye linked a series of cyber attacks against organizations running Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11.

Cybercrime

Cybercrime Software Ransomware Cyber Attacks

Cyber Security Roundup for April 2021

Security Boulevard

MARCH 31, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, March 2021. FatFace CEO Liz Evans released a statement which said “ On 17th January 2021 FatFace identified some suspicious activity within its IT systems.

Energy and Utilities

Energy and Utilities Ransomware Banking Hacking

CVE-2021-44731 Linux privilege escalation bug affects Canonical’s Snap Package Manager

Security Affairs

FEBRUARY 18, 2022

Qualys experts found a new Linux privilege escalation vulnerability, tracked as CVE-2021-44731, in Canonical’s Snap Package Manager. Canonical’s Snap software packaging and deployment system are affected by multiple vulnerabilities, including a privilege escalation flaw tracked as CVE-2021-44731 (CVSS score 7.8).

Software

Software Hacking Cybercrime Information Security

Meet the 2021 SC Awards judges

SC Magazine

MAY 1, 2021

For 2021, the judges took on a record number of submissions, identifying which products, people and companies stood out during a tumultuous year. Click here to see the full list of 2021 SC Award finalists. She also served as the deputy chief information officer of the White House.

Computers and Electronics

Computers and Electronics Technology Education Information Security

Black Hat USA 2021 Network Operations Center

Cisco Security

AUGUST 12, 2021

Cisco Secure returned as a supporting partner of the Black Hat USA 2021 Network Operations Center (NOC) for the 5 th year ; joining conference producer Informa Tech and its other security partners. Threat Grid (Secure Malware Analytics). AMP for Endpoints (Secure Endpoint). CyberCrime Tracker. urlscan.io.

DNS

DNS Firewall Phishing Mobile

Crooks bypass a Microsoft Office patch for CVE-2021-40444 to spread Formbook malware

Security Affairs

DECEMBER 23, 2021

Crooks discovered how to bypass the patch for a recent Microsoft Office vulnerability (CVE-2021-40444) and are using it to distribute Formbook malware. Cybercriminals have found a way to bypass the patch for a recent Microsoft Office vulnerability tracked as CVE-2021-40444 (CVSS score of 8.8). Pierluigi Paganini.

Malware

Malware Hacking Ransomware Cybercrime

Acer Philippines disclosed a data breach after a third-party vendor hack

Security Affairs

MARCH 13, 2024

In our commitment to full transparency, we wish to inform you of a recent security incident involving a third-party vendor managing employee attendance data. The threat actor announced the hack on a popular cybercrime forum, he claimed the theft of about 2869 files.

Data breaches

Data breaches Computers and Electronics Hacking Cybercrime

AT&T confirmed that a data breach impacted 73 million customers

Security Affairs

MARCH 30, 2024

AT&T confirmed that a data breach impacted 73 million current and former customers after its data were leaked on a cybercrime forum. The seller, who goes online with the moniker MajorNelson, claims that the data was obtained from an unnamed AT&T division by @ ShinyHunters in 2021. The archive contains 73.481.539 records. “It

Data breaches

Data breaches Telecommunications Cybercrime Hacking

Phorpiex botnet is back, in 2021 it $500K worth of crypto assets

Security Affairs

DECEMBER 17, 2021

The botnet has been active since at least 2016, but in August the criminal organization behind the Phorpiex botnet have shut down their operations and put the source code of the bot for sale on a cybercrime forum in on a dark web. We managed to find 60 unique Bitcoin wallets and 37 Ethereum wallets used by the Phorpiex crypto-clipper.

Cryptocurrency

Cryptocurrency Cybercrime Malware Hacking

Info stealers and how to protect against them

Security Affairs

DECEMBER 18, 2023

“Cashout bank logs” typically refer to a type of cybercrime where individuals gain unauthorized access to banking information, often through phishing attacks or hacking, and then use that information to withdraw money or make unauthorized transactions. Do you want to know how do we protect against info stealers?

Banking

Banking Cybercrime Malware Accountability

Clop ransomware gang was testing MOVEit Transfer bug since 2021

Security Affairs

JUNE 9, 2023

Researchers discovered that the Clop ransomware gang was looking for a zero-day exploit in the MOVEit Transfer since 2021. Kroll security experts discovered that the Clop ransomware gang was looking for a zero-day exploit in the MOVEit Transfer since 2021. ” reads the analysis published by the security firm.

Ransomware

Ransomware Hacking Retail Internet

Threat actors use recently discovered CVE-2021-26084 Atlassian Confluence

Security Affairs

SEPTEMBER 30, 2021

Threat actors are actively exploiting the recently disclosed CVE-2021-26084 RCE vulnerability in Atlassian Confluence deployments. At the end of August, Atlassian released security patches to address the critical CVE-2021-26084 flaw that affects the Confluence enterprise collaboration product. link] — U.S.

Cryptocurrency

Cryptocurrency Authentication Malware Marketing

APWG: Phishing maintained near-record levels in the first quarter of 2021

Security Affairs

JUNE 13, 2021

The Anti-Phishing Working Group (APWG) revealed that the number of phishing websites peaked at record levels in the first quarter of 2021. The Anti-Phishing Working Group (APWG) has published its new Phishing Activity Trends Report related to the first quarter of 2021. Reported Phishing Websites for Q1 2021.

Phishing

Phishing Advertising Cryptocurrency Encryption

USCYBERCOM and CISA warn organizations to fix CVE-2021-26084 Confluence flaw

Security Affairs

SEPTEMBER 3, 2021

USCYBERCOM is urging organizations to patch a critical CVE-2021-26084 flaw in Atlassian Confluence Server and Data Center, ahead of the Labor Day weekend. . US Cyber Command (USCYBERCOM) has issued an alert to warn US organizations to address Atlassian Confluence CVE-2021-26084 vulnerability immediately, ahead of the Labor Day weekend.

Authentication

Authentication Cryptocurrency Hacking Government

Personal health information of 42M Americans leaked between 2016 and 2021

Security Affairs

DECEMBER 31, 2022

Researchers from Jama Network analyzed trends in ransomware attacks on US hospitals, clinics, and health care delivery organizations between 2016 and 2021. From 2016 to 2021, the annual number of ransomware attacks passed from 43 to 91. . From 2016 to 2021, the annual number of ransomware attacks passed from 43 to 91. .

Healthcare

Healthcare Ransomware Backups Hacking

Glupteba botnet is back after Google disrupted it in December 2021

Security Affairs

DECEMBER 19, 2022

The Glupteba botnet is back, researchers reported a surge in infection worldwide after Google disrupted its operation in 2021. In December 2021, Google announced it has taken down the infrastructure operated by the Glupteba botnet, it also sued Russian nationals Dmitry Starovikov and Alexander Filippov for creating and operating the botnet.

DNS

DNS Antivirus Cryptocurrency Software

Twitter says recently leaked user data are from 2021 breach

Security Affairs

DECEMBER 13, 2022

Twitter confirmed that the recent leak of members’ profile information resulted from the 2021 data breach disclosed in August 2022. Twitter confirmed that the recent data leak of millions of profiles resulted from the 2021 data breach that the company disclosed in August 2022. ” the source told 9to5Mac.

Data breaches

Data breaches Accountability Media Hacking

US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns

Security Affairs

FEBRUARY 10, 2022

The FBI reported that US citizens have lost more than $68 million to SIM swapping attacks in 2021, the number of complaints since 2018 and associated losses have increased almost fivefold. In 2021, IC3 received 1,611 SIM swapping complaints with adjusted losses of more than $68 million.” Pierluigi Paganini.

Mobile

Mobile Cryptocurrency Authentication Accountability

Security Affairs most-read cyber stories of 2021

Security Affairs

JANUARY 1, 2022

Which are the most-read cyber stories of 2021? The development team behind the Linux Mint distro has fixed a security flaw that could have allowed users to bypass the OS screensaver. Experts discovered a Local Privilege Escalation, tracked as CVE-2021-33909, that could allow attackers to get root access on most Linux distros.

Hacking

Hacking VPN Passwords Ransomware

Large-scale AiTM phishing campaign targeted +10,000 orgs since 2021?

Security Affairs

JULY 12, 2022

Microsoft experts believe that the AiTM phishing campaign was used to target more than 10,000 organizations since September 2021. The post Large-scale AiTM phishing campaign targeted +10,000 orgs since 2021? appeared first on Security Affairs. ” Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Phishing

Phishing Authentication Social Engineering Passwords

2021 data breach exposed data of 70 Million Luxottica customers

Security Affairs

MAY 20, 2023

Luxottica has finally confirmed the 2021 data breach that exposed the personal information of 70 million customers. pic.twitter.com/62uQWT4YQB — Andrea Draghetti (@AndreaDraghetti) May 12, 2023 The most recent entry in the database is March 16th, 2021, a circumstance that suggests it is a new data breach suffered by Luxottica.

Data breaches

Data breaches Retail Hacking Ransomware

Experts warn of a surge in zero-day flaws observed and exploited in 2021

Security Affairs

APRIL 25, 2022

Google’s Project Zero researchers reported that 58 zero-day were discovered in 2021 (28 zero-day were detected in 2020), which marks a record for the company since it started tracking these issues in mid 2014. Google researchers reported that the exploitation of the zero-days they saw in 2021 was not different from the past.

Ransomware

Ransomware Hacking Software Risk

Ranzy Locker ransomware hit tens of US companies in 2021

Security Affairs

OCTOBER 26, 2021

“Unknown cyber criminals using Ranzy Locker ransomware had compromised more than 30 US businesses as of July 2021. The victims include the construction subsector of the critical manufacturing sector, the academia subsector of the government facilities sector, the information technology sector, and the transportation sector.”

Ransomware

Ransomware Firmware Antivirus Accountability

Moldovan citizen sentenced in connection with the E-Root cybercrime marketplace case

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

Trending Sources

Russian cybercrime forums launch contests for cryptocurrency hacks

TA558 cybercrime group targets hospitality and travel orgs

FBI: Compromised US academic credentials available on various cybercrime forums

The newer cybercrime triad: TrickBot-Emotet-Conti

Cybercrime underground flooded with offers for initial access to shipping and logistics orgs

Experts link Raspberry Robin Malware to Evil Corp cybercrime gang

HAEICHI-II: Interpol arrested +1,000 suspects linked to various cybercrimes

The fire in the OVH datacenter also impacted APTs and cybercrime groups

New ‘Karakurt’ cybercrime gang focuses on data theft and extortion

Reading INTERPOL the African Cyberthreat Assessment Report 2021

The worst cyber attacks of 2021

The Biden administration will work with 30 countries to curb global cybercrime

Cybercrime Forum Data Set for 2019 and 2021 – Free Direct Download Technical Collection Copy Available! Grab a Copy Today!

TeamTNT cybercrime gang expands its arsenal to target thousands of orgs worldwide

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Organizations paid at least $602 million to ransomware gangs in 2021

Microsoft warns of attacks exploiting recently patched Windows MSHTML CVE-2021-40444 bug

German police seized the darknet marketplace Nemesis Market

Ex-Canadian government employee admits to being a member of the Russian cybercrime gang NetWalker

FIN11 cybercrime group is behind recent wave of attacks on FTA servers

Cyber Security Roundup for April 2021

CVE-2021-44731 Linux privilege escalation bug affects Canonical’s Snap Package Manager

Meet the 2021 SC Awards judges

Black Hat USA 2021 Network Operations Center

Crooks bypass a Microsoft Office patch for CVE-2021-40444 to spread Formbook malware

Acer Philippines disclosed a data breach after a third-party vendor hack

AT&T confirmed that a data breach impacted 73 million customers

Phorpiex botnet is back, in 2021 it $500K worth of crypto assets

Info stealers and how to protect against them

Clop ransomware gang was testing MOVEit Transfer bug since 2021

Threat actors use recently discovered CVE-2021-26084 Atlassian Confluence

APWG: Phishing maintained near-record levels in the first quarter of 2021

USCYBERCOM and CISA warn organizations to fix CVE-2021-26084 Confluence flaw

Personal health information of 42M Americans leaked between 2016 and 2021

Glupteba botnet is back after Google disrupted it in December 2021

Twitter says recently leaked user data are from 2021 breach

US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns

Security Affairs most-read cyber stories of 2021

Large-scale AiTM phishing campaign targeted +10,000 orgs since 2021?

2021 data breach exposed data of 70 Million Luxottica customers

Experts warn of a surge in zero-day flaws observed and exploited in 2021

Ranzy Locker ransomware hit tens of US companies in 2021

Stay Connected