Security Affairs

MARCH 7, 2024

The FBI Internet Crime Complaint Center (IC3) 2023 report states that reported cybercrime losses reached $12.5 The 2023 Internet Crime Report published the FBI’s Internet Crime Complaint Center (IC3) reveals that reported cybercrime losses reached $12.5 The figure marks a 22% surge in reported losses compared to 2022.

Cybercrime 138

Cybercrime Internet Internet Scams 138

Security Affairs

JULY 18, 2024

The cybercrime group FIN7 is advertising a security evasion tool in multiple underground forums, cybersecurity company SentinelOne warns. SentinelOne researchers warn that the financially motivated group FIN7 is using multiple pseudonyms to advertise a security evasion tool in several criminal underground forums. is forums.

Advertising 139

Advertising Cybercrime Hacking Ransomware 139

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. The FBI has observed incidents of stolen higher education credential information posted on publically accessible online forums or listed for sale on criminal marketplaces. “If

Cybercrime 145

Cybercrime Education Accountability Phishing 145

Security Affairs

DECEMBER 28, 2024

The Italian Cnaipic (National Cybercrime Center for the Protection of Critical Infrastructure) of the Postal Police is investigating the cyberattacks and is helping victims into mitigating the offensive. The group NoName57 has been active since March 2022 and has targeted government and critical infrastructure organizations worldwide.

DDOS 123

DDOS Artificial Intelligence Government Cybercrime 123

Security Affairs

OCTOBER 17, 2022

Interpol has announced the arrests of 75 individuals as part of a coordinated international operation against an organized cybercrime ring called Black Axe. Interpol arrested 75 individuals as part of a coordinated global operation, codenamed Operation Jackal, against the cybercrime ring Black Axe. and the U.S.) million from victims.

Cybercrime 126

Cybercrime Scams Banking Mobile 126

Security Affairs

OCTOBER 16, 2024

The same admin later launched a chat-based drug sales platform, Tsätti, in 2022, which was taken offline along with Sipulitie. These are two of the largest and longest-running dark web platforms for the trade of illegal goods, drugs, and cybercrime services.

Marketing 118

Marketing Cybercrime Scams Hacking 118

Security Affairs

JUNE 24, 2024

The cybercrime group ExCobalt targeted Russian organizations in multiple sectors with a previously unknown backdoor known as GoRed. Positive Technologies researchers reported that a cybercrime gang called ExCobalt targeted Russian organizations in multiple sectors with a previously unknown Golang-based backdoor known as GoRed.

Cybercrime 116

Cybercrime Telecommunications DNS Technology 116

Krebs on Security

JANUARY 24, 2023

The plea comes just months after Emelyantsev was extradited from Bulgaria, where he told investigators, “America is looking for me because I have enormous information and they need it.” In June 2022, authorities in the United States, Germany, the Netherlands and the United Kingdom announced a joint operation to dismantle the RSOCKS botnet.

Cybercrime 295

Cybercrime Advertising IoT Malware 295

Security Affairs

JANUARY 11, 2025

The indictment and arrests announced today, which follow the earlier takedown of the defendants criminal infrastructure, yet again demonstrate the value of our international partnerships in countering the global threat from cybercrime. were allegedly used for laundering funds from ransomware and cybercrimes. Blender.io and Sinbad.io

Cybercrime 70

Cybercrime Cryptocurrency Hacking Ransomware 70

Security Affairs

FEBRUARY 17, 2025

“During a 2022 search of a known LockBit affiliate, Canadian law enforcement uncovered a laptop operating a virtual machine that was connected to a Zservers subleased IP address and running a programming interface used to operate LockBit malware. .” reads the announcement published by the US Treasury.

Cybercrime 69

Cybercrime Ransomware Hacking Advertising 69

Security Affairs

DECEMBER 4, 2024

Black Basta ransomware-as-a-service (RaaS) has been active since April 2022, it impacted several businesses and critical infrastructure entities across North America, Europe, and Australia. Black Basta is a ransomware-as-a-service (RaaS) variant, first identified in April 2022. reads the CSA.

Ransomware 123

Ransomware Telecommunications Healthcare Insurance 123

Krebs on Security

SEPTEMBER 24, 2022

A native of Omsk, Russia, Kloster came into focus after KrebsOnSecurity followed clues from the RSOCKS botnet master’s identity on the cybercrime forums to Kloster’s personal blog , which featured musings on the challenges of running a company that sells “security and anonymity services to customers around the world.”

Cybercrime 263

Cybercrime Data breaches Malware Ransomware 263

Security Affairs

OCTOBER 16, 2024

However, the Brazilian national turned into more complex cybercriminal activities by 2022. The link between Luan’s hacktivism and cybercrime was established due to his bad Operational security (opsec). CrowdStrike’s investigation reveals that USDoD’s leader, Luan BG, has been a hacktivist active since at least 2017.

Data breaches 124

Data breaches Media Cybercrime Accountability 124

Security Affairs

JUNE 12, 2022

Ransomware gangs are actively exploiting CVE-2022-26134 remote code execution (RCE) flaw in Atlassian Confluence Server and Data Center. Multiple ransomware groups are actively exploiting the recently disclosed remote code execution (RCE) vulnerability, tracked as CVE-2022-26134 , affecting Atlassian Confluence Server and Data Center.

Ransomware 145

Ransomware Encryption Malware Hacking 145

Security Affairs

APRIL 3, 2025

The investigation was led by the State Criminal Police of Bavaria (Bayerisches Landeskriminalamt) and the Bavarian Central Office for the Prosecution of Cybercrime (ZCB) with the support of Europol. The operation, which has been ongoing since 2022, identified 1,393 suspects, arrested 79, and seized over 3,000 devices. Kidflix had 1.8M

Cryptocurrency 97

Cryptocurrency Cybercrime Hacking Information Security 97

Security Affairs

OCTOBER 21, 2024

The exposed token had been available since December 2022 and was reportedly rotated multiple times since then. Despite the claim, the attacker did not share proof of the stolen data, though BleepingComputer confirmed the exposed GitLab authentication token and access to Zendesk support tickets containing personal information.

Internet 125

Internet Internet Data breaches Authentication 125

Security Affairs

AUGUST 20, 2024

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported.

Data breaches 116

Data breaches Cybercrime Financial Services Hacking 116

Security Affairs

DECEMBER 22, 2022

. “South Korea’s main spy agency, the National Intelligence Service, said North Korea’s capacity to steal digital assets is considered among the best in the world because of the country’s focus on cybercrimes since U.N. economic sanctions were toughened in 2017 in response to its nuclear and missile tests.” Citing the U.S.

Cryptocurrency 139

Cryptocurrency Cybercrime Media Government 139

Security Affairs

MAY 1, 2025

A cybercrime group named Hive0117 is behind a fresh phishing campaign that targeted Russian organizations with a new version of the DarkWatchman malware, according to Russian cybersecurity firm F6. Hive0117 targets Russian firms in multiple sectors with phishing attacks using a modified version of the DarkWatchman malware.

Malware 83

Malware Phishing Telecommunications Retail 83

Krebs on Security

NOVEMBER 16, 2023

In a 2,200-page report, Finnish authorities laid out how they connected the extortion spree to Kivimäki, a notorious hacker who was convicted in 2015 of perpetrating tens of thousands of cybercrimes, including data breaches, payment fraud, operating a botnet and calling in bomb threats.

Cybercrime 286

Cybercrime Hacking Data breaches Banking 286

Security Affairs

MARCH 10, 2025

authorities seized $23M in crypto linked to a $150M Ripple wallet theft, experts believe the incident is linked to the 2022 LastPass breach. authorities seized $23M in crypto tied to a $150M Ripple hack, suspected to have been carried out by hackers from the 2022 LastPass breach. ” reads the complaint. ” However.

Password Management 85

Password Management Cryptocurrency Passwords Data breaches 85

Krebs on Security

APRIL 27, 2023

This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information. That data later wound up for sale on a top cybercrime forum. Huntington Bank has disabled the leaky TCF Bank Salesforce website. ” .

Banking 343

Banking Government Information Security Authentication 343

Security Affairs

APRIL 30, 2025

Since mid-2022, theyve deployed RomCom via spear-phishing for espionage, lateral movement, and data theft. “After March 2022, attacks using Cuba ransomware were entirely replaced by Industrial Spy , which appears to be a continuation of the former. ” continues the report.

Encryption 99

Encryption Ransomware Malware Phishing 99

Security Affairs

OCTOBER 27, 2024

The cases have been sent to the Russian Prosecutor General’s Office for consolidation, and all defendants have been held since early 2022. in March 2022. Vasinskyi (aka Profcomserv, Rabotnik, Rabotnik_New, Yarik45, Yaraslav2468, and Affiliate 22) was arrested on October 8, 2021, while he was trying to enter Poland.

Ransomware 141

Ransomware Hacking Malware Cybercrime 141

Security Affairs

APRIL 7, 2025

Microsoft credited controversial actor EncryptHub, a lone actor with ties to cybercrime, for reporting two Windows flaws. After years of low-profile IT work and self-study, his activity paused in 2022, likely due to jail time. Although involved in cybercrime, EncryptHub also pursued legitimate security research.

Cybercrime 69

Cybercrime Malware Hacking VPN 69

Security Boulevard

FEBRUARY 14, 2025

Meanwhile, an informal Tenable poll looks at cloud security challenges. And get the latest on ransomware trends and on cybercrime legislation and prevention! government is urging software makers to adopt secure application-development practices that help prevent buffer overflow attacks.

Banking 64

Banking Cybercrime Cybersecurity Ransomware 64

Security Affairs

FEBRUARY 1, 2025

On October 14, 2022, Tata Power, Indias largest power generationcompany, announced a cyber attack hit its infrastructure. Threat actors hit the company’s information technology (IT) infrastructure. The gang claims to have breached the corporate network on October 3rd, 2022.

Technology 114

Technology Ransomware Engineering Manufacturing 114

Security Affairs

OCTOBER 14, 2022

Experts released the PoC exploit code for the authentication bypass flaw CVE-2022-40684 in FortiGate firewalls and FortiProxy web proxies. A proof-of-concept (PoC) exploit code for the authentication bypass vulnerability CVE-2022-40684 (CVSS score: 9.6) SecurityAffairs – hacking, CVE-2022-40684). and from 7.2.0

Authentication 123

Authentication Firewall Hacking Risk 123

Security Affairs

APRIL 12, 2022

The illegal dark web marketplace RaidForums has been shut down and its infrastructure seized as a result of the international law enforcement Operation TOURNIQUET coordinated by Europol’s European Cybercrime Centre. Europol will continue working with its international partners to make cybercrime harder – and riskier –to commit.

Cybercrime 145

Cybercrime Banking Accountability Hacking 145

Security Affairs

MARCH 2, 2025

” Qilin is a Russian-speaking cybercrime group operating a Ransomware-as-a-Service (RaaS) model since 2022. Initially, Qilin’s ransomware was written in Go but transitioned to Rust in December 2022, enhancing its capabilities. Watch this spaceLee Enterprises is aware of whats in play.”

Ransomware 75

Ransomware Encryption Cybercrime Healthcare 75

Security Affairs

MAY 22, 2022

The expert discovered a post where a researcher were sharing a fake Proof of Concept (POC) exploit code for an RPC Runtime Library Remote Code Execution flaw ( CVE-2022-26809 CVSS 9.8). You will get a backdoor [link] — Tuan Anh Nguyen (@haxor31337) May 19, 2022. The malware, disguised as a fake PoC code, was available on GitHub.

InfoSec 145

InfoSec Malware Cybercrime Information Security 145

Security Affairs

DECEMBER 1, 2023

The Black Basta ransomware gang infected over 300 victims accumulating ransom payments exceeding $100 million since early 2022. The Black Basta ransomware group has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. ” reads the Elliptic’s report.

Ransomware 121

Ransomware Malware Retail Insurance 121

Krebs on Security

JULY 25, 2023

Proxy services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they make it difficult to trace malicious traffic to its original source. “Probably, they wanted to keep that revenue stream going.”

Malware 244

Malware VPN Internet Internet 244

Security Affairs

MAY 5, 2025

Sansec identified these backdoors in the following packages which were published between 2019 and 2022.” ” Below are the backdoored extensions that were published between 2019 and 2022. . “Hundreds of stores, including a $40 billion multinational, are running backdoored versions of popular ecommerce software.

eCommerce 91

eCommerce Hacking Authentication Software 91

Security Affairs

MAY 24, 2025

The FBI warns that the Silent Ransom Group, active since 2022 and also known as Luna Moth, has targeted U.S. FBI warns Silent Ransom Group has targeted U.S. law firms for 2 years using callback phishing and social engineering extortion tactics. law firms using phishing and social engineering. ” reads the alert issued by the FBI.

Social Engineering 110

Social Engineering Antivirus Phishing Engineering 110

Security Affairs

JULY 22, 2024

for suspected involvement in the Scattered Spider cybercrime syndicate. arrested a 17-year-old teenager from Walsall who is suspected to be a member of the Scattered Spider cybercrime group (also known as UNC3944 , 0ktapus ). He is accused of stealing at least $800,000 from five victims between August 2022 and March 2023.

Cybercrime 130

Cybercrime Social Engineering Hacking Ransomware 130

Security Affairs

AUGUST 28, 2024

The indictment alleges that from 2013 to 2022, Kadariya played a key role in distributing the Angler Exploit Kit, which was used to spread various malware, including ransomware, through malvertising and other methods. “The U.S. .

Malware 127

Malware Computers and Electronics Cybercrime Internet 127