Security Affairs

SEPTEMBER 2, 2022

Researchers attribute the Raspberry Robin malware to the Russian cybercrime group known as Evil Corp group. IBM Security X-Force researchers discovered similarities between a component used in the Raspberry Robin malware and a Dridex malware loader, which was part of the malicious operations of the cybercrime gang Evil Corp.

Cybercrime 104

Cybercrime Malware Backups Manufacturing 104

Security Affairs

NOVEMBER 1, 2022

Compared to the second quarter of 2022, the activity decreased by 8%, falling from July to August but increasing from August to September. In Q3 2022, the most prolific ransomware and data leak actors in Q3 were LockBit , Black Basta , Hive , Alphv(aka BlackCat) and the new entry BianLian group. SecurityAffairs – hacking, cybercrime).

Ransomware 92

Ransomware Cybercrime Hacking Information Security 92

Security Affairs

APRIL 11, 2023

The experts pointed out that while the majority of zero-days they have discovered in the past were used by APT groups, this zero-day was exploited by a sophisticated cybercrime group. This group is known to have used similar CLFS driver exploits in the past that were likely developed by the same author.

Cybercrime 89

Cybercrime Ransomware Education Media 89

Security Affairs

NOVEMBER 17, 2022

A suspected leader of the Zeus cybercrime gang, Vyacheslav Igorevich Penchukov (aka Tank), was arrested by Swiss police. Swiss police last month arrested in Geneva Vyacheslav Igorevich Penchukov (40), also known as Tank, which is one of the leaders of the JabberZeus cybercrime group. Pierluigi Paganini.

Cybercrime 89

Cybercrime Banking Identity Theft Hacking 89

Security Affairs

APRIL 5, 2023

The authorities are searching for information about the administrators of the platform, a circumstance that suggests that the FBI has yet to identify them.

Marketing 82

Marketing Cybercrime Accountability Education 82

Security Affairs

MAY 12, 2024

Black Basta ransomware affiliates have breached over 500 organizations between April 2022 and May 2024, FBI and CISA reported. Black Basta ransomware-as-a-service (RaaS) has been active since April 2022, it impacted several businesses and critical infrastructure entities across North America, Europe, and Australia.

Ransomware 111

Ransomware Hacking Healthcare Retail 111

Security Affairs

APRIL 15, 2022

ZingoStealer is a new information-stealer developed by a threat actor known as Haskers Gang who released it for free after they attempted to sell the source code for $500. The cybercrime gang has been active since at least January 2020. SecurityAffairs – hacking, cybercrime). To nominate, please visit:? Pierluigi Paganini.

Cybercrime 82

Cybercrime Malware Cryptocurrency Hacking 82

Security Affairs

JULY 8, 2022

The operators behind the TrickBot malware are systematically targeting Ukraine since the beginning of the war in February 2022. Between mid-April and mid-June of 2022, the Trickbot group has conducted at least six campaigns against entities in Ukraine. ” concludes IBM. Follow me on Twitter: @securityaffairs and Facebook.

Cybercrime 90

Cybercrime Malware DDOS Ransomware 90

Security Boulevard

MARCH 18, 2023

Dear blog readers, Did you already grab a copy of my 2019-2023 " Dancho Danchev's Blog - Mind Streams of Information Security Knowledge " Ebook which is 1.7GB compilation for free? The post Who Wants to Fuel Independent and High Quality OSINT/Cybercrime and Threat Intelligence Research? Stay tuned!

Cybercrime 96

Cybercrime Cyber threats Information Security 96

Security Affairs

NOVEMBER 3, 2022

Further evidence linking the two includes IP addresses and specific TTPs (tactics, techniques, and procedures) used by FIN7 in early 2022 and seen months later in actual Black Basta attacks. Black Basta has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. .

Cybercrime 93

Cybercrime Ransomware Antivirus Malware 93

Security Affairs

DECEMBER 22, 2022

. “South Korea’s main spy agency, the National Intelligence Service, said North Korea’s capacity to steal digital assets is considered among the best in the world because of the country’s focus on cybercrimes since U.N. economic sanctions were toughened in 2017 in response to its nuclear and missile tests.” Citing the U.S.

Cryptocurrency 126

Cryptocurrency Cybercrime Media Government 126

Security Affairs

JUNE 8, 2022

According to the authorities, the SSNDOB Marketplace has listed the personal information for approximately 24 million individuals in the United States, generating more than $19 million USD in sales revenue. Dismantling illicit marketplaces that threaten the privacy and security of the American public is a priority of the FBI.”.

Cybercrime 90

Cybercrime Cryptocurrency Marketing Advertising 90

Security Affairs

MAY 15, 2024

BreachForums is a cybercrime forum used by threat actors to purchase, sell, and exchange stolen data, including credentials, and personal and financial information. The authorities also seized the Telegram page for the hacking forum The website currently displays a message that informs visitors it was seized by law enforcement.

Hacking 105

Hacking Cybercrime Information Security 105

Security Affairs

JUNE 12, 2022

Ransomware gangs are actively exploiting CVE-2022-26134 remote code execution (RCE) flaw in Atlassian Confluence Server and Data Center. Multiple ransomware groups are actively exploiting the recently disclosed remote code execution (RCE) vulnerability, tracked as CVE-2022-26134 , affecting Atlassian Confluence Server and Data Center.

Ransomware 125

Ransomware Encryption Malware Hacking 125

SecureList

NOVEMBER 23, 2021

Unfortunately, despite the best efforts by medical institutions and information security companies, the healthcare industry remains one insufficiently protected and vulnerable to attacks of this kind. Predictions for the year 2022. The medical theme will forever be a popular one for use as bait in cybercrime schemes.

Healthcare 116

Healthcare Ransomware Cybercrime Scams 116

Security Affairs

DECEMBER 7, 2022

The Pwn2Own Toronto 2022 hacking competition has begun, this is the 10th anniversary of the consumer-focused version of the contest. The news of the Samsung Galaxy S22 hack on the first day of Pwn2Own Toronto 2022 made the headlines. Pwn2Own #P2OToronto pic.twitter.com/ZNHtF7wmUc — Zero Day Initiative (@thezdi) December 6, 2022.

Hacking 90

Hacking Wireless Mobile Data breaches 90

Security Affairs

JUNE 15, 2022

PrivacyAffairs released the Dark Web Index 2022, the document provides the prices for illegal services/products available in the black marketplaces. The document updates the information provided in the Dark Web Index 2022 report. The document updates the information provided in the Dark Web Index 2022 report.

Identity Theft 92

Identity Theft Accountability DDOS Cybercrime 92

Security Affairs

JUNE 30, 2022

A former Canadian government IT worker admitted to being a high-level member of the Russian cybercrime group NetWalker. to charges related to his involvement with the Russian cybercrime group NetWalker. In February 2022, the Ontario Court of Justice sentenced the man to six years and eight months in prison prior to his extradition.

Cybercrime 84

Cybercrime Government Ransomware Cryptocurrency 84

Security Affairs

APRIL 7, 2022

Palo Alto Networks addressed a high-severity OpenSSL infinite loop vulnerability, tracked as CVE-2022-0778 , that affects some of its firewall, VPN, and XDR products. According to Palo Alto Networks, the CVE-2022-0778 vulnerability can be exploited by remote attackers to trigger a denial of service condition and crash vulnerable devices.

Firewall 92

Firewall VPN Cybercrime Software 92

Security Affairs

FEBRUARY 27, 2023

Data allegedly stolen from the American gaming giant Activision in December security breach were leaked on a cybercrime forum. A threat actor leaked on the Breached hacking forum the data allegedly stolen from the gaming giant Activision in December 2022. Activision was breached December 4th, 2022.

Hacking 83

Hacking Cybercrime Social Engineering Data breaches 83

Security Affairs

DECEMBER 1, 2023

The Black Basta ransomware gang infected over 300 victims accumulating ransom payments exceeding $100 million since early 2022. The Black Basta ransomware group has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. ” reads the Elliptic’s report.

Ransomware 84

Ransomware Retail Malware Insurance 84

Security Affairs

APRIL 24, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, PaperCut ) The post Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws appeared first on Security Affairs. ” concludes the report published by Huntress.

Cybercrime 73

Cybercrime Software Education Ransomware 73

SecureWorld News

FEBRUARY 10, 2022

Momentum Cyber has released its Cybersecurity Almanac 2022 , a comprehensive report providing strategic insights into the industry. With analysis from over 3,500 companies spread across the world, the almanac details key trends in 2021 and how they can shape the outlook for 2022. Outlook on cybersecurity in 2022.

Cybersecurity 83

Cybersecurity Digital transformation Cryptocurrency Marketing 83

Security Affairs

JANUARY 2, 2023

These are the most-read cybersecurity articles that have been published by SecurtiyAffairs in 2022. SecurityAffairs – hacking, Top 10 cybersecurity posts of 2022). The post SecurityAffairs Top 10 cybersecurity posts of 2022 appeared first on Security Affairs. Pierluigi Paganini.

Cybersecurity 72

Cybersecurity Firewall Banking Hacking 72

Security Affairs

OCTOBER 14, 2022

Experts released the PoC exploit code for the authentication bypass flaw CVE-2022-40684 in FortiGate firewalls and FortiProxy web proxies. A proof-of-concept (PoC) exploit code for the authentication bypass vulnerability CVE-2022-40684 (CVSS score: 9.6) SecurityAffairs – hacking, CVE-2022-40684). and from 7.2.0

Authentication 115

Authentication Firewall Hacking Risk 115

Security Affairs

JANUARY 9, 2023

At the end of 2022, major Dark Web drug markets were worth an estimated $315 million annually according to the United Nations Office on Drugs and Crime (UNODC). The research aims to provide awareness for international law enforcement, cybercrime investigators and intelligence professionals. Pierluigi Paganini.

Marketing 98

Marketing Mobile Cybercrime DDOS 98

Krebs on Security

JANUARY 24, 2023

The plea comes just months after Emelyantsev was extradited from Bulgaria, where he told investigators, “America is looking for me because I have enormous information and they need it.” In June 2022, authorities in the United States, Germany, the Netherlands and the United Kingdom announced a joint operation to dismantle the RSOCKS botnet.

Cybercrime 220

Cybercrime Advertising IoT Malware 220

Security Affairs

MAY 11, 2022

US Critical Infrastructure Security Agency (CISA) adds critical CVE-2022-1388 flaw in F5 BIG-IP products to its Known Exploited Vulnerabilities Catalog. Cybersecurity and Infrastructure Security Agency (CISA) has added critical CVE-2022-1388 flaw in F5 BIG-IP products to its Known Exploited Vulnerabilities Catalog.

Internet 99

Internet Internet Hacking Cybersecurity 99

Security Affairs

MARCH 11, 2023

A new version of the Prometei botnet has infected more than 10,000 systems worldwide since November 2022, experts warn. Cisco Talos researchers reported that the Prometei botnet has infected more than 10,000 systems worldwide since November 2022.

Firewall 97

Firewall Malware Hacking Accountability 97

Krebs on Security

SEPTEMBER 24, 2022

A native of Omsk, Russia, Kloster came into focus after KrebsOnSecurity followed clues from the RSOCKS botnet master’s identity on the cybercrime forums to Kloster’s personal blog , which featured musings on the challenges of running a company that sells “security and anonymity services to customers around the world.”

Cybercrime 205

Cybercrime Data breaches Malware Ransomware 205

BH Consulting

NOVEMBER 15, 2022

Cybersecurity conferences aren’t usually places where you expect to feel better about the world, but IRISSCON 2022 struck a surprisingly hopeful tone. Mikko Hyppönen, WithSecure chief research officer, looked back at security’s evolution over decades and reached an unexpected conclusion. “I Our position is, you shouldn’t pay a ransom.

Social Engineering 59

Social Engineering Insurance CISO Ransomware 59

Security Affairs

DECEMBER 2, 2022

Cuba ransomware gang received more than $60 million in ransom payments related to attacks against 100 entities worldwide as of August 2022. Dollars (USD) and received more than $60 million in ransom payments from over 100 victims worldwide as of August 2022, the US government states. ” reads the report. Pierluigi Paganini.

Ransomware 82

Ransomware Financial Services Manufacturing Healthcare 82

Security Affairs

MARCH 22, 2023

The report covers incidents in aviation, maritime, railway, and road transport industries between January 2021 and October 2022. During the reporting period, ransomware was the most prominent threat against the sector in 2022. The researchers pointed out that the ransomware attacks doubled compared to the previous year.

Ransomware 82

Ransomware DDOS Cyber threats Phishing 82

Krebs on Security

NOVEMBER 16, 2023

In a 2,200-page report, Finnish authorities laid out how they connected the extortion spree to Kivimäki, a notorious hacker who was convicted in 2015 of perpetrating tens of thousands of cybercrimes, including data breaches, payment fraud, operating a botnet and calling in bomb threats.

Cybercrime 212

Cybercrime Hacking Data breaches Banking 212

Security Affairs

APRIL 12, 2022

The illegal dark web marketplace RaidForums has been shut down and its infrastructure seized as a result of the international law enforcement Operation TOURNIQUET coordinated by Europol’s European Cybercrime Centre. Europol will continue working with its international partners to make cybercrime harder – and riskier –to commit.

Cybercrime 140

Cybercrime Banking Accountability Hacking 140

Security Affairs

MAY 22, 2022

The expert discovered a post where a researcher were sharing a fake Proof of Concept (POC) exploit code for an RPC Runtime Library Remote Code Execution flaw ( CVE-2022-26809 CVSS 9.8). You will get a backdoor [link] — Tuan Anh Nguyen (@haxor31337) May 19, 2022. The malware, disguised as a fake PoC code, was available on GitHub.

InfoSec 139

InfoSec Malware Cybercrime Information Security 139

SecureWorld News

JULY 3, 2023

According to PurpleSec, 98% of cybercrime relies on social engineering to accomplish it. Ransomware attacks grew by 41% in 2022, and identification and remediation for a breach took 49 days longer than the average breach. Cybercrime is a highly profitable business. million by 2022. trillion annually by 2025.

Cybercrime 87

Cybercrime Social Engineering Data breaches Education 87