Krebs on Security

NOVEMBER 16, 2023

In a 2,200-page report, Finnish authorities laid out how they connected the extortion spree to Kivimäki, a notorious hacker who was convicted in 2015 of perpetrating tens of thousands of cybercrimes, including data breaches, payment fraud, operating a botnet and calling in bomb threats.

Cybercrime 212

Cybercrime Hacking Data breaches Banking 212

Krebs on Security

JANUARY 30, 2024

Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. stole at least $800,000 from at least five victims between August 2022 and March 2023. 9, 2024, U.S. technology companies during the summer of 2022. According to an Aug.

Social Engineering 318

Social Engineering Mobile Cybercrime Passwords 318

Security Affairs

APRIL 6, 2023

Ransomware gang Money Message claims to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International). Ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International).

Hacking 77

Hacking Ransomware Manufacturing Education 77

Security Affairs

APRIL 30, 2023

ViperSoftX uses more sophisticated encryption and anti-analysis techniques Atomic macOS Stealer is advertised on Telegram for $1,000 per month CISA warns of a critical flaw affecting Illumina medical devices OpenAI reinstates ChatGPT service in Italy after meeting Garante Privacy’s demands Cisco discloses a bug in the Prime Collaboration Deployment (..)

Cybercrime 88

Cybercrime Malware Hacking Accountability 88

Security Affairs

JUNE 1, 2023

The BlackCat ransomware gang claims to have hacked the Casepoint legal technology platform used US agencies, including SEC and FBI. pic.twitter.com/g5jpz2Rtm6 — Dominic Alvieri (@AlvieriD) May 30, 2023 The gang claims to have stolen 2TB of sensitive data, belonging to lawyers, SEC, DoD, FBI, Police and more.

Technology 80

Technology Hacking Ransomware Manufacturing 80

CyberSecurity Insiders

MARCH 24, 2023

By John Weiler FBI arrests Breached hacking forum leader, smartphones hijacked without any user involvement and 330,000 customers compromised in Australia by a data breach. Here are the latest threats and advisories for the week of March 24, 2023. Breached was a cybercrime forum that was a hotbed for criminal activity.

Financial Services 52

Financial Services Ransomware Cybercrime Hacking 52

Security Affairs

APRIL 24, 2023

EvilExtractor is a new “all-in-one” info stealer for Windows that is being advertised for sale on dark web cybercrime forums. com, malicious activity increased significantly in March 2023. EvilExtractor is a modular info-stealer, it exfiltrates data via an FTP service. . ” reads the report published by Fortinet.

Cybercrime 87

Cybercrime Malware Education Phishing 87

Security Affairs

MAY 12, 2023

Recently, VIPRE Security Group published their Email Security in 2023 report , where they shared insights on the development of email-based threats and how they can impact organizations. What Can We Expect in 2023? It’s not likely to stop there. QR code spoofing. 1 There will be more remote work-based attacks.

Phishing 88

Phishing Social Engineering Small Business B2B 88

BH Consulting

JUNE 13, 2023

Target the human, swipe the cash: Verizon DBIR 2023 highlights crime trends Manage the human risk and mind your money: those are two key takeaways from Verizon’s 2023 Data Breach Investigations Report. Experts are warning of a possible wave of extortion attempts after the mass hack.

Social Engineering 52

Social Engineering Data breaches Scams DDOS 52

CyberSecurity Insiders

APRIL 7, 2023

Here are the latest threats and advisories for the week of April 7, 2023. Emerging Threats and Research Dozens Arrested as FBI Targets Genesis Market Cybercrime Forum The U.S. To stay updated on the latest cybersecurity threats and advisories, look for weekly updates on the (ISC)² blog.

Encryption 52

Encryption Ransomware Marketing Cybercrime 52

Krebs on Security

SEPTEMBER 30, 2023

According to a September 20, 2023 joint advisory from the FBI and the U.S. ” New York City-based cyber intelligence firm Flashpoint said the Snatch ransomware group was created in 2018, based on Truniger’s recruitment both on Russian language cybercrime forums and public Russian programming boards.

Ransomware 218

Ransomware Accountability Cybercrime Backups 218

CyberSecurity Insiders

MARCH 31, 2023

Here are the latest threats and advisories for the week of March 31, 2023. The fears of the remaining Breached hacking forum admin, who shut down the notorious cybercrime meeting ground last week, have come true. To stay updated on the latest cybersecurity threats and advisories, look for weekly updates on the (ISC)² blog.

Malware 52

Malware Phishing DDOS Scams 52

Security Affairs

MAY 21, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches 87

Data breaches Cybercrime Ransomware Passwords 87

Security Affairs

MAY 1, 2023

While investigating the malware distribution, the researchers noticed the use of an infrastructure known to belong to cybercrime group TA505. Russian TA505 hacking group , aka Evil Corp , has been active since 2014 focusing on Retail and banking sectors. ” reads the report published by Elastic Security Labs.

Malware 87

Malware Cybercrime Banking Software 87

Security Affairs

APRIL 1, 2023

On March 29, 2023, The Lock Bit ransomware gang announced the hack of the South Korean National Tax Service. The group added the South Korean agency to its Tor leak site and announced the release of stolen data by April 1st, 2023 in case the ransom was not paid.

Identity Theft 87

Identity Theft Ransomware Scams Education 87

Security Affairs

APRIL 27, 2023

Microsoft is attributing the recently reported attacks exploiting the CVE-2023-27350 and CVE-2023-27351 vulnerabilities in print management software PaperCut to deliver Clop ransomware to the threat actor tracked as Lace Tempest (overlaps with FIN11 and TA505).

Ransomware 83

Ransomware Education Media Malware 83

Security Affairs

APRIL 16, 2023

patrickwardle cc @cyb3rops pic.twitter.com/SMuN3Rmodl — MalwareHunterTeam (@malwrhunterteam) April 15, 2023 The discovery is disconcerting and demonstrates the effort of the group to expand its operation targeting also Apple systems. Anyway, the archive in which this sample was included shown bundled date as March 20.

Encryption 97

Encryption Architecture Ransomware Education 97

Security Affairs

MAY 14, 2023

Please vote for Security Affairs ( [link] ) as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections where is reported Securityaffairs or my name Pierluigi Paganini Please nominate Security Affairs as your favorite blog.

Data breaches 88

Data breaches DDOS Artificial Intelligence Ransomware 88

Security Affairs

APRIL 21, 2023

The security breach was detected on March 17, 2003 and according to the company the intrusion begun on or about March 6, 2023. “On March 17, 2023, the ABA observed unusual activity on its network. The attackers may have gained access to the members’ credentials for a legacy member system that was decommissioned in 2018.

Data breaches 89

Data breaches Passwords Education Accountability 89

Security Affairs

APRIL 11, 2023

On January 13, 2023, Yum! experienced a cybersecurity incident involving unauthorized access to certain of our systems on or around January 13, 2023. Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Yum! Brands) The post Yum!

Data breaches 93

Data breaches Identity Theft Education Ransomware 93

Security Affairs

APRIL 5, 2023

Those days are behind us, however, as cybercrime is establishing itself as a business in and of itself. The backbone of this planning is the JCDC’s 2023 Planning Agenda. Systemic Risk Cybercrime is a broad-reaching threat relevant to both individuals and organizations.

Energy and Utilities 77

Energy and Utilities Cyber threats Risk Cyber Risk 77

Security Affairs

MAY 15, 2023

Cisco Talos researchers recently discovered a new ransomware operation called RA Group that has been active since at least April 22, 2023. A sample of the ransomware analyzed by Talos is written in C++ and was compiled on April 23, 2023. The group has already compromised three organizations in the U.S. and one in South Korea.

Ransomware 84

Ransomware Encryption Cybercrime Insurance 84

Security Affairs

APRIL 14, 2023

The cyber attack was discovered on Tuesday, April 11, 2023, it is investigating the incident with the help of cybersecurity experts. “On April 11, 2023, Cornwall Community Hospital (CCH) identified a network issue, which an investigation has revealed to be a cyber incident. ” reads a statement published by the hospital.

Healthcare 77

Healthcare Cyber Attacks Education Media 77

Security Affairs

APRIL 23, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter ) The post Security Affairs newsletter Round 416 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Spyware 72

Spyware Ransomware Malware Data breaches 72

Security Affairs

APRIL 3, 2023

” reads the status page of the company on April 2, 2023. “On March 26, 2023, Western Digital identified a network security incident involving Western Digital’s systems. “We are working to restore service. We apologize for any inconvenience. Next update will be posted on Monday, April 3.

Wireless 88

Wireless Education Ransomware Media 88

Security Affairs

APRIL 18, 2023

1/4 pic.twitter.com/7JjOSbYEBx — ESET Research (@ESETresearch) April 17, 2023 The RedLine is an info stealing malware written in.NET that is active since at least early 2020. While this doesn’t affect the actual back-end servers, it will force the RedLine operators to distribute new panels to their customers.

Malware 86

Malware Education Media Authentication 86

Security Affairs

APRIL 5, 2023

The STYX marketplace was launched at the beginning of 2023. The discovery of STYX also highlights the need for international cooperation in combating cybercrime. As cybercrime continues to proliferate and evolve, it is essential for FIs and consumers to take proactive measures to protect their sensitive financial information.

Banking 79

Banking Cybercrime Accountability Risk 79

Security Affairs

APRIL 25, 2023

Mirai botnet started exploiting the CVE-2023-1389 vulnerability (aka ZDI-CAN-19557/ZDI-23-451 ) in TP-Link Archer A21 in recent attacks. Last week, the Zero Day Initiative (ZDI) threat-hunting team observed the Mirai botnet attempting to exploit the CVE-2023-1389 vulnerability (aka ZDI-CAN-19557/ZDI-23-451, CVSS v3: 8.8)

DDOS 90

DDOS Engineering Firmware Architecture 90

Security Affairs

MAY 3, 2023

” reads the Meta’s Q1 2023 Security Reports. Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, generative AI ) The post Hackers are taking advantage of the interest in generative AI to install Malware appeared first on Security Affairs.

Malware 94

Malware Education Accountability Media 94

Security Affairs

APRIL 7, 2023

Multinational IT corporation MSI (Micro-Star International) confirms security breach after Money Message ransomware gang claimed the hack. This week the ransomware gang Money Message announced to have hacked the Taiwanese multinational IT corporation MSI (Micro-Star International).

Ransomware 86

Ransomware Firmware Hacking Manufacturing 86

Security Affairs

AUGUST 8, 2023

The LockBit ransomware group claims to have hacked the healthcare company Varian Medical Systems and threatens to leak the medical data of cancer patients. “ALL DATABASES AND PATIENT DATA WAS EXFILTRATED AND PREPARED TO BE PUBLISHED ON THE BLOG” states the Lockbit gang on its TOR leak site. Varian Medical Systems, Inc.

Ransomware 91

Ransomware Manufacturing Healthcare IoT 91

Security Affairs

MAY 17, 2023

The role of an initial access broker is essential in the cybercrime ecosystem, these actors facilitate the sale or exchange of compromised or stolen initial access to computer networks or systems. Marketplace and hacking forums offering initial access, enable crooks to speed up their attacks and monetize their cyber operations.

Energy and Utilities 89

Energy and Utilities Cybercrime Data collection VPN 89

Security Affairs

OCTOBER 12, 2023

“Doctor Web has discovered a malicious Linux program that hacks websites based on a WordPress CMS. The Balada Injector malware campaign performed a series of attacks targeting both the vulnerability in the tagDiv Composer plugin and blog administrators of already infected sites.” ” continues Sucuri.

Malware 115

Malware Hacking Accountability Cybercrime 115

Security Affairs

JANUARY 9, 2023

The cybersecurity blog inSicurezzaDigitale has launched the Italian Dashboard Ransomware Monitor to analyze the principal RaaSs’ activities. You’ll find more details about the project here (Italian language): Buoni propositi per il 2023: nasce la Dashboard Ransomware Monitor. SecurityAffairs – hacking, ransomware).

Ransomware 89

Ransomware Data collection Hacking Cybersecurity 89

Security Affairs

MAY 16, 2023

Lacroix plans to resume production on May 22, 2023. Moreover, given the favourable calendar with only 3 days of effective production this week on the French and German sites, LACROIX does not envisage at this stage any significant impact on the performances announced for the Group for the whole of 2023.”

Manufacturing 84

Manufacturing Ransomware Cyber Attacks Backups 84

Security Affairs

MAY 9, 2023

A DDoS botnet dubbed AndoryuBot has been observed exploiting an RCE, tracked as CVE-2023-25717, in Ruckus access points. FortiGuard Labs researchers have recently observed a spike in attacks attempting to exploit the Ruckus Wireless Admin remote code execution vulnerability tracked as CVE-2023-25717.

DDOS 96

DDOS Wireless Architecture Advertising 96

Security Affairs

MAY 12, 2023

The FBI and CISA issued a joint advisory warning that the Bl00dy Ransomware group is actively targeting the education sector by exploiting the PaperCut remote-code execution vulnerability CVE-2023-27350. According to the FBI, threat actors started exploiting the CVE-2023-27350 flaw in mid-April 2023 and the attacks are still ongoing.

Education 81

Education Ransomware Encryption Malware 81