Security Affairs

MAY 25, 2025

. “A Command Post was set up at Europol headquarters in The Hague during the action week, with investigators from Canada, Denmark, France, Germany, the Netherlands, the United Kingdom and the United States working with Europols European Cybercrime Centre and its Joint Cybercrime Action Taskforce.”

Ransomware 127

Ransomware Cybercrime Malware Cryptocurrency 127

Security Affairs

MAY 15, 2025

Kosovar citizen extradited to the US for running the cybercrime marketplace BlackDB.cc Kosovo citizen Liridon Masurica (33) of Gjilan, was extradited to the US for running the cybercrime marketplace BlackDB.cc Kosovo police arrested Masurica (aka @blackdb) on December 12, 2024. In December 2024, the U.S. Assistant U.S.

Cybercrime 73

Cybercrime Identity Theft Hacking Cryptocurrency 73

Security Affairs

OCTOBER 25, 2024

The Change Healthcare data breach in the February 2024 impacted over 100 million, the largest-ever healthcare data breach in the US. UnitedHealth Group announced that the data breach suffered by Change Healthcare in February 2024 impacted more than 100 million individuals.

Data breaches 130

Data breaches Healthcare Cybercrime Insurance 130

Security Affairs

JANUARY 26, 2025

In October 2024, UnitedHealth Group announced that the data breach suffered by Change Healthcare in February 2024 impacted more than 100 million individuals. Change Healthcare can confirm we are experiencing a cybersecurity issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat.

Healthcare 130

Healthcare Data breaches Insurance Cybercrime 130

Security Affairs

NOVEMBER 4, 2024

The July 2024 ransomware attack that hit the City of Columbus, Ohio, exposed the personal and financial data of 500,000 individuals. On July 18, 2024, the City of Columbus, Ohio, suffered a cyber attack that impacted the City’s services.

Ransomware 116

Ransomware Identity Theft Data breaches Cyber threats 116

Security Affairs

MARCH 1, 2025

These individuals are members of a global cybercrime ring tracked as Storm-2139 by Microsoft. ” The IT giant started the investigation in December 2024 when Microsofts Digital Crimes Unit (DCU) filed a lawsuit in the Eastern District of Virginia alleging various causes of action against 10 unidentified individuals violating U.S.

Cybercrime 78

Cybercrime Technology Hacking Accountability 78

Security Affairs

JANUARY 11, 2025

The security breach exposed customer data and IDs between October 10 and November 10, 2024. After discovering the security breach, the company investigated the incident and notified law enforcement. We have determined that certain of our customers personal information and documents was acquired by the threat actors.”

Data breaches 114

Data breaches Retail Cybercrime Government 114

Security Affairs

APRIL 7, 2025

A 20-year-old man linked to the Scattered Spider cybercrime group has pleaded guilty to charges filed in Florida and California. ” Source News4Jax The charges relate to his alleged role in the Scattered Spider cybercrime group (also known as UNC3944 , 0ktapus ). .” In January 2024, U.S. ” reported News4Jax.

Cybercrime 67

Cybercrime Identity Theft Social Engineering Hacking 67

Security Affairs

MAY 27, 2025

Sophos states that DragonForce ransomware operators chainedthe three vulnerabilities, tracked as CVE-2024-57727 , CVE-2024-57728 , and CVE-2024-57726 , for initial access. DragonForce runs a cybercrime affiliate service, letting affiliates use its tools to launch attacks and extort victims.

Ransomware 106

Ransomware Software Retail Data breaches 106

Security Affairs

OCTOBER 20, 2024

CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog North Korea-linked APT37 exploited IE zero-day in a recent attack Omni Family Health data breach impacts 468,344 individuals Iran-linked actors target critical infrastructure organizations macOS HM Surf flaw in TCC allows bypass Safari privacy settings Two Sudanese (..)

Data breaches 119

Data breaches Cybercrime Cyber Insurance Marketing 119

Security Affairs

DECEMBER 30, 2024

On Wednesday, December 25, 2024, at 17:07 EST, the threat actor IntelBroker posted on X about releasing more data. We have analyzed the post data, and it aligns with the known data set from October 14, 2024.” At 17:40 EST, IntelBroker released 4.45 GB of data for free on BreachForums. ” reads the update published by Cisco.

Data breaches 126

Data breaches Cybercrime Authentication Technology 126

Security Affairs

FEBRUARY 10, 2025

The cybercrime group XE Group exploited a VeraCore zero-day to deploy reverse shells, web shells in recent attacks. A recent investigation by researchers from Intezer and Solis Security shed light on the recent operations of the XE Group. ” reads the analysis published by Intezer. and CVE-2025-25181 (CVSS score of 5.8)

Manufacturing 112

Manufacturing Cybercrime Authentication Passwords 112

Security Affairs

NOVEMBER 5, 2024

Canadian law enforcement agencies arrested a suspect, Alexander “Connor” Moucka (aka Judische and Waifu), who is accused of being responsible for a series of attacks relying on information stolen from the cloud data warehousing platform Snowflake earlier this year. Charges remain undisclosed.

Unstructured Data 123

Unstructured Data Media Cybercrime Hacking 123

Security Affairs

FEBRUARY 13, 2025

A November 2024 RA World ransomware attack on an Asian software firm used a tool linked to China-linked threat actors. During the attack in late 2024, the attacker deployed a distinct toolset that had previously been used by a China-linked actor in classic espionage attacks.” ” reads the report published by Broadcom. .

Ransomware 120

Ransomware Software Cybercrime Encryption 120

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malicious code was advertised on cybercrime forums for $3,000 per month.

Malware 122

Malware Advertising Antivirus Cybercrime 122

Security Affairs

NOVEMBER 27, 2024

Russian-based cybercrime group RomCom (aka UAT-5647 , Storm-0978 , Tropical Scorpius , UAC-0180, UNC2596 ) exploited two Firefox and Tor Browser zero-day vulnerabilities in recent attacks on users across Europe and North America. The vulnerability CVE-2024-9680 resides in Animation timelines. live, correctiv[.]sbs, sbs, or cwise[.]store.

Cybercrime 112

Cybercrime Hacking Government Information Security 112

Security Affairs

DECEMBER 2, 2024

Operation HAECHI V (July-Nov 2024) targeted cyber frauds like phishing, romance scams, sextortion, investment fraud, online gambling, BEC, and e-commerce fraud. Operation Synergia II is a collaborative effort by INTERPOL, private sector partners, and 95 countries, that targeted phishing, ransomware, and infostealers from April to August 2024.

Cryptocurrency 128

Cryptocurrency Phishing Scams Cybercrime 128

Security Affairs

DECEMBER 25, 2024

dollars from the Japan-based cryptocurrency company DMM by North Korean cyber actors in May 2024.” dollars from the Japan-based cryptocurrency company DMM by North Korean cyber actors in May 2024.” ” reads the press release published by FBI. ” reads the press release published by FBI. BTC ($308M). FBI concludes.

Cryptocurrency 124

Cryptocurrency Social Engineering Hacking Cybercrime 124

Security Affairs

NOVEMBER 9, 2024

A critical flaw, tracked as CVE-2024-40711, in Veeam Backup & Replication (VBR) was also recently exploited to deploy Frag ransomware. In mid-October, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware.

Backups 134

Backups Ransomware VPN Accountability 134

Security Affairs

DECEMBER 4, 2024

The operation was carried out by Public Prosecutor’s Office in Frankfurt am Main, the Central Office for Combating Cybercrime (ZIT), and the Federal Criminal Police Office (BKA). Nearly $100M in cryptocurrency was traded on the platform from 2018-2024, with operators taking 1-5% commissions. Now in custody.

Cybercrime 115

Cybercrime Cryptocurrency Hacking Internet 115

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 110

Cryptocurrency Hacking Phishing Cyber Attacks 110

Security Affairs

NOVEMBER 27, 2024

. “Operation Serengeti (2 September – 31 October) targeted criminals behind ransomware, business email compromise (BEC), digital extortion and online scams – all identified as prominent threats in the 2024 Africa Cyber Threat Assessment Report.” ” reads the press release published by INTERPOL.

Scams 121

Scams Cybercrime Ransomware Cyber threats 121

SecureWorld News

NOVEMBER 14, 2024

Ransomware attacks on healthcare organizations have sharply increased in 2024, as shown by recent research from Safety Detectives. Escalating Frequency and Impact: Healthcare services have become one of the most targeted industries, moving from the fifth most attacked sector in 2023 to third in 2024.

Healthcare 119

Healthcare Ransomware Identity Theft Data breaches 119

Security Affairs

APRIL 15, 2025

Hertz Corporation disclosed a data breach after customer data was stolen via Cleo zero-day exploits in late 2024, affecting Hertz, Thrifty, and Dollar brands. Threat actors gained access to customer data via Cleo zero-day exploits in late 2024. In December 2024, the U.S.

Data breaches 66

Data breaches Ransomware Software Hacking 66

Security Affairs

FEBRUARY 6, 2025

The investigation began in early 2024 after data stolen from a Madrid business association was leaked on dark web cybercrime forums. The hacker claimed responsibility for the attacks on multiple cybercrime forums under different monikers to avoid being identified. ” continues the press release.

Cybercrime 82

Cybercrime Government Data breaches Information Security 82

Security Affairs

NOVEMBER 10, 2024

CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog Canadian authorities arrested alleged Snowflake hacker Android flaw CVE-2024-43093 may be under limited, targeted exploitation July 2024 ransomware attack on the City of Columbus impacted 500,000 people Nigerian man Sentenced to 26+ years in real estate phishing scams Russian (..)

Ransomware 118

Ransomware Cybercrime Phishing Banking 118

Security Affairs

NOVEMBER 18, 2024

On September 8, 2024, Great Plains Regional Medical Center (Oklahoma) suffered a ransomware attack. The healthcare center discovered that a threat actor accessed and encrypted files on their systems between September 5, 2024 and September 8, 2024. ” reads the notice of security incident published by the organization.

Ransomware 126

Ransomware Insurance Encryption Healthcare 126

Security Affairs

FEBRUARY 3, 2025

The February 2025 Android security updates addressed 48 vulnerabilities, including a kernel zero-day flaw exploited in the wild. The February 2025 Android security updates addressed 48 vulnerabilities, including a zero-day flaw, tracked as CVE-2024-53104 , which is actively exploited in attacks in the wild.

Media 117

Media Authentication Hacking Accountability 117

Security Affairs

APRIL 26, 2025

The man is accused of having installed the malware on the hospital computers on August 6, 2024. Security footage reportedly shows the man attempting to access multiple offices before installing malicious software designed to capture screenshots every 20 minutes and transmit them to an external IP address. Anthony Hospital.

Malware 145

Malware Cybersecurity Healthcare Media 145

Security Affairs

OCTOBER 28, 2024

Free disclosed a cyber attack over the weekend after a threat actor attempted to sell the stolen data on a popular cybercrime forum. “This suspected data breach reportedly affects Free Mobile and Freebox customers, with the data leak dating back to October 17, 2024, according to the cybercriminals.”

Cyber Attacks 127

Cyber Attacks Telecommunications Data breaches Banking 127

Security Affairs

OCTOBER 13, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches 118

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 118

Security Affairs

NOVEMBER 17, 2024

CISA adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices China-linked threat actors compromised multiple telecos and spied on a limited number of U.S.

Cryptocurrency 112

Cryptocurrency Hacking Malware Data breaches 112

Security Affairs

NOVEMBER 15, 2024

Below are the descriptions of the flaws addressed by the security firm: CVE-2024-9463 (CVSS 9.9) – A command injection vulnerability in Palo Alto Networks’ Expedition allows unauthenticated attackers to execute OS commands as root, exposing usernames, passwords, configurations, and API keys of PAN-OS firewalls.

Firewall 110

Firewall Passwords Authentication Phishing 110

Security Affairs

DECEMBER 8, 2024

Anna Jaques Hospital completed the forensic investigation on November 5, 2024 and determined that the incident impacted 316,342 patients. While we conducted our investigation, out of anbundance of caution, on Janurary 24, 2024, Anna Jaques posted a notice on ther website.”

Data breaches 118

Data breaches Insurance Healthcare Ransomware 118

Security Affairs

NOVEMBER 5, 2024

These cameras, which feature an embedded web server allowing for direct access by web browser, are reportedly deployed in environments where reliability and privacy are crucial” CVE-2024-8956 (CVSS score of 9.1) CVE-2024-8957 (CVSS score of CVSS 7.2) CISA orders federal agencies to fix this vulnerability by November 25, 2024.

Firmware 127

Firmware Manufacturing Authentication IoT 127

Security Affairs

DECEMBER 6, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds CyberPanelflaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA)added the CyberPanelflaw CVE-2024-51378 (CVSS score: 10.0) CISA orders federal agencies to fix this vulnerability byDecember 25, 2024.

DNS 110

DNS Authentication Ransomware Hacking 110

Security Affairs

DECEMBER 16, 2024

The company disclosed a data breach that exposed personal information and medical information of more than 900,000 individuals. The company discovered the security breach on May 12 and promptly began investigating into the incident. concludes the notice.

Data breaches 108

Data breaches Identity Theft Healthcare Insurance 108