Security Affairs

MAY 25, 2025

. “A Command Post was set up at Europol headquarters in The Hague during the action week, with investigators from Canada, Denmark, France, Germany, the Netherlands, the United Kingdom and the United States working with Europols European Cybercrime Centre and its Joint Cybercrime Action Taskforce.”

Ransomware 125

Ransomware Cybercrime Malware Cryptocurrency 125

Krebs on Security

NOVEMBER 1, 2024

We’ll also explore an array of cybercrime services aimed at phishers who target hotels that rely on the world’s most visited travel website. In November 2023, the security firm SecureWorks detailed how scammers targeted booking.com hospitality partners with data-stealing malware.

Phishing 276

Phishing Accountability Artificial Intelligence Cybercrime 276

Security Affairs

JANUARY 14, 2025

The FBI has removed Chinese PlugX malware from over 4,200 computers in networks across the United States, the U.S. The Justice Department and FBI, along with international partners, announced they deleted PlugX malware from thousands of infected computers worldwide as part of a multi-month law enforcement operation. based computers.

Malware 121

Malware Government Hacking Cybersecurity 121

Security Affairs

APRIL 16, 2025

Cheap Chinese Android phones ship with trojanized WhatsApp and Telegram clones hiding crypto clippers, active since June 2024. Since June 2024, Doctor Web researchers found cheap Android phones preloaded with fake WhatsApp and Telegram apps designed to steal crypto via clipping. ” continues the report.

Malware 128

Malware Manufacturing Mobile Spyware 128

Krebs on Security

NOVEMBER 14, 2024

Nor did he respond to reporting here in January 2024 that he ran an IT company with a 34-year-old Russian man named Aleksandr Ermakov , who was sanctioned by authorities in Australia, the U.K. Mr. Shefel did not respond to requests for comment in advance of that December 2023 profile. “I’m also godfather of his second son.”

Retail 274

Retail Advertising Cryptocurrency Cybercrime 274

Security Affairs

OCTOBER 20, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 124

Malware Ransomware Encryption Phishing 124

Security Affairs

OCTOBER 22, 2024

Experts warn of a new wave of attacks involving the Bumblebee malware, months after Europol’s ‘ Operation Endgame ‘ that disrupted its operations in May. The Bumblebee malware loader has resurfaced in new attacks, four months after Europol disrupted it during “ Operation Endgame ” in May.

Malware 124

Malware Phishing Ransomware Hacking 124

Krebs on Security

NOVEMBER 19, 2024

On November 8, 2024, Finastra notified financial institution customers that on Nov. “The threat actor did not deploy malware or tamper with any customer files within the environment,” the notice reads. 7 its security team detected suspicious activity on Finastra’s internally hosted file transfer platform. .”

Data breaches 308

Data breaches Banking Cybercrime Advertising 308

Security Affairs

MARCH 10, 2025

Threat actors exploit PHP flaw CVE-2024-4577 for remote code execution. GreyNoise researchers warn of a large-scale exploitation of a critical vulnerability, tracked as CVE-2024-4577 (CVSS 9.8), in PHP. The flaw CVE-2024-4577 (CVSS score: 9.8) Over 1,000 attacks detected globally. is a PHP-CGI OS Command Injection Vulnerability.

DDOS 100

DDOS Security Intelligence Hacking Malware 100

Security Affairs

OCTOBER 29, 2024

Fog and Akira ransomware operators are exploiting SonicWall VPN flaw CVE-2024-40766 to breach enterprise networks. Fog and Akira ransomware operators are exploiting the critical SonicWall VPN vulnerability CVE-2024-40766 (CVSS v3 score: 9.3) to breach corporate networks via SSL VPN access. reads the SonicWall’s advisory.

VPN 129

VPN Ransomware Firewall Internet 129

The Last Watchdog

APRIL 7, 2025

Despite advanced AI detection and telemetry analysis offered in todays EDR solutions, modern infostealer malware is designed to evade even the most sophisticated defenses, using tactics like polymorphic malware, memory-only execution, and exploitation of zero-day vulnerabilities or outdated software.

Antivirus 113

Antivirus Malware Cybercrime Identity Theft 113

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malware authors claimed it can steal a broad range of data from compromised systems, including browser data, cryptocurrency wallets, and around 100 browser extensions.

Malware 120

Malware Advertising Antivirus Cybercrime 120

SecureList

MARCH 25, 2025

Note that for mobile banking malware, we retrospectively revised the 2023 numbers to provide more accurate statistics. We also changed the methodology for PC banking malware by removing obsolete families that no longer use Trojan banker functionality, hence the sharp drop in numbers against 2023. million detections compared to 5.84

Phishing 77

Phishing Banking Scams Mobile 77

Security Affairs

OCTOBER 20, 2024

CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog North Korea-linked APT37 exploited IE zero-day in a recent attack Omni Family Health data breach impacts 468,344 individuals Iran-linked actors target critical infrastructure organizations macOS HM Surf flaw in TCC allows bypass Safari privacy settings Two Sudanese (..)

Data breaches 117

Data breaches Cybercrime Cyber Insurance Marketing 117

Security Affairs

OCTOBER 25, 2024

The Change Healthcare data breach in the February 2024 impacted over 100 million, the largest-ever healthcare data breach in the US. UnitedHealth Group announced that the data breach suffered by Change Healthcare in February 2024 impacted more than 100 million individuals.

Data breaches 129

Data breaches Healthcare Cybercrime Insurance 129

Security Affairs

JUNE 6, 2025

offers up to $10M for info on state hackers linked to RedLine malware and its creator, Maxim Rudometov, tied to attacks on U.S. “Maxim Alexandrovich Rudometov (Максим Александрович Рудомётов), born in 1999 in the Luhansk region of Ukraine, developed and has sold “information stealer” malware known as RedLine.”

Malware 84

Malware Passwords Identity Theft Accountability 84

Security Affairs

NOVEMBER 26, 2024

Banshee Stealer, a MacOS Malware-as-a-Service, shut down after its source code leaked online. In August 2024, Russian hackers promoted BANSHEE Stealer, a macOS malware targeting x86_64 and ARM64, capable of stealing browser data, crypto wallets, and more. The code is now available on GitHub. concludes the report.

Malware 143

Malware Cryptocurrency Encryption Passwords 143

Security Affairs

NOVEMBER 17, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 114

Malware Antivirus Encryption Education 114

Security Affairs

APRIL 21, 2025

Russia-linked group APT29 targeted diplomatic entities across Europe with a new malware loader codenamed GRAPELOADER. The phishing emails either led to malware delivery via GRAPELOADER or redirected to the Ministry’s real website to appear legitimate. The malware is highly targeted and leaves no traces of the next-stage payload.

Malware 103

Malware Phishing Encryption Hacking 103

SecureList

DECEMBER 16, 2024

Review of last year’s predictions The number of services providing AV evasion for malware (cryptors) will increase We continuously monitor underground markets for the emergence of new “cryptors,” which are tools specifically designed to obfuscate the code within malware samples.

Marketing 105

Marketing Data breaches Cryptocurrency Malware 105

Security Affairs

JANUARY 26, 2025

In October 2024, UnitedHealth Group announced that the data breach suffered by Change Healthcare in February 2024 impacted more than 100 million individuals. Change Healthcare can confirm we are experiencing a cybersecurity issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat.

Healthcare 129

Healthcare Data breaches Insurance Cybercrime 129

Krebs on Security

JANUARY 7, 2025

This domain was featured in a writeup from February 2024 by the security firm Lookout , which found it was one of dozens being used by a prolific and audacious voice phishing group it dubbed “ Crypto Chameleon.” Before we get to the Apple scam in detail, we need to revisit Tony’s case. “ Annie.”

Phishing 338

Phishing Cryptocurrency Accountability Social Engineering 338

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency 109

Cryptocurrency Hacking Phishing Cyber Attacks 109

Security Affairs

FEBRUARY 13, 2025

A November 2024 RA World ransomware attack on an Asian software firm used a tool linked to China-linked threat actors. During the attack in late 2024, the attacker deployed a distinct toolset that had previously been used by a China-linked actor in classic espionage attacks.” ” reads the report published by Broadcom. .

Ransomware 119

Ransomware Software Cybercrime Encryption 119

Security Affairs

NOVEMBER 4, 2024

The July 2024 ransomware attack that hit the City of Columbus, Ohio, exposed the personal and financial data of 500,000 individuals. On July 18, 2024, the City of Columbus, Ohio, suffered a cyber attack that impacted the City’s services.

Ransomware 114

Ransomware Identity Theft Data breaches Cyber threats 114

Security Affairs

APRIL 1, 2025

Sucuri researchers spotted threat actors deploying WordPress malware in the mu-plugins directory to evade security checks. ” Attackers used obfuscated PHP in mu-plugins to execute hidden payloads from /wp-content/uploads/2024/12/index.txt , using the functions eval() to run arbitrary code stealthily.

Malware 87

Malware Firewall Hacking Cybercrime 87

Security Affairs

NOVEMBER 5, 2024

Authorities arrested Mr. Moucka on October 30, 2024, he was taken into custody on a US provisional arrest warrant. ” In June 2024, Snowflake revealed that a limited number of its customers were targeted in a campaign by UNC5537 , a financially motivated group based in North America. Charges remain undisclosed.

Unstructured Data 121

Unstructured Data Media Cybercrime Hacking 121

Security Affairs

JANUARY 11, 2025

The security breach exposed customer data and IDs between October 10 and November 10, 2024. “On November 20, 2024, we were notified by a vendor of point-of-sale processing services for some of our retail locations that accounts with their organization had been compromised by an organized cybercrime group.”

Data breaches 112

Data breaches Retail Cybercrime Government 112

Security Affairs

MARCH 26, 2025

New ReaderUpdate malware variants, now written in Crystal, Nim, Rust, and Go, targets macOS users, SentinelOne warns. SentinelOne researchers warn that multiple versions of the ReaderUpdate malware written in Crystal, Nim, Rust, and Go programming languages, are targeting macOS users. The malware maintains persistence via a.plist file.

Malware 71

Malware Adware Antivirus Marketing 71

Security Affairs

NOVEMBER 17, 2024

CISA adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog Hackers target critical flaw CVE-2024-10914 in EOL D-Link NAS Devices China-linked threat actors compromised multiple telecos and spied on a limited number of U.S.

Cryptocurrency 111

Cryptocurrency Hacking Malware Data breaches 111

Security Affairs

FEBRUARY 2, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 73

Malware Spyware Ransomware Hacking 73

Security Affairs

NOVEMBER 10, 2024

Mazda Connect flaws allow to hack some Mazda vehicles Veeam Backup & Replication exploit reused in new Frag ransomware attack Texas oilfield supplier Newpark Resources suffered a ransomware attack Palo Alto Networks warns of potential RCE in PAN-OS management interface iPhones in a law enforcement forensics lab mysteriously rebooted losing their (..)

Ransomware 116

Ransomware Cybercrime Phishing Banking 116

Malwarebytes

FEBRUARY 19, 2025

And in 2024, one malicious program in particular is responsible for the lions share of info stealer activityracking up 70% of known info stealer detections on Mac. These findings come from the 2025 State of Malware report. But the variety of information that these pieces of malware can steal makes them particularly dangerous.

Malware 127

Malware Software Passwords Cryptocurrency 127

Security Affairs

MAY 27, 2025

Sophos states that DragonForce ransomware operators chainedthe three vulnerabilities, tracked as CVE-2024-57727 , CVE-2024-57728 , and CVE-2024-57726 , for initial access. DragonForce runs a cybercrime affiliate service, letting affiliates use its tools to launch attacks and extort victims.

Ransomware 102

Ransomware Software Retail Data breaches 102

Security Affairs

NOVEMBER 9, 2024

A critical flaw, tracked as CVE-2024-40711, in Veeam Backup & Replication (VBR) was also recently exploited to deploy Frag ransomware. In mid-October, Sophos researchers warned that ransomware operators are exploiting the critical vulnerability CVE-2024-40711 in Veeam Backup & Replication to create rogue accounts and deploy malware.

Backups 132

Backups Ransomware VPN Accountability 132

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 116

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 116

The Last Watchdog

MARCH 19, 2025

Attackers now have access to extensive identity data from multiple sourcesincluding data breaches, infostealer malware infections, phishing campaigns, and combolistsposing a challenge for organizations whose security measures have not yet adapted to address the full scope of interconnected identity exposures holistically.

Cyber Risk 113

Cyber Risk Risk Phishing Cybercrime 113