eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Brian Krebs is an independent investigative reporter known for his coverage of technology, malware , data breaches , and cybercrime developments. Denial-of-Suez attack.

Accountability 139

Accountability Cybersecurity Penetration Testing InfoSec 139

Security Affairs

APRIL 24, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, PaperCut ) The post Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws appeared first on Security Affairs.

Cybercrime 73

Cybercrime Software Education Ransomware 73

Security Affairs

JUNE 8, 2022

. “The SSNDOB administrators created advertisements on darkweb criminal forums for the Marketplace’s services, provided customer support functions, and regularly monitored the activities of the sites, including monitoring when purchasers deposited money into their accounts.” ” reads the press release published by DoJ.

Cybercrime 90

Cybercrime Cryptocurrency Marketing Advertising 90

Security Affairs

AUGUST 9, 2023

Cloud account takeover scheme utilizing EvilProxy hit over 100 top-level executives of global organizations EvilProxy was observed sending 120,000 phishing emails to over a hundred organizations to steal Microsoft 365 accounts. Proofpoint noticed a worrisome surge of successful cloud account compromises in the past five months.

Accountability 87

Accountability Phishing Authentication Architecture 87

Spinone

OCTOBER 10, 2019

The best way to stay up-to-date with the recent trends is by reading the top cybersecurity blogs. Here’s our list of the best cybersecurity blogs to read and follow. Securing Tomorrow SecuringTomorrow is a blog by McAfee, one of the biggest security software providers.

Cybersecurity 56

Cybersecurity IoT Antivirus Education 56

Security Affairs

APRIL 12, 2022

The illegal dark web marketplace RaidForums has been shut down and its infrastructure seized as a result of the international law enforcement Operation TOURNIQUET coordinated by Europol’s European Cybercrime Centre. Europol will continue working with its international partners to make cybercrime harder – and riskier –to commit.

Cybercrime 140

Cybercrime Banking Accountability Hacking 140

Security Boulevard

FEBRUARY 4, 2022

Do you need to do a historical check on the security industry including me as an individual including my personal blog and all the socially-oriented work and contributors that I've made to the industry during the past ten years? Folks, Do you remember who I am?

Cybercrime 115

Cybercrime Accountability Information Security Network Security 115

The Last Watchdog

APRIL 13, 2022

Additionally, there are also Russian cybercrime organizations that are not state-sponsored but are allowed to operate. Although there’s no one magic solution to eliminating cyberattacks and cybercrime risks, there are steps you can take to reduce the chances of becoming a victim. Accounting for humans.

Cybersecurity 214

Cybersecurity Cybercrime Education Passwords 214

Security Affairs

APRIL 24, 2023

EvilExtractor is a new “all-in-one” info stealer for Windows that is being advertised for sale on dark web cybercrime forums. FortiGuard Labs observed this malware in a phishing email campaign on 30 March, which we traced back to the samples included in this blog.” ” reads the report published by Fortinet.

Cybercrime 86

Cybercrime Malware Education Phishing 86

Krebs on Security

APRIL 27, 2023

Until being contacted by this reporter on Monday, the state of Vermont had at least five separate Salesforce Community sites that allowed guest access to sensitive data, including a Pandemic Unemployment Assistance program that exposed the applicant’s full name, Social Security number, address, phone number, email, and bank account number.

Banking 302

Banking Government Information Security Authentication 302

Security Affairs

APRIL 5, 2023

The discovery of STYX coincides with Resecurity financial crime risk analysts observing a significant increase in threat actors offering money-laundering services that exploit digital banking and cryptocurrency accounts. Resecurity’s investigation of STYX also yielded the discovery of 100 mules accounts.

Banking 77

Banking Cybercrime Accountability Risk 77

Security Affairs

APRIL 30, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter ) The post Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Cybercrime 87

Cybercrime Malware Hacking Accountability 87

Security Boulevard

JANUARY 25, 2022

Folks, Who wants to dive deep into some of my latest commercially available research and stay on the top of their OSINT/cybercrime research and threat intelligence gathering game that also includes their team and organization? Dancho Danchev’s “Astalavista Security Group – Investment Proposal” Presentation – A Photos Compilation.

Cybercrime 96

Cybercrime Hacking Scams Ransomware 96

Security Affairs

MAY 2, 2023

. “Noncompliant virtual currency exchanges, which have a lax anti-money laundering program or collect minimal Know Your Customer information or none at all, serve as important hubs in the cybercrime ecosystem and are operating in violation of Title 18 United States Code, Sections 1960 and 1956.”

Cybercrime 87

Cybercrime Cryptocurrency Advertising Education 87

Security Affairs

APRIL 14, 2023

The threat actors also attempted to sell the stolen data on the BreachForums cybercrime forum that was recently shut down by law enforcement. The account was used to create database backups which were then downloaded and deleted. The account owner has confirmed they did not access the admin console to perform these actions.”

Data breaches 90

Data breaches Backups Passwords Accountability 90

Security Affairs

MARCH 6, 2024

Researchers warn that the cybercrime groups GhostSec and Stormous have joined forces in a new ransomware campaign. The group is not linked to the hacktivist group Ghost Security Group, which primarily focuses on counterterrorism efforts and targets pro-ISIS websites. ransomware, a Golang variant of the GhostLocker ransomware.

Ransomware 113

Ransomware Encryption Cybercrime Hacking 113

Security Affairs

APRIL 28, 2023

The malware allows operators to steal login credentials from popular services such as social media platforms and cryptocurrency wallets, then stolen data is sold on cybercrime forums by the operators. To prevent infections from malware like Cryptbot, Cybercrime Support Network recommends users to Download from well-known and trusted sources.

Malware 91

Malware Cybercrime Cryptocurrency Media 91

Security Affairs

APRIL 9, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter newsletter) The post Security Affairs newsletter Round 414 by Pierluigi Paganini – International edition appeared first on Security Affairs. billion rubles.

Computers and Electronics 79

Computers and Electronics Backups Cybercrime Marketing 79

Security Affairs

MAY 3, 2023

In March, security experts at Meta found multiple malware posing as ChatGPT or similar AI tools. “Since March alone, our security analysts have found around 10 malware families posing as ChatGPT and similar tools to compromise accounts across the internet. ” reads the Meta’s Q1 2023 Security Reports.

Malware 93

Malware Education Accountability Media 93

Security Affairs

APRIL 8, 2022

A Ukrainian man was sentenced in the US to 5 years in prison for his criminal activity in the cybercrime group FIN7. for high-level hacking activity in the cybercrime group FIN7 (aka Carbanak Group and the Navigator Group). Iarmak is the third member of the FIN7 cybercrime group to be sentenced in the U.S. in May 2020.

Cybercrime 102

Cybercrime Hacking Software Phishing 102

Krebs on Security

MARCH 1, 2022

A Ukrainian security researcher this week leaked several years of internal chat logs and other sensitive data tied to Conti , an aggressive and ruthless Russian cybercrime group that focuses on deploying its ransomware to companies with more than $100 million in annual revenue. On Sunday, Feb. hospitals and healthcare providers.”.

Ransomware 276

Ransomware Healthcare Cybercrime Government 276

Krebs on Security

SEPTEMBER 25, 2019

But the plan failed and the Ukrainian mastermind behind it soon after was imprisoned for unrelated cybercrime offenses. That individual recently gave his first interview since finishing his jail time here in the states, and he’s shared some select (if often abrasive and coarse) details on how he got into cybercrime and why.

Cybercrime 213

Cybercrime Identity Theft Accountability Passwords 213

Security Affairs

APRIL 10, 2023

. “DEV-1084 was then later observed leveraging highly privileged compromised credentials to perform en masse destruction of resources, including server farms, virtual machines, storage accounts, and virtual networks, and send emails to internal and external recipients.”

Ransomware 86

Ransomware Cybercrime VPN Education 86

Security Affairs

MAY 3, 2023

Today’s indictment and global takedown of the Try2Check website demonstrates that the Office, together with our partners, will disrupt cybercrime operations no matter where they are based.” The DoJ pointed out that Try2Check also victimized a major U.S.-based

Cybercrime 86

Cybercrime Education Media Hacking 86

Security Affairs

MAY 2, 2023

“A number of investigations to identify additional individuals behind dark web accounts are still ongoing. The seizure of the Hydra Market is the result of an international investigation conducted by the Central Office for Combating Cybercrime (ZIT) in partnership with U.S. ” continues the press release.

Marketing 78

Marketing Accountability Cybercrime Education 78

Security Affairs

JUNE 15, 2022

Credit card details related to an account balance of up to 5,000 has an average price of $120, which is exactly 50% of the price for the same item observed in 2021. The huge interest in cryptocurrency is keeping high the price of crypto accounts. Kraken verified account info is worth 250, while in 2021 the price was $810, while a Cex.io

Identity Theft 92

Identity Theft Accountability DDOS Cybercrime 92

Security Affairs

APRIL 2, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter) The post Security Affairs newsletter Round 413 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Spyware 83

Spyware Surveillance Artificial Intelligence Data breaches 83

Security Affairs

APRIL 6, 2022

The seizure of the Hydra Market is the result of an international investigation conducted by the Central Office for Combating Cybercrime (ZIT) in partnership with U.S. The German authorities reported that around 17 million customers and over 19,000 seller accounts were registered on the Hydra Market. To nominate, please visit:?

Marketing 88

Marketing Cybercrime Advertising Hacking 88

Security Affairs

APRIL 6, 2022

The seizure of the Hydra Market is the result of an international investigation conducted by the Central Office for Combating Cybercrime (ZIT) in partnership with U.S. The German authorities reported that around 17 million customers and over 19,000 seller accounts were registered on the Hydra Market. “Today, the U.S.

Marketing 99

Marketing Cybercrime Advertising Hacking 99

Security Affairs

APRIL 18, 2023

A new malware, dubbed Domino, developed by the FIN7 cybercrime group has been used by the now-defunct Conti ransomware gang. IBM Security X-Force researchers recently discovered a new malware family, called Domino, which was created by developers associated with the FIN7 cybercriminal group (tracked by X-Force as ITG14).

Ransomware 75

Ransomware Cybercrime Malware Education 75

Security Affairs

MAY 1, 2023

While investigating the malware distribution, the researchers noticed the use of an infrastructure known to belong to cybercrime group TA505. com, which is a domain associated with the operations of the TA505 cybercrime gang. Upon executing the MSI file, a PowerShell command is launched.

Malware 86

Malware Cybercrime Banking Software 86

Security Affairs

APRIL 7, 2023

.” The company reported the security breach to the relevant authorities, and it downplayed the incident, saying that the attack had no significant financial and operational impact. In response to the incident, the company announced it is enhancing the information security control measures of its network and infrastructure.

Ransomware 85

Ransomware Firmware Hacking Manufacturing 85

Security Affairs

APRIL 25, 2022

ALPHV has been advertising the BlackCat Ransomware-as-a-Service (RaaS) on the cybercrime forums XSS and Exploit since early December. The FBI is seeking any information that can be shared related to the operations of the BlackCat ransomware operation. Regularly back up data, air gap, and password-protect backup copies offline.

Ransomware 101

Ransomware Antivirus Passwords Malware 101

Security Affairs

MAY 4, 2023

Facebook discovered a new information-stealing malware, dubbed ‘NodeStealer,’ that is being distributed on Meta. NodeStealer is a new information-stealing malware distributed on Meta that allows stealing browser cookies to hijack accounts on multiple platforms, including Facebook, Gmail, and Outlook.

Malware 91

Malware Accountability Advertising Education 91

Security Affairs

MAY 1, 2023

The carrier states that personal financial account information and call records were not affected by the security breach. In January, T-Mobile suffered the first data breach in 2023, threat actors stole the personal information of 37 million current postpaid and prepaid customer accounts.

Data breaches 70

Data breaches Mobile Identity Theft Accountability 70

Security Affairs

APRIL 23, 2022

The popular investigator and journalist Brian Krebs first surmised that the LAPSUS$ gang has breached T-Mobile after he reviewed a copy of the private chat messages between members of the cybercrime group. Telegram channels that were restricted to the core seven members of the group – Source KrebsonSecurity. ” wrote Krebs.

Mobile 95

Mobile VPN Social Engineering Telecommunications 95

The Last Watchdog

OCTOBER 24, 2022

. • Create security awareness for employees. One of the most important ways to protect against data breaches is to increase employee security awareness. Employees are the first line of defense against cybercrime and should understand how to recognize phishing emails and what to do if they suspect them.

Passwords 214

Passwords Security Awareness Data breaches Cybersecurity 214