Security Affairs

JULY 18, 2024

The cybercrime group FIN7 is advertising a security evasion tool in multiple underground forums, cybersecurity company SentinelOne warns. SentinelOne researchers warn that the financially motivated group FIN7 is using multiple pseudonyms to advertise a security evasion tool in several criminal underground forums. is forum for $15,000.

Advertising 141

Advertising Cybercrime Hacking Ransomware 141

Krebs on Security

JULY 22, 2020

The New York Times last week ran an interview with several young men who claimed to have had direct contact with those involved in last week’s epic hack against Twitter. ” Twice in the past year, the OGUsers forum was hacked , and both times its database of usernames, email addresses and private messages was leaked online.

Hacking 351

Hacking Accountability Scams Media 351

Schneier on Security

JULY 14, 2023

And one lucky donor, as his campaign advertised on Facebook, will have the chance to win a Yeti Tundra 45 cooler that typically costs more than $300—just for donating at least $1. A clever hack. It’s actually a pretty good idea. Probably the cheapest way to get the contributors he needs.

Hacking 228

Hacking Advertising Media 228

Krebs on Security

FEBRUARY 16, 2022

The ICRC said the hacked servers contained data relating to the organization’s Restoring Family Links services, which works to reconnect people separated by war, violence, migration and other causes. In their online statement about the hack (updated on Feb. “Mr. .” Image: Ke-la.com. com, sachtimes[.]com,

Hacking 304

Hacking Ransomware Media Accountability 304

Security Affairs

JUNE 9, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, botnet) Indicators of BADBOX 2.0

IoT 145

IoT Internet Internet Advertising 145

Krebs on Security

FEBRUARY 4, 2021

Facebook told KrebsOnSecurity it seized hundreds of accounts — mainly on Instagram — that have been stolen from legitimate users through a variety of intimidation and harassment tactics, including hacking, coercion, extortion, sextortion , SIM swapping , and swatting. THE MIDDLEMEN.

Accountability 329

Accountability Hacking Media Mobile 329

Krebs on Security

FEBRUARY 28, 2025

Last year, the French security firm Intrinsec detailed Prospero’s connections to bulletproof services advertised on Russian cybercrime forums under the names Securehost and BEARHOST. government for its hacking operations, CEO Eugene Kaspersky says he ordered workers to delete the code. The bulletproof hosting provider BEARHOST.

Malware 266

Malware Antivirus Software DDOS 266

Adam Levin

JULY 24, 2020

Barely a day goes by without news of an elite hacking team creating a more stealth exploit– malware , elaborate spear-phishing attacks, trojans, and a killer array of ransomware that can take factories and other organizations offline, or even hobble entire cities. Cyberattacks are constantly getting more sophisticated.

Hacking 237

Hacking Phishing Risk Accountability 237

Krebs on Security

NOVEMBER 1, 2024

One post last month on the Russian-language hacking forum BHF offered up to $5,000 for each hotel account. This seller claims to help people monetize hacked booking.com partners, apparently by using the stolen credentials to set up fraudulent listings.

Phishing 278

Phishing Accountability Artificial Intelligence Cybercrime 278

Security Affairs

JULY 18, 2024

The cybercrime group FIN7 is advertising a security evasion tool in multiple underground forums, cybersecurity company SentinelOne warns. SentinelOne researchers warn that the financially motivated group FIN7 is using multiple pseudonyms to advertise a security evasion tool in several criminal underground forums. is forum for $15,000.

Advertising 98

Advertising Cybercrime Hacking Ransomware 98

Krebs on Security

MARCH 10, 2020

District Court for the Southern District of California allege Firsov was the administrator of deer.io, an online platform that hosted more than 24,000 shops for selling stolen and/or hacked usernames and passwords for a variety of top online destinations. ” A Google Translate version of that advertisement is here (PDF).

Accountability 357

Accountability Advertising Hacking Cybercrime 357

Security Affairs

OCTOBER 3, 2023

Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023. Cybersecurity researchers spotted a new malware-as-a-service (MaaS) called BunnyLoader that’s appeared in the threat landscape.

Advertising 139

Advertising Cybercrime Malware Cryptocurrency 139

Security Affairs

FEBRUARY 22, 2024

The antivirus firm is accused of selling the data to advertising companies without user consent. According to the complaint, the cybersecurity firm was advertising its products as privacy-friendly. million and order to stop selling or licensing any web browsing data for advertising purposes. FTC will also fine Avast $16.5

Advertising 138

Advertising Antivirus Data collection Software 138

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource was advertised on a number of popular cybercrime forums as a service that could help hackers break into valuable or high-profile accounts. Abusewith[.]us 2, 2014.

Hacking 243

Hacking Accountability Data breaches Marketing 243

Security Affairs

FEBRUARY 2, 2025

A joint law enforcement operation led to the seizure of 39 domains tied to a Pakistan-based HeartSender cybercrime group (aka Saim Raza and Manipulators Team) known for selling hacking and fraud tools. The HeartSender group advertised its tools as fully undetectable by antispam software.

Cybercrime 110

Cybercrime Advertising Phishing Hacking 110

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. io , and rdp[.]sh. Those archived webpages show both RDP services were owned by an entity called 1337 Services Gmbh.

eCommerce 222

eCommerce Cybercrime Accountability Passwords 222

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. Authorities in the United States, Germany, the Netherlands and the U.K.

Advertising 321

Advertising Cybercrime System Administration Hacking 321

Security Affairs

JANUARY 10, 2025

In August 2024, Russian crooks advertised a macOS malware called BANSHEE Stealer that can target both x86_64 and ARM64 architectures. The malicious code was advertised on cybercrime forums for $3,000 per month. The malware can collect cookies, logins and browsing history, but from Safari only cookies can be collected.

Malware 121

Malware Advertising Antivirus Cybercrime 121

Troy Hunt

NOVEMBER 13, 2024

Apparently, before a child reaches the age of 13, advertisers will have gathered more 72 million data points on them. But in all likelihood, there will be more than a handful of domain subscribers who take issue with that volume of people data sitting there in one corpus easily downloadable via a clear web hacking forum.

Data breaches 335

Data breaches Passwords B2B Technology 335

Security Affairs

MARCH 24, 2025

” Fake file converters and download tools may perform advertised tasks but can provide resulting files containing hidden malware, giving criminals access to victims’ devices. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, free online document converters)

Malware 117

Malware Scams Identity Theft Antivirus 117

Security Affairs

NOVEMBER 24, 2024

To advertise the marketplace, PopeyeTools allegedly promised to refund or replace purchased credit cards that were no longer valid at the time of sale. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Cybercrime 131

Cybercrime Cryptocurrency Banking Accountability 131

Security Affairs

NOVEMBER 5, 2024

Canadian authorities arrested a suspect linked to multiple hacks following a breach of cloud data platform Snowflake earlier this year. “Canadian authorities have arrested a man suspected of being behind a string of hacks involving as many as 165 customers of Snowflake Inc., Charges remain undisclosed.

Unstructured Data 122

Unstructured Data Media Hacking Cybercrime 122

Krebs on Security

DECEMBER 29, 2024

Much of my summer was spent reporting a story about how advertising and marketing firms have created a global free-for-all where anyone can track the daily movements and associations of hundreds of millions of mobile devices , thanks to the ubiquity of mobile location data that is broadly and cheaply available.

Scams 244

Scams Cybercrime Cryptocurrency Social Engineering 244

Krebs on Security

NOVEMBER 10, 2020

Now, one crime group has started using hacked Facebook accounts to run ads publicly pressuring their ransomware victims into paying up. Contacted by KrebsOnSecurity, Hodson said his Facebook account indeed was hacked, and that the attackers had budgeted $500 for the entire campaign. On the evening of Monday, Nov.

Ransomware 363

Ransomware Accountability Hacking Advertising 363

Security Affairs

NOVEMBER 30, 2024

Some of the malicious apps were promoted through deceptive advertising on social media. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Google Play) Some apps were suspended by Google from Google Play while others were updated by the developers.

Social Engineering 130

Social Engineering Media Mobile Scams 130

Security Affairs

JANUARY 4, 2024

The X account of cybersecurity giant Mandiant was hacked, attackers used it to impersonate the Phantom crypto wallet and push a cryptocurrency scam. Crooks hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam.

Cryptocurrency 134

Cryptocurrency Scams Accountability Hacking 134

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches 118

Data breaches Cybercrime Cyber Insurance Marketing 118

Krebs on Security

SEPTEMBER 17, 2020

Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. Security firm FireEye dubbed that hacking blitz “one of the broadest campaigns by a Chinese cyber espionage actor we have observed in recent years.” Image: FBI.

Antivirus 363

Antivirus Hacking Government Software 363

Schneier on Security

DECEMBER 28, 2018

This is a really interesting story of an ad fraud scheme that relied on hijacking the Border Gateway Protocol: Members of 3ve (pronounced "eve") used their large reservoir of trusted IP addresses to conceal a fraud that otherwise would have been easy for advertisers to detect. Lots of details in the article. This is an example of that.

Scams 233

Scams Advertising Hacking Software 233

Krebs on Security

APRIL 22, 2019

An advertisement for RevCode WebMonitor. ” But critics say WebMonitor is far more likely to be deployed on “pwned” devices, or those that are surreptitiously hacked. The first advertisements in hacker forums for the sale of WebMonitor began in mid-2017. Federal Bureau of Prisons , he was released on Nov.

Advertising 258

Advertising Antivirus Software Malware 258

Krebs on Security

MAY 5, 2021

This week, messaging security vendor Proofpoint published some new data on the rise of these malicious Office 365 apps, noting that a high percentage of Office users will fall for this scheme [full disclosure: Proofpoint is an advertiser on this website]. A cybercriminal service advertising the sale of access to hacked Office365 accounts.

Accountability 350

Accountability Advertising Passwords Phishing 350

Krebs on Security

JUNE 18, 2020

An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and selling the data on the dark web.

Identity Theft 363

Identity Theft Healthcare Hacking Technology 363

Krebs on Security

JANUARY 24, 2023

First advertised in the cybercrime underground in 2014, RSOCKS was the web-based storefront for hacked computers that were sold as “proxies” to cybercriminals looking for ways to route their Web traffic through someone else’s device. “I At that time, RSOCKS was advertising more than 80,000 proxies. RSOCKS, circa 2016.

Cybercrime 301

Cybercrime Advertising IoT Malware 301

Schneier on Security

APRIL 2, 2021

News article : Most troublingly, Activision says that the “cheat” tool has been advertised multiple times on a popular cheating forum under the title “new COD hack.” ” (Gamers looking to flout the rules will typically go to such forums to find new ways to do so.)

Software 225

Software Malware Advertising Antivirus 225

Security Affairs

OCTOBER 14, 2024

Some sellers on Bohemia advertised they were shipping the products from the Netherlands. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, dark web) million euros.

Marketing 127

Marketing Cybercrime DDOS Cryptocurrency 127

CyberSecurity Insiders

DECEMBER 13, 2022

India’s Corona fighting digital platform COWIN Portal has been reportedly been hacked by a hacker who is ready to sell the access details and some health worker data to interested parties. The post India corona fighting digital platform COWIN gets hacked appeared first on Cybersecurity Insiders.

Hacking 124

Hacking Healthcare Cyber Attacks Advertising 124

Adam Shostack

JANUARY 2, 2025

Image by Midjourney: robot reading many books::2 , while being hacked. The image is cinematic, dramatic, professional photography, studio lighting, studio background, advertising photography, intricate details, hyper-detailed --v 6.0 --ar 8:3 Strategie usate dagli hacker per violare sistemi. There is a stack of books on the bench.

Software 130

Software Advertising Hacking 130