Advertising, Malware and Ransomware - Cyber Security Informer

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

FEBRUARY 28, 2025

Last year, the French security firm Intrinsec detailed Prospero’s connections to bulletproof services advertised on Russian cybercrime forums under the names Securehost and BEARHOST. A fake browser update page pushing mobile malware. A fake browser update page pushing mobile malware. Image: Intrinsec.

Malware

Malware Antivirus DDOS Software

FBI warns of malicious free online document converters spreading malware

Security Affairs

MARCH 24, 2025

The FBI warns of a significant increase in scams involving free online document converters to infect users with malware. The FBI warns that threat actors use malicious online document converters to steal users sensitive information and infect their systems with malware. ” reads the alert. ” continues the alert.

Malware

Malware Scams Identity Theft Antivirus

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

That investigation detailed how the 38-year-old Shefel adopted the nickname Rescator while working as vice president of payments at ChronoPay , a Russian financial company that paid spammers to advertise fake antivirus scams, male enhancement drugs and knockoff pharmaceuticals. “I’m also godfather of his second son.”

Advertising

Advertising Retail Cryptocurrency Cybercrime

Hackers Leverage Microsoft Teams to Spread Matanbuchus 3.0 Malware to Targeted Firms

The Hacker News

JULY 16, 2025

Cybersecurity researchers have flagged a new variant of a known malware loader called Matanbuchus that packs in significant features to enhance its stealth and evade detection. First advertised in February 2021 on

Malware

Malware Advertising Ransomware Cybersecurity

Fintech Giant Finastra Investigating Data Breach

Krebs on Security

NOVEMBER 19, 2024

“The threat actor did not deploy malware or tamper with any customer files within the environment,” the notice reads. The original October 31 post from abyss0, where they advertise the sale of data from several large banks that are customers of a large financial software company. 8 post on BreachForums. Image: Ke-la.com.

Data breaches

Data breaches Banking Cybercrime Advertising

Threat Spotlight: Inside the World’s Fastest Rising Ransomware Operator — BlackLock

Digital Shadows

FEBRUARY 17, 2025

Key Findings First observed in March 2024, BlackLock (aka El Dorado or Eldorado) has rapidly emerged as a major player in the ransomware-as-a-service (RaaS) ecosystem. By Q4 2024, it ranked as the 7th most prolific ransomware group on data-leak sites, fueled by a staggering 1,425% increase in activity from Q3.

Ransomware

Ransomware Malware Risk Accountability

IT threat evolution in Q3 2024. Non-mobile statistics

SecureList

NOVEMBER 29, 2024

More than 90,000 users experienced ransomware attacks. Nearly 18% of all victims published on ransomware gangs’ data leak sites (DLSs) had been hit by RansomHub. According to the UK’s National Crime Agency (NCA), this individual also was behind the infamous Reveton ransomware Trojan spread in 2012 — 2014.

Mobile

Mobile Adware Ransomware Malware

Hackers Exploit Russian Host Proton66 for Global Malware Attacks, Researchers Say

eSecurity Planet

APRIL 21, 2025

A notorious Russian hosting service provider known as Proton66 is at the center of a series of widespread cyberattacks and malware campaigns targeting organizations and users worldwide, according to fresh findings from cybersecurity experts. Once inside, they deploy a ransomware strain named SuperBlack, similar to LockBit 3.0,

Malware

Malware Phishing Ransomware VPN

Medusa ransomware hit over 300 critical infrastructure organizations until February 2025

Security Affairs

MARCH 13, 2025

The Medusa ransomware operation hit over 300 organizations in critical infrastructure sectors in the United States until February 2025. The FBI, CISA, and MS-ISAC have issued a joint advisory detailing Medusa ransomware tactics, techniques, and indicators of compromise (IOCs) based on FBI investigations as recent as February 2025.

Ransomware

Ransomware Encryption Cryptocurrency Insurance

GUESST ESSAY: Cybercrime for hire: small businesses are the new bullseye of the Dark Web

The Last Watchdog

MAY 15, 2025

Recent Guardz research shows that more than 15% of the tools advertised on dark web forums target vulnerabilities like EternalBlue , a known Windows flaw dating back to 2017 that still hasnt been fully remediated across the globe. In some cases, pre-built ransomware kits complete with instructions are sold for just a few hundred dollars.

Small Business

Small Business Cybercrime Cyber Insurance Phishing

Dark web threats and dark market predictions for 2025

SecureList

DECEMBER 16, 2024

Review of last year’s predictions The number of services providing AV evasion for malware (cryptors) will increase We continuously monitor underground markets for the emergence of new “cryptors,” which are tools specifically designed to obfuscate the code within malware samples.

Marketing

Marketing Data breaches Cryptocurrency Malware

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 20, 2024

CISA adds Microsoft Windows Kernel, Mozilla Firefox and SolarWinds Web Help Desk bugs to its Known Exploited Vulnerabilities catalog GitHub addressed a critical vulnerability in Enterprise Server A new Linux variant of FASTCash malware targets financial systems WordPress Jetpack plugin critical flaw impacts 27 million sites Pokemon dev Game Freak discloses (..)

Data breaches

Data breaches Cybercrime Cyber Insurance Marketing

Qilin ransomware gang claimed responsibility for the Lee Enterprises attack

Security Affairs

MARCH 2, 2025

The Qilin ransomware group claims responsibility for attacking the newspaper Lee Enterprises, stealing 350GB of data. The Qilin ransomware group claimed responsibility for the recent cyberattack on Lee Enterprises, which impacted dozens of local newspapers. Lee Enterprises , Inc. is a publicly traded American media company.

Ransomware

Ransomware Cybercrime Encryption Healthcare

Dutch Police shut down bulletproof hosting provider Zservers and seized 127 servers

Security Affairs

FEBRUARY 17, 2025

On February 11, 2025, the US, UK, and Australia sanctioned a Russian bulletproof hosting services provider and two Russian administrators because they supported Russian ransomware LockBit operations. ” reads the announcement published by the US Treasury. ” reads the press release published by Dutch Police.

Cybercrime

Cybercrime Ransomware Hacking Advertising

New AI “agents” could hold people for ransom in 2025

Malwarebytes

FEBRUARY 4, 2025

This warning comes from our 2025 State of Malware report, which compiled a years worth of intelligence to identify the most pressing cyberattacks on the horizon. You can find the full 2025 State of Malware report here. In 2023, Malwarebytes Labs subverted these boundaries to successfully get ChatGPT to write ransomware twice.

Artificial Intelligence

Artificial Intelligence Small Business Malware Technology

Macs targeted by info stealers in new era of cyberthreats

Malwarebytes

FEBRUARY 19, 2025

These findings come from the 2025 State of Malware report. Unlike ransomware, which is deployed against large businesses that cybercriminals hope can pay hefty ransoms, info stealers can deliver illicit gains no matter the target. But the variety of information that these pieces of malware can steal makes them particularly dangerous.

Malware

Malware Software Passwords Cryptocurrency

You should probably delete any sensitive screenshots you have in your phone right now. Here's why

Zero Day

JUNE 26, 2025

Here's why A new Trojan malware is targeting sensitive information, including crypto wallet seed phrases. Also: How Avast's free AI-powered Scam Guardian protects you from online con artists According to Kaspersky, the malware targets iOS and Android devices. Here's how the malware works. What is SparkKitty?

Password Management

Password Management Small Business Passwords Artificial Intelligence

Urgent WordPress Alert: Motors Theme Flaw (CVE-2025-4322) Actively Exploited for Site Takeover

Penetration Testing

JUNE 20, 2025

Search Our Websites Penetration Testing Tools The Daily Information Technology Daily CyberSecurity About SecurityOnline.info Advertise with us Announcement Contact Contributor Register Login About SecurityOnline.info Advertise on SecurityOnline.info Contact When you purchase through links on our site, we may earn an affiliate commission.

Passwords

Passwords Accountability Penetration Testing Firewall

86 million AT&T customer records reportedly up for sale on the dark web

Zero Day

JUNE 6, 2025

Privacy Policy | | Cookie Settings | Advertise | Terms of Use Topics Galleries Videos Do Not Sell or Share My Personal Information about ZDNET Meet The Team Sitemap Reprint Policy Join | Log In Newsletters Licensing Accessibility © 2025 ZDNET, A Ziff Davis company. All rights reserved.

Password Management

Password Management Passwords Identity Theft Artificial Intelligence

Why SMS two-factor authentication codes aren't safe and what to use instead

Zero Day

JUNE 17, 2025

Privacy Policy | | Cookie Settings | Advertise | Terms of Use Topics Galleries Videos Do Not Sell or Share My Personal Information about ZDNET Meet The Team Sitemap Reprint Policy Join | Log In Newsletters Licensing Accessibility © 2025 ZDNET, A Ziff Davis company. All rights reserved.

Authentication

Authentication Password Management Small Business Passwords

Lumma Stealer – Tracking distribution channels

SecureList

APRIL 21, 2025

Introduction The evolution of Malware-as-a-Service (MaaS) has significantly lowered the barriers to entry for cybercriminals, with information stealers becoming one of the most commercially successful categories in this underground economy. txt The script performs the following actions: Downloads the malware. Extracts the malware.

Malware

Malware Cryptocurrency Software Antivirus

Top Cyber Attacker Techniques, August–October 2024

Digital Shadows

NOVEMBER 26, 2024

. “SocGholish” and “LummaC2” are the most frequently observed malware in customer incidents. Despite a slowdown in “LockBit” ransomware activity due to law enforcement actions and a loss of affiliate trust, it remains a key player. Despite the importance of employee training, sometimes it just isn’t enough.

Cyber Attacks

Cyber Attacks Phishing Ransomware Cyber Insurance

Chinese Cyberespionage Groups Probe SentinelOne in Sophisticated ShadowPad and PurpleHaze Campaigns

Penetration Testing

JUNE 9, 2025

ShadowPad, a privately sold modular malware platform, was used in a global campaign spanning June 2024 to March 2025, compromising victims in manufacturing, government, finance, telecom, and research. The cluster included a notable intrusion into a South Asian government IT provider. Support independent cybersecurity journalism.

Penetration Testing

Penetration Testing Advertising DNS Cybersecurity

Your Brother printer might have a critical security flaw - how to check and what to do next

Zero Day

JULY 3, 2025

Also: Patch your Windows PC now before bootkit malware takes it over - here's how Yes, the same password that's set in the factory and that many of us never change. Privacy Policy | | Cookie Settings | Advertise | Terms of Use All rights reserved.

Password Management

Password Management Passwords Artificial Intelligence Firmware

How passkeys work: Let's start the passkey registration process

Zero Day

JULY 10, 2025

" Therefore, a malicious domain cannot trick an end user into somehow registering a passkey that's advertised to work for one domain, while it actually works for another (or vice versa). Privacy Policy | | Cookie Settings | Advertise | Terms of Use It essentially means "possibility of foul play."

Password Management

Password Management Authentication Passwords Artificial Intelligence

Cloudflare blocks largest DDoS attack - here's how to protect yourself

Zero Day

JUNE 27, 2025

Privacy Policy | | Cookie Settings | Advertise | Terms of Use Topics Galleries Videos Do Not Sell or Share My Personal Information about ZDNET Meet The Team Sitemap Reprint Policy Join | Log In Newsletters Licensing Accessibility © 2025 ZDNET, A Ziff Davis company. All rights reserved.

DDOS

DDOS Small Business Password Management Passwords

The Cybersecurity Challenge in Mergers and Acquisitions

Digital Shadows

DECEMBER 5, 2024

Responses suggested exploiting the information for insider trading, with one forum member comparing the potential profits to those from ransomware. Another post advertised the sale of client and employee credentials and email information from a Japanese construction company involved in M&A activity.

Cybersecurity

Cybersecurity Accountability Risk Software

How passkeys work: Do your favorite sites even support passkeys?

Zero Day

JULY 9, 2025

" In April, an Android-based SMS message interception malware called Gorilla was discovered to be under development (evidence that threat actors have taken an interest in SMS). Privacy Policy | | Cookie Settings | Advertise | Terms of Use All rights reserved.

Passwords

Passwords Password Management Authentication Artificial Intelligence

Cybersecurity Snapshot: Tenable Highlights Risks of AI Use in the Cloud, as UK’s NCSC Offers Tips for Post-Quantum Cryptography Adoption

Security Boulevard

MARCH 21, 2025

While the tools work as advertised, they also perform malicious actions in the background, such as infecting the converted file with malware or stealing personal data from it, including banking information and Social Security numbers. Federal Bureau of Investigation.

Risk

Risk IoT Cybersecurity Manufacturing

Microsoft Authenticator will soon ditch passwords for passkeys - here's what to do

Zero Day

JUNE 30, 2025

Privacy Policy | | Cookie Settings | Advertise | Terms of Use Topics Galleries Videos Do Not Sell or Share My Personal Information about ZDNET Meet The Team Sitemap Reprint Policy Join | Log In Newsletters Licensing Accessibility © 2025 ZDNET, A Ziff Davis company. All rights reserved.

Authentication

Authentication Passwords Password Management Artificial Intelligence

16 billion passwords leaked across Apple, Google, more: What to know and how to protect yourself

Zero Day

JUNE 22, 2025

Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers. Cybernews pointed to the datasets as a mixture of information from infostealer malware, credential stuffing sets, and repackaged leaks. Neither ZDNET nor the author are compensated for these independent reviews.

Passwords

Passwords Data breaches Password Management Accountability

A week in security (January 13 – January 19)

Malwarebytes

JANUARY 20, 2025

Our business solutions remove all remnants of ransomware and prevent you from getting reinfected. Welcome to 2025 Stay safe! Want to learn more about how we can help protect your business? Get a free trial below.

Insurance

Insurance Phishing Advertising Encryption

How global threat actors are weaponizing AI now, according to OpenAI

Zero Day

JUNE 6, 2025

Privacy Policy | | Cookie Settings | Advertise | Terms of Use Topics Galleries Videos Do Not Sell or Share My Personal Information about ZDNET Meet The Team Sitemap Reprint Policy Join | Log In Newsletters Licensing Accessibility © 2025 ZDNET, A Ziff Davis company. All rights reserved.

Artificial Intelligence

Artificial Intelligence Password Management Small Business Passwords

How to clear your Android phone cache (and why it makes such a big difference)

Zero Day

JUNE 26, 2025

Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers. Privacy Policy | | Cookie Settings | Advertise | Terms of Use This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. All rights reserved.

Password Management

Password Management Small Business Software DNS

Get a Google Pixel 9a and Pixel Buds A-Series on T-Mobile - here's how it works

Zero Day

JUNE 11, 2025

Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers. Privacy Policy | | Cookie Settings | Advertise | Terms of Use This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. All rights reserved.

Mobile

Mobile Password Management Small Business Retail

Security Roundup February 2025

BH Consulting

FEBRUARY 24, 2025

Cybercriminals felt the heat from law enforcement last year, while ransomware payments fell. Intel471 has a detailed analysis of other significant law enforcement operations in 2024, including against the LockBit ransomware gang and multiple malware droppers.

Cyber Insurance

Cyber Insurance Insurance Ransomware Artificial Intelligence

Facebook's new passkey support could let you ditch your password once and for all

Zero Day

JUNE 19, 2025

Privacy Policy | | Cookie Settings | Advertise | Terms of Use Topics Galleries Videos Do Not Sell or Share My Personal Information about ZDNET Meet The Team Sitemap Reprint Policy Join | Log In Newsletters Licensing Accessibility © 2025 ZDNET, A Ziff Davis company. All rights reserved.

Passwords

Passwords Password Management Small Business Mobile

Here's why network infrastructure is vital to maximizing your company's AI adoption

Zero Day

JUNE 14, 2025

Privacy Policy | | Cookie Settings | Advertise | Terms of Use Topics Galleries Videos Do Not Sell or Share My Personal Information about ZDNET Meet The Team Sitemap Reprint Policy Join | Log In Newsletters Licensing Accessibility © 2025 ZDNET, A Ziff Davis company. All rights reserved.

Artificial Intelligence

Artificial Intelligence Password Management Small Business Digital transformation

Hacker in Snowflake Extortions May Be a U.S. Soldier

Krebs on Security

NOVEMBER 26, 2024

Many of these messages were attempts to recruit people who could be hired to deploy a piece of malware that enslaved host machines in an Internet of Things (IoT) botnet. On BreachForums, Kiberphant0m has sold the source code to “ Shi-Bot ,” a custom Linux DDoS botnet based on the Mirai malware. ” On Nov.

DDOS

DDOS Cybercrime Accountability Government

Microsoft fixes two SharePoint zero-days under attack, but one is still unresolved - how to patch

Zero Day

JULY 23, 2025

Privacy Policy | | Cookie Settings | Advertise | Terms of Use Topics Galleries Videos Do Not Sell or Share My Personal Information about ZDNET Meet The Team Sitemap Reprint Policy Join | Log In Newsletters Licensing Accessibility © 2025 ZDNET, A Ziff Davis company. All rights reserved.

Software

Software Artificial Intelligence Digital transformation Education

Heard about the 16 billion passwords leak? Here are the facts and how to protect yourself

Zero Day

JUNE 20, 2025

Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers. Cybernews pointed to the datasets as a mixture of information from infostealer malware, credential stuffing sets, and repackaged leaks. Neither ZDNET nor the author are compensated for these independent reviews.

Passwords

Passwords Data breaches Password Management Identity Theft

Two new Android 16 security features protect you better - how to switch them on now

Zero Day

JULY 14, 2025

Privacy Policy | | Cookie Settings | Advertise | Terms of Use Topics Galleries Videos Do Not Sell or Share My Personal Information about ZDNET Meet The Team Sitemap Reprint Policy Join | Log In Newsletters Licensing Accessibility © 2025 ZDNET, A Ziff Davis company. All rights reserved.

Artificial Intelligence

Artificial Intelligence Digital transformation Password Management Mobile

Forget Ray-Bans: The $499 Meta Oakley smart glasses are better in almost every way

Zero Day

JUNE 20, 2025

Indeed, we follow strict guidelines that ensure our editorial content is never influenced by advertisers. Privacy Policy | | Cookie Settings | Advertise | Terms of Use This helps support our work, but does not affect what we cover or how, and it does not affect the price you pay. All rights reserved.

Password Management

Password Management Small Business Artificial Intelligence Software

How passkeys work: Going passwordless with public key cryptography

Zero Day

JULY 11, 2025

Privacy Policy | | Cookie Settings | Advertise | Terms of Use Topics Galleries Videos Do Not Sell or Share My Personal Information about ZDNET Meet The Team Sitemap Reprint Policy Join | Log In Newsletters Licensing Accessibility © 2025 ZDNET, A Ziff Davis company. All rights reserved.

Password Management

Password Management Authentication Passwords Accountability

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

FBI warns of malicious free online document converters spreading malware

Trending Sources

An Interview With the Target & Home Depot Hacker

Hackers Leverage Microsoft Teams to Spread Matanbuchus 3.0 Malware to Targeted Firms

Fintech Giant Finastra Investigating Data Breach

Threat Spotlight: Inside the World’s Fastest Rising Ransomware Operator — BlackLock

IT threat evolution in Q3 2024. Non-mobile statistics

Hackers Exploit Russian Host Proton66 for Global Malware Attacks, Researchers Say

Medusa ransomware hit over 300 critical infrastructure organizations until February 2025

GUESST ESSAY: Cybercrime for hire: small businesses are the new bullseye of the Dark Web

Dark web threats and dark market predictions for 2025

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Qilin ransomware gang claimed responsibility for the Lee Enterprises attack

Dutch Police shut down bulletproof hosting provider Zservers and seized 127 servers

New AI “agents” could hold people for ransom in 2025

Macs targeted by info stealers in new era of cyberthreats

You should probably delete any sensitive screenshots you have in your phone right now. Here's why

Urgent WordPress Alert: Motors Theme Flaw (CVE-2025-4322) Actively Exploited for Site Takeover

86 million AT&T customer records reportedly up for sale on the dark web

Why SMS two-factor authentication codes aren't safe and what to use instead

Lumma Stealer – Tracking distribution channels

Top Cyber Attacker Techniques, August–October 2024

Chinese Cyberespionage Groups Probe SentinelOne in Sophisticated ShadowPad and PurpleHaze Campaigns

Your Brother printer might have a critical security flaw - how to check and what to do next

How passkeys work: Let's start the passkey registration process

Cloudflare blocks largest DDoS attack - here's how to protect yourself

The Cybersecurity Challenge in Mergers and Acquisitions

How passkeys work: Do your favorite sites even support passkeys?

Cybersecurity Snapshot: Tenable Highlights Risks of AI Use in the Cloud, as UK’s NCSC Offers Tips for Post-Quantum Cryptography Adoption

Microsoft Authenticator will soon ditch passwords for passkeys - here's what to do

16 billion passwords leaked across Apple, Google, more: What to know and how to protect yourself

A week in security (January 13 – January 19)

How global threat actors are weaponizing AI now, according to OpenAI

How to clear your Android phone cache (and why it makes such a big difference)

Get a Google Pixel 9a and Pixel Buds A-Series on T-Mobile - here's how it works

Security Roundup February 2025

Facebook's new passkey support could let you ditch your password once and for all

Here's why network infrastructure is vital to maximizing your company's AI adoption

Hacker in Snowflake Extortions May Be a U.S. Soldier

Microsoft fixes two SharePoint zero-days under attack, but one is still unresolved - how to patch

Heard about the 16 billion passwords leak? Here are the facts and how to protect yourself

Two new Android 16 security features protect you better - how to switch them on now

Forget Ray-Bans: The $499 Meta Oakley smart glasses are better in almost every way

How passkeys work: Going passwordless with public key cryptography

Stay Connected