SecureList

OCTOBER 20, 2021

Having been in the field for so long, we have witnessed some major changes in the cybercrime world’s modus operandi. This report shares our insights into the Russian-speaking cybercrime world and the changes in how it operates that have happened in the past five years. The year 2016 saw banks in Russia hacked one after another.

Cybercrime 139

Cybercrime Banking Malware Ransomware 139

Krebs on Security

JUNE 25, 2020

Justice Department today criminally charged a Canadian and a Northern Ireland man for allegedly conspiring to build botnets that enslaved hundreds of thousands of routers and other Internet of Things (IoT) devices for use in large-scale distributed denial-of-service (DDoS) attacks. — pleaded guilty in Sept.

IoT 316

IoT DDOS Cybercrime Internet 316

ForAllSecure

APRIL 21, 2023

Hacking has gone through several eras over the years, each with its own unique characteristics and motivations. Understanding the history of computer hacking is important for understanding its impact on technology and society, the current state of cybersecurity, and for developing effective strategies for protecting against cyber threats.

Hacking 75

Hacking Cybersecurity Internet Internet 75

Security Affairs

DECEMBER 10, 2018

The British teenager George Duke-Cohan (19) has been sentenced to three years in prison due to false bomb threats and carrying out DDoS attacks. The team was offering a DDoS-for-hire service that has many similarities with the booter implemented by the popular Lizard Squad hacking crew. Security Affairs – cybercrime, DDoS).

DDOS 77

DDOS Advertising Cybercrime Hacking 77

Security Affairs

SEPTEMBER 27, 2021

Telegram is becoming an essential platform for cybercriminal activities, crooks use it but and sell any kind of stolen data and hacking tools. Researchers from vpnMentor recently published a report that sheds the light on the use of Telegram in the cybercrime ecosystem. Some channels have 10,000s of followers.”

Cybercrime 120

Cybercrime Hacking Mobile DDOS 120

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches 84

Data breaches DDOS Artificial Intelligence Ransomware 84

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. Image: Lumen’s Black Lotus Labs. Usually, these users have no idea their systems are compromised.

Malware 211

Malware VPN Internet Internet 211

Security Affairs

MAY 21, 2023

X Master Password Dumper (CVE-2023-32784) Malware RapperBot DDoS Botnet Expands into Cryptojacking Newly identified RA Group compromises companies in U.S. X Master Password Dumper (CVE-2023-32784) Malware RapperBot DDoS Botnet Expands into Cryptojacking Newly identified RA Group compromises companies in U.S.

Data breaches 83

Data breaches Cybercrime Ransomware Passwords 83

Security Affairs

APRIL 30, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter ) The post Security Affairs newsletter Round 417 by Pierluigi Paganini – International edition appeared first on Security Affairs.

Cybercrime 84

Cybercrime Malware Hacking Accountability 84

CSO Magazine

MARCH 1, 2022

Cyber Partisans of Belarus claim train hacks. The hackers purportedly compromised the railway system’s routing and switching devices and rendered them inoperable by encrypting data stored on them. Presumed hacktivists hacked Russian EV charging stations. Russian media outlets hacked to display anti-Russian messages.

DDOS 115

DDOS Media Hacking CSO 115

Security Affairs

APRIL 23, 2021

This is an unprecedented tactic in the cybercrime ecosystem. However, the announcement also serves as an indirect method to threaten hacked companies that not paying the ransom demand could result in negative press large enough to impact their market listings and enough to push some victims into paying the asked ransom.

Ransomware 112

Ransomware Marketing DDOS Cybercrime 112

Security Affairs

JANUARY 14, 2022

The group was also carrying out DDoS attacks to paralyze the networks of the victims and force them to pay the ransom. The suspects face multiple criminal charges, including money laundering, unauthorized access to computers and networks, and the creation, use, distribution, and sale of malware and hacking tools. Pierluigi Paganini.

Ransomware 106

Ransomware DDOS Telecommunications Malware 106

Security Affairs

SEPTEMBER 7, 2022

. “As a variant, MooBot inherits Mirai’s most significant feature – a data section with embedded default login credentials and botnet configuration – but instead of using Mirai’s encryption key, 0xDEADBEEF, MooBot encrypts its data with 0x22.” SecurityAffairs – hacking, D-Link). ” concludes the report.

DDOS 97

DDOS Encryption Passwords Hacking 97

Security Affairs

APRIL 3, 2023

FortiGuard Labs researchers observed an ongoing hacking campaign targeting Cacti ( CVE-2022-46169 ) and Realtek ( CVE-2021-35394 ) vulnerabilities to spread ShellBot and Moobot malware. The ShellBot , also known as PerlBot, is a Perl-based DDoS bot that uses IRC protocol for C2 communications. <Filename>.”

DDOS 78

DDOS Malware Hacking Education 78

Security Affairs

FEBRUARY 16, 2023

Unlike most Mirai variants, the V3G4 variant uses different XOR encryption keys for string encryption. Once the attacker gains control of a vulnerable device in this manner, they could take advantage by including the newly compromised devices in their botnet to conduct further attacks such as DDoS.”

IoT 94

IoT DDOS Encryption Malware 94

Security Affairs

AUGUST 20, 2022

SecurityAffairs – hacking, newsletter). If you want to also receive for free the newsletter with the international press subscribe here. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. The post Security Affairs newsletter Round 380 appeared first on Security Affairs.

DDOS 71

DDOS Architecture Malware Cybercrime 71

SecureList

SEPTEMBER 11, 2023

Introduction Knowledge is our best weapon in the fight against cybercrime. As with most cyberextortionists lately, the Cuba gang encrypts victims’ files and demands a ransom in exchange for a decryption key. Single extortion: encrypting data and demanding a ransom just for decryption.

Ransomware 135

Ransomware Encryption Malware DDOS 135

SecureWorld News

SEPTEMBER 15, 2023

Looking at the disastrous Colonial Pipeline hack as a glaring example of the importance of stringent safeguards—not to mention the growth in ransomware attacks on enterprises—implementing robust security measures is a must. Logs should be monitored regularly by appointed IT professionals for anomalies.

Media 80

Media Encryption Internet Internet 80

Security Affairs

APRIL 3, 2021

In February, the Spanish student Javier Yuste released a free decryption tool for the Avaddon ransomware that can be used by the victims to recover their encrypted files for free. Over the months Avaddon ransomware operators continued to promote their services in cybercrime forums to recruit more people to the network of its affiliates.

Ransomware 92

Ransomware Encryption Malware Cybercrime 92

Security Affairs

DECEMBER 15, 2021

“On October 21, the FBI notified OAG that it had seized an account belonging to HelloKitty, a Ukrainian hacking group, which contained OAG patient and employee files. According to the alert, the ransomware gang is launching distributed denial-of-service (DDoS) attacks as part of its extortion activities. Pierluigi Paganini.

Ransomware 84

Ransomware Data breaches DDOS Healthcare 84

Security Affairs

NOVEMBER 2, 2023

” The attackers attempted to deploy the HelloKitty ransomware, whose source code was leaked on a cybercrime forum in early October CVE-2023-46604 is a remote code execution vulnerability that impacts Apache ActiveMQ. Rapid7 published Indicators of Compromise (IoCs) for these attacks.

Ransomware 113

Ransomware Cybercrime Software Encryption 113

Security Affairs

OCTOBER 15, 2023

The ALPHV/BlackCat ransomware group claims to have hacked the Morrison Community Hospital and added it to its dark web Tor leak site. Its policy forbids to encrypt systems of organizations where damage could lead to the death of individuals. The Alphv ransomware group added the Morrison Community Hospital to its dark web leak site.

Ransomware 115

Ransomware Healthcare Data breaches Cyber Attacks 115

Security Affairs

MARCH 19, 2022

The AvosLocker ransomware-as-a-service emerged in the threat landscape in September 2021, since January the group expanded its targets by implementing the support for encrypting Linux systems, specifically VMware ESXi servers. SecurityAffairs – hacking, AvosLocker ransomware). hard drive, storage device, the cloud). Pierluigi Paganini.

Ransomware 92

Ransomware DDOS Passwords Backups 92

Security Affairs

APRIL 19, 2022

Kaspersky discovered a flaw in the encryption process of the Yanluowang ransomware that allows victims to recover their files for free. Researchers from Kaspersky discovered a vulnerability in the encryption process of the Yanluowang ransomware that can be exploited to recover the files encrypted by the malware without paying the ransom.

Ransomware 82

Ransomware Encryption DDOS Malware 82

Security Affairs

SEPTEMBER 25, 2022

gov adds more Chinese Telecom firms to the Covered List Imperva blocked a record DDoS attack with 25.3 gov adds more Chinese Telecom firms to the Covered List Imperva blocked a record DDoS attack with 25.3 gov adds more Chinese Telecom firms to the Covered List Imperva blocked a record DDoS attack with 25.3 Pierluigi Paganini.

Cryptocurrency 79

Cryptocurrency Data breaches DNS DDOS 79

Security Affairs

MARCH 1, 2020

Raccoon Malware, a success case in the cybercrime ecosystem. Hacking campaign targets sites running popular Duplicator WordPress plugin. Kr00k Wi-Fi Encryption flaw affects more than a billion devices. Silence Hacking Crew threatens Australian banks of DDoS attacks. SecurityAffairs – hacking, newsletter).

Banking 85

Banking Malware Advertising Ransomware 85

Security Affairs

OCTOBER 11, 2020

The actors behind FONIX RaaS advertised several products on various cybercrime forums. “Notably, FONIX varies somewhat from many other current RaaS offerings in that it employs four methods of encryption for each file and has an overly-complex post-infection engagement cycle.” SecurityAffairs – hacking, FONIX RaaS).

Ransomware 82

Ransomware Encryption Advertising DDOS 82

Security Affairs

OCTOBER 14, 2021

The analysis of the samples collected by the experts revealed that the Yanluowang ransomware uses the Windows API for encryption. Upon deploying the Yanluowang ransomware, it will stop hypervisor virtual machines, end all processes logged by the above tool (including SQL and back-up solution Veeam), then it will encrypt files.

Ransomware 83

Ransomware Encryption DDOS Hacking 83

The Last Watchdog

OCTOBER 5, 2023

He previously chronicled the emergence of cybercrime while covering Microsoft for USA TODAY. I held this position from 2000 through 2014, during which time Windows emerged as a prime target for both precocious script kiddies and emerging criminal hacking rings. Erin: What role should governments play in combating cybercrime?

Cyber threats 203

Cyber threats Cyber Insurance Cybersecurity Threat Detection 203

Krebs on Security

MAY 11, 2021

Here’s a closer look at the DarkSide cybercrime gang, as seen through their negotiations with a recent U.S. From today we introduce moderation and check each company that our partners want to encrypt to avoid social consequences in the future.” victim that earns $15 billion in annual revenue.

Ransomware 363

Ransomware Advertising Healthcare Penetration Testing 363

Security Affairs

NOVEMBER 17, 2019

Apple Mail stores parts of encrypted emails in plaintext DB. ZoneAlarm forum site hack exposed data of thousands of users. Experts warn of spike in TCP DDoS reflection attacks targeting Amazon, SoftLayer and telco infrastructure. TA505 Cybercrime targets system integrator companies.

DDOS 50

DDOS Spyware Advertising Ransomware 50

SecureList

NOVEMBER 23, 2021

The COVID-19 pandemic is likely to cause a massive wave of poverty, and that invariably translates into more people resorting to crime, including cybercrime. This ransomware is controlled by command line parameters and can either retrieve an encryption key from the C2 or an argument at launch time. Analysis of forecasts for 2021.

Cryptocurrency 110

Cryptocurrency Banking Cybercrime Ransomware 110

Security Affairs

FEBRUARY 5, 2021

The hacking group TeamTNT has been employing a new piece of malware, dubbed Hildegard, in a series of attacks targeting Kubernetes systems. In January 2021, the cybercrime gang launched a new campaign targeting Kubernetes environments with the Hildegard malware, Palo Alto Networks warns. SecurityAffairs – hacking, TeamTNT).

Malware 107

Malware DNS Cryptocurrency Internet 107

SecureWorld News

APRIL 4, 2022

According to a report from McAfee Enterprise and FireEye titled, "Cybercrime in a Pandemic World: The Impact of COVID-19," 81% of global organizations have experienced increased cyberthreats, and 79% experienced downtime from an attack during a peak season. Cybersecurity attacks are on the rise, especially since the ongoing COVID-19 pandemic.

Digital transformation 78

Digital transformation Ransomware Phishing Small Business 78

Security Affairs

FEBRUARY 29, 2024

The NCA will reach out to victims based in the UK in the coming days and weeks, providing support to help them recover encrypted data. According to the message, the FBI hacked the gang’s infrastructure because they didn’t want to leak information Fulton County. It seems that the group is re-populating its tor leak site.

Ransomware 92

Ransomware Hacking Cyber Attacks Encryption 92

Security Affairs

JUNE 22, 2023

” The researchers pointed out that the Mirai variant like IZ1H9 and V3G4 will first initialize an encrypted string table and then retrieve the strings through an index. The list of targeted devices includes routers, DVRs, access control systems, and Solar power generation monitoring systems.

IoT 81

IoT Malware Encryption DDOS 81

Security Affairs

NOVEMBER 14, 2021

SecurityAffairs – hacking, newsletter). If you want to also receive for free the newsletter with the international press subscribe here. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. The post Security Affairs newsletter Round 340 appeared first on Security Affairs.

Spyware 53

Spyware Data breaches Ransomware Retail 53