Security Affairs

DECEMBER 4, 2024

Since 2012, Crimenetwork facilitated the sale of illegal goods and services, including drugs, forged documents, hacking tools, and stolen data. The operation was carried out by Public Prosecutor’s Office in Frankfurt am Main, the Central Office for Combating Cybercrime (ZIT), and the Federal Criminal Police Office (BKA).

Cybercrime 114

Cybercrime Cryptocurrency Hacking Internet 114

Security Affairs

SEPTEMBER 16, 2022

Uber on Thursday disclosed a security breach, threat actors gained access to its network, and stole internal documents. Uber on Thursday suffered a cyberattack, the attackers were able to penetrate its internal network and access internal documents, including vulnerability reports. Pierluigi Paganini.

Hacking 144

Hacking Data breaches Information Security Engineering 144

Krebs on Security

JUNE 18, 2021

NYSE:FAF ] was leaking more than 800 million documents — many containing sensitive financial data — related to real estate transactions dating back 16 years. Securities and Exchange Commission settled its investigation into the matter after the Fortune 500 company agreed to pay a paltry penalty of less than $500,000.

Insurance 333

Insurance Risk Financial Services CISO 333

Security Affairs

MAY 1, 2025

A cybercrime group named Hive0117 is behind a fresh phishing campaign that targeted Russian organizations with a new version of the DarkWatchman malware, according to Russian cybersecurity firm F6. “The emails had the subject Documents from 04/29/2025 and were sent from an address disguised as corporate correspondence.”

Malware 86

Malware Phishing Telecommunications Retail 86

Security Affairs

DECEMBER 30, 2024

In October 2024, Cisco confirmed that the data posted by the notorious threat actor IntelBroker on a cybercrime forum was stolen from its DevHub environment. DevHub is a platform designed for developers to access resources, tools, and APIs to build and integrate applications with Ciscos technologies.

Data breaches 125

Data breaches Cybercrime Authentication Technology 125

Security Affairs

FEBRUARY 6, 2025

The investigation began in early 2024 after data stolen from a Madrid business association was leaked on dark web cybercrime forums. The hacker claimed responsibility for the attacks on multiple cybercrime forums under different monikers to avoid being identified. ” continues the press release. ” concludes the statement.

Cybercrime 81

Cybercrime Government Data breaches Information Security 81

Krebs on Security

APRIL 27, 2023

This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information. But after being presented with a document including the Social Security number of a health professional in D.C. Washington, D.C.

Banking 344

Banking Government Information Security Authentication 344

Security Affairs

MARCH 15, 2024

US DoJ sentenced a Moldovan national (31) to 42 months in federal prison for operating the E-Root cybercrime marketplace. Diaconu was operating the E-Root cybercrime marketplace. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, cybercrime)

Cybercrime 133

Cybercrime Cryptocurrency Advertising Passwords 133

Security Affairs

JULY 18, 2024

The cybercrime group FIN7 is advertising a security evasion tool in multiple underground forums, cybersecurity company SentinelOne warns. SentinelOne researchers warn that the financially motivated group FIN7 is using multiple pseudonyms to advertise a security evasion tool in several criminal underground forums.

Advertising 141

Advertising Cybercrime Hacking Ransomware 141

Security Affairs

OCTOBER 3, 2022

The Italian luxury sports car manufacturer Ferrari confirmed the availability of internal documents online, but said it has no evidence of cyber attack. Documents belonging to the Italian luxury sports car manufacturer Ferrari are circulating online, the company confirmed their authenticity stating it is not aware of cyber attacks.

Hacking 131

Hacking Manufacturing Cyber Attacks Ransomware 131

Security Affairs

OCTOBER 9, 2023

A threat actor has leaked the source code for the first version of the HelloKitty ransomware on a Russian-speaking cybercrime forum. The availability of the source in the cybercrime ecosystem can allow threat actors to develop their own version of the Hello Kitty ransomware. The HelloKitty gang has been active since January 2021.

Cybercrime 141

Cybercrime Ransomware DDOS Encryption 141

Krebs on Security

NOVEMBER 16, 2023

In a 2,200-page report, Finnish authorities laid out how they connected the extortion spree to Kivimäki, a notorious hacker who was convicted in 2015 of perpetrating tens of thousands of cybercrimes, including data breaches, payment fraud, operating a botnet and calling in bomb threats.

Cybercrime 292

Cybercrime Hacking Data breaches Banking 292

Security Affairs

AUGUST 20, 2024

Toyota has confirmed a data breach after a threat actor leaked 240GB of data stolen from its infrastructure on a cybercrime forum. Toyota disclosed a data breach after a threat actor leaked an archive of 240GB of data stolen from its systems on a cybercrime forum, BleepingComputer reported.

Data breaches 119

Data breaches Cybercrime Financial Services Hacking 119

Security Affairs

DECEMBER 7, 2024

Allegedly, invoice receipts, accounting documents, personal data, certificates, employment contracts, a huge amount of confidential information, confidentiality pic.twitter.com/Tad7LeOcsk — HackManac (@H4ckManac) December 6, 2024 According to the announcement published by the group on its Tor leak site, stolen data includes: Invoice Receipts (..)

Ransomware 125

Ransomware Hacking Accountability Cyber Attacks 125

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” ” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in.

Cybercrime 353

Cybercrime Malware VPN Ransomware 353

Security Affairs

OCTOBER 21, 2024

The breach may have exposed personal identification documents uploaded by users for Wayback Machine page removal requests, depending on the attacker’s Zendesk API access. At this time, no one has claimed responsibility for this security breach. The emails were originated by an authorized Zendesk server (192.161.151.10).

Internet 129

Internet Internet Data breaches Authentication 129

Security Affairs

JULY 8, 2022

In some of the attacks, threat actors used an Excel document named Nuclear.xls, suggesting an alarming lure. Once opened, the document downloads a WinRAR self-extracting archive (SFX) that delivers the AnchorMail backdoor to the victim’s system. Experts also observed attacks dropping IcedID and CobaltStrike. Pierluigi Paganini.

Cybercrime 115

Cybercrime Malware DDOS Ransomware 115

Security Affairs

FEBRUARY 13, 2025

The researchers pointed out that tools belonging to the arsenal of China-linked APT groups are often shared resources, however, many arent publicly available and arent usually associated with cybercrime activity. It also resembles Trend Micros documented PlugX type 2 variant, also linked to Fireant.

Ransomware 120

Ransomware Software Cybercrime Encryption 120

Security Affairs

JANUARY 14, 2025

The malware was operated by a China-linked threat actor, known as Mustang Panda (aka Twill Typhoon, to steal sensitive information from victim computers. According to court documents, the Chinese government paid Mustang Panda to develop PlugX malware, used since 2014 to target U.S., European, and Asian entities. systems. .”

Malware 122

Malware Government Hacking Cybersecurity 122

Security Affairs

DECEMBER 4, 2024

The group claimed to have stolen 500GB of data including Finacial data, Organisation data, Users data and personal documents, NDA’s, Confidential data, and more. As proof of the data breach, the group published multiple screenshots, including pictures of passports and other documents.

Ransomware 126

Ransomware Telecommunications Healthcare Insurance 126

Security Boulevard

FEBRUARY 14, 2025

Meanwhile, an informal Tenable poll looks at cloud security challenges. And get the latest on ransomware trends and on cybercrime legislation and prevention! government is urging software makers to adopt secure application-development practices that help prevent buffer overflow attacks.

Banking 64

Banking Cybercrime Cybersecurity Ransomware 64

Webroot

MARCH 3, 2025

March is a time for leprechauns and four-leaf clovers, and as luck would have it, its also a time to learn how to protect your private data from cybercrime. During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure.

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

Security Affairs

NOVEMBER 3, 2022

The Sentinel Labs’s analysis revealed that Black Basta ransomware operators develop and maintain their own toolkit, they documented only collaboration with a limited and trusted set of affiliates. The post Experts link the Black Basta ransomware operation to FIN7 cybercrime gang appeared first on Security Affairs.

Cybercrime 110

Cybercrime Ransomware Antivirus Malware 110

Security Affairs

FEBRUARY 5, 2025

In the updated statement published by ICAO, the agency said it is actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations. ” reads the statement published by the International Civil Aviation Organization.

Data breaches 100

Data breaches Information Security Hacking Marketing 100

Security Affairs

MARCH 2, 2025

To prove the attack, the group published samples, such as ID scans, corporate documents, and spreadsheets. Yet, the information weve uncovered might offer a different perspective. ” Qilin is a Russian-speaking cybercrime group operating a Ransomware-as-a-Service (RaaS) model since 2022.

Ransomware 78

Ransomware Encryption Cybercrime Healthcare 78

Security Affairs

APRIL 26, 2025

Security footage reportedly shows the man attempting to access multiple offices before installing malicious software designed to capture screenshots every 20 minutes and transmit them to an external IP address. One of those computers was for employees only.” ” reported the media outlet KOCO 5 News.

Malware 145

Malware Cybersecurity Healthcare Media 145

Security Affairs

NOVEMBER 24, 2024

CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office US DoJ charges five alleged members of the Scattered Spider cybercrime gang Threat actor (..)

Cybercrime 72

Cybercrime Artificial Intelligence Hacking VPN 72

Security Affairs

NOVEMBER 21, 2024

The authorities launched an investigation after the ransomware gang Ransomhub claimed the attack and published samples of personal information from a database of government. Stolen files allegedly include contracts, insurance, and financial documents. ” reported the Associated Press.

Government 144

Government Hacking Ransomware Insurance 144

Security Affairs

OCTOBER 25, 2024

DLP risk assessments are important because, as with any security strategy, data loss prevention is a continuous process that requires constant refinement to be effective. Automated testing resources such as DLPtest.com are invaluable for this process.

Risk 123

Risk Cybersecurity Data breaches Cyber threats 123

Security Affairs

MAY 3, 2025

pic.twitter.com/6fsczNSrwu — Dominic Alvieri (@AlvieriD) May 2, 2025 The group published the images of multiple documents allegedly stolen from the Peruvian government platform. The Government of Peru has been breached by Rhysida Ransomware. The Rhysida ransomware group has been active since May 2023.

Government 126

Government Ransomware Hacking Manufacturing 126

Security Affairs

SEPTEMBER 4, 2021

FIN7 cybercrime gang used weaponized Windows 11 Alpha-themed Word documents to drop malicious payloads, including a JavaScript backdoor. The attack chain began with a Microsoft Word document (.doc) Anomali Threat Research experts have monitored recent spear-phishing attacks conducted by financially motivated threat actor FIN7.

Cybercrime 144

Cybercrime Retail Phishing Hacking 144

Security Affairs

FEBRUARY 12, 2025

Sarcoma ransomware operators claim to have stolen 377 GB of SQL files and documents. The company is investigating the security breach and mitigating the attack with the help of an external cyber forensic team. The company is headquartered in Taiwan and has manufacturing facilities in multiple countries.

Computers and Electronics 78

Computers and Electronics Ransomware Manufacturing Data breaches 78

Security Affairs

MAY 26, 2021

Last week, French authorities have seized the dark web marketplace Le Monde Parallèle, it is another success of national police in the fight against cybercrime. French authorities seized the dark web marketplace Le Monde Parallèle, the operation is another success of national police in the fight against cybercrime activity in the dark web.

Cybercrime 145

Cybercrime Cryptocurrency Banking Mobile 145

Security Affairs

MAY 15, 2025

Exposed data included contact details, partial SSNs and bank info, ID images, account history, and limited internal documents. Compromised data includes: Name, address, phone, and email; Masked Social Security (last 4 digits only); Masked bank-account numbers and some bank account identifiers; GovernmentID images (e.g.,

Data breaches 86

Data breaches Banking Accountability Retail 86

Security Affairs

MAY 13, 2025

Such information will be of interest to foreign intelligence agencies, nation-state actors, and advanced espionage groups, especially during local conflicts and ongoing wars.

Ransomware 113

Ransomware Cyber Attacks Risk Hacking 113

Security Affairs

JULY 30, 2021

The hacker exploited a vulnerability in a photo transfer service vulnerability to download ID scans from the Identity Documents Database (KMAIS). ” A joint operation conducted by the cybercrime Bureau of the National Criminal Police and RIA led to the identification of the Tallin resident. or take a new document photo. .

Government 137

Government Cybercrime Mobile Banking 137

Security Affairs

FEBRUARY 1, 2025

Stolen data include contracts, financial and business documents, engineering projects, and employees personally identifiable information (PII), including Aadhar card numbers. A few days later, the ransomware gang Hive leaked the alleged stolen files on its Tor leak site.

Technology 118

Technology Ransomware Engineering Manufacturing 118