Cybercrime, Event and Information Security

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

Cisco confirms that data published by IntelBroker on a cybercrime forum was taken from the company DevHub environment. Cisco confirms that the data posted by IntelBroker on a cybercrime forum was stolen from its DevHub environment. The company has disabled public access to the site while we continue the investigation.

Cybercrime

Cybercrime Data breaches Technology Banking

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

Security Affairs

OCTOBER 14, 2024

Dutch police dismantled Bohemia/Cannabia, two major dark web markets for illegal goods, drugs, and cybercrime services. These are two of the largest and longest-running dark web platforms for the trade of illegal goods, drugs, and cybercrime services. ” reads the post published on the website Search Light Cyber.

Marketing

Marketing Cybercrime DDOS Cryptocurrency

E-skimming campaign uses Unicode obfuscation to hide the Mongolian Skimmer

Security Affairs

OCTOBER 10, 2024

The Mongolian Skimmer captures final data entries using the beforeunload event, ensures cross-browser compatibility with various event-handling techniques, and employs anti-debugging tactics by monitoring formatting changes to detect and evade debugging attempts.

Data collection

Data collection Malware Engineering Hacking

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

NOVEMBER 11, 2024

Exposed data did not include Social Security numbers or financial information. Amazon and AWS systems remain secure, and we have not experienced a security event. We were notified about a security event at one of our property management vendors that impacted several of its customers including Amazon.

Data breaches

Data breaches Hacking Technology Ransomware

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Security Affairs

FEBRUARY 6, 2025

The investigation began in early 2024 after data stolen from a Madrid business association was leaked on dark web cybercrime forums. The hacker claimed responsibility for the attacks on multiple cybercrime forums under different monikers to avoid being identified. ” continues the press release. ” concludes the statement.

Cybercrime

Cybercrime Government Data breaches Information Security

Cisco states that the second data leak is linked to the one from October

Security Affairs

DECEMBER 30, 2024

In October 2024, Cisco confirmed that the data posted by the notorious threat actor IntelBroker on a cybercrime forum was stolen from its DevHub environment. Meanwhile, Cisco will engage directly with customers if we determine they have been impacted by this event. ” reads the update published by Cisco.

Data breaches

Data breaches Cybercrime Authentication Technology

New version of Android malware FakeCall redirects bank calls to scammers

Security Affairs

OCTOBER 30, 2024

. “The victim will be unaware of the manipulation, as the malware’s fake UI will mimic the actual banking experience, allowing the attacker to extract sensitive information or gain unauthorized access to the victim’s financial accounts.” Upon detecting specific events (e.g.,

Banking

Banking Malware Accountability Phishing

ZAGG disclosed a data breach that exposed its customers’ credit card data

Security Affairs

DECEMBER 29, 2024

.” FreshClick is not developed by BigCommerce, which told Bleeping Computer that its systems were secure. ZAGG announced the implementation of security measures to minimize the risk of a similar event occurring in the future. BigCommerce discovered and removed a hacked FreshClick app from customer stores.

Data breaches

Data breaches Computers and Electronics Hacking Wireless

PLAYFULGHOST backdoor supports multiple information stealing features

Security Affairs

JANUARY 5, 2025

The backdoor can drop additional payloads, block input, clear event logs, wipe clipboard, delete browser data, and erase profiles for apps like Skype and Telegram. Google researchers provided event rules within Google Security Operations to dete ctPLAYFULGHOST activity.

Malware

Malware Encryption Phishing Hacking

A crime ring compromised Italian state databases reselling stolen info

Security Affairs

OCTOBER 28, 2024

The charges being pursued by investigators include criminal conspiracy for unauthorized access to computer systems, illegal interception, falsification of electronic communications, disclosure of confidential information, aiding and abetting, and extortion. ” reads a statement from a lawyer for Del Vecchio.

Computers and Electronics

Computers and Electronics Banking Marketing Hacking

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

Webroot

MARCH 3, 2025

March is a time for leprechauns and four-leaf clovers, and as luck would have it, its also a time to learn how to protect your private data from cybercrime. During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure.

Consumer Protection

Consumer Protection Identity Theft Scams Social Engineering

A large botnet targets M365 accounts with password spraying attacks

Security Affairs

FEBRUARY 24, 2025

“The attackers have identified a method that causes login events to be logged in the Non-Interactive Sign-In logs, which may result in reduced security visibility and response.” ” continues the report.

Passwords

Passwords Accountability Authentication Malware

A new campaign is likely targeting a zero-day in Fortinet FortiGate firewalls

Security Affairs

JANUARY 14, 2025

In the reconnaissance phase, experts observed automated login/logout events without changes until November 22, 2024, when unauthorized configuration edits began. Between November and December 2024, the researchers observed hundreds to thousands of short-lived, automated jsconsole logins from anomalous IPs across diverse victim organizations.

Firewall

Firewall VPN Accountability Firmware

California Cryobank, the largest US sperm bank, disclosed a data breach

Security Affairs

MARCH 19, 2025

“In addition, we are providing you with proactive fraud assistance to help with any questions that you might have or in the event that you become a victim of fraud” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,California Cryobank)

Data breaches

Data breaches Banking Insurance Hacking

Russia-linked APT29 targets European diplomatic entities with GRAPELOADER malware

Security Affairs

APRIL 21, 2025

.” About a year after its last WINELOADER campaign, the Russia-linked threat actor launched new phishing attacks posing as the European Ministry of Foreign Affairs, inviting targets to fake wine tasting events. The phishing campaign used domains like bakenhof[.]com com and silry[.]com

Malware

Malware Phishing Encryption Hacking

Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket

Security Affairs

JANUARY 15, 2025

We encourage all customers to follow security, identity, and compliance best practices. In the event a customer suspects they may have exposed their credentials, they can start by following the steps listed in this post. As always, customers can contact AWS Support with any questions or concerns about the security of their account.

Encryption

Encryption Ransomware Authentication Accountability

Operation Eastwood disrupted operations of pro-Russian hacker group NoName057(16)

Security Affairs

JULY 16, 2025

. “Between 14 and 17 July, a joint international operation, known as Eastwood and coordinated by Europol and Eurojust, targeted the cybercrime network NoName057(16). “This gamified manipulation, often targeted at younger offenders, was emotionally reinforced by a narrative of defending Russia or avenging political events.”

DDOS

DDOS Cybercrime Cryptocurrency Hacking

Hertz disclosed a data breach following 2024 Cleo zero-day attack

Security Affairs

APRIL 15, 2025

“Hertz immediately began analyzing the data to determine the scope of the event and to identify individuals whose personal information may have been impacted.” ” reads the data breach notification published by the company.

Data breaches

Data breaches Ransomware Hacking Software

BlackLock Ransomware Targeted by Cybersecurity Firm

Security Affairs

MARCH 26, 2025

Notably, another prominent ransomware group DragonForce took the lead capitalizing on these events. Both BlackLock and Momona Ransomware went offline and are currently not available. Resecurity highlighted that it is possible DragonForce will take over on the BlackLock affiliate base, and the group will successfully transition to new masters.

Ransomware

Ransomware Cybersecurity Healthcare Accountability

Experts warn of the new sophisticate Crocodilus mobile banking Trojan

Security Affairs

MARCH 29, 2025

The malware also supports advanced keylogger capabilities by capturing all Accessibility events and screen elements. ThreatFabric states that the malware primarily targets users in Spain and Turkey, with global expansion expected.

Banking

Banking Mobile Identity Theft Malware

New Ballista Botnet spreads using TP-Link flaw. Is it an Italian job?

Security Affairs

MARCH 12, 2025

The vulnerability was first reported to ZDI during the Pwn2Own Toronto 2022 event. Working exploits for LAN and WAN interface accesses were respectively reported by Team Viettel and Qrious Security. A remote attacker can trigger the issue to inject commands that should be executed on the device.

IoT

IoT Malware Encryption DDOS

ESXi ransomware attacks use SSH tunnels to avoid detection

Security Affairs

JANUARY 27, 2025

Configuring log forwarding is essential to streamline monitoring and centralize event capture. ESXi appliances splits logs into multiple files by activity, complicating forensic investigations and monitoring activities. “While ESXi does support a few third-party monitoring or telemetry agents, such tools are limited in availability.

Ransomware

Ransomware Authentication Hacking Cybersecurity

The financial impact of Marks & Spencer and Co-op cyberattacks could reach £440M

Security Affairs

JUNE 23, 2025

UK’s Cyber Monitoring Centre (CMC) labels Marks & Spencer and Co-op cyberattacks a Category 2 event, estimating financial impact at £270M–£440M. The Cyber Monitoring Centre (CMC) has labeled the recent cyberattacks on Marks & Spencer and Co-op as a Category 2 systemic event, estimating losses between £270M and £440M.

Retail

Retail Social Engineering Data breaches Cybercrime

Abilene city, Texas, takes systems offline following a cyberattack

Security Affairs

APRIL 22, 2025

The experts who are investigating the incident are not aware of financial irregularities following the event. .” The IT department worked tirelessly to restore services, however, some of the impacted systems remain offline as a precaution, but emergency services continue.

Ransomware

Ransomware Government Hacking Accountability

Security Affairs newsletter Round 499 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 24, 2024

CISA adds Apple, Oracle Agile PLM bugs to its Known Exploited Vulnerabilities catalog More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office US DoJ charges five alleged members of the Scattered Spider cybercrime gang Threat actor (..)

Cybercrime

Cybercrime Hacking Artificial Intelligence Ransomware

Texas Tech University data breach impacted 1.4 million individuals

Security Affairs

DECEMBER 17, 2024

“The investigation confirmed that a cybersecurity event caused the technology issues, resulting in access to or removal of certain files and folders from the HSCs network between September 17 and September 29, 2024.” ” reads the notice of security breach published by the HSCs.

Data breaches

Data breaches Insurance Ransomware Cyber Attacks

UK NCA arrested four people over M&S, Co-op cyberattacks

Security Affairs

JULY 10, 2025

” In June, the Cyber Monitoring Centre (CMC) labeled the cyberattacks on Marks & Spencer and Co-op as a Category 2 systemic event, estimating losses between £270M and £440M. DragonForce runs a cybercrime affiliate service, letting affiliates use its tools to launch attacks and extort victims. continues the report.

Computers and Electronics

Computers and Electronics Retail Cyber Attacks Social Engineering

The Turmoil Following BreachForums Shutdown: Confusion, Risks, and a New Beginning

Security Affairs

APRIL 28, 2025

BreachForums was an English-language cybercrime forum that emerged in March 2022 as a successor to the dismantled RaidForums. —–BEGIN PGP SIGNED MESSAGE—– Hash: SHA512 Hello everyone, We would like to provide an update on recent events over the past two weeks. breachforums[.]st.

Risk

Risk Hacking Cybercrime Scams

Marco Rubio Impersonation Reveals Growing Threat of AI-Powered Attacks

SecureWorld News

JULY 9, 2025

Authorities have yet to identify the person behind the impersonation, but the motives seem clear: to gain access to sensitive information and influence decision-making. In the past, these signals were considered reliable indicators of authenticity, but in today's world, they have become potential attack vectors.

Government

Government Authentication Risk Technology

SonicWall investigates possible zero-day amid Akira ransomware surge

Security Affairs

AUGUST 5, 2025

“We’ve currently had around 20 different attacks that are directly related to this particular set of events, with the first of these starting on July 25. We can confirm that the suspected vulnerability exists in firmware versions 7.2.0-7015 7015 and earlier.” ” reads the report published by Huntress.

Ransomware

Ransomware Firewall VPN Firmware

Spotlight on Cybersecurity Leaders: Richard Staynings

SecureWorld News

JANUARY 6, 2025

In the SecureWorld Spotlight Series, we learn about the speakers and Advisory Council members that make our events a success. For the past 25 years, he has resided in Boulder, Colorado, and calls the Rockies home when he is not flying to or from a security event or conference in some distant part of the world. trillion USD.

Cybersecurity

Cybersecurity Cybercrime Healthcare Government

Kelly Benefits December data breach impacted over 400,000 individuals

Security Affairs

MAY 5, 2025

“As such, a total of seven thousand one hundred sixty-four (7,164) Maine residents have now been notified of this event.” .” reads the update provided by the company that was shared with Maine AG. ” The company did not share details about the attack, no ransomware group claimed responsibility for the intrusion.

Data breaches

Data breaches Insurance Hacking Accountability

Kelly Benefits data breach has impacted 550,000 people, and the situation continues to worsen as the investigation progresses

Security Affairs

JULY 3, 2025

The information that could have been subject to unauthorized access for the additional Maine residents includes name, Social Security number and financial account information.” As such, a total of seven thousand one hundred sixty-four (7,164) Maine residents have now been notified of this event.”

Data breaches

Data breaches Accountability Hacking Ransomware

Crooks exploit the death of Pope Francis

Security Affairs

APRIL 24, 2025

Crooks exploit the death of Pope Francis, using public curiosity and emotion to launch scams and spread malware, an old tactic during global events. Cybercriminals are ready to exploit any event of global interest, it has already happened in the past during events like Queen Elizabeth IIs death or the COVID-19 pandemic.

Scams

Scams Threat Detection Artificial Intelligence Malware

India-based car-sharing company Zoomcar suffered a data breach impacting 8.4M users

Security Affairs

JUNE 17, 2025

However, the Company continues to evaluate the scope and potential impacts of the event, including legal, financial, and reputational considerations, as well as any associated remediation costs.” . “To date, the incident has not resulted in any material disruption to the Company’s operations. ” concludes FORM 8-K.

Data breaches

Data breaches Passwords Cyber Attacks Ransomware

Northwest Radiologists data breach hits 350,000 in Washington

Security Affairs

AUGUST 4, 2025

Upon discovery, we took immediate action to address and investigate the event, which included contacting law enforcement and engaging third-party specialists to assist with determining the nature and scope of the event.” ” reads the notice sent to the Washington State Attorney General’s Office.

Data breaches

Data breaches Insurance Hacking Ransomware

Trump 2.0 Brings Cuts to Cyber, Consumer Protections

Krebs on Security

FEBRUARY 23, 2025

NextGov reports that Trump named the Department of Defense’s new chief information security officer: Katie Arrington , a former South Carolina state lawmaker who helped steer Pentagon cybersecurity contracting policy before being put on leave amid accusations that she disclosed classified data from a military intelligence agency.

Consumer Protection

Consumer Protection Government Cryptocurrency Media

Malware campaign hides a shellcode into Windows event logs

Security Affairs

MAY 7, 2022

Experts spotted a malware campaign that is the first one using a technique of hiding a shellcode into Windows event logs. In February 2022 researchers from Kaspersky spotted a malicious campaign using a novel technique that consists of hiding the shellcode in Windows event logs. SecurityAffairs – hacking, Windows event logs).

Malware

Malware Encryption Hacking Cybersecurity

Ransomware gangs target companies involved in time-sensitive financial events, FBI warns

Security Affairs

NOVEMBER 2, 2021

The FBI warns of ransomware attacks on businesses involved in “time-sensitive financial events” such as corporate mergers and acquisitions. Ransomware gangs target these companies because there is a high likelihood that they will pay the ransom to avoid the impact of the disclosure of sensitive data during these events.

Ransomware

Ransomware Hacking Accountability Cybercrime

Cybercriminals launched “Leaksmas” event in the Dark Web exposing massive volumes of leaked PII and compromised data

Security Affairs

DECEMBER 28, 2023

This widespread geographical distribution of “Free Leaksmas” event highlights the extensive global reach and severe impact of these cybercriminal activities.

Identity Theft

Identity Theft Data breaches Government Hacking

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

Additionally, there are also Russian cybercrime organizations that are not state-sponsored but are allowed to operate. Although there’s no one magic solution to eliminating cyberattacks and cybercrime risks, there are steps you can take to reduce the chances of becoming a victim. businesses called #ShieldsUp.

Cybersecurity

Cybersecurity Cybercrime Government Education

Pwn2Own 2020 Day1 -researchers earned $180K for hacking Windows, Ubuntu, and macOS

Security Affairs

MARCH 19, 2020

The Coronavirus outbreak hasn’t stopped the Pwn2Own hacking conference, for the first time its organizer, the Zero Day Initiative (ZDI), has decided to arrange the event allowing the participants to remotely demonstrate their exploits. ” reads the official page of the event. SecurityAffairs – Pwn2Own, cybercrime).

Hacking

Hacking Advertising Cybercrime Software

The Netherlands declares war on ransomware operations

Security Affairs

OCTOBER 8, 2021

A broad explanation of this threat is included in the Cyber Security Assessment Netherlands (CSBN) 2021, which was shared with the Chamber in June by the Minister of Justice and Security. Security Security Agenda (NCSA) and the integrated approach to cybercrime.” ” continues the letter.

Ransomware

Ransomware Cybercrime Government Cyber Attacks

CERIAS – Frederick Scholl’s ‘Cybercrime: A Proposed Solution’

Security Boulevard

APRIL 6, 2021

The post CERIAS – Frederick Scholl’s ‘Cybercrime: A Proposed Solution’ appeared first on Security Boulevard. Many thanks to CERIAS Purdue University for publishing their outstanding videos on the organization's YouTube channel. Enjoy and Be Educated Simultaneously!

Cybercrime

Cybercrime Education InfoSec Information Security

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

Trending Sources

E-skimming campaign uses Unicode obfuscation to hide the Mongolian Skimmer

Amazon discloses employee data breach after May 2023 MOVEit attacks

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Cisco states that the second data leak is linked to the one from October

New version of Android malware FakeCall redirects bank calls to scammers

ZAGG disclosed a data breach that exposed its customers’ credit card data

PLAYFULGHOST backdoor supports multiple information stealing features

A crime ring compromised Italian state databases reselling stolen info

National Consumer Protection Week: Keeping your personal data safe in a digitally connected world

A large botnet targets M365 accounts with password spraying attacks

A new campaign is likely targeting a zero-day in Fortinet FortiGate firewalls

California Cryobank, the largest US sperm bank, disclosed a data breach

Russia-linked APT29 targets European diplomatic entities with GRAPELOADER malware

Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket

Operation Eastwood disrupted operations of pro-Russian hacker group NoName057(16)

Hertz disclosed a data breach following 2024 Cleo zero-day attack

BlackLock Ransomware Targeted by Cybersecurity Firm

Experts warn of the new sophisticate Crocodilus mobile banking Trojan

New Ballista Botnet spreads using TP-Link flaw. Is it an Italian job?

ESXi ransomware attacks use SSH tunnels to avoid detection

The financial impact of Marks & Spencer and Co-op cyberattacks could reach £440M

Abilene city, Texas, takes systems offline following a cyberattack

Security Affairs newsletter Round 499 by Pierluigi Paganini – INTERNATIONAL EDITION

Texas Tech University data breach impacted 1.4 million individuals

UK NCA arrested four people over M&S, Co-op cyberattacks

The Turmoil Following BreachForums Shutdown: Confusion, Risks, and a New Beginning

Marco Rubio Impersonation Reveals Growing Threat of AI-Powered Attacks

SonicWall investigates possible zero-day amid Akira ransomware surge

Spotlight on Cybersecurity Leaders: Richard Staynings

Kelly Benefits December data breach impacted over 400,000 individuals

Kelly Benefits data breach has impacted 550,000 people, and the situation continues to worsen as the investigation progresses

Crooks exploit the death of Pope Francis

India-based car-sharing company Zoomcar suffered a data breach impacting 8.4M users

Northwest Radiologists data breach hits 350,000 in Washington

Trump 2.0 Brings Cuts to Cyber, Consumer Protections

Malware campaign hides a shellcode into Windows event logs

Ransomware gangs target companies involved in time-sensitive financial events, FBI warns

Cybercriminals launched “Leaksmas” event in the Dark Web exposing massive volumes of leaked PII and compromised data

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

Pwn2Own 2020 Day1 -researchers earned $180K for hacking Windows, Ubuntu, and macOS

The Netherlands declares war on ransomware operations

CERIAS – Frederick Scholl’s ‘Cybercrime: A Proposed Solution’

Stay Connected