Krebs on Security

OCTOBER 17, 2024

government on Wednesday announced the arrest and charging of two Sudanese brothers accused of running Anonymous Sudan (a.k.a. AnonSudan ), a cybercrime business known for launching powerful distributed denial-of-service (DDoS) attacks against a range of targets, including dozens of hospitals, news websites and cloud providers.

DDOS

Krebs on Security

FEBRUARY 28, 2025

Last year, the French security firm Intrinsec detailed Prospero’s connections to bulletproof services advertised on Russian cybercrime forums under the names Securehost and BEARHOST. A second story claimed that Israeli spies caught Russian government hackers using Kaspersky software to search customer systems for files containing U.S.

Malware

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. Intel471 finds the user FlorainN registered across multiple cybercrime forums using the email address olivia.messla@outlook.de.

eCommerce

Krebs on Security

FEBRUARY 26, 2025

government officials searched online for non-extradition countries and for an answer to the question “can hacking be treason?” The government disclosed the details in a court motion to keep the defendant in custody until he is discharged from the military. ” prosecutors in the case said Wednesday.

Hacking

Security Affairs

MAY 3, 2025

The Rhysida Ransomware gang claims the hack of the Government of Peru, the gang breached Gob.pe, the Single Digital Platform of the Peruvian State. The Rhysida ransomware gang claims responsibility for hacking the Government of Peru, breaching Gob.pe, which is the country’s official digital platform.

Government

Krebs on Security

DECEMBER 11, 2024

A financial firm registered in Canada has emerged as the payment processor for dozens of Russian cryptocurrency exchanges and websites hawking cybercrime services aimed at Russian-speaking customers, new research finds. wtf, and PQHosting ; -sites selling aged email, financial, or social media accounts, such as verif[.]work com and rdp[.]monster;

Cryptocurrency

Security Affairs

NOVEMBER 21, 2024

Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. The authorities launched an investigation after the ransomware gang Ransomhub claimed the attack and published samples of personal information from a database of government.

Government

Security Affairs

MAY 17, 2025

The FBI warns that ex-government officials are being targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. officials to current or former senior US federal or state government officials and their contacts Since April 2025, threat actors have been using texts and AI voice messages impersonating senior U.S.

Government

Krebs on Security

MAY 29, 2025

government today imposed economic sanctions on Funnull Technology Inc. , ISPs, and that Ivan Neculiti for many years sold “bulletproof” hosting services that told Russian cybercrime forum customers they would proudly ignore any abuse complaints or police inquiries. Image: Shutterstock, ArtHead.

Scams

SecureWorld News

MAY 14, 2025

The FBI's Internet Crime Complaint Center (IC3) has released its 2024 Internet Crime Report, marking a record-breaking year in cybercrime. Other critical sectors, including manufacturing and government facilities, also faced significant threats. The report highlights a staggering $16.6 billion in losses. Since 2022, the U.S.

Cybercrime

Security Affairs

MARCH 18, 2025

Trend ZDI researchers discovered 1,000 malicious.lnk files used by nation-state actors and cybercrime groups to execute hidden malicious commands on a victims machine by exploiting the vulnerability ZDI-CAN-25373. Since 2017, the vulnerability has been exploited by APT groups from North Korea, Iran, Russia, and China.

Cybercrime

Security Affairs

OCTOBER 20, 2024

CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog North Korea-linked APT37 exploited IE zero-day in a recent attack Omni Family Health data breach impacts 468,344 individuals Iran-linked actors target critical infrastructure organizations macOS HM Surf flaw in TCC allows bypass Safari privacy settings Two Sudanese (..)

Data breaches

Security Affairs

DECEMBER 28, 2024

The Italian Cnaipic (National Cybercrime Center for the Protection of Critical Infrastructure) of the Postal Police is investigating the cyberattacks and is helping victims into mitigating the offensive. With the renewed support for Ukraine from the Italian government, this group has resumed targeting certain Italian websites.”

DDOS

Security Affairs

JANUARY 11, 2025

. “On November 20, 2024, we were notified by a vendor of point-of-sale processing services for some of our retail locations that accounts with their organization had been compromised by an organized cybercrime group.” ” reads the notice of data breach published by the company on its website.

Data breaches

Security Affairs

DECEMBER 6, 2024

Threat actors gained access to credentials for election-related websites, and then leaked them on Russian cybercrime forums a few days before the presidential election. The annulment affects both the election date set by Government Decision no. 756/2024 and the implementation calendar approved by Government Decision no.

Government

Krebs on Security

NOVEMBER 14, 2024

Shefel claims the true mastermind behind the Target and other retail breaches was Dmitri Golubov , an infamous Ukrainian hacker known as the co-founder of Carderplanet, among the earliest Russian-language cybercrime forums focused on payment card fraud. net that paid people to click on ads for Russian government employment opportunities.

Advertising

Krebs on Security

NOVEMBER 21, 2024

That Joeleoli moniker registered on the cybercrime forum OGusers in 2018 with the email address joelebruh@gmail.com , which also was used to register accounts at several websites for a Joel Evans from North Carolina. Click to enlarge.

Identity Theft

Security Affairs

MARCH 21, 2025

The company exclusively sells exploits to the Russian government and local firms. Law Enforcement and Cybercrime Control Russian authorities may want to monitor criminal organizations, opposition groups, or foreign entities using Telegram. The Russian firm seeks up to $500K for one-click RCE, $1.5M continues the announcement.

Government

Security Affairs

FEBRUARY 17, 2025

Dutch police seized 127 servers of the bulletproof hosting service Zservers/XHost after government sanctions. In 2023, Zservers leased infrastructure, including a Russian IP address, to a Lockbit affiliate” Bulletproof hosting services enable global cybercrime by providing safe havens for threat actors.

Cybercrime

Security Affairs

OCTOBER 13, 2024

Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches

Krebs on Security

MAY 15, 2025

In what experts are calling a novel legal outcome, the 22-year-old former administrator of the cybercrime community Breachforums will forfeit nearly $700,000 to settle a civil lawsuit from a health insurance company whose customer data was posted for sale on the forum in 2023. Conor Brian Fitzpatrick , a.k.a.

Healthcare

Security Affairs

JULY 26, 2025

BlackSuit is believed to be a rebrand of Royal ransomware , which the FBI and CISA linked to the Conti cybercrime group, a major player in Russian cybercrime. The BlackSuit ransomware targeted various critical infrastructure sectors, including commercial facilities, healthcare, government, and manufacturing.

Ransomware

Graham Cluley

JULY 23, 2025

Ransomware, considered by British authorities to be the UK's greatest cybercrime threat, costing the nation billions of pounds and with the capbility to bring essential services to a standstill, is in the gunsights of government. Read more in my article on the Hot for Security blog.

Ransomware

Security Affairs

JANUARY 14, 2025

According to court documents, the Chinese government paid Mustang Panda to develop PlugX malware, used since 2014 to target U.S., The malware was operated by a China-linked threat actor, known as Mustang Panda (aka Twill Typhoon, to steal sensitive information from victim computers. European, and Asian entities. systems. .”

Malware

Security Affairs

DECEMBER 1, 2024

These services allow attackers with minimal technical expertise to execute advanced attacks, democratizing cybercrime. The automation of malware development is another worrying trend, as it lowers the barrier to entry for cybercrime. For instance, in disinformation campaigns, the impact of GAI is already visible.

Artificial Intelligence

The Last Watchdog

AUGUST 6, 2025

” With this strategic enhancement, SpyCloud Investigations continues to solidify SpyCloud’s commitment to equipping security teams with the most advanced tools to disrupt cybercrime while maintaining rigorous standards for securing customer data. About SpyCloud: SpyCloud transforms recaptured darknet data to disrupt cybercrime.

Threat Detection

The Last Watchdog

FEBRUARY 4, 2025

“SpyCloud has a long history of leading the way in understanding the cybercrime ecosystem, from our early days in world-class ATO prevention to continuing to build solutions that empower organizations to proactively protect against threats stemming from infostealer malware, phished and breach data.

Cybercrime

SecureWorld News

FEBRUARY 12, 2025

With cybercrime, state-sponsored attacks, and digital risks evolving rapidly, the strategy aims to modernize Canada's cyber defenses through enhanced collaboration, industry leadership, and proactive threat mitigation. Detecting and disrupting cyber threat actors Cybercrime, ransomware, and state-sponsored attacks remain top concerns.

Cyber threats

Malwarebytes

OCTOBER 15, 2024

A focus on cybercrime While people hold a sense of distrust for election-related ads, they also revealed another emotion towards them: Fear. Finally, though Malwarebytes did not directly tie the concept of “cybercrime” to the election itself, survey participants were asked about “cyber interference.”

Scams

Security Boulevard

FEBRUARY 14, 2025

And get the latest on ransomware trends and on cybercrime legislation and prevention! government is urging software makers to adopt secure application-development practices that help prevent buffer overflow attacks. So how can governments more effectively tackle national-security cyberthreats from profit-seeking cybercriminals?

Banking

SecureWorld News

APRIL 22, 2025

A sophisticated cybercrime campaign, dubbed Elusive Comet , has been uncovered, in which North Korean threat actors are exploiting Zoom's remote control feature to infiltrate the systems of cryptocurrency professionals.

Cryptocurrency

eSecurity Planet

FEBRUARY 10, 2025

In a stark warning to organizations and everyday users alike, cybersecurity experts and government agencies have sounded the alarm over a new breed of Gmail-targeted phishing attacks. This surge highlights a broader trend toward automation in cybercrime and signals that no email platform is immune.

Phishing

Krebs on Security

MAY 7, 2025

People who purchased fake certifications were subsequently blackmailed by Axact employees posing as government officials , who would demand additional payments under threats of prosecution or imprisonment for having bought fraudulent unauthorized academic degrees. Mr. Bilwani did not respond to requests for comment.

Scams

Security Affairs

FEBRUARY 6, 2025

Spanish Police arrested an unnamed hacker who allegedly breached tens of government institutions in Spain and the US. Spanish National Police arrested a hacker responsible for multiple cyberattacks on government institutions in Spain and the U.S. Targe including the U.S. Army, UN, NATO, and other agencies.

Cybercrime

SecureWorld News

NOVEMBER 15, 2024

The breach granted these hackers access to sensitive communications and call records, focusing mainly on government officials and politically involved individuals. "We government and private-sector communications systems. According to the FBI and CISA , Salt Typhoon infiltrated major U.S.

Telecommunications

SecureWorld News

JULY 8, 2025

Ransomware-as-a-Service (RaaS) has transformed cybercrime into an accessible, scalable platform that anyone can tap into—no code required. Welcome to the age of cybercrime for hire—streamlined, professionalized, and more dangerous than ever. How RaaS works: cybercrime-as-a-platform RaaS operates like any modern SaaS business model.

Ransomware

Hacker's King

OCTOBER 19, 2024

In today’s increasingly digital world, businesses, governments, and individuals face an ever-growing threat from cyberattacks. In 2023 alone, global cybercrime damages were projected to reach $10.5 In response, cybersecurity jobs in government and defense sectors have increased dramatically. trillion annually.

Cybersecurity