Security Affairs

OCTOBER 21, 2024

Cisco confirms that data published by IntelBroker on a cybercrime forum was taken from the company DevHub environment. Cisco confirms that the data posted by IntelBroker on a cybercrime forum was stolen from its DevHub environment.

Cybercrime 133

Cybercrime Data breaches Technology Banking 133

Security Affairs

FEBRUARY 2, 2025

and Dutch authorities seized 39 domains and servers linked to the HeartSender cybercrime group based in Pakistan. A joint law enforcement operation led to the seizure of 39 domains tied to a Pakistan-based HeartSender cybercrime group (aka Saim Raza and Manipulators Team) known for selling hacking and fraud tools.

Cybercrime 110

Cybercrime Advertising Phishing Hacking 110

Security Boulevard

FEBRUARY 3, 2025

Investigators from the United States and other countries seized and shut down two online cybercriminal marketplaces, Cracked and Nulled, that they said affected more than 17 million Americans by selling hacking tools and stolen information to bad actors.

Cybercrime 104

Cybercrime Hacking Cybersecurity Network Security 104

Security Affairs

JANUARY 20, 2025

Last week, the notorious threat actor IntelBroker announced on a popular cybercrime forum the sale of data allegedly stolen from HPE. ” reads the announcement published on the cybercrime forum. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,HPE)

Hacking 120

Hacking Cybercrime Data breaches Information Security 120

Security Affairs

NOVEMBER 21, 2024

Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. Today they are going to send me a report on the supposed hacking.” This is not the first time Mexico’s presidential office has been targeted in a hack involving sensitive information.

Government 144

Government Hacking Ransomware Insurance 144

Krebs on Security

NOVEMBER 1, 2024

We’ll also explore an array of cybercrime services aimed at phishers who target hotels that rely on the world’s most visited travel website. In an email to KrebsOnSecurity, booking.com confirmed one of its partners had suffered a security incident that allowed unauthorized access to customer booking information.

Phishing 276

Phishing Accountability Artificial Intelligence Cybercrime 276

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. “Finndev.” ” Image: Ke-la.com. 30, the U.S. Meanwhile, a LinkedIn profile for a Florian M.

eCommerce 218

eCommerce Cybercrime Accountability Hacking 218

Krebs on Security

DECEMBER 4, 2024

government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest. Matveev’s hacker identities were remarkably open and talkative on numerous cybercrime forums. An FBI wanted poster for Matveev. “Mother Russia will help you. “Mother Russia will help you.

Cybercrime 251

Cybercrime Ransomware Cryptocurrency Government 251

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking 344

Hacking Cybercrime Phishing Passwords 344

Security Affairs

NOVEMBER 24, 2024

seized the stolen credit card marketplace PopeyeTools and charged its operators, this is a major success against cybercrime. PopeyeTools was a dark web marketplace specializing in selling stolen credit cards and cybercrime tools, facilitating fraud and illicit online activities since 2016. million in revenue. million in revenue.

Cybercrime 132

Cybercrime Cryptocurrency Banking Accountability 132

Krebs on Security

FEBRUARY 28, 2025

Last year, the French security firm Intrinsec detailed Prospero’s connections to bulletproof services advertised on Russian cybercrime forums under the names Securehost and BEARHOST. government for its hacking operations, CEO Eugene Kaspersky says he ordered workers to delete the code. The bulletproof hosting provider BEARHOST.

Malware 262

Malware Antivirus Software DDOS 262

Security Affairs

JANUARY 5, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,malware) Google researchers provided event rules within Google Security Operations to dete ctPLAYFULGHOST activity.

Malware 132

Malware Encryption Phishing Hacking 132

Security Affairs

DECEMBER 7, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,ransomware) Grabovac pointed out that his organization will not pay the ransom requested by the ransomware gang.

Ransomware 126

Ransomware Hacking Accountability Cyber Attacks 126

Security Affairs

MAY 12, 2025

Threat actors use fake AI tools to trick users into installing the information stealer Noodlophile, Morphisec researchers warn. Noodlophile is being sold on cybercrime forums as part of malware-as-a-service schemes, often bundled with tools for credential theft.

Malware 112

Malware Media Cybercrime Scams 112

Security Affairs

MAY 3, 2025

The Rhysida Ransomware gang claims the hack of the Government of Peru, the gang breached Gob.pe, the Single Digital Platform of the Peruvian State. The Rhysida ransomware gang claims responsibility for hacking the Government of Peru, breaching Gob.pe, which is the country’s official digital platform.

Government 127

Government Hacking Ransomware Manufacturing 127

Security Affairs

MARCH 10, 2025

Another American hospital falls victim to a ransomware attack; the RansomHouse gang announced the hack of Loretto Hospital in Chicago.” ” The RansomHouse gang announced the hack of Loretto Hospital in Chicago, the groups claims to have stolen 1.5TB of sensitive data.

Hacking 118

Hacking Healthcare Backups Ransomware 118

Security Affairs

MAY 25, 2025

. “A Command Post was set up at Europol headquarters in The Hague during the action week, with investigators from Canada, Denmark, France, Germany, the Netherlands, the United Kingdom and the United States working with Europols European Cybercrime Centre and its Joint Cybercrime Action Taskforce.”

Ransomware 127

Ransomware Cybercrime Malware Cryptocurrency 127

Krebs on Security

DECEMBER 29, 2024

Maybe it’s indelicate to celebrate the birthday of a cybercrime blog that mostly publishes bad news, but happily many of 2024’s most engrossing security stories were about bad things happening to bad guys. Image: Shutterstock, Dreamansions. KrebsOnSecurity.com turns 15 years old today!

Scams 241

Scams Cybercrime Cryptocurrency Social Engineering 241

Security Affairs

MAY 15, 2025

Kosovar citizen extradited to the US for running the cybercrime marketplace BlackDB.cc Kosovo citizen Liridon Masurica (33) of Gjilan, was extradited to the US for running the cybercrime marketplace BlackDB.cc ” The FBI led the investigation with support from the Kosovo Polices Cybercrime Investigation Directorate. .”

Cybercrime 73

Cybercrime Identity Theft Cryptocurrency Hacking 73

Krebs on Security

MAY 29, 2025

“We have stopped hundreds of attempts this year related to this group and we are looking into the information you shared earlier today,” reads a statement shared by Amazon. Amazon said its Amazon Web Services (AWS) hosting platform actively counters abuse attempts. ” U.S. The homepage of Stark Industries Solutions.

Scams 223

Scams Internet Internet Cybercrime 223

Krebs on Security

NOVEMBER 14, 2024

But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities.

Retail 274

Retail Advertising Cryptocurrency Cybercrime 274

Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. police as part of an FBI investigation into the MGM hack. Image: Amitai Cohen twitter.com/amitaico. Click to enlarge.

Identity Theft 268

Identity Theft Phishing Cryptocurrency Accountability 268

Security Affairs

APRIL 10, 2025

No OCI service has been interrupted or compromised in any way,” Last week, Oracle confirmed a data breach and started informing customers while downplaying the impact of the incident. The hacker has published 10,000 customer records, a file showing Oracle Cloud access, user credentials, and an internal video as proof of the hack.

Hacking 122

Hacking Data breaches Encryption Authentication 122

Security Affairs

OCTOBER 25, 2024

“Change Healthcare can confirm we are experiencing a cybersecurity issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat.” However, after a $22 million transaction, an affiliate publicly complained on a Russian cybercrime forum, alleging that BlackCat did not pay their fee.

Data breaches 130

Data breaches Healthcare Cybercrime Insurance 130

Security Affairs

OCTOBER 28, 2024

French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. Free disclosed a cyber attack over the weekend after a threat actor attempted to sell the stolen data on a popular cybercrime forum. Free S.A.S. million mobile and fixed subscribers.

Cyber Attacks 127

Cyber Attacks Telecommunications Data breaches Banking 127

Security Affairs

OCTOBER 27, 2024

Four former members of the REvil ransomware group were sentenced in Russia for hacking and money laundering, marking a rare case of Russian gang members being convicted in the country. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, REvil ransomware gang )

Ransomware 143

Ransomware Hacking Malware Cybercrime 143

Krebs on Security

APRIL 30, 2025

A 23-year-old Scottish man thought to be a member of the prolific Scattered Spider cybercrime group was extradited last week from Spain to the United States, where he is facing charges of wire fraud, conspiracy and identity theft. Tyler Buchanan, being escorted by Spanish police at the airport in Palma de Mallorca in June 2024.

Identity Theft 195

Identity Theft Phishing Cryptocurrency Cybercrime 195

Security Affairs

NOVEMBER 2, 2024

A former Disney World employee hacked servers after being fired, altering prices, adding profanities, and mislabeling allergy info. A former Walt Disney World employee hacked servers after being fired by the company. He is accused of changing prices, adding profanities, and falsely labeling items as allergy-safe.

Hacking 141

Hacking Risk Cybercrime Information Security 141

Security Affairs

OCTOBER 14, 2024

Dutch police dismantled Bohemia/Cannabia, two major dark web markets for illegal goods, drugs, and cybercrime services. These are two of the largest and longest-running dark web platforms for the trade of illegal goods, drugs, and cybercrime services. More arrests are anticipated.

Marketing 128

Marketing Cybercrime DDOS Cryptocurrency 128

Security Affairs

JANUARY 26, 2025

Change Healthcare can confirm we are experiencing a cybersecurity issue perpetrated by a cybercrime threat actor who has represented itself to us as ALPHV/Blackcat. However, after a $22 million transaction, an affiliate publicly complained on a Russian cybercrime forum, alleging that BlackCat did not pay their fee.

Healthcare 130

Healthcare Data breaches Insurance Cybercrime 130

Security Affairs

JANUARY 15, 2025

A previously unknown threat actor released config files and VPN passwords for Fortinet FortiGate devices on a popular cybercrime forum. ” These findings suggest that the data was likely stolen in the fall of 2022, but it’s unclear how attackers have obtained this information. “The data includes: IPs.

VPN 132

VPN Passwords Firewall Firmware 132

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches 119

Data breaches Cybercrime Cyber Insurance Marketing 119

Security Affairs

MARCH 24, 2025

The breach was detected in February , leading to notifications to the FBI, Virginia State Police, and the Virginia Information Technologies Agency. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, ransomware) Chief Deputy AG Steven Popps called it a sophisticated attack.

Ransomware 104

Ransomware Hacking Social Engineering Manufacturing 104

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 118

Data breaches Cryptocurrency Cybercrime Artificial Intelligence 118

Security Affairs

OCTOBER 21, 2024

The Internet Archive was breached again, attackers hacked its Zendesk email support platform through stolen GitLab authentication tokens. Despite being informed weeks prior, the organization’s failure to rotate exposed API keys, particularly the Zendesk token with access to over 800,000 support tickets, reflects poor incident response.

Internet 130

Internet Internet Data breaches Authentication 130

Security Affairs

JUNE 2, 2025

Department of Justice has dismantled an online cybercrime syndicate that provided encryption services to help malware evade detection. This helps them launch stealthy attacks and gain access to victims systems without being noticed, making these services a key tool in the cybercrime ecosystem. net, Cryptor[.]biz, biz, and Crypt[.]guru.

Antivirus 111

Antivirus Cybercrime Malware Firewall 111

Security Affairs

NOVEMBER 11, 2024

Amazon disclosed a data breach exposing employee data, with information allegedly stolen in the May 2023 MOVEit attacks. Amazon disclosed a data breach that exposed employee information after data was allegedly stolen during the May 2023 MOVEit attacks. million records containing employee data on the hacking forum BreachForums.

Data breaches 127

Data breaches Hacking Technology Ransomware 127