Cybercrime, Hacking and Security Intelligence

Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware

Security Affairs

MAY 20, 2023

Researchers at Microsoft Security Intelligence team published a series of tweets to warn of a new wave of attacks aimed at distributing the Clop ransomware and linked it to the financially motivated cybercriminal group Sangria Tempest (ELBRUS, FIN7 ). They then use OpenSSH and Impacket to move laterally and deploy Clop ransomware.

Cybercrime

Cybercrime Ransomware Security Intelligence Hacking

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

Microsoft has uncovered Zerologon attacks that were allegedly conducted by the infamous TA505 Russia-linked cybercrime group. Microsoft spotted a series of Zerologon attacks allegedly launched by the Russian cybercrime group tracked as TA505 , CHIMBORAZO and Evil Corp. SecurityAffairs – hacking, Zerologon). states Microsoft.

Cybercrime

Cybercrime Security Intelligence Authentication Banking

“BriansClub” Hack Rescues 26M Stolen Cards

Krebs on Security

OCTOBER 15, 2019

“ BriansClub ,” one of the largest underground stores for buying stolen credit card data, has itself been hacked. All of the card data stolen from BriansClub was shared with multiple sources who work closely with financial institutions to identify and monitor or reissue cards that show up for sale in the cybercrime underground.

Hacking

Hacking Cybercrime Marketing Banking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Lawmakers Probe Early Release of Top RU Cybercrook

Krebs on Security

MARCH 15, 2022

Aleksei Burkov , a cybercriminal who long operated two of Russia’s most exclusive underground hacking forums, was arrested in 2015 by Israeli authorities. A 2019 deep dive into Burkov’s hacker alias “K0pa” revealed he also was co-administrator of the secretive Russian cybercrime forum “ Mazafaka.”

Cybercrime

Cybercrime Government Hacking Security Intelligence

Cybercrime Forum Data Set for 2019 and 2021 – Free Direct Download Technical Collection Copy Available! Grab a Copy Today!

Security Boulevard

MAY 25, 2021

I've decided to make my Cybercrime Forum Data Set for 2019 and 2021 exclusively available online for free in order for me to speed the dissemination process and to possibly empower security researchers and vendors with the necessary information to help them stay on the top of their game in terms of current and emerging cyber threats including U.S

Cybercrime

Cybercrime Cyber threats Hacking Software

Anubis, a new info-stealing malware spreads in the wild

Security Affairs

AUGUST 27, 2020

— Microsoft Security Intelligence (@MsftSecIntel) August 26, 2020. Anubis has been around since June when it appeared on several cybercrime forums. SecurityAffairs – hacking, malware). The post Anubis, a new info-stealing malware spreads in the wild appeared first on Security Affairs. Pierluigi Paganini.

Malware

Malware Advertising Cryptocurrency Cybercrime

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Security Affairs

MARCH 12, 2021

This week, the independent security researcher Nguyen Jang published on GitHub a proof-of-concept tool to hack Microsoft Exchange servers. A few hours after the publication, GitHub took down the PoC hacking tool because it posed a threat to Microsoft’s customers using the Microsoft Exchange solution. . and also as DearCry.

Cyber Attacks

Cyber Attacks Cybercrime Authentication Hacking

Microsoft warns about ongoing PonyFinal ransomware attacks

Security Affairs

MAY 27, 2020

pic.twitter.com/Q3BMs7fSvx — Microsoft Security Intelligence (@MsftSecIntel) May 27, 2020. Human-operated ransomware is a technique usually employed in nation-state attacks that is becoming very popular in the cybercrime ecosystem. — Microsoft Security Intelligence (@MsftSecIntel) May 27, 2020.

Ransomware

Ransomware Security Intelligence Encryption Advertising

Microsoft warns TA505 changed tactic in an ongoing malware campaign

Security Affairs

FEBRUARY 2, 2020

Security experts from Microsoft have uncovered an ongoing p hishing campaign launched by the TA505 cybercrime gang (aka Evil Corp ) that is employing attachments featuring HTML redirectors for delivering malicious Excel docs. pic.twitter.com/mcRyEBUmQH — Microsoft Security Intelligence (@MsftSecIntel) January 30, 2020.

Malware

Malware Security Intelligence Banking Phishing

New InfectedSlurs Mirai-based botnet exploits two zero-days

Security Affairs

NOVEMBER 22, 2023

In October, Akamai’s Security Intelligence Response Team (SIRT) noticed an anomalous activity to the company’s honeypots targeting a rarely used TCP port. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, botnet)

DDOS

DDOS Wireless Security Intelligence Authentication

Sysrv-K, a new variant of the Sysrv botnet includes new exploits

Security Affairs

MAY 15, 2022

Microsoft Security Intelligence team Microsoft reported that a new variant of the Sysrv botnet, tracked as Sysrv-K, now includes exploits for vulnerabilities in the Spring Framework and WordPress. — Microsoft Security Intelligence (@MsftSecIntel) May 13, 2022. SecurityAffairs – hacking, Sysrv botnet).

Security Intelligence

Security Intelligence Malware Architecture Backups

Hackers Also Have Financial Reporting And Quotas :)

Security Boulevard

JUNE 18, 2022

Chief Hacking Officer: Yevi, where are you at with London bank hack?”. Chief Hacking Officer: What? You committed that hack two weeks ago!”. Security kinda tough get inside.”. Chief Hacking Officer: When you should have never committed this hack.”. Hackers Also Have Financial Reporting And Quotas :).

Hacking

Hacking CISO Cybersecurity Banking

Threat actor has been targeting the aviation industry since at least 2018

Security Affairs

SEPTEMBER 18, 2021

Talos researchers believe that the group was able to remain under the radar using crypters that it bought on cybercrime forums. Our researchers are closely monitoring the campaign and will share additional info and investigation guidance through Microsoft 365 security center and Microsoft Threat Experts. Pierluigi Paganini.

Malware

Malware Phishing DNS Cybercrime

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Security Affairs

SEPTEMBER 24, 2020

pic.twitter.com/POppQ51uMX — Microsoft Security Intelligence (@MsftSecIntel) September 22, 2020. Security experts pointed out that Emotet gang also sells access to these infected networks to other cybercrime organizations, such as ransomware operators. SecurityAffairs – hacking, Emotet). Pierluigi Paganini.

Malware

Malware Passwords Advertising Cybercrime

A new Magecart campaign hides the malicious code in 404 error page

Security Affairs

OCTOBER 12, 2023

Researchers from the Akamai Security Intelligence Group uncovered a Magecart web skimming campaign that is manipulating the website’s default 404 error page to hide malicious code. Researchers observed a new Magecart web skimming campaign changing the websites’ default 404 error page to steal credit cards.

Retail

Retail Security Intelligence Hacking Software

Updated Kmsdx botnet targets IoT devices

Security Affairs

AUGUST 28, 2023

The Akamai Security Intelligence Response Team (SIRT) discovered a new version of the KmsdBot botnet that employed an updated Kmsdx binary targeting Internet of Things (IoT) devices. Researchers spotted an updated version of the KmsdBot botnet that is now targeting Internet of Things (IoT) devices.

IoT

IoT DDOS Architecture Internet

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Security Affairs

DECEMBER 1, 2020

Learn how the group tried to stay under the radar using threats perceived to be less alarming: [link] — Microsoft Security Intelligence (@MsftSecIntel) November 30, 2020. The experts warn that nation-state actors are adopting TTPs associated with cybercrime gangs to make it hard the attack attribution. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Antivirus Manufacturing Government

IT giants warn of ongoing Chromeloader malware campaigns

Security Affairs

SEPTEMBER 20, 2022

pic.twitter.com/v6sexKgDSg — Microsoft Security Intelligence (@MsftSecIntel) September 16, 2022. SecurityAffairs – hacking, malware). The post IT giants warn of ongoing Chromeloader malware campaigns appeared first on Security Affairs. Microsoft attributes the attack to a threat actor tracked as DEV-0796.

Malware

Malware Adware Ransomware Security Intelligence

HTML Smuggling technique used in phishing and malspam campaigns

Security Affairs

NOVEMBER 12, 2021

— Microsoft Security Intelligence (@MsftSecIntel) July 23, 2021. “Therefore, organizations need a true “defense in depth” strategy and a multi-layered security solution that inspects email delivery, network activity, endpoint behavior, and follow-on attacker activities.” SecurityAffairs – hacking, phishing).

Phishing

Phishing Banking Passwords Firewall

Microsoft warns of a large-scale BEC campaign to make gift card scam

Security Affairs

MAY 8, 2021

link] pic.twitter.com/HTqYsUlCSn — Microsoft Security Intelligence (@MsftSecIntel) May 7, 2021. pic.twitter.com/oZaqAv3FYa — Microsoft Security Intelligence (@MsftSecIntel) May 7, 2021. SecurityAffairs – hacking, BEC). ” Follow me on Twitter: @securityaffairs and Facebook. . Pierluigi Paganini.

Scams

Scams Manufacturing Security Intelligence Internet

Akamai dealt with an 800Gbps ransom DDoS against a gambling company

Security Affairs

APRIL 1, 2021

The Akamai Security Intelligence Response Team’s threat advisory team revealed that crooks used a previously unseen DDoS attack vector that leveraged a networking protocol known as protocol 33, or Datagram Congestion Control Protocol (DCCP). SecurityAffairs – hacking, ransom DDoS). ” Likely DDoS extortion attacks.

DDOS

DDOS Security Intelligence Hacking Cybersecurity

Microsoft partnered with other security firms to takedown TrickBot botnet

Security Affairs

OCTOBER 12, 2020

link] — Microsoft Security Intelligence (@MsftSecIntel) October 12, 2020. SecurityAffairs – hacking, Trickbot). The post Microsoft partnered with other security firms to takedown TrickBot botnet appeared first on Security Affairs. ” reads the post published by Microsoft. Pierluigi Paganini.

Banking

Banking Malware Advertising Financial Services

7 Insights About Managing Cyber Risk You Can’t Afford To Miss

Jane Frankland

AUGUST 18, 2020

Whilst this is concerning, when talking to executives outside of security, like I did on a recent masterclass with Nowcomm , it’s vital they understand of the following: 1. These days, hacking as a service is cheap. Security intelligence comes with a high pay off. All attacks are not sophisticated. million.

Cyber Risk

Cyber Risk Risk Cybersecurity Technology

Black Hat Asia 2022 Continued: Cisco Secure Integrations

Cisco Security

MAY 27, 2022

Donated Partner Threat Intelligence (correlated through SecureX). Recorded Future threat intelligence. threat intelligence. Open-Source Threat Intelligence (correlated through SecureX). CyberCrime Tracker. Training course at time in location: “Web Hacking Black Belt Edition”. alphaMountain.ai

Malware

Malware Accountability DNS Technology

Cyber Security Informer

Cybercrime gang FIN7 returned and was spotted delivering Clop ransomware

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Webinars

Trending Sources

“BriansClub” Hack Rescues 26M Stolen Cards

Webinars

Lawmakers Probe Early Release of Top RU Cybercrook

Cybercrime Forum Data Set for 2019 and 2021 – Free Direct Download Technical Collection Copy Available! Grab a Copy Today!

Anubis, a new info-stealing malware spreads in the wild

Researchers warn of a surge in cyber attacks against Microsoft Exchange

Microsoft warns about ongoing PonyFinal ransomware attacks

Microsoft warns TA505 changed tactic in an ongoing malware campaign

New InfectedSlurs Mirai-based botnet exploits two zero-days

Sysrv-K, a new variant of the Sysrv botnet includes new exploits

Hackers Also Have Financial Reporting And Quotas :)

Threat actor has been targeting the aviation industry since at least 2018

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

A new Magecart campaign hides the malicious code in 404 error page

Updated Kmsdx botnet targets IoT devices

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

IT giants warn of ongoing Chromeloader malware campaigns

HTML Smuggling technique used in phishing and malspam campaigns

Microsoft warns of a large-scale BEC campaign to make gift card scam

Akamai dealt with an 800Gbps ransom DDoS against a gambling company

Microsoft partnered with other security firms to takedown TrickBot botnet

7 Insights About Managing Cyber Risk You Can’t Afford To Miss

Black Hat Asia 2022 Continued: Cisco Secure Integrations

Stay Connected