Cybercrime, Hacking and VPN - Cyber Security Informer

Daixin Team group claimed the hack of North Texas Municipal Water District

Security Affairs

NOVEMBER 28, 2023

The Daixin Team group claims to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data. In October 2022, CISA, the FBI, and the Department of Health and Human Services (HHS) warned that the Daixin Team cybercrime group is actively targeting U.S.

Hacking

Hacking VPN Ransomware Cybercrime

Bulletproof VPN services took down in a global police operation

Security Affairs

DECEMBER 22, 2020

A joint operation conducted by law European enforcement agencies resulted in the seizure of the infrastructure of three bulletproof VPN services. ” The three VPN bulletproof services were hosted at insorg.org , safe-inet.com , and safe-inet.net, their home page currently displays a law enforcement banner. day to $190/year.

VPN

VPN Cybercrime Advertising Accountability

BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums

Security Affairs

OCTOBER 3, 2023

Zscaler ThreatLabz researchers discovered a new malware-as-a-service (MaaS) that is called BunnyLoader, which has been advertised for sale in multiple cybercrime forums since September 4, 2023. The malware is also able to steal data from messaging apps and VPN clients. ” continues the report.

Advertising

Advertising Cybercrime Malware Cryptocurrency

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

Security Affairs

JANUARY 18, 2022

Europol this week announced the shutdown of VPNLab, a VPN service that is very popular in the cybercrime ecosystem. An international operation conducted by law enforcement bodies from 10 countries took down VPNLab.net, a VPN service provider that is very popular in the cybercrime ecosystem. Pierluigi Paganini.

VPN

VPN Cybercrime Ransomware Advertising

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. SecurityAffairs – hacking, FBI). The post FBI: Compromised US academic credentials available on various cybercrime forums appeared first on Security Affairs.

Cybercrime

Cybercrime Education Accountability Phishing

Cybercrime underground flooded with offers for initial access to shipping and logistics orgs

Security Affairs

NOVEMBER 3, 2021

Experts warn of the availability in the cybercrime underground of offers for initial access to networks of players in global supply chains. SecurityAffairs – hacking, initial access broker). The post Cybercrime underground flooded with offers for initial access to shipping and logistics orgs appeared first on Security Affairs.

Cybercrime

Cybercrime VPN Ransomware Hacking

New ‘Karakurt’ cybercrime gang focuses on data theft and extortion

Security Affairs

DECEMBER 11, 2021

Accenture researchers detailed the activity of a new sophisticated cybercrime group, called Karakurt, behind recent cyberattacks. “Accenture Security has identified a new threat group, the self-proclaimed Karakurt Hacking Team, that has impacted over 40 victims across multiple geographies. SecurityAffairs – hacking, Karakurt).

Cybercrime

Cybercrime VPN Ransomware Hacking

The newer cybercrime triad: TrickBot-Emotet-Conti

Security Affairs

NOVEMBER 20, 2021

The researchers believe that one reason that contributed to multiple ransomware-as-a-service (RaaS) operations shutting down this year ( Babuk , DarkSide , BlackMatter , REvil , Avaddon ) was that affiliates used low-level access sellers and brokers (RDP, vulnerable VPN, poor quality spam). SecurityAffairs – hacking, Emotet).

Cybercrime

Cybercrime Ransomware Banking Malware

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. Experts reported that brute-force cracking tools and account checkers are available on cybercrime marketplaces and forums for an average of $4. Pierluigi Paganini.

Cybercrime

Cybercrime Antivirus Marketing Accountability

Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 13, 2024

Akira ransomware targets Finnish organizations GitLab fixed a critical zero-click account hijacking flaw Juniper Networks fixed a critical RCE bug in its firewalls and switches Vast Voter Data Leaks Cast Shadow Over Indonesia ’s 2024 Presidential Election Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467 Team Liquid’s wiki leak exposes (..)

VPN

VPN Cybercrime Ransomware Hacking

Lapsus$ gang claims to have hacked Microsoft source code repositories

Security Affairs

MARCH 21, 2022

Microsoft is investigating claims that the Lapsus$ hacking group breached its internal Azure DevOps source code repositories. Microsoft announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. SecurityAffairs – hacking, Microsoft).

Hacking

Hacking Telecommunications InfoSec Cybercrime

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. Image: Lumen’s Black Lotus Labs. Usually, these users have no idea their systems are compromised.

Malware

Malware VPN Internet Internet

Cisco was hacked by the Yanluowang ransomware gang

Security Affairs

AUGUST 10, 2022

Upon achieving an MFA push acceptance, the attacker had access to the VPN in the context of the targeted user. “Initial access to the Cisco VPN was achieved via the successful compromise of a Cisco employee’s personal Google account. SecurityAffairs – hacking, Yanluowang ransomware). Pierluigi Paganini.

Ransomware

Ransomware Hacking VPN Phishing

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Security Affairs

JUNE 17, 2021

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. Experts noticed that in this supply chain attack, UNC2465 did not deliver the Darkside ransomware as the final payload, but they not exclude that the cybercrime group could move to a new RaaS operation.

Cybercrime

Cybercrime Ransomware Antivirus Software

UNC2447 cybercrime gang exploited SonicWall Zero-Day before it was fixed

Security Affairs

APRIL 30, 2021

UNC2447 cybercrime gang exploited a zero-day in the Secure Mobile Access (SMA), addressed by SonicWall earlier this year, before the vendor released a fix. UNC2447 extortion activity employed the FIVEHANDS ransomware, the threat actors aggressively threatened victims to disclose their hack on the media to sell the data on hacker forums. .

Cybercrime

Cybercrime Ransomware Malware Mobile

Threat actors are offering access to corporate networks via unauthorized Fortinet VPN access

Security Affairs

NOVEMBER 29, 2022

“While during routine monitoring, researchers at Cyble observed a Threat Actor (TA) distributing multiple unauthorized Fortinet VPN access over one of the Russian cybercrime forums,” reads the analysis published by Cyble. SecurityAffairs – hacking, Fortinet). Pierluigi Paganini.

VPN

VPN Firewall Authentication Internet

Okta warns of unprecedented scale in credential stuffing attacks on online services

Security Affairs

APRIL 28, 2024

From March 18, 2024, to April 16, 2024, Duo Security and Cisco Talos observed large-scale brute-force attacks against a variety of targets, including VPN services, web application authentication interfaces and SSH services.

VPN

VPN Accountability Firewall Data breaches

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

911 says its network is made up entirely of users who voluntarily install its “free VPN” software. In this scenario, users indeed get to use a free VPN service, but they are often unaware that doing so will turn their computer into a proxy that lets others use their Internet address to transact online. “The 911[.]re

VPN

VPN Computers and Electronics Antivirus Software

Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

MAY 12, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches

Data breaches VPN Hacking Banking

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

JULY 11, 2020

A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces. The data stolen by Nikulin were available on the cybercrime underground between 2015 and 2016, they were offered for sale by multiple traders.

Hacking

Hacking Cybercrime Data breaches Advertising

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Hacking

Hacking VPN Advertising Financial Services

Security Affairs newsletter Round 466 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 7, 2024

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches

Data breaches Small Business Hacking Malware

Security Affairs newsletter Round 455 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

JANUARY 21, 2024

Admin of the BreachForums hacking forum sentenced to 20 years supervised release Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails VF Corp December data breach impacts 35 million customers China-linked APT UNC3886 exploits VMware zero-day since 2021 Ransomware attacks break records in 2023: the number of victims rose by 128% U.S.

Artificial Intelligence

Artificial Intelligence VPN Hacking Firewall

Five Canadian Hospitals impacted by a ransomware attack on TransForm provider

Security Affairs

NOVEMBER 8, 2023

In October, CISA, the FBI, and the Department of Health and Human Services (HHS) warned that the Daixin Team cybercrime group is actively targeting U.S. The Daixin Team group gains initial access to victims through virtual private network (VPN) servers. The threat actors obtained the VPN credentials through phishing attacks.

Ransomware

Ransomware Healthcare VPN Insurance

Wazawaka Goes Waka Waka

Krebs on Security

FEBRUARY 14, 2022

In January, KrebsOnSecurity examined clues left behind by “ Wazawaka ,” the hacker handle chosen by a major ransomware criminal in the Russian-speaking cybercrime scene. 26, 2020, a new user named Biba99 registered on the English language cybercrime forum RaidForums. This post is an attempt to remedy that.

VPN

VPN Ransomware Cybercrime Accountability

Akira ransomware targets Finnish organizations

Security Affairs

JANUARY 13, 2024

NAS (Network-Attached Storage) servers that are often used for backups on the network have been hacked and wiped, as have automatic tape backup devices, and in almost every case we know of, all backups have been lost. Cisco investigated the hacking campaign with the help of Rapid7. concludes the alert.

Ransomware

Ransomware Backups VPN Authentication

911 Proxy Service Implodes After Disclosing Breach

Krebs on Security

JULY 29, 2022

But some of them — like 911 — build their networks in part by offering “free VPN” or “free proxy” services that are powered by software which turns the user’s PC into a traffic relay for other users. Its [sic] confirmed that the recharge system was also hacked the same way.

Cybercrime

Cybercrime Software VPN Backups

Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

APRIL 21, 2024

PoC publicly available Linux variant of Cerber ransomware targets Atlassian servers Ivanti fixed two critical flaws in its Avalanche MDM Researchers released exploit code for actively exploited Palo Alto PAN-OS bug Cisco warns of large-scale brute-force attacks against VPN and SSH services PuTTY SSH Client flaw allows of private keys recovery A renewed (..)

Data breaches

Data breaches Phishing Ransomware Malware

Voice Phishers Targeting Corporate VPNs

Krebs on Security

AUGUST 19, 2020

But one increasingly brazen group of crooks is taking your standard phishing attack to the next level, marketing a voice phishing service that uses a combination of one-on-one phone calls and custom phishing sites to steal VPN credentials from employees. SCHOOL OF HACKS. The employee phishing page bofaticket[.]com. Image: urlscan.io.

Phishing

Phishing VPN Social Engineering Media

Akira ransomware targets Finnish organizations

Security Affairs

JANUARY 13, 2024

NAS (Network-Attached Storage) servers that are often used for backups on the network have been hacked and wiped, as have automatic tape backup devices, and in almost every case we know of, all backups have been lost. Cisco investigated the hacking campaign with the help of Rapid7. concludes the alert.

Ransomware

Ransomware Backups VPN Authentication

Hackers target over 330 Britons a minute, says research

CyberSecurity Insiders

JULY 6, 2022

Research conducted by Nord VPN says about 330 Britons are hacked every minute, i.e. one Brit, for every 0.2 Concernedly, the hacking has gone on a rampage and is increasing at epic proportions. The post Hackers target over 330 Britons a minute, says research appeared first on Cybersecurity Insiders.

VPN

VPN Hacking Scams Cybercrime

Microsoft disrupts China-based hacking group Nickel

Malwarebytes

DECEMBER 7, 2021

Microsoft has taken control of 42 web domains that a hacking group was using to try to breach its targets. Sadly, any setback to the Chinese hacking group or others will likely be temporary as the hackers will find and build new infrastructure to use in forthcoming attacks. An overview of Chinese hacking groups and their aliases.

Hacking

Hacking Malware Surveillance Data collection

A chink in the armor of China-based hacking group Nickel

Malwarebytes

DECEMBER 7, 2021

Microsoft has taken control of 42 web domains that a hacking group was using to try to breach its targets. Sadly, any setback to the Chinese hacking group or others will likely be temporary as the hackers will find and build new infrastructure to use in forthcoming attacks. An overview of Chinese hacking groups and their aliases.

Hacking

Hacking Malware Surveillance Data collection

Iranian threat actors attempt to buy stolen data of US organizations, FBI warns

Security Affairs

NOVEMBER 11, 2021

Iranian nation-state actors are attempting to buy info available for sale in the cybercrime underground to launch attacks against US organizations. The threat actors also heavily leverage VPNs services such as Private Internet Access, Atlas VPN, TiKNet VPN, VPN Master Lite, and CyberGhost. Pierluigi Paganini.

VPN

VPN Cybercrime Passwords Firewall

Giving a Face to the Malware Proxy Service ‘Faceless’

Krebs on Security

APRIL 18, 2023

Riley Kilmer is co-founder of Spur.us , a company that tracks thousands of VPN and proxy networks, and helps customers identify traffic coming through these anonymity services. ” MRMURZA Faceless is a project from MrMurza , a particularly talkative member of more than a dozen Russian-language cybercrime forums over the past decade.

Malware

Malware Passwords Accountability Advertising

Daixin Team targets health organizations with ransomware, US agencies warn

Security Affairs

OCTOBER 22, 2022

US government agencies warned that the Daixin Team cybercrime group is actively targeting the U.S. CISA, the FBI, and the Department of Health and Human Services (HHS) warned that the Daixin Team cybercrime group is actively targeting U.S. The threat actors obtained the VPN credentials through phishing attacks.

Ransomware

Ransomware VPN Cybercrime Accountability

7 Cyber Safety Tips to Outsmart Scammers

Webroot

FEBRUARY 26, 2024

Cybercrime isn’t just a futuristic Hollywood plotline, it’s a real threat that targets everyone—from wide-eyed kids to seasoned adults and wise grandparents. Keep your devices updated Newsflash: Cybercriminals love exploiting vulnerabilities in outdated software like it’s Black Friday at the cybercrime emporium.

Scams

Scams VPN Passwords Phishing

Lapsus$ extortion gang leaked the source code for some Microsoft projects

Security Affairs

MARCH 22, 2022

The Lapsus$ extortion group claims to have hacked Microsoft ‘s internal Azure DevOps server and leaked the source code for some projects. Microsoft recently announced that is investigating claims that the Lapsus$ cybercrime gang breached their internal Azure DevOps source code repositories and stolen data. Pierluigi Paganini.

Cybercrime

Cybercrime Telecommunications VPN Hacking

Groove gang leaks list of 500k credentials of compromised Fortinet appliances

Security Affairs

SEPTEMBER 8, 2021

The threat actor leaked a list containing approximately 500,000 Fortinet VPN credentials that can allow threat actors to breach the networks of the organizations that use the compromised VPN appliances and perform malicious activities such as dropping a ransomware or stealing sensitive data. SecurityAffairs – hacking, Groove gang).

VPN

VPN Ransomware Hacking Accountability

French authorities arrested a Russian national for his role in the Hive ransomware operation

Security Affairs

DECEMBER 14, 2023

anti-cybercrime (Ofac).” The group used various attack methods, including malspam campaigns, vulnerable RDP servers, and compromised VPN credentials. According to a report published by blockchain analytics company Chainalysis, the Hive operation is one of the top 10 ransomware strains by revenue in 2021.

Ransomware

Ransomware Cryptocurrency Cybercrime VPN

Monitoring the dark web to identify threats to energy sector organizations

Security Affairs

MAY 17, 2023

The role of an initial access broker is essential in the cybercrime ecosystem, these actors facilitate the sale or exchange of compromised or stolen initial access to computer networks or systems. Marketplace and hacking forums offering initial access, enable crooks to speed up their attacks and monetize their cyber operations.

Energy and Utilities

Energy and Utilities Cybercrime Data collection VPN

Akira ransomware received $42M in ransom payments from over 250 victims

Security Affairs

APRIL 21, 2024

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. Like other ransomware gangs, the group has developed a Linux encryptor to target VMware ESXi servers.

Ransomware

Ransomware Encryption Antivirus VPN

Russian national Yevgeniy Aleksandrovich Nikulin sentenced to 88 months in prison

Security Affairs

SEPTEMBER 30, 2020

Russian national Yevgeniy Aleksandrovich Nikulin was sentenced to 88 months in prison for hacking LinkedIn, Dropbox, and Formspring in 2012. The Russian national Yevgeniy Aleksandrovich Nikulin was sentenced to 88 months in prison in the United States for hacking LinkedIn, Dropbox, and Formspring in 2012. Source: US Defense Watch.com.

Identity Theft

Identity Theft Cybercrime Advertising Hacking

The Importance of Data Security and Privacy for Individuals and Businesses in the Digital Age

IT Security Guru

MARCH 28, 2023

Having a cybersecurity plan ensures that you remain protected against data breaches, phishing scams , and other cybercrimes. Use a VPN Using a VPN is essential when working with sensitive data or files. A VPN removes your IP address and switches your location. It works well against both residual risk and inherent risk.

VPN

VPN Passwords Internet Internet

Daixin Team group claimed the hack of North Texas Municipal Water District

Bulletproof VPN services took down in a global police operation

Webinars

Trending Sources

BunnyLoader, a new Malware-as-a-Service advertised in cybercrime forums

Webinars

Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

FBI: Compromised US academic credentials available on various cybercrime forums

Cybercrime underground flooded with offers for initial access to shipping and logistics orgs

New ‘Karakurt’ cybercrime gang focuses on data theft and extortion

The newer cybercrime triad: TrickBot-Emotet-Conti

15 billion credentials available in the cybercrime marketplaces

Security Affairs newsletter Round 454 by Pierluigi Paganini – INTERNATIONAL EDITION

Lapsus$ gang claims to have hacked Microsoft source code repositories

Who and What is Behind the Malware Proxy Service SocksEscort?

Cisco was hacked by the Yanluowang ransomware gang

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

UNC2447 cybercrime gang exploited SonicWall Zero-Day before it was fixed

Threat actors are offering access to corporate networks via unauthorized Fortinet VPN access

Okta warns of unprecedented scale in credential stuffing attacks on online services

A Deep Dive Into the Residential Proxy Service ‘911’

Security Affairs newsletter Round 471 by Pierluigi Paganini – INTERNATIONAL EDITION

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs newsletter Round 466 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs newsletter Round 455 by Pierluigi Paganini – INTERNATIONAL EDITION

Five Canadian Hospitals impacted by a ransomware attack on TransForm provider

Wazawaka Goes Waka Waka

Akira ransomware targets Finnish organizations

911 Proxy Service Implodes After Disclosing Breach

Security Affairs newsletter Round 468 by Pierluigi Paganini – INTERNATIONAL EDITION

Voice Phishers Targeting Corporate VPNs

Akira ransomware targets Finnish organizations

Hackers target over 330 Britons a minute, says research

Microsoft disrupts China-based hacking group Nickel

A chink in the armor of China-based hacking group Nickel

Iranian threat actors attempt to buy stolen data of US organizations, FBI warns

Giving a Face to the Malware Proxy Service ‘Faceless’

Daixin Team targets health organizations with ransomware, US agencies warn

7 Cyber Safety Tips to Outsmart Scammers

Lapsus$ extortion gang leaked the source code for some Microsoft projects

Groove gang leaks list of 500k credentials of compromised Fortinet appliances

French authorities arrested a Russian national for his role in the Hive ransomware operation

Monitoring the dark web to identify threats to energy sector organizations

Akira ransomware received $42M in ransom payments from over 250 victims

Russian national Yevgeniy Aleksandrovich Nikulin sentenced to 88 months in prison

The Importance of Data Security and Privacy for Individuals and Businesses in the Digital Age

Stay Connected