Security Affairs

NOVEMBER 5, 2024

UNC5537 is systematically compromising Snowflake customer instances using stolen customer credentials, advertising victim data for sale on cybercrime forums, and attempting to extort many of the victims.” Independent news outlet 404 Media also confirmed Krebs’s findings 404 Media in September 2024.

Unstructured Data 123

Unstructured Data Hacking Media Cybercrime 123

Security Affairs

OCTOBER 16, 2024

“All information related to the cybercriminal has already been handed over to the authorities. Among them, it was possible to identify tax registration, email addresses, registered domains, IP addresses, social media accounts, telephone number and city. The man used of the same email and phrases across social media and forums.

Data breaches 128

Data breaches Media Cybercrime Accountability 128

Security Affairs

JUNE 28, 2020

Asian media firm E27 suffered a security breach and hackers asked for a “donation” to provide information on the flaws they exploited in the attack. E27 described itself as Asia’s largest Tech media platform, it offers Asian technology startup news and a community where members can exchange opinions.

Media 145

Media Hacking Passwords Data breaches 145

Security Affairs

MAY 12, 2025

Noodlophile is being sold on cybercrime forums as part of malware-as-a-service schemes, often bundled with tools for credential theft. Fake AI tools spread via social media and scam websites like “Dream Machine” or “CapCut” bait users into uploading media. “The file Video Dream MachineAI.mp4.exe

Malware 112

Malware Media Cybercrime Scams 112

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches 119

Data breaches Cybercrime Cyber Insurance Marketing 119

Security Affairs

DECEMBER 14, 2023

Microsoft’s Digital Crimes Unit seized multiple domains used by cybercrime group Storm-1152 to sell fraudulent Outlook accounts. Microsoft’s Digital Crimes Unit seized multiple domains used by a cybercrime group, tracked as Storm-1152, to sell fraudulent accounts. ” reads the announcement published by Microsoft.

Cybercrime 136

Cybercrime Accountability Media Technology 136

Security Affairs

OCTOBER 13, 2024

CISA adds Windows and Qualcomm bugs to its Known Exploited Vulnerabilities catalog Three new Ivanti CSA zero-day actively exploited in attacks Ukrainian national pleads guilty in U.S.

Data breaches 118

Data breaches Cryptocurrency Cybercrime Hacking 118

Webroot

MARCH 3, 2025

March is a time for leprechauns and four-leaf clovers, and as luck would have it, its also a time to learn how to protect your private data from cybercrime. During this time, many government agencies and consumer protection organizations come together to help educate consumers on how to keep their personal and financial information secure.

Consumer Protection 99

Consumer Protection Identity Theft Scams Social Engineering 99

Security Affairs

OCTOBER 29, 2024

The cybersecurity firm’s recommendations for malware victims are: Consult an expert : For thorough malware removal and system security, seek professional help if needed. Change passwords : After malware removal, update passwords for key accounts (email, banking, work, social media) and enable two-factor authentication.

Identity Theft 127

Identity Theft Malware Passwords Banking 127

Security Affairs

JANUARY 24, 2022

’ In February 2008, the US authorities dismantled the global cybercrime organization tracked as Infraud Organization, which was involved in stealing and selling credit card and personal identity data. Its purported founder Andrey Novak is wanted in the US on the accusations of cybercrime. SecurityAffairs – hacking, cybercrime).

Cybercrime 124

Cybercrime Hacking Cryptocurrency Ransomware 124

Security Affairs

NOVEMBER 23, 2024

Microsoft announced the disruption of the ONNX phishing service, another success against cybercrime which led to the seizure of 240 sites. Phishing kits are sold mainly via Telegram, complemented by instructional videos on social media platforms that guide buyers on purchasing and deploying them.

Phishing 74

Phishing Cybercrime Financial Services Media 74

Security Affairs

DECEMBER 30, 2024

Cisco confirmed the authenticity of the 4GB of leaked data, which was compromised in a recent security breach, marking it as the second leak in the incident. “We are aware of some recent social media posts made by the actor. We have analyzed the post data, and it aligns with the known data set from October 14, 2024.”

Data breaches 126

Data breaches Cybercrime Authentication Technology 126

Security Affairs

MAY 1, 2025

A cybercrime group named Hive0117 is behind a fresh phishing campaign that targeted Russian organizations with a new version of the DarkWatchman malware, according to Russian cybersecurity firm F6. Hive0117 targets Russian firms in multiple sectors with phishing attacks using a modified version of the DarkWatchman malware.

Malware 87

Malware Phishing Telecommunications Antivirus 87

Security Affairs

NOVEMBER 30, 2024

Some of the malicious apps were promoted through deceptive advertising on social media. “ SpyLoan apps exploit official app stores like Google Play, deceptive branding, and social media ads to appear credible. The researchers reported the apps to Google who notified the developers that their apps violate Google Play policies.

Social Engineering 131

Social Engineering Media Mobile Scams 131

Security Affairs

NOVEMBER 10, 2024

CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog Canadian authorities arrested alleged Snowflake hacker Android flaw CVE-2024-43093 may be under limited, targeted exploitation July 2024 ransomware attack on the City of Columbus impacted 500,000 people Nigerian man Sentenced to 26+ years in real estate phishing scams Russian (..)

Ransomware 118

Ransomware Cybercrime Phishing Banking 118

Security Affairs

APRIL 5, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Genesis Market) The post Law enforcement seized the Genesis Market cybercrime marketplace appeared first on Security Affairs.

Marketing 98

Marketing Cybercrime Accountability Education 98

Zero Day

JUNE 6, 2025

The data in question was posted on a Russian cybercrime forum on May 15 and then uploaded again on June 3, apparently garnering attention from other cybercriminals and potential buyers. But in this age of cybercrime, these numbers have become vulnerable.

Password Management 128

Password Management Passwords Software Identity Theft 128

Security Affairs

MAY 17, 2025

Google warns that the cybercrime group Scattered Spider behind UK retailer attacks is now targeting U.S. The cybercrime group is suspected of hacking intohundreds of organizations over the past two years, including Twilio , LastPass , DoorDash , and Mailchimp. .” companies, shifting their focus across the Atlantic.

Retail 67

Retail Social Engineering Cybercrime Financial Services 67

Security Affairs

APRIL 11, 2023

The experts pointed out that while the majority of zero-days they have discovered in the past were used by APT groups, this zero-day was exploited by a sophisticated cybercrime group. This group is known to have used similar CLFS driver exploits in the past that were likely developed by the same author.

Cybercrime 98

Cybercrime Ransomware Education Media 98

Krebs on Security

JUNE 18, 2021

We see a similar dynamic with social media platforms, where the “user” is not the customer at all but the product whose data is being bought and sold by these platforms. But the company never acted to fix it until the news media came calling. According to the FBI, BEC scams are the most costly form of cybercrime today.

Insurance 333

Insurance Risk Financial Services CISO 333

Security Affairs

DECEMBER 7, 2024

The CEO of the Croatian Port, Duko Grabovac, told local media outlet Novi list that despite threats actors stole some data, the incident had no impact on the operations at the post. Grabovac pointed out that his organization will not pay the ransom requested by the ransomware gang.

Ransomware 126

Ransomware Hacking Accountability Cyber Attacks 126

Security Affairs

NOVEMBER 30, 2024

Local media reported that the threat actors that call themselves “Waste” is responsible for the attack. .” The Bank of Uganda stated on Thursday it is relying on a police investigation into reports of offshore hackers stealing 62 billion shillings ($16.8M) from its accounts.

Banking 142

Banking Government Accountability Hacking 142

Security Affairs

APRIL 26, 2025

. “New court documents reveal security cameras captured Bowie wandering around the hospital on August 6, where he tried to get into multiple offices until he stumbled upon two computers. ” reported the media outlet KOCO 5 News. One of those computers was for employees only.”

Malware 145

Malware Cybersecurity Healthcare Media 145

Security Affairs

JANUARY 2, 2022

According to South Korean media outlet Chosun, North Korean threat actors have stolen around $1.7 According to local media, US federal prosecutors believe that North Korea’s government considers cryptocurrency a long-term investment and it is amassing crypto funds through illegal activities. “Citing the U.S. 380 billion.

Cryptocurrency 143

Cryptocurrency Cybercrime Media Government 143

Security Affairs

JUNE 6, 2025

The cybersecurity firm’s recommendations for malware victims are: Consult an expert : For thorough malware removal and system security, seek professional help if needed. Change passwords : After malware removal, update passwords for key accounts (email, banking, work, social media) and enable two-factor authentication.

Malware 88

Malware Passwords Identity Theft Government 88

Security Affairs

FEBRUARY 3, 2025

“In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming.”

Media 117

Media Authentication Hacking Accountability 117

Security Affairs

MARCH 10, 2022

Vodafone announced to have launched an investigation after the Lapsus$ cybercrime group claimed to have stolen its source code. Early this week, the cybercrime group asked their subscribers in a poll on messaging app Telegram: “What should we leak next?” followed by three options: Vodafone source code. The poll will end on March 13. “We

Data breaches 127

Data breaches Cybercrime Media Hacking 127

Security Affairs

MARCH 2, 2025

is a publicly traded American media company. Yet, the information weve uncovered might offer a different perspective. ” Qilin is a Russian-speaking cybercrime group operating a Ransomware-as-a-Service (RaaS) model since 2022. Lee Enterprises , Inc. The company reported to the SEC that a Feb.

Ransomware 79

Ransomware Encryption Cybercrime Healthcare 79

Security Affairs

APRIL 24, 2023

Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, PaperCut ) The post Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws appeared first on Security Affairs.

Cybercrime 98

Cybercrime Software Ransomware Education 98

Security Affairs

FEBRUARY 9, 2025

US Justice Department says cybercrime forum allegedly affected 17 million Americans Cybercrime is increasingly complex. What are the risks?

Spyware 62

Spyware Cybercrime Scams Social Engineering 62

Security Affairs

OCTOBER 11, 2024

The group used the chatbot to receive support in Android malware development and to create a scraper for the social media platform Instagram. OpenAI’s report also detailed the use of ChatGPT by another Iranian threat actor, tracked Storm-0817.

Malware 138

Malware Social Engineering Engineering Hacking 138

Security Affairs

DECEMBER 22, 2022

. “South Korea’s main spy agency, the National Intelligence Service, said North Korea’s capacity to steal digital assets is considered among the best in the world because of the country’s focus on cybercrimes since U.N. economic sanctions were toughened in 2017 in response to its nuclear and missile tests.” Citing the U.S.

Cryptocurrency 141

Cryptocurrency Cybercrime Media Government 141

Security Affairs

AUGUST 27, 2024

. “All information related to the cybercriminal has already been handed over to the authorities. Among them, it was possible to identify tax registration, email addresses, registered domains, IP addresses, social media accounts, telephone number and city . Despite attempts to hide his identity by claiming U.S.

Media 128

Media Cybercrime Accountability Hacking 128

Security Affairs

SEPTEMBER 27, 2021

Researchers from vpnMentor recently published a report that sheds the light on the use of Telegram in the cybercrime ecosystem. vpnMentor researchers joined several cybercrime-focused Telegram groups and discovered a vast network of more 1,000s individuals sharing data leaks and dumps and discussing how to exploit them in illegal activities.

Cybercrime 140

Cybercrime Hacking DDOS Mobile 140

Krebs on Security

MARCH 7, 2022

In 2020, researchers from Athens University School of Information Sciences and Technology in Greece showed (PDF) how ransomware-as-a-service offerings might one day be executed through smart contracts. Before that, Jeffrey Ladish , an information security consultant based in Oakland, Calif., SQUID GAMES.

Ransomware 279

Ransomware Cryptocurrency DDOS Scams 279

Security Affairs

MARCH 8, 2025

Authorities recovered $31 Million Related to 2021 Uranium Finance cyber heist Serbian student activists phone hacked using Cellebrite zero-day exploit Qilin ransomware gang claimed responsibility for the Lee Enterprises attack Meta fired 20 employees for leaking information, more firings expected International Press Newsletter Cybercrime U.S.

Data breaches 69

Data breaches Hacking Cybercrime Ransomware 69

Security Affairs

JULY 2, 2024

“The man, 42, is expected to appear in Perth Magistrates Court today (28 June, 2024) to face nine charges for alleged cybercrime offences.” These harvested cfedentials could be used to access victims’ personal information and bank details. ” AFP Western Command Cybercrime Detective Inspector Andrea Coleman said.

Cybercrime 129

Cybercrime Wireless Banking VPN 129