Cybercrime, Information Security and Software

Microsoft seized the US infrastructure of the Storm-1152 cybercrime group

Security Affairs

DECEMBER 14, 2023

Microsoft’s Digital Crimes Unit seized multiple domains used by cybercrime group Storm-1152 to sell fraudulent Outlook accounts. Microsoft’s Digital Crimes Unit seized multiple domains used by a cybercrime group, tracked as Storm-1152, to sell fraudulent accounts. ” reads the announcement published by Microsoft.

Cybercrime

Cybercrime Accountability Media Technology

Russian cybercrime forums launch contests for cryptocurrency hacks

Security Affairs

JUNE 7, 2021

“Over the past month, operators of one of the top Russian-language cybercrime forums have been running a “contest,” calling for the community to submit papers that examine how to target cryptocurrency-related technology.” ” reads a post published by Intel 471. ” Follow me on Twitter: @securityaffairs and Facebook.

Cryptocurrency

Cryptocurrency Cybercrime Hacking Technology

Software firm AnyDesk disclosed a security breach

Security Affairs

FEBRUARY 4, 2024

Remote desktop software company AnyDesk announced that threat actors compromised its production environment. Remote desktop software company AnyDesk announced on Friday that threat actors had access to its production systems. AnyDesk is a remote desktop software that allows users to connect to a computer or device remotely.

Software

Software Passwords Ransomware Cryptocurrency

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Amadey malware spreads via software cracks laced with SmokeLoader

Security Affairs

JULY 25, 2022

Operators behind the Amadey Bot malware use the SmokeLoader to distribute a new variant via software cracks and keygen sites. The malware is available for sale in illegal forums, in the past, it was used by cybercrime gangs like TA505 to install GandCrab ransomware or the FlawedAmmyy RAT. ” concludes the report.

Software

Software Malware Cybercrime VPN

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Security Affairs

JUNE 17, 2021

UNC2465 cybercrime group that is affiliated with the Darkside ransomware gang has infected with malware the website of a CCTV camera vendor. “Sometime in May 2021 or earlier, UNC2465 likely Trojanized two software install packages on a CCTV security camera provider website.” ” continues the analysis.

Cybercrime

Cybercrime Ransomware Antivirus Software

Twitter hacker sentenced to five years in prison for cybercrime offenses

Security Affairs

JUNE 25, 2023

citizen, who was involved in the attack on Twitter in 2020, was sentenced to five years in prison for cybercrime offenses. Joseph James O’Connor, aka PlugwalkJoe (24), the hacker who was involved in the attacks on Twitter in 2020, was sentenced to five years in prison for cybercrime offenses.

Cybercrime

Cybercrime Cryptocurrency Accountability Media

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

Microsoft has uncovered Zerologon attacks that were allegedly conducted by the infamous TA505 Russia-linked cybercrime group. Microsoft spotted a series of Zerologon attacks allegedly launched by the Russian cybercrime group tracked as TA505 , CHIMBORAZO and Evil Corp. Pierluigi Paganini. SecurityAffairs – hacking, Zerologon).

Cybercrime

Cybercrime Security Intelligence Authentication Banking

Aurora Stealer Malware is becoming a prominent threat in the cybercrime ecosystem

Security Affairs

NOVEMBER 22, 2022

The attackers used methods to deliver the malware, including phishing websites masquerading as legitimate ones, YouTube videos and fake “free software catalogue” websites. The post Aurora Stealer Malware is becoming a prominent threat in the cybercrime ecosystem appeared first on Security Affairs. Pierluigi Paganini.

Cybercrime

Cybercrime Malware Cryptocurrency Advertising

Cybercrime underground flooded with offers for initial access to shipping and logistics orgs

Security Affairs

NOVEMBER 3, 2021

Experts warn of the availability in the cybercrime underground of offers for initial access to networks of players in global supply chains. based transportation management and trucking software supplier and a U.S.-based In August 2021 , an affiliate of the Conti ransomware gang claimed access to corporate networks belonging to a U.S.-based

Cybercrime

Cybercrime VPN Ransomware Hacking

ZingoStealer crimeware released for free in the cybercrime ecosystem

Security Affairs

APRIL 15, 2022

ZingoStealer is a new information-stealer developed by a threat actor known as Haskers Gang who released it for free after they attempted to sell the source code for $500. The cybercrime gang has been active since at least January 2020. SecurityAffairs – hacking, cybercrime). To nominate, please visit:? Pierluigi Paganini.

Cybercrime

Cybercrime Malware Cryptocurrency Hacking

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

Security Affairs

APRIL 24, 2023

Print management software provider PaperCut confirmed ongoing active exploitation of CVE-2023-27350 vulnerability. On April 19th, Print management software provider PaperCut confirmed that it is aware of the active exploitation of the CVE-2023-27350 vulnerability. ” concludes the report published by Huntress.

Cybercrime

Cybercrime Software Education Ransomware

New ‘Karakurt’ cybercrime gang focuses on data theft and extortion

Security Affairs

DECEMBER 11, 2021

Accenture researchers detailed the activity of a new sophisticated cybercrime group, called Karakurt, behind recent cyberattacks. In recent attacks, the group switched on VPN IP pool or AnyDesk software to establish persistence and avoid detection. In June 2021 the gang registered the domains hosting its leak sites, karakurt[.]group

Cybercrime

Cybercrime VPN Ransomware Hacking

FIN11 cybercrime group is behind recent wave of attacks on FTA servers

Security Affairs

FEBRUARY 23, 2021

FireEye experts linked a series of attacks targeting Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. Security experts from FireEye linked a series of cyber attacks against organizations running Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11.

Cybercrime

Cybercrime Software Ransomware Cyber Attacks

FIN7 cybercrime gang creates fake cybersecurity firm to recruit pentesters for ransomware attacks

Security Affairs

OCTOBER 22, 2021

FIN7 is a Russian criminal group that has been active since mid-2015, it focuses on restaurants, gambling, and hospitality industries in the US to harvest financial information that was used in attacks or sold in cybercrime marketplaces. SecurityAffairs – hacking, cyber security). ” continues the expert.

Cybercrime

Cybercrime Ransomware Cybersecurity Backups

TeamTNT cybercrime gang expands its arsenal to target thousands of orgs worldwide

Security Affairs

SEPTEMBER 9, 2021

The activity of the TeamTNT group has been detailed by security firm Trend Micro, but in August 2020 experts from Cado Security discovered that that botnet is also able to target misconfigured Kubernetes installations. The campaign is responsible for thousands of infections globally in only a couple of months. Pierluigi Paganini.

Cybercrime

Cybercrime Cryptocurrency Penetration Testing Malware

Progress fixed a third flaw in MOVEit Transfer software

Security Affairs

JUNE 16, 2023

Progress Software addressed a third vulnerability impacting its MOVEit Transfer application that could lead to privilege escalation and information disclosure. Customers have to modify firewall rules to deny HTTP and HTTPs traffic to the software on ports 80 and 443. ” reads the advisory published by Progress.

Software

Software Penetration Testing Government Media

AuKill tool uses BYOVD attack to disable EDR software

Security Affairs

APRIL 24, 2023

Ransomware operators use the AuKill tool to disable EDR software through Bring Your Own Vulnerable Driver (BYOVD) attack. Sophos researchers reported that threat actors are using a previously undocumented defense evasion tool, dubbed AuKill, to disable endpoint detection and response (EDR) software.

Software

Software Ransomware Education Media

Adobe addressed critical bugs in Illustrator, After Effects Software

Security Affairs

FEBRUARY 15, 2023

The company also addressed an important-severity flaw, tracked as CVE-2022-24090 , in the Photoshop software. The flaw was reported by Kushal Arvind Shah of Fortinet’s FortiGuard Labs and impacts both Windows and macOS versions of Illustrator 26.0.3 and earlier versions.

Software

Software Hacking Cybercrime Information Security

UN approves Russia-Cina sponsored resolution on new cybercrime convention

Security Affairs

DECEMBER 30, 2019

The United Nations on Friday have approved a Russian-sponsored and China-backed resolution to create a new convention on cybercrime. The United Nations on Friday has approved a Russian-sponsored and China-backed resolution to create a new convention on cybercrime. It will only serve to stifle global efforts to combat cybercrime.”

Cybercrime

Cybercrime Surveillance Spyware Government

German tech firm Software AG hit by ransomware attack

Security Affairs

OCTOBER 9, 2020

German tech firm Software AG has suffered a ransomware attack that took place during last weekend, media blamed the Clop ransomware gang. The website ZDNet revealed in exclusive that German tech firm Software AG was hit by the Clop ransomware , the criminal gang is demanding more than $20 million ransom. ” reported ZDNet.

Software

Software Ransomware Advertising Malware

Info stealers and how to protect against them

Security Affairs

DECEMBER 18, 2023

Info stealers, also known as information stealers, are a type of malicious software (malware) designed to covertly collect sensitive and personal information from a victim’s computer or network. It violates privacy and security regulations, and individuals involved in such activities can face severe legal consequences.

Banking

Banking Cybercrime Malware Accountability

1,000 ships impacted by a ransomware attack on maritime software supplier DNV

Security Affairs

JANUARY 17, 2023

A ransomware attack against the maritime software supplier DNV impacted approximately 1,000 vessels. About 1,000 vessels have been impacted by a ransomware attack against DNV , one of the major maritime software suppliers. . All users can still use the onboard, offline functionalities of the ShipManager software.”

Software

Software Ransomware Cyber Attacks Mobile

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

Security Affairs

JULY 15, 2022

Threat actors behind the campaign used multiple accounts across several social media platforms to advertise password-cracking software for Programmable Logic Controller (PLC), Human-Machine Interface (HMI), and project files. The password cracking software also acts as a dropper for the Sality P2P bot. ” concludes the report.

Passwords

Passwords Software Firmware Malware

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

The Last Watchdog

APRIL 13, 2022

Additionally, there are also Russian cybercrime organizations that are not state-sponsored but are allowed to operate. Although there’s no one magic solution to eliminating cyberattacks and cybercrime risks, there are steps you can take to reduce the chances of becoming a victim. businesses called #ShieldsUp. The efficacy of hygiene.

Cybersecurity

Cybersecurity Cybercrime Education Passwords

MOVEit Transfer software zero-day actively exploited in the wild

Security Affairs

JUNE 2, 2023

aspx’) in the ‘wwwroot’ folder of the MOVEit software. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, MOVEit Transfer ) The post MOVEit Transfer software zero-day actively exploited in the wild appeared first on Security Affairs.

Software

Software Engineering Authentication Internet

Two ambulance services in UK lost access to patient records after a cyber attack on software provider

Security Affairs

JULY 26, 2023

Swedish software firm Ortivus suffered a cyberattack that has resulted in at least two British ambulance services losing access to electronic patient records. Two British ambulance services were not able to access electronic patient records after a cyber attack that hit their software provider Ortivus.

Cyber Attacks

Cyber Attacks Computers and Electronics Software Healthcare

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

According to the hacker, their spam software has been in private use until the last few weeks, when it was released as open source code. “There was nothing in the Mastodon software to detect that activity, and the protocol is not designed to handle this.” A DIRECT QUOT The domain quot[.]pw

Scams

Scams DDOS Cryptocurrency Accountability

Law enforcement arrested 31 suspects for stealing cars by hacking key fobs

Security Affairs

OCTOBER 18, 2022

An international law enforcement operation led by Europol disrupted a cybercrime ring focused on hacking wireless key fobs to steal cars. The gang was composed of software developers, resellers, and car thieves who used the tool created by the gang to steal the vehicles. ” reads the announcement published by EuroJust.

Hacking

Hacking Cybercrime Manufacturing Wireless

Cybercrime Forum Data Set for 2019 and 2021 – Free Direct Download Technical Collection Copy Available! Grab a Copy Today!

Security Boulevard

MAY 25, 2021

I've decided to make my Cybercrime Forum Data Set for 2019 and 2021 exclusively available online for free in order for me to speed the dissemination process and to possibly empower security researchers and vendors with the necessary information to help them stay on the top of their game in terms of current and emerging cyber threats including U.S

Cybercrime

Cybercrime Cyber threats Hacking Software

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Proxy services can be used in a legitimate manner for several business purposes — such as price comparisons or sales intelligence — but they are massively abused for hiding cybercrime activity because they make it difficult to trace malicious traffic to its original source. Usually, these users have no idea their systems are compromised.

Malware

Malware VPN Internet Internet

Hackers abusing the Ngrok platform phishing attacks

Security Affairs

FEBRUARY 16, 2021

Researchers at the threat intelligence firm Cyble discovered a new wave of phishing attacks targeting multiple organizations that are abusing the ngrok platform, a secure and introspectable tunnel to the localhost. Cyble also spotted a phishing tool kit, named “KingFish3 (Social master), advertised on a cybercrime forum. 4f421deb219c[.]ngrok[.]io)

Phishing

Phishing Cybercrime Mobile Internet

Admin of the BreachForums hacking forum sentenced to 20 years supervised release

Security Affairs

JANUARY 20, 2024

In July, Conor Brian Fitzpatrick agreed to plead guilty to a three-count criminal information charging the defendant with conspiracy to commit access device fraud, solicitation for the purpose of offering access devices, and possession of child pornography.

Hacking

Hacking Cybercrime Government Software

Attackers deploy Linux backdoor on e-stores compromised with software skimmer

Security Affairs

NOVEMBER 18, 2021

Security researchers from Sansec Threat Research Team discovered a Linux backdoor during an investigation into the compromised of an e-commerce server with a software skimmer. The post Attackers deploy Linux backdoor on e-stores compromised with software skimmer appeared first on Security Affairs. Pierluigi Paganini.

Software

Software eCommerce Malware Engineering

Defending Against the Threats to Our Security

SecureWorld News

JULY 3, 2023

This means that most cyberattacks could be prevented by following simple cybersecurity best practices, such as using strong passwords, updating software, and avoiding phishing emails. According to PurpleSec, 98% of cybercrime relies on social engineering to accomplish it. Cybercrime is a highly profitable business.

Cybercrime

Cybercrime Social Engineering Data breaches Education

Multiple APT groups exploited WinRAR flaw CVE-2023-38831

Security Affairs

OCTOBER 18, 2023

The researchers reported that several cybercrime groups began exploiting the flaw in early 2023, when the bug was still a zero-day. These recent campaigns exploiting the WinRAR bug underscore the importance of patching and that there is still work to be done to make it easy for users to keep their software secure and up-to-date.

Cybercrime

Cybercrime Malware Software Hacking

Recent DarkGate campaign exploited Microsoft Windows zero-day

Security Affairs

MARCH 14, 2024

Researchers at the Zero Day Initiative (ZDI) recently uncovered a DarkGate campaign in mid-January 2024, which exploited the Windows zero-day flaw CVE-2024-21412 using fake software installers. is an Internet Shortcut Files Security Feature Bypass Vulnerability. MSI) masquerading as legitimate software. MSI) installers.

Phishing

Phishing Malware Software Internet

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” ” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in.

Cybercrime

Cybercrime VPN Malware Penetration Testing

A Ukrainian man is the third FIN7 member sentenced in the United States

Security Affairs

APRIL 8, 2022

A Ukrainian man was sentenced in the US to 5 years in prison for his criminal activity in the cybercrime group FIN7. for high-level hacking activity in the cybercrime group FIN7 (aka Carbanak Group and the Navigator Group). Iarmak is the third member of the FIN7 cybercrime group to be sentenced in the U.S. in May 2020.

Cybercrime

Cybercrime Hacking Software Phishing

ChromeLoader campaign uses VHD files disguised as cracked games and pirated software

Security Affairs

FEBRUARY 27, 2023

.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, malware) The post ChromeLoader campaign uses VHD files disguised as cracked games and pirated software appeared first on Security Affairs.

Software

Software Malware Advertising Hacking

Many Public Salesforce Sites are Leaking Private Data

Krebs on Security

APRIL 27, 2023

Salesforce Community is a widely-used cloud-based software product that makes it easy for organizations to quickly create websites. This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information. ”

Banking

Banking Government Information Security Authentication

Security Affairs newsletter Round 433 by Pierluigi Paganini – International edition

Security Affairs

AUGUST 20, 2023

Over 3,000 Android Malware spotted using unsupported/unknown compression methods to avoid detection WinRAR flaw enables remote code execution of arbitrary code #OpFukushima: Anonymous group protests against the plan to dump Fukushima RADIOACTIVE wastewater into Pacific Massive phishing campaign targets users of the Zimbra Collaboration email server (..)

Cybercrime

Cybercrime Hacking Malware Phishing

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Security Affairs

MAY 12, 2024

Recommendations provided in the report include installing updates promptly, using phishing-resistant multi-factor authentication (MFA), securing remote access software, making backups, and applying mitigations from the #StopRansomware Guide.

Ransomware

Ransomware Hacking Healthcare Retail

Security Affairs newsletter Round 459 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 18, 2024

CISA: hackers breached a state government organization Russia-linked Turla APT uses new TinyTurla-NG backdoor to spy on Polish NGOs US Gov dismantled the Moobot botnet controlled by Russia-linked APT28 A cyberattack halted operations at Varta production plants North Korea-linked actors breached the emails of a Presidential Office member Nation-state (..)

Cybercrime

Cybercrime Ransomware Malware Data breaches

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Security Affairs

FEBRUARY 17, 2024

Vyacheslav Igorevich Penchukov was a leader of two prolific malware groups that infected thousands of computers with malicious software. On October 2022, Swiss police arrested Penchukov in Geneva, also known as Tank, which is one of the leaders of the JabberZeus cybercrime group.

Malware

Malware Cybercrime Banking Hacking

Microsoft seized the US infrastructure of the Storm-1152 cybercrime group

Russian cybercrime forums launch contests for cryptocurrency hacks

Webinars

Trending Sources

Software firm AnyDesk disclosed a security breach

Webinars

Amadey malware spreads via software cracks laced with SmokeLoader

UNC2465 cybercrime group launched a supply chain attack on CCTV vendor

Twitter hacker sentenced to five years in prison for cybercrime offenses

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Aurora Stealer Malware is becoming a prominent threat in the cybercrime ecosystem

Cybercrime underground flooded with offers for initial access to shipping and logistics orgs

ZingoStealer crimeware released for free in the cybercrime ecosystem

Russian cybercrime group likely behind ongoing exploitation of PaperCut flaws

New ‘Karakurt’ cybercrime gang focuses on data theft and extortion

FIN11 cybercrime group is behind recent wave of attacks on FTA servers

FIN7 cybercrime gang creates fake cybersecurity firm to recruit pentesters for ransomware attacks

TeamTNT cybercrime gang expands its arsenal to target thousands of orgs worldwide

Progress fixed a third flaw in MOVEit Transfer software

AuKill tool uses BYOVD attack to disable EDR software

Adobe addressed critical bugs in Illustrator, After Effects Software

UN approves Russia-Cina sponsored resolution on new cybercrime convention

German tech firm Software AG hit by ransomware attack

Info stealers and how to protect against them

1,000 ships impacted by a ransomware attack on maritime software supplier DNV

Tainted password-cracking software for industrial systems used to spread P2P Sality bot

GUEST ESSAY: Preparing for the dire cybersecurity consequences of Russia’s invasion of Ukraine

MOVEit Transfer software zero-day actively exploited in the wild

Two ambulance services in UK lost access to patient records after a cyber attack on software provider

Interview With a Crypto Scam Investment Spammer

Law enforcement arrested 31 suspects for stealing cars by hacking key fobs

Cybercrime Forum Data Set for 2019 and 2021 – Free Direct Download Technical Collection Copy Available! Grab a Copy Today!

Who and What is Behind the Malware Proxy Service SocksEscort?

Hackers abusing the Ngrok platform phishing attacks

Admin of the BreachForums hacking forum sentenced to 20 years supervised release

Attackers deploy Linux backdoor on e-stores compromised with software skimmer

Defending Against the Threats to Our Security

Multiple APT groups exploited WinRAR flaw CVE-2023-38831

Recent DarkGate campaign exploited Microsoft Windows zero-day

Amid an Embarrassment of Riches, Ransom Gangs Increasingly Outsource Their Work

A Ukrainian man is the third FIN7 member sentenced in the United States

ChromeLoader campaign uses VHD files disguised as cracked games and pirated software

Many Public Salesforce Sites are Leaking Private Data

Security Affairs newsletter Round 433 by Pierluigi Paganini – International edition

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Security Affairs newsletter Round 459 by Pierluigi Paganini – INTERNATIONAL EDITION

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Stay Connected