Security Affairs

JULY 18, 2025

Japanese police released a free decryptor for Phobos and 8Base ransomware, letting victims recover files without paying ransom. Japanese authorities released a free decryptor for Phobos and 8Base ransomware , allowing victims to recover files without paying.

Ransomware

Security Affairs

JULY 26, 2025

An international law enforcement operation seized the dark web data leak site of the BlackSuit ransomware group. A banner on the BlackSuit ransomware group’s TOR data leak sites informs visitors that they were seized by U.S. The BlackSuit ransomware operation has been active since April 2023. Updates and new content are noted.

Ransomware

Krebs on Security

APRIL 30, 2025

A 23-year-old Scottish man thought to be a member of the prolific Scattered Spider cybercrime group was extradited last week from Spain to the United States, where he is facing charges of wire fraud, conspiracy and identity theft. The Justice Department’s complaint against Buchanan makes no mention of the 2023 ransomware attack.

Identity Theft

Security Affairs

MAY 13, 2025

A 45-year-old foreign man has been arrested in Moldova for allegedly participating in ransomware attacks on Dutch companies in 2021. He is internationally wanted for multiple cybercrime, including ransomware attacks, blackmail, and money laundering, targeting Dutch companies. million euros.”

Ransomware

Security Affairs

JULY 9, 2025

An Iranian ransomware group, Pay2Key.I2P, has intensified attacks on U.S. The Iranian ransomware group Pay2Key.I2P is stepping up attacks on U.S. The ransomware gang is the successor to the original Pay2Key group and experts linked it to the Iran-nexus APT group Fox Kitten.

Ransomware

SecureWorld News

JULY 8, 2025

Ransomware is no longer the work of lone-wolf hackers with deep technical chops. Ransomware-as-a-Service (RaaS) has transformed cybercrime into an accessible, scalable platform that anyone can tap into—no code required. Explosive growth in ransomware attacks across every industry. The result? The key innovation was scale.

Ransomware

Security Affairs

DECEMBER 9, 2024

Romanian energy supplier Electrica Group is investigating an ongoing ransomware attack impacting its operations. ” Electrica Group advised customers to stay vigilant against potential phishing attempts and suspicious communications claiming to be from Electrica. “Initial investigations show that it was a ransomware attack.

Ransomware

Penetration Testing

APRIL 9, 2025

The Russian-speaking cybercriminal underground remains a dominant force in the global cybercrime landscape. A recent report by Trend Micro, marking the 50th installment in their series on this subject, highlights the underground’s sophistication, resilience, and significant impact.

Cybercrime

SecureWorld News

MAY 14, 2025

The FBI's Internet Crime Complaint Center (IC3) has released its 2024 Internet Crime Report, marking a record-breaking year in cybercrime. Critical infrastructure under siege: The healthcare and public health sector was the most targeted by ransomware attackers in 2023. Ransomware The IC3 recognized 67 new ransomware variants in 2024.

Cybercrime

Security Affairs

DECEMBER 2, 2024

Operation HAECHI V (July-Nov 2024) targeted cyber frauds like phishing, romance scams, sextortion, investment fraud, online gambling, BEC, and e-commerce fraud. Korean and Chinese authorities dismantled a voice phishing syndicate that caused $1.1B in losses to 1,900+ victims. The operation led to 27 arrests and 19 indictments.

Cryptocurrency

Security Boulevard

NOVEMBER 6, 2024

Interpol, other law enforcement agencies, and cybersecurity firms teamed up for Operation Synergia II, shutting down 22,000 malicious servers that supported ransomware, phishing, and other attacks and arresting 41 people connected to the cybercrime campaigns.

Cybercrime

The Last Watchdog

FEBRUARY 4, 2025

These sprawling identities, exposed through breaches, infostealer infections, and phishing attacks, create shadow data that traditional tools simply cant address. Fleury Fleury continued, This evolution to make holistic identity threat protection a reality for enterprises is critical to our mission of disrupting cybercrime.

Cybercrime

Security Affairs

MARCH 24, 2025

The Cloak ransomware group claims responsibility for a cyberattack on the Virginia Attorney Generals Office that occurred in February. The ransomware group Cloak has claimed responsibility for a February cyberattack on the Virginia Attorney General Office.

Ransomware

Penetration Testing

JULY 3, 2025

airlines with ransomware, vishing, and VMware exploits—CrowdStrike warns of a rising threat across cloud identities. SCATTERED SPIDER targets U.S.

Ransomware

Security Affairs

NOVEMBER 3, 2024

Chinese threat actors use Quad7 botnet in password-spray attacks FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide PTZOptics cameras zero-days actively exploited in the wild New LightSpy spyware (..)

Cryptocurrency

Security Affairs

JANUARY 22, 2025

Two ransomware groups exploiting Microsoft 365 services and default settings to target internal enterprise users. Sophos researchers started investigating two distinct clusters of activity, tracked as STAC5143 and STAC5777, in response to customer ransomware attacks in November and December 2024.

Ransomware

Malwarebytes

MAY 1, 2025

Phishing In phishing scams, cybercriminals trick people and businesses into handing over sensitive information like credit card numbers or login details for vital online accounts. In phishing attacks, there never is a genuine problem with a users account, and there never is a real request for information from the company.

Small Business

Security Affairs

DECEMBER 8, 2024

Hackers stole millions of dollars from Uganda Central Bank International Press Newsletter Cybercrime INTERPOL financial crime operation makes record 5,500 arrests, seizures worth over USD 400 million Hackers Stole $1.49 Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Artificial Intelligence

Security Affairs

OCTOBER 22, 2024

According to the experts, the malware was developed by the TrickBot group and replaced the BazarLoader backdoor to provide initial access to the victim’s infrastructure in ransomware attacks. The malware is distributed through phishing messages using a malicious attachment or a link to the malicious archive containing Bumblebee.

Malware

SecureWorld News

APRIL 22, 2025

A sophisticated cybercrime campaign, dubbed Elusive Comet , has been uncovered, in which North Korean threat actors are exploiting Zoom's remote control feature to infiltrate the systems of cryptocurrency professionals. Victims are sent unsolicited invitations to join Zoom calls, often via links in phishing emails or messages.

Cryptocurrency

Security Affairs

MARCH 13, 2025

The Medusa ransomware operation hit over 300 organizations in critical infrastructure sectors in the United States until February 2025. The FBI, CISA, and MS-ISAC have issued a joint advisory detailing Medusa ransomware tactics, techniques, and indicators of compromise (IOCs) based on FBI investigations as recent as February 2025.

Ransomware

Security Affairs

MAY 24, 2025

law firms for 2 years using callback phishing and social engineering extortion tactics. law firms using phishing and social engineering. Linked to BazarCall campaigns, the group previously enabled Ryuk and Conti ransomware attacks. FBI warns Silent Ransom Group has targeted U.S. ” reads the alert issued by the FBI.

Social Engineering

Security Affairs

APRIL 30, 2025

Since mid-2022, theyve deployed RomCom via spear-phishing for espionage, lateral movement, and data theft. “The Nebulous Mantis team, which changes the domains they use every month, obtains these spear-phishing and C2 servers from LuxHost and AEZA bulletproof hosting (BPH) services.” ” continues the report.

Encryption

The Last Watchdog

MARCH 19, 2025

Attackers now have access to extensive identity data from multiple sourcesincluding data breaches, infostealer malware infections, phishing campaigns, and combolistsposing a challenge for organizations whose security measures have not yet adapted to address the full scope of interconnected identity exposures holistically.

Cyber Risk

The Last Watchdog

APRIL 7, 2025

Organizations need to take a layered approach to close the gaps before attacks progress deeper into their environments, resulting in events like ransomware and account takeover. About SpyCloud: SpyCloud transforms recaptured darknet data to disrupt cybercrime.

Antivirus

Graham Cluley

JUNE 25, 2025

A new INTERPOL report has sounded the alarm over a dramatic increase in cybercrime across Africa, with digital crime now accounting for a significant proportional of all criminal activity across the continent. Read more in my article on the Hot for Security blog.

Cybercrime

Webroot

FEBRUARY 21, 2025

Phishing scams, ransomware attacks, data breaches, and identity theft are part of a growing list of online dangers that are a daily reality. It combines multiple security capabilities into one easy-to-use package that includes: Antivirus protection Detects and neutralizes viruses, malware , spyware , and ransomware.

Antivirus

SecureList

DECEMBER 16, 2024

Increase in high-profile law enforcement operations against cybercrime groups 2024 was a significant year in the global high-profile fight against cybercrime. We at Kaspersky also actively contributed to law enforcement efforts to combat cybercrime. times compared to 2023.

Marketing

Security Affairs

NOVEMBER 17, 2024

that reboots locked devices Ymir ransomware, a new stealthy ransomware grow in the wild Amazon discloses employee data breach after May 2023 MOVEit attacks A new fileless variant of Remcos RAT observed in the wild A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine U.S.

Cryptocurrency

Security Affairs

JULY 9, 2025

Starting in May, threat actors used Shellter-protected malware in phishing campaigns targeting YouTubers with fake sponsorship offers from brands like Udemy and Duolingo. In September 2022, threat actors cracked the Brute Ratel C4 (BRC4) post-exploitation toolkit and leaked it for free in the cybercrime underground.

Malware

Hacker's King

DECEMBER 24, 2024

AI-powered malware and phishing schemes can adapt to defenses in real time, making them harder to detect and counter. In 2025, insurers will refine their policies to cover new threats such as ransomware and supply chain attacks, providing businesses with financial safeguards against cyber losses.

Cybersecurity

Security Affairs

NOVEMBER 10, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

Security Affairs

APRIL 13, 2025

The ransomware group has since leaked the stolen data on its dark web leak site. They continue to monitor for potential data misuse and urge vigilance against fraud, phishing, and identity theft. Ransomware attacks on U.S. Cell C has confirmed a data breach following a RansomHouse cyberattack that occurred last year.

Data breaches

Malwarebytes

FEBRUARY 4, 2025

Generative AI tools can more convincingly write phishing emails so that the tell-tale signs of a scamlike misspellings and clumsy grammarare all but gone. In 2023, Malwarebytes Labs subverted these boundaries to successfully get ChatGPT to write ransomware twice. That could change in 2025.

Artificial Intelligence

Security Affairs

DECEMBER 1, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

SecureWorld News

FEBRUARY 12, 2025

With cybercrime, state-sponsored attacks, and digital risks evolving rapidly, the strategy aims to modernize Canada's cyber defenses through enhanced collaboration, industry leadership, and proactive threat mitigation. Detecting and disrupting cyber threat actors Cybercrime, ransomware, and state-sponsored attacks remain top concerns.

Cyber threats

Security Affairs

JUNE 19, 2025

With over 16 billion login records exposed, cybercriminals now have unprecedented access to personal credentials that can be used for account takeover, identity theft, and highly targeted phishing. The datasets, briefly exposed via unsecured servers, now pose major risks, fueling phishing, ransomware, and account takeovers.

Data breaches