SecureWorld News

APRIL 22, 2025

A sophisticated cybercrime campaign, dubbed Elusive Comet , has been uncovered, in which North Korean threat actors are exploiting Zoom's remote control feature to infiltrate the systems of cryptocurrency professionals. Lazarus is also behind significant cryptocurrency heists, such as the $1.5

Cryptocurrency

Security Affairs

JULY 2, 2025

“We are working closely with the Federal Government’s National Cyber Security Coordinator, the Australian Cyber Security Centre and independent specialised cyber security experts.” At the end of June, the FBI reports that the cybercrime group Scattered Spider is now targeting the airline sector. reads the alert published by the FBI on X.

Data breaches

Security Affairs

JANUARY 22, 2025

Two ransomware groups exploiting Microsoft 365 services and default settings to target internal enterprise users. Sophos researchers started investigating two distinct clusters of activity, tracked as STAC5143 and STAC5777, in response to customer ransomware attacks in November and December 2024.

Ransomware

Security Affairs

MAY 17, 2025

Google warns that the cybercrime group Scattered Spider behind UK retailer attacks is now targeting U.S. The financially motivated group UNC3944 (also known as Scattered Spider , 0ktapus ) is known for social engineering and extortion. They exploit help desks and outsourced IT via social engineering for high-impact attacks.

Retail

SecureWorld News

MAY 16, 2025

Scattered Spider is a financially motivated threat actor group known for its social engineering prowess, SIM-swapping attacks, and living-off-the-land (LOTL) techniques. The group is well known to employ social engineering tactics to gain access, so hardening your help desk is an immediate first step in defense," Staynings continued.

Retail

Malwarebytes

JUNE 18, 2025

Social engineering and extortion Scams are so difficult to analyze because they vary both in their delivery method and their method of deceit. A message that tries to trick a person into clicking a package tracking link is a simple act of social engineering—relying on false urgency or faked identity to fool a victim.

Scams

SecureWorld News

JULY 28, 2025

The threat actors are bypassing traditional endpoint protections by directly attacking the hypervisor layer, utilizing social engineering and identity compromise to hijack administrative access and deploy ransomware from within. While several members were recently arrested in the U.K. ,

Social Engineering

SecureWorld News

JUNE 6, 2025

These threats often bypass traditional perimeter defenses due to: Legacy systems with poor EDR/AV coverage Air-gapped environments with outdated patching Insider mishandling or social engineering The report stresses implementing secure media transfer protocols and advanced scanning stations as part of basic hygiene for critical environments.

Media

eSecurity Planet

JUNE 20, 2025

Importantly, Aflac noted that “our systems were not affected by ransomware,” and business operations, including underwriting, claims processing, and customer support, remain uninterrupted. This common cybercrime method often involves tricking individuals into revealing sensitive information or granting access.

Social Engineering

Security Affairs

DECEMBER 1, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

Malwarebytes

FEBRUARY 4, 2025

The same is true for all text-based social engineering tricks, as AI chat tools can write alluring direct messages for romance scams and craft urgent-sounding texts that can fool people into clicking on links that carry malware. That could change in 2025.

Artificial Intelligence

Security Affairs

FEBRUARY 9, 2025

US Justice Department says cybercrime forum allegedly affected 17 million Americans Cybercrime is increasingly complex.

Spyware

Security Affairs

JUNE 29, 2025

House banned WhatsApp on government devices due to security concerns Russia-linked APT28 use Signal chats to target Ukraine official with malware China-linked APT Salt Typhoon targets Canadian Telecom companies U.S.

Data breaches

SecureWorld News

JUNE 10, 2025

However, analysts and retail partners will be watching closely for signs of: Ransomware involvement Operational delays across the food supply chain Disclosures of data compromise Some experts from cybersecurity vendors added their perspective on the incident.

Cyber Attacks

SecureWorld News

JULY 10, 2025

Ties to Scattered Spider and social engineering tactics Authorities believe the individuals arrested are connected to Scattered Spider, a decentralized hacking collective known for using social engineering and SIM-swapping to infiltrate corporate systems. retail sector in recent memory.

Retail

Security Affairs

JULY 10, 2025

At the end of June, the FBI reports that the cybercrime group Scattered Spider is now targeting the airline sector. The cybercriminals are using social engineering techniques to gain access to target organizations by impersonating employees or contractors. reads the alert published by the FBI on X. continues the alert.

Data breaches

eSecurity Planet

APRIL 8, 2025

A new and dangerous AI-powered hacking tool is making waves across the cybercrime underworld and experts say it could change the way digital attacks are launched. Xanthorox reasoner advanced mimics human reasoning, helping attackers craft more believable phishing messages or manipulate targets through social engineering.

Social Engineering

Malwarebytes

JUNE 26, 2025

These jailbroken AIs could generate unrestricted content, including malicious code , phishing emails , and social engineering scripts. The end results are still the same, infections will usually be ransomware for businesses, information stealers for individuals, and so on.

Social Engineering

SecureWorld News

JULY 21, 2025

The imperative for enhanced cybersecurity in Europe The digital environment in Europe is increasingly fraught with persistent threat activity, characterized by sophisticated nation-state actors from Russia, China, Iran, and North Korea, as well as financially motivated cybercrime syndicates using tactics like Ransomware-as-a-Service.

Cybersecurity

Penetration Testing

JULY 29, 2025

A joint advisory from US, UK, Canada, and Australia warns of Scattered Spider's evolving tactics, now using DragonForce ransomware, spearphishing, SIM swapping, and MFA fatigue to compromise systems.

Ransomware

Security Affairs

MAY 13, 2025

Marks and Spencer (M&S) confirms that threat actors stole customer data in the ransomware attack that hit the company in April. BleepingComputer reported that DragonForce ransomware affiliates usedScattered Spider social engineering tacticsto target Marks and Spencer.

Data breaches

Digital Shadows

NOVEMBER 26, 2024

Despite a slowdown in “LockBit” ransomware activity due to law enforcement actions and a loss of affiliate trust, it remains a key player. Meanwhile, “RansomHub” is rising rapidly due to its attractive ransomware-as-a-service (RaaS) model. Despite the importance of employee training, sometimes it just isn’t enough.

Cyber Attacks

Security Affairs

JULY 10, 2025

DragonForce ransomware group scrambles victims’ data and demands a ransom; they are also known to steal victims’ data. DragonForce runs a cybercrime affiliate service, letting affiliates use its tools to launch attacks and extort victims. BBC pointed out that after having verified data, they destroyed it. continues the report.

Computers and Electronics

Security Affairs

JUNE 23, 2025

DragonForce ransomware group scrambles victims’ data and demands a ransom; they are also known to steal victims’ data. DragonForce runs a cybercrime affiliate service, letting affiliates use its tools to launch attacks and extort victims. Unlike “shallow and broad” events, the impact here was limited to a few but severe.

Retail

Security Affairs

OCTOBER 27, 2024

CISA adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812 Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment Internet Archive was breached twice in a month Unknown threat actors exploit Roundcube Webmail flaw (..)

Data breaches

Webroot

APRIL 22, 2025

Here are some of the most likely targets for access to consumer data: Healthcare organizations : Healthcare companies are a prime target for cybercrime due to the large amounts of sensitive data they store, which includes personal information and medical records. This makes it accessible to a worldwide network of criminals.

Data breaches

Zero Day

JUNE 22, 2025

And while financial costs may be a factor, individual victims may face targeted phishing campaigns, social engineering schemes, identity theft, and damage to credit.   Social engineering : A scammer may impersonate you to access your account.   Think you've been involved in a data breach?

Passwords

Jane Frankland

JANUARY 12, 2025

Threat Actors Cybersecurity threats are growing more complex and persistent, driven by the heightened activities of nation-state actors and increasingly sophisticated cybercrime groups. Organised Cybercrime Groups Up Their Game Cybercriminals arent resting on old tactics with cybercrime expected to hit $12 trillion in 2025.

Cybersecurity

Krebs on Security

JULY 10, 2025

The breaches have been linked to a prolific but loosely-affiliated cybercrime group dubbed “ Scattered Spider ,” whose other recent victims include multiple airlines. man alleged to have been involved in the cyber intrusion and ransomware attack that shut down several MGM Casino properties in September 2023.

Cybercrime

SecureWorld News

DECEMBER 27, 2024

Ransomware Targets Critical Infrastructure: Ransomware attacks will increasingly focus on critical infrastructure, including healthcare, utilities, and transportation, leading to potentially catastrophic consequences. What the Practitioners Predict Jake Bernstein, Esq.,

Cybersecurity

Tech Republic Security

MAY 15, 2025

Instead of paying the $20 million ransom, Coinbase offered the same amount of money for information leading to the attackers.

Data breaches

Zero Day

JUNE 20, 2025

And while financial costs may be a factor, individual victims may face targeted phishing campaigns, social engineering schemes, identity theft, and damage to credit.   Social engineering : A scammer may impersonate you to access your account.   Think you've been involved in a data breach?

Passwords

Security Affairs

AUGUST 3, 2025

customers International Press – Newsletter Cybercrime Cybercriminals Attack Seychelles – Offshore Banking as a Target Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack United States files a civil complaint in the Northern District of Texas seeking the forfeiture of over $1.7

Data breaches

SecureWorld News

MAY 21, 2025

In a bold response to a sophisticated insider-led data breach, Coinbase has turned the tables on cybercriminals who recently targeted the organization with ransomware. This method sharply diverges from the conventional and frequently clandestine ransomware negotiations that many organizations engage in.

Ransomware

Trend Micro

JULY 2, 2025

6 Alerts Back Unread All Inside the criminal mind: Trend’s deep dive into cybercrime. Under Attack? close Read report > Cloud security that leads: Centralized, multi-layered protection now named a CNAPP Leader by IDC.

Cyber Risk

Krebs on Security

AUGUST 19, 2021

Criminal hackers will try almost anything to get inside a profitable enterprise and secure a million-dollar payday from a ransomware infection. Abnormal Security documented how it tied the email back to a young man in Nigeria who acknowledged he was trying to save up money to help fund a new social network he is building called Sociogram. .”

Ransomware

Security Affairs

AUGUST 18, 2024

New cybercrime group Mad Liberator is targeting AnyDesk users and runs a fake Microsoft Windows update screen to conceal data exfiltrating. The Sophos X-Ops Incident Response team warned that a new ransomware group called Mad Liberator is exploiting the remote-access application Anydesk for their attacks.

Social Engineering