2 hours ago

Cofense reports on an social engineering campaign targeting the hospitality industry (primarily luxury hotel chains and resorts) to deliver information stealers. The initial infection vector are emails and instant messages. They use TTPs to bypass email security, then deliver infection URLs in password-protected archives. No IOC.

Tags: #phishing #infostealer #cybercrime #socialengineering

2 hours ago

Cyble discovered a new Python-based information stealer called Exela, primarily targeting Discord users’s info, as well as browser data/credentials, session details from social media/gaming platforms. They provide technical analysis, IOC, MITRE ATT&CK TTPs, and YARA rule.

Tags: #freethewhales #Exela #infostealer #IOC #cybercrime

3 hours ago

17 victims, 7 cyber gangs and 7 countries in our #HoT today ⤵

🔥17 #ransomware victims by the notorious Rhysida, Ransomed, ALPHV/BlackCat, Knight, 8Base, NoEscape and BianLian gangs.

🌍 7 involved countries: Kuwait, Japan, USA, Netherlands, Germany, France, Italy.

#CyberRiskFactor: 4,1

Here you can find the full list ⤵

Contact us for any question 📧

@stefanofavarato @securityaffairs
@SofiaScozzari @AlvieriD @amvinfe

#hackmanac #threatintelligence #cybersecurity #cybersecnews #darkwebmonitoring #darkweb #malware #databreach #dataleak #cybercrime

Pyrzout :vrfd:
4 hours ago

"Shadow Syndicate Unveils RaaS: A New Era of Ransomware 🌐💻"

The cybersecurity landscape is evolving with the emergence of Shadow Syndicate's Ransomware-as-a-Service (RaaS). This new venture signifies a shift in the modus operandi of cyber criminals, offering a ready-to-use ransomware platform to affiliates. The RaaS model lowers the entry barrier for aspiring cyber criminals while escalating the threat level for organizations globally. 🌍🔓

Shadow Syndicate's RaaS platform is meticulously crafted, providing a user-friendly interface, robust encryption algorithms, and a 24/7 support service for its affiliates. The article delves into the technical and operational intricacies of this RaaS platform, shedding light on its potential impact on the cybersecurity ecosystem. 🛡️🖥️

The authors, Oleg Skulkin and Igor Zdrnja, provide a comprehensive analysis, underscoring the need for enhanced cybersecurity measures to mitigate the burgeoning threat posed by such RaaS platforms. 📊🔐

Source: Group-IB Blog

Tags: #RaaS #Ransomware #CyberSecurity #ShadowSyndicate #CyberThreats #Encryption #CyberCrime #ThreatAnalysis

Authors: Oleg Skulkin & Igor Zdrnja

DigitalNaiv = Stefan Pfeiffer
23 hours ago

Die dunkle Seite der Macht. Oder mehr. Das Darknet - Eine Annäherung von @larsbas und mir morgen bei #9vor9 - Crime-as-a-service - im Darknet kann man kriminelle Dienstleistungen verschiedenster Arten kaufen. Und immer wieder wird gefeiert, wenn Marktplätze geschlossen werden, auf denen mit Kinderpornographie, Drogen oder Hackerangriffe angeboten werden. Doch es gibt nicht nur die dunkle Seite der Macht. Es ist auch Plattform für Whistleblower und mehr.
#Darknet #Cybercrime #Whistleblower

1 day ago

ThreatFabric: new samples of Xenomorph Android malware targets users of cryptocurrency wallets and various U.S. financial institutions. IOC provided.

Tags: #xenomorph #cryptowallet #cybercrime #IOC #bankingmalware

Pyrzout :vrfd:
1 day ago
1 day ago


44 victims, 13 cyber gangs and 12 countries in our #HoT today ⤵

🔥 43 #ransomware and 1 #data breach by the notorious KaraKurt, ALPHV/BlackCat, Medusa, LockBit 3.0, Akira, Cl0p, Rhysida, 8Base, Ransomed, NoEscape, Stormous, Ragnar Locker and BianLian gangs.

🌍 12 involved countries: USA, United Kingdom, Philippines, Japan, Israel, Turkey, Sweden, Bulgaria, Spain, Germany, France, Brazil.

#CyberRiskFactor: 3.4

Here you can find the full list ⤵

Contact us for any question 📧

@stefanofavarato @securityaffairs
@SofiaScozzari @AlvieriD @amvinfe

#hackmanac #threatintelligence #cybersecurity #cybersecnews #darkwebmonitoring #darkweb #malware #databreach #dataleak #cybercrime

📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #38/2023 is out! It includes the following and much more:

➝ 🔓 ❌ TransUnion Denies #Breach After Hacker Publishes Allegedly Stolen Data
➝ 🔓 ⚖️ Hackers breached International Criminal Court’s systems last week
➝ 🔓 🤖 #Microsoft #AI researchers accidentally exposed terabytes of internal sensitive data
➝ 🦠 💸 #BlackCat #ransomware hits #Azure Storage with #Sphynx encryptor
➝ 🇮🇷 🇮🇱 Iranian Nation-State Actor OilRig Targets Israeli Organizations
➝ 🇮🇳 #India's biggest tech centers named as #cybercrime hotspots
➝ 🇫🇮 💊 Finnish Authorities Dismantle Notorious #PIILOPUOTI Dark Web Drug Marketplace
➝ 🇨🇦 🇷🇺 Canadian Government Targeted With #DDoS Attacks by Pro-#Russia Group
➝ 🇨🇳 🇺🇸 #China Accuses U.S. of Decade-Long #Cyberespionage Campaign Against #Huawei Servers
➝ 🇺🇸 🇨🇳 China's Malicious Cyber Activity Informing War Preparations, #Pentagon Says
➝ 🇨🇳 🦠 New #SprySOCKS Linux #malware used in cyber espionage attacks
➝ 🇬🇧 🔐 UK Minister Warns #Meta Over End-to-End Encryption
➝ 🇺🇸 🇷🇺 One of the #FBI’s most wanted hackers is trolling the U.S. government
➝ 🦠 🥸 Fake #WinRAR proof-of-concept exploit drops #VenomRAT malware
➝ 🦠 📈 #P2PInfect botnet activity surges 600x with stealthier malware variants
➝ 🦠 📡 Hackers backdoor #telecom providers with new HTTPSnoop malware
➝ 🦠 🐝 #Bumblebee malware returns in new attacks abusing #WebDAV folders
➝ 🔐 #GitHub launches #passkey support into general availability
➝ ☑️ 🐧 Free Download Manager releases script to check for #Linux malware
➝ 💬 🔐 #Signal adds quantum-resistant encryption to its #E2EE messaging protocol
➝ 🍏 🔐 #iOS 17 includes these new security and #privacy features
➝ 🩹 High-Severity Flaws Uncovered in #Atlassian Products and ISC BIND Server
➝ 🩹 😡 Incomplete disclosures by #Apple and #Google create “huge blindspot” for 0-day hunters
➝ 🍏 🩹 Apple emergency updates fix 3 new zero-days exploited in attacks
➝ 🩹 #TrendMicro fixes #endpoint protection zero-day used in attacks
➝ 🩹 #Fortinet Patches High-Severity #Vulnerabilities in FortiOS, FortiProxy, FortiWeb Products
➝ 🔓 Nearly 12,000 #Juniper #Firewalls Found Vulnerable to Recently Disclosed RCE Vulnerability

📚 This week's recommended reading is: "Future Crimes: Everything Is Connected, Everyone Is Vulnerable and What We Can Do About It" by Marc Goodman

Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️

2 days ago

Habt einen guten Start in die neue Woche - und bleibt sicher 😉🔐👍⭐️⭐️⭐️

(c) Kostas Koufogiorgos #CyberResilienceAct #CRA #HateSpeech #Cybercrime

3 days ago

Having Telegram offer users cryptowallets means to nothing but an attempt at strengthening their position as a favoured platform with the cyber criminal ecosystem.

Oh, you are going to facilitate a payment system next with low fee conversion to dollars or euros? What a surprise that would be.

Any one else been thinking about this?

#Telegram #Crypto #CyberCrime

Unlock Security
4 days ago

"Possiamo attaccare i siti web di potenziali clienti per ottenere una leva commerciale più efficace?"

Questa è una domanda che ci è stata posta spesso, e la risposta è no.

Il dubbio è lecito, perché online esistono servizi che permettono di fare delle scansioni di sicurezza su qualsiasi URL. In realtà, l'𝐚𝐫𝐭𝐢𝐜𝐨𝐥𝐨 𝟔𝟏𝟓 𝐭𝐞𝐫 𝐝𝐞𝐥 𝐂𝐨𝐝𝐢𝐜𝐞 𝐏𝐞𝐧𝐚𝐥𝐞 dice:

"Chiunque abusivamente si introduce in un sistema informatico o telematico protetto da misure di sicurezza ovvero vi si mantiene contro la volontà espressa o tacita di chi ha il diritto di escluderlo, è punito con la reclusione fino a tre anni".

Quindi chiunque testi un sito web senza autorizzazione, rischia fino a 3 anni di reclusione. Non è un caso che i servizi di scansione di sicurezza richiedano di dichiarare di essere autorizzati a testare quello specifico sito web.

Seguici per altri consigli su come evitare la prigione 👍

#securityawareness #hacking #diritto #cybercrime #informationsecurity #thinksecure

Harry Sintonen
4 days ago

In latest news, Aleksanteri (before: Julius) Kivimäki is also suspected of 14151 breaches of other computer systems, along with the most prolific #Vastaamo case. These suspected breaches happened during the same time frame as the Vastaamo case.

Unfortunately it seems quite unlikely that these cases will be investigated, mainly because doing so would take such a long time that the right to prosecute would expire. This is a flaw in the Finnish legal system, and people get away with crimes all the time due to the expiration.

Source (in Finnish): #cybercrime #prosecution

Max Schleiffer
4 days ago

Researchers are tracking a new cybercrime group that is using an unprecedented extortion tactic. The gang, which operates through a blog called Ransomed, tells victims that if they don't pay to protect stolen files, they'll be fined under data protection laws like the EU's GDPR.
#gdpr #ransomware #cybercrime

heise Security
5 days ago

Nach DDoS-Attacke: Grenzterminals an kanadischen Flughäfen ausgefallen

Am Sonntag kam es zu Problemen an kanadischen Flughäfen. Grenzterminals waren nach einer DDoS-Attacke ausgefallen.

#Cybercrime #Security #news

Blick aus einem Wartebereich des Flughafens Barcelona, im Hintergrund ein startendes Flugzeug.
Harry Sintonen
6 days ago

#Cybersecurity before #cyber - "The Computer Chronicles - Computer Security (1984)"

40 years later and the problems are the same, just a fair bit larger in scope. #infosec #cybercrime #computerchronicles

Miguel Afonso Caetano
6 days ago

#Crypto #Cryptocurrencies #Cybersecurity #Cybercrime: "Billionaire Mark Cuban has long been a major supporter of cryptocurrencies, promoting Bitcoin as a better investment than gold and criticizing security regulators’ approach to reigning in the industry. Now, he’s been hit with a nearly $1 million loss after falling victim to a phishing scam.

The substantial theft was first spotted by an anonymous blockchain watcher on social media, who noticed that Cuban’s crypto wallet was being drained of all its funds on Friday. “Lmao, did Mark Cuban's wallet just get drained? Wallet inactive for 160 days and all assets just moved,” said WazzCrypto in a tweet with an attached screenshot of Cuban’s wallet activity. The losses amounted to roughly $870,000, according to blockchain data from the attacker’s crypto address."

heise online
6 days ago

Mittwoch: Helfersuche für Google Maps, Social Engineering für Cyberangriffe

Freiwillige für Maps + Cyberkriminelle mit Social-Tricks + SBF-Eltern verklagt + oneAPI neu organisiert + Nikon Z f im Retro-Look + X-Paywall gegen Bot-Armeen

#Cybercrime #Cybersecurity #Datenklau #ElonMusk #Google #GoogleMaps #HighPerformanceComputing #Kamera #Kartendienste #Kriminalität #Kryptowährung #LinuxFoundation #Nikon #Twitter #Vollformat #news

Google Maps geht auf US-Roadtour; Mittwoch: Road-Mapper, Casino-Hacker, FTX-Eltern, oneAPI-Evolution, Retro-Nikon & Musks X-Paywall
heise online
1 week ago

Casino-Hacker haben neben MGM und Caesars drei weitere Unternehmen angegriffen

Die Cyberkriminellen hinter den Casino-Angriffen haben jüngst auch drei Firmen anderer Branchen attackiert. Hier wurde ebenfalls Social Engineering eingesetzt.

#Cybercrime #Cybersecurity #Datenklau #Glücksspiel #Hacking #Ransomware #Security #news

Straßenszene Las Vegas Strip mit großem Leuchtschild "MGM"
Marcel Roth
1 week ago

#Cybercrime und #Wissenschaft - spannender geht's gar nicht.

Für die Kollegen von MDR Wissen habe ich ein paar Erkenntnisse zusammengetragen. Z.B dass Cybercrime und konventionelle Kriminalität sich gegenseitig mit ihren "Fähigkeiten" unterstützen. Cybercrime wird deshalb gewalttätiger, sagt ein Experte.

Getroffen habe ich ihn in #Halle; nach der "Human Factor in Cybercrime Conference" (HFC! In Halle! 🤭)



heise online
1 week ago

Montag: KI in Justiz und Verwaltung, Deutschland ohne Strategie zur Kernfusion

CDU mit KI-Positionspapier + Kernfusion in Deutschland + Digitalisierung hilft Kriminellen + KI mit geometrischer Kunst + Stromversorgung mit wenig Ausfällen

#Arbeitswelt #Cybercrime #Cybersecurity #Digitalisierung #Energie #ErneuerbareEnergie #Forschung #KünstlicheIntelligenz #Regulierung #Solarenergie #Stromversorgung #Windkraft #news

Ein weiblich anmutender Roboter sitzt vor einem Mischpult mit Bildschirmen und singt oder spricht in ein Mikrofon; Montag: KI-Initiativen, Kernfusion-Rückstand, Cyber-Untergrund, KI-Kunst & Stromausfall-Tiefstand
heise online
1 week ago

Missing Link: Digitalisierung befeuert milliardenschwere Untergrundwirtschaft

Online bestellbare Auftragsarbeiten ("Crime-as-a-Service"), Verschlüsselung, FinTech, Neobanken und Kryptowährungen beflügeln laut Europol die Kriminalität.

#MissingLink #Kriminalität #Cybercrime #eCommerce #Kryptowährung #Metaverse #NFT #news

More bad guys sending garbage texts. This is blatant phishing. Maybe spear phishing? The URL was registered yesterday, Friday. Smart, they have all weekend to #cybercrime because many companies typically don’t staff fraud teams on the weekend.

Reported to name silo (registrar) as well as ATT (SMS provider) and the anti phishing working group. (

#FightBack #Spam #Phishing

Text message from today at 4:38 PM:

Costco: We want to hear how we are doing. Help us with some answers so we can better serve you in the future.
Dear Costco Shopper, Thank You and Congratulations!
Please complete the short survev about Costco to select your exclusive offer of up to $100.00 cash value.

This special is available until September 16, 2023
heise online
1 week ago

Neue Webinare zum Schutz vor Cyberangriffen

In fünf Webinaren vom 23.10. bis 27.11.2023 lernen IT-Verantwortliche und Admins von den Profis der SySS GmbH, Hackern stets einen Schritt voraus zu sein.

#Cybercrime #Cybersecurity #Datenschutz #Security #Phishing #news

heise online
2 weeks ago

BGH: Urteile im Cyberbunker-Prozess größtenteils bestätigt

Hatte es in der Verhandlung noch den Anschein, als könnte der BGH eine Neuauflage des Cyberbunker-Prozesses anordnen, wurden die Urteile jetzt doch bestätigt.

#Cybercrime #news

Server im "Cyberbunker"
heise online
2 weeks ago

Ransomware-Verdacht: Sicherheitsvorfall bei US-Hotelkette MGM Resorts

Nach einem “Vorfall” hat die US-Hotelkette MGM Resorts ihre IT-Systeme heruntergefahren. Betroffen sind auch die Casinos in Las Vegas. Der Verdacht: Ransomware.

#Cybercrime #Glücksspiel #Ransomware #news

Straßenszene Las Vegas Strip mit großem Leuchtschild "MGM"
Boerps ☑️
2 weeks ago

Kann man Nordkorea nicht mal im Netz blocken?
#hacking #Cybercrime

Restaurants should have closed and analysts say they suspect their only purpose is to 'launder money'.#Crime #Cybercrime #Politics #AsiaPacific #Laos #NorthKorea
Few customers but plenty of cash?: N Korean restaurants remain open in Laos
heise Security
3 weeks ago

l+f: Das rätselhafte root-Passwort

Das ISC hat auf Honeypots ausprobierte Benutzernamen und Passwörter veröffentlicht. Das am häufigsten genutzte root-Passwort gibt Rätsel auf.

#Cybercrime #Hacking #lostfound #Security #news

heise online
3 weeks ago

Trickbot-Malware: USA und Großbritannien verhängen Sanktionen gegen mehr Russen

Die USA und Großbritannien ziehen mehr mutmaßliche Cyberkriminelle aus der Anonymität. Gegen mehrere Russen wurden Sanktionen verhängt und Anklagen eingereicht.

#Cybercrime #Malware #Ransomware #Hacking #Sanktionen #news

Hände am Laptop im Gegenlicht, Vordergrund im Dunklen
Steve Herman
3 weeks ago

US, in coordination with the UK, sanctions 11 individuals who are part of the #Russia based Trickbot #cybercrime group.

heise Security
3 weeks ago

Lockbit veröffentlicht Daten von britischem Hochsicherheits-Zaunbauer

Ein Windows-7-PC war Einfallstor: Lockbit konnte bei einem Zaunbauer für Hochsicherheitsbereiche aus dem Vereinigten Königreich einbrechen und Daten stehlen.

#Cybercrime #Ransomware #news

Violet Blue
3 weeks ago

New roundup:

Scientology fights "right to repair" while Russia hijacks UN cybercrime treaty, a privacy research paper on the visually impaired, thoughts (and details) on Jill Biden's 2nd covid infection while the White House insists "we're in a better place," and more.

#cybersecurity #cybercrime #infosec #covid #covidisntover #maskup #firstlady #biden #jillbiden #scientology #righttorepair #mastercard #trickbot #privacy

Photo of a very round chonky orange cat on a skateboard wearing cat sized wraparound sunglasses. The image is emblazoned with the logo "Cyberpunk 2077."
securityskeptic :donor: :verified:
3 weeks ago

Phishing Attacks Surge Despite Increased Awareness, New Strategies Needed

CircleID gives a nice summary of our 2023 Phishing Landscape study

The reporter did not include a link to the study proper so if you're a glutton for measurements grab

#phishing #cybercrime #dnsabuse #fraud

📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #35/2023 is out! It includes the following and much more:

➝ 🔓 🏌🏻‍♂️Golf gear giant #Callaway data breach exposes info of 1.1 million
➝ 🔓👕 Forever 21 data breach affects half a million people
➝ 🔓 🤦🏻‍♂️ #LogicMonitor customers hit by hackers, because of default passwords
➝ 🇺🇸 ⚖️ Lawsuit Accuses University of Minnesota of Not Doing Enough to Prevent #DataBreach
➝ 🎬 🔓 #Paramount discloses data breach following security incident
➝ 🏥 🔓 #Healthcare Organizations Hit by Cyberattacks Last Year Reported Big Impact, Costs
➝ 🇺🇸 🌎 #Microsoft joins a growing chorus of organizations criticizing a #UN cybercrime treaty
➝ 🇺🇸 🦠 U.S. Hacks #QakBot, Quietly Removes Botnet Infections
➝ 🇷🇺 🇺🇦 #Russia targets #Ukraine with new Android #backdoor, intel agencies say
➝ 🇷🇺 🕵🏻‍♂️ Unmasking #Trickbot, One of the World’s Top Cybercrime Gangs
➝ 🇨🇳 👀 ‘Earth Estries’ #Cyberespionage Group Targets Government, Tech Sectors
➝ 🇨🇳 Chinese Hacking Group Exploits Barracuda Zero-Day to Target Government, Military, and Telecom
➝ 💸 🇪🇺 Pay our ransom instead of a #GDPR fine, #cybercrime gang tells its targets
➝ 🇺🇸 🇨🇳 #Meta: Pro-Chinese influence operation was the largest in history
➝ 🇪🇸 📸 Spain warns of #LockBit Locker ransomware phishing attacks
➝ 🇵🇱 🚂 Two Men Arrested Following #Poland Railway Hacking
➝ 🇰🇵 🐍 #Lazarus hackers deploy fake #VMware PyPI packages in #VMConnect attacks
➝ 💸 #Classiscam fraud-as-a-service expands, now targets banks and 251 brands
➝ 💬 🎠 Trojanized #Signal and #Telegram apps on Google Play delivered spyware
➝ 🦠 📄 MalDoc in PDFs: Hiding malicious Word docs in PDF files
➝ 🇧🇷 👀 A Brazilian phone #spyware was hacked and victims’ devices ‘deleted’ from server
➝ 👨🏻‍💻 🔐 #GitHub Enterprise Server Gets New Security Capabilities
➝ 🚗 💰 Over $1 Million Offered at New #Pwn2Own #Automotive Hacking Contest
➝ 🩹 #Splunk Patches High-Severity Flaws in Enterprise, IT Service Intelligence
➝ ⛏️ 🔓 Recent #Juniper Flaws Chained in Attacks Following #PoC Exploit Publication

📚 This week's recommended reading is: "Spam Nation: The Inside Story of Organized Cybercrime―from Global Epidemic to Your Front Door" by @briankrebs

Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️

4 weeks ago

Cyberkriminalität: Bitkom beziffert Schaden auf 206 Milliarden Euro

Durch Diebstahl von IT-Ausrüstung und Daten sowie durch Industriespionage und Sabotage entstehen der deutschen Wirtschaft dieses Jahr 206 Milliarden Euro Schaden. Das ergab eine Bitkom-Umfrage. Immer mehr Attacken kommen aus Russland und China.


#Cybercrime #Bitkom

Matt Burgess
4 weeks ago

New: In early 2022, a mysterious leaker published a huge cache of information from inside the Russian cybercrime group Trickbot. For months, me and @lhn have worked to uncover the real world identity of one of the gang's central members, putting a face to the anonymous activity.

Bentley, also known as Maksim Galochkin, is one of the top couple of members of Trickbot and is responsible for managing 21 people who make sure its ransomware works properly. He's a cryptocurrency enthusiast, hates working from home, and has a history of launching IT companies in Russia.

We also dive into the inner workings of the group and their links to the Russian state.

#infosec #cybersecurity #cybercrime #tech #news

4 weeks ago

Where there is cybercrime, there is crypto; and where there is crypto there is a need for conversion into cash services.

So with this introduction by Binance announcing Send Cash, I predict that some of these countries will begin to be favored by cyber criminals.

Anyone dare to predict otherwise? ;-)

#Crypto #CyberCrime #ThreatIntel

Microsoft joins a growing chorus of organizations criticizing a UN cybercrime treaty.

Critics say the draft version of the global treaty backed by #China and #Russia could be used to persecute security researchers and activists.

#cybersecurity #privacy #infosec #cybercrime

1 month ago

Schwerer Schlag gegen Japans nationale IT-Sicherheit: Chinesische Hacker waren mehrere Monate im Netz der staatlichen Cyber-Sicherheitsbehörde NISC. #spionage #japan #china #cybercrime #cybersecurity #hackerangriff

Ehrenreich Meuchel
1 month ago

In .AT Land soll "in 38 Regionen jeweils eine Schwerpunktdienststelle entstehen". Dort " sollen dann #Cybercrime-Spezialisten und -Spezialistinnen usw eine „Cybercobra“ bilden.

A #CyberCobra Oida! Da Fraunz, da Fredl, de Sabrina & da Kevin wern a echte, rustikale #Kyberei!
1 month ago

Our Policy Advisor Tanja Fachathaler speaks at a packed side-event to the UN #Cybercrime treaty negotiations in New York to remind everyone about the human rights implications and what’s at stake for our freedom online.

Matt Burgess
1 month ago

New: Every year, criminal hacker forums host a weird event: research and writing contests for their members. Cybercriminals can pen articles and have the chance to win thousands of dollars.

New analysis from Sophos, dives into these strange competitions. In the last few years, the contests have grown in size, receiving dozens of entries, and have prize pots of up to $80,000.

The contests have rules—no plagiarizing(!), entries must be of a certain length, and be properly formatted. What's more, some of the contests are sponsored by big time cybercrime groups

#cybersecurity #infosec #news #technology #cybercrime

Moscow helping cybercriminals operate with 'near impunity': Canadian Cyber Centre | CityNews Toronto #Crime #Moscow #Cybercrime #CdnCyberCentre #Iran #Russia #cdnpoli @cdnpoli

heise online
1 month ago

GTA-6-Videos veröffentlicht: Mitglieder der Hackergruppe "Lapsus$" vor Gericht

Sie veröffentlichten Videos von GTA 6 und erpressten große Tech-Konzerne. Zwei Teenager, die für "Lapsus$" aktiv waren, müssen sich vor Gericht verantworten.

#Cybercrime #Microsoft #news

heise Security
1 month ago

Schweiz: Daten der Militärpolizei im Darknet aufgetaucht

Nach dem Angriff auf die Softwarefirma Xplain sind nun auch Daten der Schweizer Militärpolizei im Darknet entdeckt worden. Die Armee gibt Entwarnung.

#Cybercrime #Cybersecurity #Darknet #Ransomware #news

heise online
1 month ago


Ransomware-Angriff: Alle Daten bei CloudNordic futsch

Der dänische Clouddienstleister CloudNordic hat bei einem Ransomware-Angriff vor dem Wochenende sämtliche Kundendaten verloren.

#Backup #CloudComputing #CloudNordic #Cyberangriff #Cybercrime #Daten #Ransomware #Rechenzentrum #Security #Umzug

heise online
1 month ago

Neue Webinare zum Schutz vor Cyberangriffen

In fünf Webinaren vom 23.10. bis 27.11.2023 lernen IT-Verantwortliche und Admins von den Profis der SySS GmbH, Hackern stets einen Schritt voraus zu sein.

#Cybercrime #Cybersecurity #Datenschutz #Security #Phishing #news

heise online
1 month ago

Cyberbunker-Prozess: Möglicherweise Wiederholung vor dem Landgericht

Der Prozess um den sogenannten Cyberbunker könnte ans Landgericht zurückverwiesen werden. Das deutete sich jetzt in der Revisionsverhandlung vor dem BGH an.

#BGH #Cybercrime #Cybersecurity #news

Schreibtisch mit sechs Bildschirmen

📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #33/2023 is out! It includes the following and much more:

➝ 🇬🇧 👮🏻‍♂️ #Norfolk and #Suffolk police: Victims and witnesses hit by #databreach
➝ 💬 🔓 confirms breach after hacker steals data of 760K users
➝ 🇺🇸 🏥 #Health plan provider PH TECH joins MOVEit victim list, 1.7 million exposed
➝ 🌍 👮🏻‍♂️ #Interpol arrests 14 suspected cybercriminals for stealing $40 million
➝ 🇮🇷 #Iran and the Rise of Cyber-Enabled Influence Operations
➝ 🎣 📨 Major U.S. energy org targeted in QR code #phishing attack
➝ 🦠 💸 Jon DiMaggio’s demystifying #LockBit’s Secrets in his latest Ransomware Diaries Vol. 3
➝ 🔓 🎠 Approximately 2000 #Citrix NetScalers backdoored in mass-exploitation campaign
➝ 🇮🇷 Charming Kitten Targets Iranian Dissidents with Advanced Cyber Attacks
➝ 🇺🇸 💸 #FBI warns of increasing #cryptocurrency recovery scams
➝ 🇵🇱 👮🏻‍♂️ #LOLEKHosted admin arrested for aiding Netwalker ransomware gang
➝ 🇷🇺 👨🏻‍⚖️ #Russia slaps #Reddit, #Wikipedia with fines
➝ 🇨🇳 ⚡️ #Tesla reassures Chinese users on #datasecurity amid spying concerns
➝ 🇮🇱 🇺🇸 #Israel, US to Invest $4 Million in Critical Infrastructure Security Projects
➝ 💸 🐈‍⬛ New #BlackCat Ransomware Variant Adopts Advanced Impacket and RemCom Tools
➝ 🦠 🦝 Raccoon Stealer #malware returns with new stealthier version
➝ 💸 🐧 Monti #Ransomware Returns with New #Linux Variant and Enhanced Evasion Tactics
➝ 🏴‍☠️ 💻 Over 120,000 Computers Compromised by Info Stealers Linked to Users of #Cybercrime Forums
➝ 🤖 🌪️ Google Brings AI Magic to Fuzz Testing With Eye-Opening Results
➝ 🔑 #Google Introduces First #Quantum Resilient #FIDO2 Security Key Implementation
➝ 🐮 👀 Cult of the Dead Cow releases #Veilid: A secure open-source Peer-to-Peer network for apps that flips off the surveillance economy
➝ 📱 Threat actors use beta apps to bypass mobile app store security
➝ 🛰️ ☠️ How a hacking crew overtook a #satellite from inside a Las Vegas convention center and won $50,000
➝ 🃏 🔓 How to hack #casino card-shuffling machines
➝ 🇫🇷 🏧 Iagona ScrutisWeb Vulnerabilities Could Expose #ATM's to Remote Hacking

📚 This week's recommended reading is: "The Cuckoo's Egg: Tracking a Spy Through the Maze of Computer Espionage" by Clifford Paul "Cliff" Stoll

Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️

Matt Burgess
1 month ago

For the last three years, hackers have been logging into one honeypot setup by security researchers. When they do, the researchers have recorded their screens, every mouse click, keyboard tap, and also grabbed clipboard data.

This has resulted in more than 100 hours of data on the behaviour of cyber criminals. Here’s what can be learned from it #cybersecurity #cybercrime #windows #infosec #blackhat

2 months ago

The cyber crime group KittenSec has released a portion of data from Free (, a French internet provider.

They didn't manage to release a significant amount since they were interrupted before downloading the entire 110GB of data.

This leak, totaling 7.45 Gigabytes, includes employee lists and other relevant information.

@SofiaScozzari @stefanofavarato @AlvieriD @amvinfe

#databreach #dataleak #cybercrime #infosec #hackmanac #telegram #france #telco

📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #31/2023 is out! It includes the following and much more:

➝ 🐛 ✂️ Researchers Uncover New High-Severity #Vulnerability in #PaperCut Software
➝ 🇮🇱 🦠 #Israel cybersecurity agency says no breach after senior official self-infects home PC with #malware
➝ 🇺🇸 CISA’s strategic plan adheres to overall Biden administration direction on cybersecurity
➝ 🩹 ❌ Top 12 vulnerabilities list highlights troubling reality: many organizations still aren’t #patching
➝ 🐬 🔓 Hacking tool #FlipperZero tracked by intelligence agencies, which fear white nationalists may deploy it against power grid
➝ 🔥 🔓 Hundreds of #Citrix NetScaler ADC and Gateway Servers Hacked in Major Cyber Attack
➝ ⚡️ 🔓 Researchers jailbreak a #Tesla to get free in-car feature upgrades
➝ 🏭 📊 Industrial Control Systems Vulnerabilities Soar: Over One-Third Unpatched in 2023
➝ 🇷🇺 👥 Russian hackers target govt orgs in #Microsoft Teams #phishing attacks
➝ 🩹 🔓 #Rapid7 found a bypass for the recently patched actively exploited #Ivanti EPMM bug
➝ 🙈🔓 #Tenable CEO accuses Microsoft of negligence in addressing security flaw
➝ 🎣 📨 Hackers exploited #Salesforce zero-day in #Facebook phishing attack
➝ 🇺🇸 ☁️ US internet hosting company appears to facilitate global #cybercrime, researchers say
➝ 🇨🇳 🇪🇺 #China's #APT31 Suspected in Attacks on Air-Gapped Systems in Eastern Europe
➝ 🦠 💸 Schools Are Now the Leading Target for Cyber Gangs as Ransom Payments Encourage Attacks
➝ 🇺🇸 🇨🇳 Possible Chinese Malware in US Systems - a ‘Ticking Time Bomb’
➝ 🇮🇹 🏦 Cybercriminals Renting #WikiLoader to Target Italian Organizations with Banking Trojan
➝ 🇺🇸 🇨🇳 Microsoft downplays damaging report on Chinese hacking its own engineers vetted
➝ 🇯🇴 💬 #Jordan adopts cybercrime law seen as threat to #freespeech
➝ 🇪🇬 🏥 Hacker Claims to Have Stolen Sensitive Medical Records from #Egypt's Ministry of Health
➝ 🔓 💰 #BankCard USA surrenders and pays #ransom

📚 This week's recommended reading is: "Art of Software Security Assessment, The: Identifying and Preventing Software Vulnerabilities" by Mark Dowd, John McDonald, and Justin Schuh

Subscribe to the #infosecMASHUP newsletter to have it piping hot in your inbox every week-end ⬇️

deltatux :donor:
2 months ago

#Hackers have been selling nude videos of children from hacked baby monitors on #Telegram.

Another reminder that many things shouldn't be connected to the
#Internet, many #IoT devices have really poor #security. This includes many "smart" devices that are advertised to parents to watch their little ones.

These are the times when convenience shouldn't be at the expense of security &
#privacy. When buying baby monitors, make sure to find ones that work without WiFi setup. Find models that where WiFi is optional and comes with a viewing device bundled. These devices may also have questionable security as well, but at least they're not connected to the Internet...

#infosec #cybersecurity #BabyMonitor #news #technews #databreach #cybercrime

heise online
3 months ago

Auf Phishing reingefallen: Landesministerium überweist Kriminellen 225.000 Euro

Sachsens Gesundheitsministerium hat eine betrügerische Rechnung bezahlt und Kriminellen 225.000 Euro überwiesen. Vor der Masche hat das LKA schon 2016 gewarnt.

#Kriminalität #Cybercrime #Phishing #news

📨 Latest issue of my curated #cybersecurity and #infosec list of resources for week #26/2023 is out! It includes, but not only:

➝ 🦠 🇺🇸 Schools say US teachers’ retirement fund was breached by #MOVEit hackers
➝ 🇨🇳 🇺🇸 Chinese spy #balloon did not collect information over US, #Pentagon says
➝ 🇨🇳 🦠 #TSMC Says Supplier Hacked After #Ransomware Group Claims Attack on Chip Giant
➝ 🇷🇺 Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks
➝ 🇷🇺 🛰️ Hackers attack Russian #satellite telecom provider, claim affiliation with #WagnerGroup
➝ 🇬🇧 ⚕️ More than a million #NHS patients’ details compromised after cyber attack
➝ 📊 🐛 #MITRE releases new list of top 25 most dangerous software #bugs
➝ 🇷🇺 Pro-Russia DDoSia hacktivist project sees 2,400% membership increase
➝ 💻 🛡️ #Brave Browser boosts privacy with new local resources restrictions
➝ 🦠 🏦 Anatsa Banking #Trojan Targeting Users in US, UK, Germany, Austria, and Switzerland
➝ 🇺🇸 💵 White House releases cybersecurity budget priorities for FY 2025
➝ 🇺🇸 🇧🇷 8Base Ransomware Spikes in Activity, Threatens U.S. and Brazilian Businesses
➝ 🇬🇧 🔐 #Apple speaks out against bill that could mandate #CSAM scanning in iMessage
➝ 🇵🇭 2,700 People Tricked Into Working for Cybercrime Syndicates Rescued in #philippines
➝ 🇩🇪 ⚡️ #Siemens Energy confirms data breach after MOVEit data-theft attack
➝ 🕵🏻‍♂️ 📱 #LetMeSpy, a phone tracking app spying on thousands, says it was hacked
➝ 🦠 💰 Prominent #cryptocurrency exchange infected with previously unseen Mac #malware
➝ 🤖 📝 #LLMs and #IncidentResponse? It Starts with Summarization
➝ 🇺🇸 👨🏻‍🎓Hackers steal data of 45,000 New York City students in MOVEit breach
➝ 🇨🇦 ⛽️ Suncor Energy cyberattack impacts Petro-Canada gas stations
➝ 🦠 🕹️ Trojanized Super Mario Game Installer Spreads SupremeBot Malware
➝ 🇩🇪 💾 SSD missing from #SAP datacenter turns up on #eBay, sparking security investigation

#cyberattack #cybercrime #privacy #security #software #data #banking

📚 This week's recommended reading is: "Alice and Bob Learn Application Security" by @SheHacksPurple

Subscribe to the #newsletter to have it piping hot in your inbox every week-end ⬇️

heise Security
3 months ago

AfD-Mitgliedsanträge frei zugreifbar im Netz

Der Internet-Auftritt der AfD hat ohne Zugriffsschutz Mitgliedsanträge preisgegeben. Ein Web-Verzeichnis stand für jeden frei zugreifbar im Netz.

#AfD #Cybercrime #Datenklau #Security #news

Preston MacDougall
3 months ago

@TheConversationUS @kurteichenwald

The new and flipped mantra of formerly ‘#LawAndOrder ‘ (🍌?) #Republicans is to “defund the #FBI”.

The rise of #cybercrime makes one wonder if their base of support isn’t just #MAGA morons who reject #science and don’t know the difference between fishing and phishing. 🤔

The Conversation U.S.
3 months ago

Criminal gangs are stealing and laundering billions through sham bank accounts, using 100s of 1000s of fake and real identities – possibly including yours. @kurteichenwald led a 4-month investigation that revealed: (🧵) #news #fraud #fullz #CyberCrime

Heists worth billions: An investigation by Georgia State University and THE CONVERSATION
heise Security
3 months ago

ChatGPT: Zugangsdaten zu mehr als 100.000 Konten im Darknet

IT-Sicherheitsforscher haben ChatGPT-Zugangsdaten auf Darknet-Marktplätzen entdeckt. Insgesamt 100.000 Zugänge waren im Laufe des vergangenen Jahres betroffen.

#ChatGPT #Cybercrime #Darknet #Handel #Security #news

heise Security
4 months ago

Ransomware: Schutzkonzept gegen Angriffe

Trotz Maßnahmen gegen Cyber-Angriffe und Ransomware gelingen viele Attacken. Die Daten sind verschlüsselt. Einige Punkte verhelfen zu brauchbaren Backups.

#Backup #Cybercrime #Ransomware #Security #news

heise online
4 months ago

"Genesis Market": Kriminelle Plattform nach "Abschaltung" weiter aktiv

Anfang April wurde der "Genesis Market" angeblich abgeschaltet. Weltweit wurden 119 Personen festgenommen. Ein Teil der Plattform ist aber längst wieder aktiv.

#Cybercrime #Darknet #FBI #Security #news

5 months ago

"Others had been pumping out viruses for months, but Dark Avenger built his to be lethal. His first creation would be known as Eddie. When a user ran a program infected with Eddie, the virus would not start by attacking other files. It would lurk in computer memory and hand back control to the original program." —Scott J. Shapiro for The Guardian

#Longreads #EditorsPicks #CyberCrime #Hackers #Bulgaria #BookExcerpt

heise online
5 months ago

Twitter-Hack: Weiterer Angeklagter bekennt sich zum Krypto-Scam 2020 schuldig

Ein Brite gibt zu, 2020 am Twitter-Hack und der Übernahme prominenter Konten beteiligt gewesen zu sein. Eingezahlte Kryptobeträge sollten verdoppelt werden.

#Bitcoin #Cybercrime #Kryptowährung #news

Graham Cluley
5 months ago

On the trail of the Dark Avenger: the most dangerous virus writer in the world

(Some familiar names from the early days of anti-virus mentioned in this article)

#darkavenger #malware #virus #cybercrime #longread

KI-Pionier Geoffrey Hinton kann sich nicht vorstellen, wie weit KI in 5 Jahren sein wird - auf jeden viel weiter, als er ursprünglich gedacht hat. Ich habe mit 2 Expert*innen darüber gesprochen, wie ernst seine Warnung einzuschätzen ist und wie sie die Gefahren, die er aufzeigt, bewerten

#KI #Google #FakeNews #Cybercrime #Atombome #futurezone

heise online
5 months ago

Kurz informiert: Schulserver, Vorwerk, Western Digital, Deep Floyd If

Unser werktäglicher News-Überblick fasst die wichtigsten Nachrichten des Tages kurz und knapp zusammen.

#Cybercrime #kurzinformiert #Sicherheitslücken #Roboter #WesternDigital #news

c't Magazin
5 months ago

heise+ | 2FA absichern: So schützen Sie sich vor Angriffen auf den zweiten Faktor

Benutzerkonten mit einem zusätzlichen Faktor zu schützen, ist eine gute Idee. Wir zeigen, wie Sie Ihre Accounts abdichten und das Angriffsrisiko minimieren.

#ZweifaktorAuthentisierung #IdentityManagement #Cybercrime #Cybersecurity #Hacking #Security #news

heise online
5 months ago

Namensänderung: Kleinanzeigen löst eBay Kleinanzeigen ab

Nach dem Wechsel des Eigentümers heißt ebay Kleinanzeigen ab Mitte Mai nur noch Kleinanzeigen. Achtung für Betrügern und Fake.

#Cybercrime #eBay #news

heise online
5 months ago

UN-Cybercrime-Konvention: EU streitet mit China und Russland über Datenschutz

Abhören in Echtzeit, staatliches Hacking und Auslieferungen – bei den Verhandlungen über ein UN-Abkommen gegen Cyberkriminalität steht viel auf dem Spiel.

#Überwachung #Cybercrime #Datenschutz #news

Jeremy Kirk
5 months ago

Why is Australia being targeted by cybercriminals? Who was behind the Medibank extortion/ransomaware attempt? How do ransomware gangs work? A deep dive by the ABC's Four Corners with Katherine Mansted, Jon DiMaggio, John Macpherson, Clare O'Neil, yours truly from Intel 471 and more. Thanks to the ABC for their diligent work on this piece.

#cybercrime #informationsecurity #infosec #ransomware #cybersecurity #auspol #Australia

Anne Roth
5 months ago

Nächsten Mittwoch geht's im #Digitalausschuss um die geplante UN-#Cybercrime-Konvention.

Diesmal wieder öffentlich.

(Danach auch noch um Breitband-Förderung.)

cc @netzpolitik_feed @epicenter_works

heise online
5 months ago

Neue Webinare zum Schutz vor Cyberangriffen

In fünf Webinaren vom 07. bis 30. Juni 2023 lernen IT-Verantwortliche und Admins von den Profis der SySS GmbH, Hackern stets einen Schritt voraus zu sein.

#Cybercrime #Cybersecurity #Datenschutz #Security #Phishing #news

heise online
5 months ago

"Wagner-Cybertruppe": Minister warnt vor Angriffen auf britische Infrastruktur

Der britische Minister Dowden warnt vor russischen Cyberangriffen auf Kritis. Die Hacker seien nach dem Vorbild der paramilitärischen Wagner-Gruppe organisiert.

#Cybercrime #Cybersecurity #news