Tag: cybercrime
-
DarkWatchman cybercrime malware returns on Russian networks
by
in SecurityNewsA financially motivated group tracked as Hive0117 recently attacked multiple Russian industries with a retooled version of DarkWatchman malware, researchers said. First seen on therecord.media Jump to article: therecord.media/darkwatchman-malware-russia-cybercrime-hive0117
-
Amazon, CrowdStrike leaders say private threat intel can quickly bring cybercriminals to justice
by
in SecurityNewsThreat intel experts expounded on how their data does not only serve to temporarily disrupt malicious activity, but find, arrest and convict cybercriminals for their offenses. First seen on cyberscoop.com Jump to article: cyberscoop.com/amazon-crowdstrike-threat-intel-law-enforcement/
-
New Gremlin Stealer Advertised on Hacker Forums Targets Credit Card Data and Login Credentials
by
in SecurityNewsA formidable new information-stealing malware dubbed Gremlin Stealer has surfaced in the cybercrime underground, actively promoted since mid-March 2025 on platforms like the Telegram channel CoderSharp. Discovered by Unit 42 researchers at Palo Alto Networks, this malware, crafted in C#, poses a significant risk to individuals and organizations by targeting a wide array of sensitive…
-
Cybercriminals Use GetShared to Sneak Malware Through Enterprise Shields
by
in SecurityNewsCybercriminals are increasingly leveraging legitimate file-sharing platforms like GetShared to bypass enterprise email security systems. A recent case involving a former colleague, previously employed at Kaspersky, highlights this emerging threat. The individual received an authentic-looking email notification from GetShared, a genuine service for transferring large files, claiming that a file named >>DESIGN LOGO.rar
-
Was ist Evasive-Malware? Gefahr im Verborgenen
by
in SecurityNewsIn einer zunehmend digitalisierten Welt entwickelt sich auch die Bedrohungslage stetig weiter. Eine der gefährlichsten Erscheinungen der modernen Cyberkriminalität ist die sogenannte Evasive-Malware. Sie stellt klassische Sicherheitslösungen vor enorme Herausforderungen, da sie gezielt entwickelt wird, um Erkennung, Analyse und Abwehrmaßnahmen zu umgehen. Was versteht man unter Evasive-Malware? Evasive Malware (deutsch: ausweichende Schadsoftware) beschreibt bösartige Programme, die…
-
Threat Actors Accelerate Transition from Reconnaissance to Compromise New Report Finds
by
in SecurityNews
Tags: api, attack, automation, cloud, cyber, cybercrime, data, data-breach, identity, technology, threat, tool, voipCybercriminals are leveraging automation across the entire attack chain, drastically reducing the time from reconnaissance to compromise. The data shows a staggering 16.7% global increase in scans, with over 36,000 scans per second targeting not just exposed ports but delving into operational technology (OT), cloud APIs, and identity layers. Sophisticated tools probe SIP-based VoIP systems,…
-
Infostealers Harvest Over 30,000 Australian Banking Credentials
by
in SecurityNewsDvuln researchers highlighted the growing impact of infostealers on the cybercrime landscape, enabling attackers to bypass traditional defenses First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/infostealers-harvest-banking/
-
Year in Review: AI based threats
by
in SecurityNews2024 wasn’t the year that AI rewrote the cybercrime playbook, but it did turbocharge some of the old tricks. Read this summary of AI-based threats, from Talos’ 2024 Year in Review. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/year-in-review-ai-based-threats/
-
JokerOTP Platform Linked to 28,000+ Phishing Attacks Dismantled
by
in SecurityNewsLaw enforcement agencies from the UK and the Netherlands have dismantled the notorious JokerOTP cybercrime platform, which is allegedly linked to more than 28,000 phishing attacks across 13 countries. A 24-year-old man was apprehended this morning by Cleveland Police at a residence in Middlesbrough, England. He is currently being held in police custody on suspicion…
-
Unbefugter Zugriff bei einem Medienunternehmen aus den USA
by
in SecurityNewsMedia firm Urban One confirms data breach after cybercriminals claim February attack First seen on therecord.media Jump to article: therecord.media/urban-one-data-breach-african-amercian-media
-
Media firm Urban One confirms data breach after cybercriminals claim February attack
by
in SecurityNewsUrban One, the largest media company primarily serving African Americans, disclosed a data breach to regulators. A ransomware group said it had attacked the company. First seen on therecord.media Jump to article: therecord.media/urban-one-data-breach-african-amercian-media
-
RSA Conference 2025, News and analysis
by
in SecurityNews
Tags: ai, automation, conference, cybercrime, cybersecurity, data, defense, detection, edr, identity, ransomware, regulation, tactics, threat, zero-trustAI in cybersecurity (both as a threat and a defense)Cloud security challenges and solutionsThe latest ransomware tactics and how to defend against themPrivacy regulations and data protectionEmerging threats like quantum computingKeep an eye out for emerging trends that will be highlighted at the conference. This year, expect a strong focus on topics such as XDR…
-
Cybersecurity CEO Charged with Installing Malware on Hospital Computers
by
in SecurityNewsJeffrey Bowie, the CEO of cybersecurity company Veritaco, was seen on security camera footage walking into St. Anthony Hospital in Oklahoma City last year and installing malware on an employee computer. He was arrested this month for violating the state’s cybercrime statute. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/04/cybersecurity-ceo-charged-with-installing-malware-on-hospital-computers/
-
âš¡ Weekly Recap: Critical SAP Exploit, AI-Powered Phishing, Major Breaches, New CVEs & More
by
in SecurityNewsWhat happens when cybercriminals no longer need deep skills to breach your defenses? Today’s attackers are armed with powerful tools that do the heavy lifting, from AI-powered phishing kits to large botnets ready to strike. And they’re not just after big corporations. Anyone can be a target when fake identities, hijacked infrastructure, and insider tricks…
-
Zero-Knowledge-Kriminalität: So einfach werden Reisepässe mit KI gefälscht
by
in SecurityNewsIn ihrer neuesten Analyse warnen die Sicherheitsexperten des Cato CTRL-Teams vor einer beunruhigenden Entwicklung im Bereich der Cyberkriminalität: der Einsatz generativer KI zur Erstellung gefälschter Dokumente, insbesondere Reisepässe. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/gefaelschte-paesse-ki-kriminalitaet
-
Gefälschte Pässe: Wie KI die (Cyber-)Kriminalität revolutioniert
by
in SecurityNewsIn ihrer neuesten Analyse warnen die Sicherheitsexperten des Cato CTRL-Teams vor einer beunruhigenden Entwicklung im Bereich der Cyberkriminalität: der Einsatz generativer KI zur Erstellung gefälschter Dokumente, insbesondere Reisepässe. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/gefaelschte-paesse-ki-kriminalitaet
-
Schlendrian an den Netzwerkgrenzen torpediert die Cyberresilienz
by
in SecurityNewsSophos hat seinen ‘Annual Threat Report: Cybercrime on Main Street 2025 ” veröffentlicht. Die Cybersecurity-Fachteams analysieren darin die im Jahr 2024 angesammelten Telemetriedaten aus Sophos-Lösungen, Incident-Response-Fällen sowie MDR-Services. Demnach ist Ransomware nach wie vor die größte Bedrohung gerade für KMUs und profitiert stark von veralteten oder falsch konfigurierten Netzwerkgeräten sie waren Einfallstor Nummer 1 First seen…
-
Cybercriminals Selling Sophisticated HiddenMiner Malware on Dark Web Forums
by
in SecurityNewsCybercriminals have begun openly marketing a powerful new variant of the HiddenMiner malware on underground dark web forums, raising alarms within the cybersecurity community. The malware, a heavily modified Monero (XMR) cryptocurrency miner, attracts buyers due to its advanced stealth capabilities and ease of use, even for less technically skilled threat actors. A New Breed…
-
Pete Hegseth’s Signal Scandal Spirals Out of Control
by
in SecurityNewsPlus: Cybercriminals stole a record-breaking fortune from US residents and businesses in 2024, and Google performs its final flip-flop in its yearslong quest to kill tracking cookies. First seen on wired.com Jump to article: www.wired.com/story/pete-hegseths-signal-scandal-spirals-out-of-control/
-
Darcula phishing toolkit gets AI boost, democratizing cybercrime
by
in SecurityNews
Tags: ai, apt, attack, automation, awareness, china, credentials, cybercrime, defense, detection, endpoint, finance, google, government, group, infrastructure, malicious, network, phishing, resilience, risk, service, skills, smishing, threat, tool, training, updateAI creates push-button phishing attacks: With the latest update to the “darcula-suite” toolkit, users can now generate phishing pages using generative AI that mimics websites with near-perfect accuracy, and in any language.”Users provide a URL of a legitimate brand or service, and the tool automatically visits that website, downloads all of its assets, and renders…
-
‘SessionShark’ A New Toolkit Bypasses Microsoft Office 365 MFA Security
by
in SecurityNews
Tags: 2fa, authentication, cyber, cybercrime, marketplace, mfa, microsoft, office, phishing, service, threatSecurity researchers have uncovered a new and sophisticated threat to Microsoft Office 365 users: a phishing-as-a-service toolkit dubbed “SessionShark O365 2FA/MFA.” Promoted through cybercriminal marketplaces, SessionShark is designed to bypass Microsoft’s multi-factor authentication (MFA) protections”, an alarming escalation in the ongoing battle between defenders and cyber attackers. A Toolkit Purpose-Built to Evade 2FA and MFA…
-
New Report Reveals How AI is Rapidly Enhancing Phishing Attack Precision
by
in SecurityNewsThe Zscaler ThreatLabz 2025 Phishing Report unveils the alarming sophistication of modern phishing attacks, driven by generative AI (GenAI). By examining over 2 billion blocked phishing transactions on the Zscaler Zero Trust Exchange cloud security platform from January to December 2024, the report highlights a seismic shift in cybercriminal tactics. Cybercriminals Leverage GenAI for Hyper-Targeted…
-
Russian VPS Servers With RDP and Proxy Servers Enable North Korean Cybercrime Operations
by
in SecurityNewsTrend Research has uncovered a sophisticated network of cybercrime operations linked to North Korea, heavily utilizing Russian internet infrastructure. Specifically, IP address ranges in the towns of Khasan and Khabarovsk, Russia, assigned to organizations under TransTelecom (ASN AS20485), are pivotal in these activities. Khasan, just a mile from the North Korea-Russia border and connected via…
-
Cyberresilient statt nur cyberresistent
by
in SecurityNewsFünf Tipps für mehr Widerstandfähigkeit gegenüber Cyberangriffen. Cyberangriffe sind für Unternehmen und Organisationen zum Alltag geworden. Die Zahl der registrierten Cybercrime-Fälle bleibt laut aktuellem Lagebild des Bundeskriminalamts zu Cybercrime mit rund 134.000 Fällen in Deutschland auf einem hohen Niveau, wobei die Strafverfolgungsbehörde von einem sehr hohen Dunkelfeld von über 90 Prozent ausgeht [1]. Man… First…
-
Beyond the Inbox: ThreatLabz 2025 Phishing Report Reveals How Phishing Is Evolving in the Age of GenAI
by
in SecurityNews
Tags: access, ai, attack, authentication, best-practice, captcha, cloud, control, credentials, crypto, cyber, cybercrime, data, defense, detection, dmarc, email, exploit, finance, google, identity, jobs, login, malicious, malware, mfa, phishing, radius, risk, scam, spam, strategy, tactics, technology, theft, threat, tool, vulnerability, zero-day, zero-trustGone are the days of mass phishing campaigns. Today’s attackers are leveraging generative AI (GenAI) to deliver hyper-targeted scams, transforming every email, text, or call into a calculated act of manipulation. With flawless lures and tactics designed to outsmart AI defenses, cybercriminals are zeroing in on HR, payroll, and finance teams”, exploiting human vulnerabilities with…
-
FBI: Cybercrime losses hit record-breaking $16.6B last year
by
in SecurityNews
Tags: cybercrimeFirst seen on scworld.com Jump to article: www.scworld.com/brief/fbi-cybercrime-losses-hit-record-breaking-16-6b-last-year
-
Key Takeaways from the FBI’s 2024 IC3 Cybercrime Report
by
in SecurityNews
Tags: cybercrimeFirst seen on scworld.com Jump to article: www.scworld.com/brief/key-takeaways-from-the-fbis-2024-ic3-cybercrime-report
-
FBI: Cybercrime Losses Rocket to $16.6B in 2024
by
in SecurityNewsThe losses are 33% higher than the year before, with phishing leading the way as the most-reported cybercrime last year, and ransomware was the top threat to critical infrastructure, according to the FBI Internet Crime Report. First seen on darkreading.com Jump to article: www.darkreading.com/remote-workforce/fbi-cybercrime-losses-16b-2024
-
Weaponized SVG Files Used by Threat Actors to Redirect Users to Malicious Sites
by
in SecurityNewsCybercriminals are increasingly weaponizing Scalable Vector Graphics (SVG) files to orchestrate sophisticated phishing campaigns. According to research from Intezer, a cybersecurity firm that triages millions of alerts for enterprises globally, attackers are embedding malicious JavaScript within SVG files to redirect unsuspecting users to credential-harvesting phishing sites. This technique, dubbed >>Script in the Shadows,