Tag: cybercrime
-
Oracle EBS 2025 campaign impacts Madison Square Garden, sensitive data leaked
Madison Square Garden confirmed a data breach tied to the 2025 Oracle E-Business Suite hacking campaign. Madison Square Garden (MSG) has confirmed it was affected by a data breach linked to the 2025 cybercrime campaign targeting Oracle’s E-Business Suite (EBS) customers. Madison Square Garden (MSG) is a world-famous multi-purpose indoor arena located in New York…
-
Turns out most cybercriminals are old enough to know better
Law enforcement data shows profit-driven cybercrime is dominated by 35- to 44-year-olds, not script kiddies First seen on theregister.com Jump to article: www.theregister.com/2026/03/03/turns_out_most_cybercriminals_are/
-
Compromised Site Management Panels are a Hot Item in Cybercrime Markets
Compromised cPanel credentials are being sold in bulk across underground channels as plug-and-play phishing and scam infrastructure. Flare explains how analyzing 200,000 underground posts reveals a commoditized market for hacked site management panels. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/compromised-site-management-panels-are-a-hot-item-in-cybercrime-markets/
-
Internationaler Weltfrauentag Cybercrime kennt kein Geschlecht, aber oft ein Ziel
Der Weltfrauentag feiert dieses Jahr sein 115. Jubiläum. Einerseits macht er aufmerksam auf die Fortschritte in Sachen Gleichberechtigung. Andererseits zeigt er auch neue Risiken auf, die auch in Online-Umgebungen entstehen. Denn in ganz Europa nimmt die Zahl dokumentierter Cyberangriffe auf Frauen zu dazu gehören Cyberstalking, Belästigung oder durch Technologie ermöglichte Bedrohungen. Die Zahlen des BKA […]…
-
Starkiller Phishing Suite Uses AitM Reverse Proxy to Bypass Multi-Factor Authentication
Cybersecurity researchers have disclosed details of a new phishing suite called Starkiller that proxies legitimate login pages to bypass multi-factor authentication (MFA) protections.It’s advertised as a cybercrime platform by a threat group calling itself Jinkusu, granting customers access to a dashboard that lets them select a brand to impersonate or enter a brand’s real URL.…
-
Cybercriminals swipe 15.8M medical records from French doctors ministry
Third-party software supplier breached leading to leak of doctors’ notes First seen on theregister.com Jump to article: www.theregister.com/2026/03/03/french_medical_leak/
-
7 factors impacting the cyber skills gap
Tags: ai, attack, automation, breach, business, ciso, control, cyber, cybercrime, cybersecurity, data, defense, detection, group, incident response, intelligence, jobs, risk, service, skills, strategy, technology, threat, tool, training, vulnerability2. Emerging technologies: New technologies, particularly AI, are contributing to a cyber landscape that’s evolving so quickly it’s hard for even highly skilled cybersecurity professionals to pace, says Dan Lohrmann, CISO at enterprise strategy and consulting firm Presidio.AI-driven threats keep moving the target, allowing cybercriminals to attack with unprecedented levels of speed and agility, Lohrmann…
-
AuraStealer Infostealer Targeting Users with 48 C2 Domains in Ongoing Campaigns
Threat actors are actively deploying a new infostealer dubbed “AuraStealer,” backed by a growing customer base, 48 identified command”‘and”‘control (C2) domains, and multiple ongoing campaigns abusing popular platforms like TikTok and cracked”‘software sites. AuraStealer emerged on Russian”‘language cybercrime forums in mid”‘2025, positioning itself as a successor and competitor to LummaC2 in the wake of Lumma’s…
-
30 Alleged Members of ‘The Com’ Arrested in Project Compass
The global law enforcement crackdown, which began in January 2025, also identified nearly 180 members of the notorious cybercriminal collective. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/30-alleged-members-the-com-arrested-project-compass
-
Europol’s Project Compass nets 30 arrests in crackdown on “The Com”
Europol’s Project Compass led to 30 arrests targeting ‘The Com’ network, identifying 62 victims and protecting four children from harm. A yearlong operation, code-named Project Compass, led by Europol has dealt a major blow to The Com,’ a cybercrime network known for targeting children and teenagers. The joint effort, called Project Compass and coordinated by…
-
Project Compass Operation Cracks Down on “The Com” Cybercrime Collective 30 Arrested, 179 Suspects Identified
An international law enforcement operation named Project Compass has launched a major offensive against >>The Com,<< a dangerous transnational virtual network (TVN). The operation, which began in January 2025, has successfully led to the arrest of 30 suspects and the identification of 179 potential perpetrators connected to the sprawling cybercrime collective. Led by the European…
-
ISMG Editors: Claude and the AI Cybersecurity Reckoning
Also: AI Speeds Cybercrime But There’s No New Playbook; RSAC 2026 Preview. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/ismg-editors-claude-ai-cybersecurity-reckoning-a-30877
-
Europol-led crackdown on The Com hackers leads to 30 arrests
A yearlong Europol-coordinated operation dubbed “Project Compass” has led to 30 arrests and 179 suspects being tied to “The Com,” an online cybercrime collective that targets children and teenagers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-crackdown-on-the-com-cybercrime-gang-leads-to-30-arrests/
-
‘Project Compass’ Cracks Down on ‘The Com’: 30 Members of Notorious Cybercrime Gang Arrested
International law enforcement operation led by Europol targets network of teenagers and young adults involved in ransomware attacks, extortion and other crimes First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/project-compass-com-arrests/
-
Infostealers Drive Massive Brute-Force Attacks on Corporate SSO Gateways with Stolen Credentials
The cybersecurity community is witnessing a rise in credential”‘stuffing attacks targeting corporate Single Sign”‘On (SSO) systems, with recent campaigns focusing on F5 BIG”‘IP devices. To understand the source of the stolen logins, Defused Cyber analyzed a dataset of 70 unique email”‘password pairs used in the attack. When cross”‘referenced with Hudson Rock’s cybercrime database of Infostealer…
-
Ransomware groups switch to stealthy attacks and long-term access
Tags: access, application-security, attack, ciso, control, crime, cyber, cybercrime, cybersecurity, data, detection, encryption, endpoint, exploit, extortion, group, identity, intelligence, monitoring, organized, ransomware, service, software, strategy, supply-chain, switch, theft, threat, tool, vulnerability38% drop in encryption over the past 12 months as more cybercriminals turn to silently exfiltrating data for extortion as their main stock in trade.Picus’ suggestion that the volume of ransomware attacks is dropping is disputed by other experts.Tony Anscombe, chief security evangelist at endpoint security vendor Eset, offered a contrasting perspective.”In the recent Eset…
-
Police Target Violent Online Predators Incubated by the Com
28 Countries Join Forces to Pursue Violent Online Extremism Targeting Children. A global law enforcement initiative to coordinate the disruption of violent online extremism targeting minors and vulnerable individuals swept up 30 suspected members of The Com, the decentralized, largely Western adolescent cybercrime community. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/police-target-violent-online-predators-incubated-by-com-a-30856
-
Police Target Violent Online Predators Incubated by the Com
28 Countries Join Forces to Pursue Violent Online Extremism Targeting Children. A global law enforcement initiative to coordinate the disruption of violent online extremism targeting minors and vulnerable individuals swept up 30 suspected members of The Com, the decentralized, largely Western adolescent cybercrime community. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/police-target-violent-online-predators-incubated-by-com-a-30856
-
Analysis: Root Cause of Most Security Incidents Traced to Unpatched Firewalls
Tags: access, cybercrime, exploit, firewall, network, ransomware, security-incident, software, vulnerabilityAn analysis of more than two trillion IT events collected during 2025 by Barracuda Networks finds 90% of ransomware incidents exploited firewalls via unpatched software or a vulnerable account that enables cybercriminals to gain access to an IT environment. Merium Khalid, director of offensive security for the security operations center (SOC) at Barracuda Networks, said..…
-
Analysis: Root Cause of Most Security Incidents Traced to Unpatched Firewalls
Tags: access, cybercrime, exploit, firewall, network, ransomware, security-incident, software, vulnerabilityAn analysis of more than two trillion IT events collected during 2025 by Barracuda Networks finds 90% of ransomware incidents exploited firewalls via unpatched software or a vulnerable account that enables cybercriminals to gain access to an IT environment. Merium Khalid, director of offensive security for the security operations center (SOC) at Barracuda Networks, said..…
-
Analysis: Root Cause of Most Security Incidents Traced to Unpatched Firewalls
Tags: access, cybercrime, exploit, firewall, network, ransomware, security-incident, software, vulnerabilityAn analysis of more than two trillion IT events collected during 2025 by Barracuda Networks finds 90% of ransomware incidents exploited firewalls via unpatched software or a vulnerable account that enables cybercriminals to gain access to an IT environment. Merium Khalid, director of offensive security for the security operations center (SOC) at Barracuda Networks, said..…
-
Ransomware payments dropped in 2025 as attack numbers reached record levels: Chainalysis
The rate at which ransomware victims paid cybercriminals fell last year while the overall number of attacks ballooned, Chainalysis found. First seen on therecord.media Jump to article: therecord.media/ransomware-payments-chainalysis-cybercrime
-
Phishing”‘Led Agent Tesla Campaign Uses Process Hollowing and Anti”‘Analysis to Evade Detection
Agent Tesla continues to cement its status as one of the most persistent remote access trojans (RATs) in the global threat landscape. Known for its data”‘stealing capabilities and extensive distribution network, this malware remains a weapon of choice for low”‘skilled cybercriminals seeking sophisticated results. The latest variant follows a multi”‘stage delivery sequence involving several fileless…
-
How to report suspicious activity to Spamhaus (with all the right info!)
Cybercriminals never rest but anyone can play a role in stopping them. Sharing malicious activity is one of the most important ways we can strengthen safety on the internet. Spamhaus Threat Intel Community brings individuals and organizations together to share threat data and block spam, phishing, and malware campaigns worldwide. Find out how you can…
-
Hacker kompromittieren immer schneller
Tags: access, ai, crowdstrike, cyberattack, cybercrime, hacker, LLM, malware, north-korea, threat, toolDer Einsatz von KI-Tools macht Cyberangriffe nicht nur schneller, sondern erhöht auch die Taktzahl.Crowdstrike hat die aktuelle Ausgabe seines Global Threat Report veröffentlicht mit mehreren bemerkenswerten Erkenntnissen.So benötigte ein Angreifer im Jahr 2025 im Schnitt nur noch 29 Minuten, um sich vollständigen Zugriff auf ein Netzwerk zu verschaffen. Damit läuft die Kompromittierung rund 65 Prozent…
-
Wenn KI Cyberangriffe beschleunigt: Diese Maßnahmen sollten Unternehmen jetzt für mehr digitale Resilienz ergreifen
Mit der rasanten Entwicklung künstlicher Intelligenz (KI) erreicht auch die Cyberkriminalität eine neue Dimension. Was früher erheblichen technischen Aufwand und personelle Ressourcen erforderte, lässt sich heute mithilfe intelligenter Algorithmen automatisieren, skalieren und gezielt optimieren. Angriffe werden personalisierter, dynamischer und deutlich schwerer zu erkennen. Unternehmen sehen sich damit einer neuen Qualität digitaler Bedrohungen gegenüber, die klassische……
-
Steaelite RAT Drives Surge in Double Extortion Attacks on Enterprises
A newly surfaced Remote Access Trojan (RAT) named Stealer is rapidly gaining traction across cybercrime networks, fueling a fresh wave of double-extortion incidents against enterprise targets. It offers features such as HVNC (Hidden Virtual Network Computing) monitoring and banking application bypass capabilities once reserved for advanced, custom-built malware teams. Steaelite’s marketing strategy mirrors that of commercial malware projects. The developer has actively…
-
Steaelite RAT combines data theft and ransomware management capability in one tool
Tags: access, android, attack, authentication, awareness, business, corporate, credentials, crypto, cybercrime, data, ddos, defense, encryption, endpoint, extortion, infection, infosec, malware, mobile, monitoring, password, phishing, ransomware, rat, remote-code-execution, theft, threat, tool, training, windowsCSO that this isn’t the most sophisticated RAT he’s seen. “The novel aspect here,” he said, “is the convergence. Steaelite bundles remote access, credential harvesting, data exfiltration, and ransomware (currently in development) in a single package.” Traditionally, he explained, these capabilities have occupied different parts of the cybercrime toolchain, but Steaelite unifies the functions, giving…
-
Ransomware hammers manufacturing sector
Ransomware attacks on manufacturers are skyrocketing. For cybercriminals, the sector sits at a sweet spot on the risk-reward continuum. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366639452/Ransomware-hammers-manufacturing-sector