Tag: cybercrime
-
YouTube ‘Ghost Network’ Spreads Infostealer via 3,000 Fake Videos
Check Point Research exposed a sophisticated, role-based operation called the YouTube Ghost Network, distributing dangerous Lumma and Rhadamanthys Infostealer malware. Learn how cybercriminals use hijacked channels and bots to triple malicious video output and steal user credentials. First seen on hackread.com Jump to article: hackread.com/youtube-ghost-network-infostealer-fake-videos/
-
Proton Warns of 300 Million Stolen Login Details Circulating on Dark Web
Tags: breach, credentials, cyber, cybercrime, dark-web, data, data-breach, leak, login, monitoring, privacy, technologyPrivacy-focused technology company Proton has issued a warning about the escalating data breach crisis, revealing that hundreds of millions of stolen login credentials are actively circulating on the dark web. Through its Data Breach Observatory initiative, Proton is directly monitoring underground cybercriminal forums to identify and report data leaks in real time, helping businesses protect…
-
AdaptixC2: When Open-Source Tools Become Weapons
Cybercriminals are turning AdaptixC2, an open-source security tool, into a weapon for ransomware attacks. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/threats/adaptixc2-when-open-source-tools-become-weapons/
-
ISMG Editors: UN Cybercrime Treaty Raises Privacy Fears
Also: Hospital Scandal Exposes HIPAA Risks; Jamf Acquisition Signals Industry Shift. In this week’s panel, ISMG editors discussed privacy concerns related to the U.N. Cybercrime Treaty, the legal fallout from candid photos of patients at Baptist Jay Hospital posted to SnapChat, and the market implications for Francisco Partners’ acquisition of Apple device management firm Jamf.…
-
Unpatched Windows vulnerability continues to be exploited by APTs (CVE-2025-9491)
A Windows vulnerability (CVE-2025-9491, aka ZDI-CAN-25373) that state-sponsored threat actors and cybercrime groups have been quietly leveraging since at least 2017 continues … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/31/zdi-can-25373-cve-2025-9491-exploited-again/
-
US Stands Out in Refusal to Sign UN Cybercrime Treaty
The agreement aims to help law enforcement prosecute cross-border cybercrime, but the final treaty could allow unchecked surveillance and human-rights abuses, critics say; and, it includes no protection for pen-testers. First seen on darkreading.com Jump to article: www.darkreading.com/cybersecurity-operations/us-refuses-sign-un-cybercrime-treaty
-
Beware of Fake ChatGPT Apps That Spy on Users and Steal Sensitive Data
The proliferation of artificial intelligence applications has created unprecedented opportunities for cybercriminals to exploit user trust through deceptive mobile apps. Mobile app stores today are flooded with hundreds of lookalike applications claiming to offer ChatGPT, DALL·E, and other AI services. Security researchers have discovered that beneath polished logos and promises of advanced functionality lies a…
-
Three suspected developers of Meduza Stealer malware arrested in Russia
Russia’s Interior Ministry posted a video of raids on suspected developers of the Meduza Stealer malware, which has been sold to cybercriminals since 2023. First seen on therecord.media Jump to article: therecord.media/meduza-stealer-malware-suspected-developers-arrested-russia
-
Hackers Exploit WSUS Flaw to Spread Skuld Stealer Despite Microsoft Patch
Cybercriminals exploit a WSUS vulnerability to deploy Skuld Stealer malware, even after Microsoft released an urgent security patch. First seen on hackread.com Jump to article: hackread.com/hackers-exploit-wsus-skuld-stealer-microsoft-patch/
-
Hackers Exploit WSUS Flaw to Spread Skuld Stealer Despite Microsoft Patch
Cybercriminals exploit a WSUS vulnerability to deploy Skuld Stealer malware, even after Microsoft released an urgent security patch. First seen on hackread.com Jump to article: hackread.com/hackers-exploit-wsus-skuld-stealer-microsoft-patch/
-
Beware of Fake ChatGPT Apps That Spy on Users and Steal Sensitive Data
The proliferation of artificial intelligence applications has created unprecedented opportunities for cybercriminals to exploit user trust through deceptive mobile apps. Mobile app stores today are flooded with hundreds of lookalike applications claiming to offer ChatGPT, DALL·E, and other AI services. Security researchers have discovered that beneath polished logos and promises of advanced functionality lies a…
-
Alleged Conti ransomware gang affiliate appears in Tennessee court after Ireland extradition
Ukrainian national Oleksii Oleksiyovych Lytvynenko faces charges in the U.S. related to his alleged involvement with the Conti cybercrime operation, which attacked hundreds of organizations globally before disbanding in 2022. First seen on therecord.media Jump to article: therecord.media/alleged-conti-ransomware-affiliate-extradited-ireland-tennessee
-
Alleged Conti ransomware gang affiliate appears in Tennessee court after Ireland extradition
Ukrainian national Oleksii Oleksiyovych Lytvynenko faces charges in the U.S. related to his alleged involvement with the Conti cybercrime operation, which attacked hundreds of organizations globally before disbanding in 2022. First seen on therecord.media Jump to article: therecord.media/alleged-conti-ransomware-affiliate-extradited-ireland-tennessee
-
Threat Actors Exploiting Open-Source C2 Frameworks to Deploy Malicious Payloads
Tags: control, cyber, cyberattack, cybercrime, exploit, framework, hacking, intelligence, malicious, open-source, russia, threat, toolThreat intelligence researchers have uncovered a growing campaign where cybercriminals are weaponizing AdaptixC2, a legitimate open-source Command and Control framework designed for authorized penetration testers. The discovery reveals how threat actors are exploiting ethical hacking tools to conduct sophisticated cyberattacks, with significant ties linking the framework’s development to Russian criminal networks. Silent Push threat analysts…
-
Threat Actors Exploiting Open-Source C2 Frameworks to Deploy Malicious Payloads
Tags: control, cyber, cyberattack, cybercrime, exploit, framework, hacking, intelligence, malicious, open-source, russia, threat, toolThreat intelligence researchers have uncovered a growing campaign where cybercriminals are weaponizing AdaptixC2, a legitimate open-source Command and Control framework designed for authorized penetration testers. The discovery reveals how threat actors are exploiting ethical hacking tools to conduct sophisticated cyberattacks, with significant ties linking the framework’s development to Russian criminal networks. Silent Push threat analysts…
-
So schützen Sie Ihr Geld beim Onlinebanking
Sparen findet nicht nur am Bankschalter statt: Viele Menschen nutzen auch Onlinebanking und mobile Banking-Apps, um ihre Finanzen zu verwalten. Etwa jede zehnte Person, die im Vorjahr von Cyberkriminalität betroffen war, erlebte jedoch Betrug beim Onlinebanking (11 %). Wer sein Geld online verwaltet, sollte seine digitale Sicherheit daher genauso ernstnehmen wie die Wahl seiner Bank….…
-
So schützen Sie Ihr Geld beim Onlinebanking
Sparen findet nicht nur am Bankschalter statt: Viele Menschen nutzen auch Onlinebanking und mobile Banking-Apps, um ihre Finanzen zu verwalten. Etwa jede zehnte Person, die im Vorjahr von Cyberkriminalität betroffen war, erlebte jedoch Betrug beim Onlinebanking (11 %). Wer sein Geld online verwaltet, sollte seine digitale Sicherheit daher genauso ernstnehmen wie die Wahl seiner Bank….…
-
ClickFix Infrastructure Surprises Inform Better Blocking
Big Crossover Found Between ClickFix and Adversary-in-the-Middle Infrastructure. Tracking how cybercriminals and their service providers use malicious infrastructure can give defenders an edge for blocking their targeting. New research spotted a massive crossover between IP addresses used for both ClickFix and adversary-in-the-middle attacks. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/clickfix-infrastructure-surprises-inform-better-blocking-a-29888
-
Strengthening security with a converged security and networking platform
created new security risks. Products are designed with different fundamental security assumptions. Each has a separate security policy and requires a specially trained administrator, making it difficult to coordinate security policies and use products together. The result is a fragmented security infrastructure with inconsistent rules and poor visibility. Conflicting policies and uneven enforcement create the…
-
Strengthening security with a converged security and networking platform
created new security risks. Products are designed with different fundamental security assumptions. Each has a separate security policy and requires a specially trained administrator, making it difficult to coordinate security policies and use products together. The result is a fragmented security infrastructure with inconsistent rules and poor visibility. Conflicting policies and uneven enforcement create the…
-
Open-source AdaptixC2 hacking tool has fans in Russian cybercrime underground
Available on GitHub and promoted to professional penetration testers, the tool AdaptixC2 has been used to spread loader malware associated with Russian ransomware groups, researchers said. First seen on therecord.media Jump to article: therecord.media/open-source-adaptixc2-red-teaming-tool-russian-cybercrime
-
Open-source AdaptixC2 hacking tool has fans in Russian cybercrime underground
Available on GitHub and promoted to professional penetration testers, the tool AdaptixC2 has been used to spread loader malware associated with Russian ransomware groups, researchers said. First seen on therecord.media Jump to article: therecord.media/open-source-adaptixc2-red-teaming-tool-russian-cybercrime
-
Threat Actors Utilize AdaptixC2 for Malicious Payload Delivery
Cybercriminals are abusing AdaptixC2, a legitimate emulation framework, in ransomware campaigns First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/adaptixc2-malicious-payload/
-
Vertrauen unter Beschuss: KI und Automatisierung befeuern eine neue Welle zielgerichteter Cyberkriminalität
Was sind die wichtigsten Veränderungen in der globalen Cybersicherheitslandschaft zwischen Juli und September 2025? Neue Erkenntnisse: KI-gestützte Phishing-Fabriken, zunehmende SMS-Kampagnen, Datenlecks und digitales Tracking prägen die Cyberkriminalitätslandschaft im dritten Quartal. Zu den wichtigsten Ergebnissen des Berichts Q3/2025 Gen Threat Report von Gen gehören 140.000 global durch KI generierte Phishing-Websites, einen Anstieg von durch KI… First…
-
Vertrauen unter Beschuss: KI und Automatisierung befeuern eine neue Welle zielgerichteter Cyberkriminalität
Was sind die wichtigsten Veränderungen in der globalen Cybersicherheitslandschaft zwischen Juli und September 2025? Neue Erkenntnisse: KI-gestützte Phishing-Fabriken, zunehmende SMS-Kampagnen, Datenlecks und digitales Tracking prägen die Cyberkriminalitätslandschaft im dritten Quartal. Zu den wichtigsten Ergebnissen des Berichts Q3/2025 Gen Threat Report von Gen gehören 140.000 global durch KI generierte Phishing-Websites, einen Anstieg von durch KI… First…
-
US Withholds Support for UN Global Cybercrime Treaty
US Cites Risk of Treaty Being Weaponized by Authoritarian Regimes, Privacy Concerns. The U.S. declined to sign the new U.N. cybercrime convention despite support from 72 nations and its backing by Russia and China over fears it could be exploited by authoritarian states to legitimize surveillance, censor dissent and pressure cross-border data cooperation. First seen…
-
US Withholds Support for UN Global Cybercrime Treaty
US Cites Risk of Treaty Being Weaponized by Authoritarian Regimes, Privacy Concerns. The U.S. declined to sign the new U.N. cybercrime convention despite support from 72 nations and its backing by Russia and China over fears it could be exploited by authoritarian states to legitimize surveillance, censor dissent and pressure cross-border data cooperation. First seen…
-
NFC Relay Attack: 700+ Android Apps Harvest Banking Login Details
Tags: android, attack, banking, credentials, cyber, cybercrime, finance, login, malicious, nfc, russia, technology, threatA sophisticated cybercrime campaign leveraging Near Field Communication technology has exploded across multiple continents, with researchers at zLabs identifying over 760 malicious Android applications designed to steal banking credentials and facilitate fraudulent transactions. What initially appeared as isolated incidents in April 2024 has evolved into a large-scale threat operation targeting financial institutions across Russia, Poland,…
-
NFC Relay Attack: 700+ Android Apps Harvest Banking Login Details
Tags: android, attack, banking, credentials, cyber, cybercrime, finance, login, malicious, nfc, russia, technology, threatA sophisticated cybercrime campaign leveraging Near Field Communication technology has exploded across multiple continents, with researchers at zLabs identifying over 760 malicious Android applications designed to steal banking credentials and facilitate fraudulent transactions. What initially appeared as isolated incidents in April 2024 has evolved into a large-scale threat operation targeting financial institutions across Russia, Poland,…