Tag: cybercrime
-
Vidar Stealer Exploits: Direct Memory Attacks Used to Capture Browser Credentials
On October 6, 2025, the cybercriminal developer known as >>Loadbaks
-
How to Detect and Mitigate Hit and Run DDoS Attacks
Most DDoS attacks are short in duration. According to Cloudflare, 92% of layer 3/4 attacks and 75% of HTTP DDoS attacks in Q2 2025,ended within 10 minutes. A subset of these are Hit and Run DDos Attacks, which are gaining popularity among cybercriminals, possibly since they are relatively low cost and easier to execute. Characterized……
-
Millions of Credentials Stolen Each Day by Stealer Malware
The cybercrime ecosystem surrounding stealer malware has reached unprecedented scale, with threat actors now processing millions of stolen credentials daily through sophisticated distribution networks. Security researchers have been monitoring these operations for nearly a year, revealing an alarming infrastructure that processes victim data at industrial volumes through platforms like Telegram, forums, and social media sites.…
-
How to Detect and Mitigate Hit and Run DDoS Attacks
Most DDoS attacks are short in duration. According to Cloudflare, 92% of layer 3/4 attacks and 75% of HTTP DDoS attacks in Q2 2025,ended within 10 minutes. A subset of these are Hit and Run DDos Attacks, which are gaining popularity among cybercriminals, possibly since they are relatively low cost and easier to execute. Characterized……
-
Hackers Exploit OAuth Apps to Keep Cloud Access Even After Password Resets
Cloud account takeover attacks have evolved beyond simple credential theft. Cybercriminals are now exploiting OAuth applications to maintain persistent access to compromised environments, bypassing traditional security measures like password resets and multifactor authentication. Cloud account takeover (ATO) attacks have become a significant concern in recent years, with cybercriminals and state-sponsored actors increasingly adopting malicious OAuth…
-
Threat Actors Reportedly Marketing Monolock Ransomware on Dark Web Forums
Tags: cyber, cybercrime, cybersecurity, dark-web, encryption, malicious, marketplace, monitoring, ransomware, software, threatA recent surge in underground cybercrime chatter has shone a spotlight on Monolock Ransomware V1.0, as multiple posts on dark web forums claim that the malicious software is now available for purchase. Cybersecurity researchers monitoring illicit marketplaces report that threat actors are advertising a fully functional ransomware strain, complete with encryption modules, key exchange mechanisms,…
-
Threat Actors Reportedly Marketing Monolock Ransomware on Dark Web Forums
Tags: cyber, cybercrime, cybersecurity, dark-web, encryption, malicious, marketplace, monitoring, ransomware, software, threatA recent surge in underground cybercrime chatter has shone a spotlight on Monolock Ransomware V1.0, as multiple posts on dark web forums claim that the malicious software is now available for purchase. Cybersecurity researchers monitoring illicit marketplaces report that threat actors are advertising a fully functional ransomware strain, complete with encryption modules, key exchange mechanisms,…
-
AI’s split personality: Solving crimes while helping conceal them
What happens when investigators and cybercriminals start using the same technology? AI is now doing both, helping law enforcement trace attacks while also being tested for its … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/21/ai-cybercrime-digital-forensics/
-
AI’s split personality: Solving crimes while helping conceal them
What happens when investigators and cybercriminals start using the same technology? AI is now doing both, helping law enforcement trace attacks while also being tested for its … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/10/21/ai-cybercrime-digital-forensics/
-
Lumma Stealer Developers Doxxed in Underground Rival Cybercrime Campaign
Lumma Stealer operators allegedly exposed in underground doxxing campaign, with sensitive details leaked by rival cybercriminals, according to Trend Micro First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/lumma-stealer-developers-doxxed/
-
Lumma Stealer Developers Doxxed in Underground Rival Cybercrime Campaign
Lumma Stealer operators allegedly exposed in underground doxxing campaign, with sensitive details leaked by rival cybercriminals, according to Trend Micro First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/lumma-stealer-developers-doxxed/
-
Russian Lynk group leaks sensitive UK MoD files, including info on eight military bases
Russian hackers stole and leaked MoD files on eight RAF and Navy bases, exposing staff data in a “catastrophic” cyberattack via Dodd Group breach. Russian cybercrime group Lynx breached Dodd Group, a contractor for the UK Ministry of Defence, stealing and leaking hundreds of sensitive files on eight RAF and Royal Navy bases. The incident…
-
Police Shutter SIM Farm Provider in Latvia, Bust 7 Suspects
Operation SIMCARTEL: Cops Seize 1,200 SIM-Box Devices Operating 40,000 SIM Cards. Police in Europe said they disrupted a SIM farm provider in Latvia that supplied millions of mobile telephone numbers used by fraudsters to perpetrate cybercrime schemes, arresting seven suspects and seizing 1,200 SIM-box devices operating 40,000 SIM cards for customers across 80 countries. First…
-
Criminal SIM Card Supply Network Busted by Europol
Several suspects have been arrested over links with a network running a “sophisticated” cybercrime-enabling service First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/criminal-sim-card-supply-network/
-
Europol greift durch: Polizei zerschlägt großen Cybercrime-SIM-Kartendienst
Tags: cybercrimeHunderttausende SIM-Karten haben Cyberkriminellen für verschiedene Arten des Onlinebetrugs in Europa gedient. Doch damit ist jetzt Schluss. First seen on golem.de Jump to article: www.golem.de/news/europol-greift-durch-polizei-zerschlaegt-grossen-cybercrime-sim-kartendienst-2510-201328.html
-
Foreign hackers breached a US nuclear weapons plant via SharePoint flaws
Tags: access, attack, authentication, breach, china, control, corporate, cve, cyber, cybercrime, cybersecurity, data, defense, exploit, flaw, framework, government, group, hacker, identity, infrastructure, intelligence, Intruder, korea, microsoft, monitoring, network, ransomware, reverse-engineering, risk, russia, supply-chain, tactics, technology, theft, threat, vulnerability, zero-day, zero-trustChina or Russia? Conflicting attribution: Microsoft attributed the broader wave of SharePoint exploitations to three Chinese-linked groups: Linen Typhoon, Violet Typhoon, and a third actor it tracks as Storm-2603. The company said the attackers were preparing to deploy Warlock ransomware across affected systems.However, the source familiar with the Kansas City incident tells CSO that a…
-
TikTok videos continue to push infostealers in ClickFix attacks
Cybercriminals are using TikTok videos disguised as free activation guides for popular software like Windows, Spotify, and Netflix to spread information-stealing malware. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/tiktok-videos-continue-to-push-infostealers-in-clickfix-attacks/
-
Europol Dismantles SIM Farm Network Powering 49 Million Fake Accounts Worldwide
Europol on Friday announced the disruption of a sophisticated cybercrime-as-a-service (CaaS) platform that operated a SIM farm and enabled its customers to carry out a broad spectrum of crimes ranging from phishing to investment fraud.The coordinated law enforcement effort, dubbed Operation SIMCARTEL, saw 26 searches carried out, resulting in the arrest of seven suspects and…
-
Authorities Shut Down Cybercrime-as-a-Service, Seize 40,000 SIM Cards
Law enforcement authorities across Europe have dismantled a sophisticated cybercrime-as-a-service operation that enabled criminals to commit widespread fraud and other serious offenses across the continent. The coordinated action, codenamed ‘SIMCARTEL’, resulted in seven arrests, the seizure of over 40,000 active SIM cards, and the takedown of infrastructure that facilitated crimes causing millions of euros in…
-
Europol dismantles cybercrime network linked to $5.8M in financial losses
Authorities arrested seven people allegedly involved in the operation and seized 1,200 SIM boxes containing 40,000 active SIM cards. First seen on cyberscoop.com Jump to article: cyberscoop.com/europol-dismantles-cybercime-network-sim-boxes-fraud/
-
Europol dismantles cybercrime network linked to $5.8M in financial losses
Authorities arrested seven people allegedly involved in the operation and seized 1,200 SIM boxes containing 40,000 active SIM cards. First seen on cyberscoop.com Jump to article: cyberscoop.com/europol-dismantles-cybercime-network-sim-boxes-fraud/
-
Europol dismantles SIM box operation renting numbers for cybercrime
European law enforcement in an operation codenamed ‘SIMCARTEL’ has dismantled an illegal SIM-box service that enabled more than 3,200 fraud cases and caused at least 4.5 million euros in losses. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/europol-dismantles-sim-box-operation-renting-numbers-for-cybercrime/
-
Attackers Exploit Zendesk Authentication Issue to Flood Targets’ Inboxes with Corporate Notifications
Cybercriminals have discovered a gap in Zendesk’s ticket submission process and are using it to bombard victims with waves of misleading support messages. When configured to accept anonymous requests, however, the service can be abused to generate email floods that appear to come from legitimate corporate domains. Earlier this week, security blogger Brian Krebs was…
-
Microsoft revokes 200+ certificates abused by Vanilla Tempest in fake Teams campaign
Microsoft revoked 200+ certificates used by Vanilla Tempest to sign fake Teams installers spreading Oyster backdoor and Rhysida ransomware. Microsoft revoked over 200 certificates used by the cybercrime group Vanilla Tempest (aka VICE SPIDER and Vice Society) to sign fake Teams installers spreading the Oyster backdoor and Rhysida ransomware. The threat actor has been active…
-
Microsoft revokes 200+ certificates abused by Vanilla Tempest in fake Teams campaign
Microsoft revoked 200+ certificates used by Vanilla Tempest to sign fake Teams installers spreading Oyster backdoor and Rhysida ransomware. Microsoft revoked over 200 certificates used by the cybercrime group Vanilla Tempest (aka VICE SPIDER and Vice Society) to sign fake Teams installers spreading the Oyster backdoor and Rhysida ransomware. The threat actor has been active…
-
Microsoft Report Warns of AI-Powered Automation in Cyberattacks and Malware Creation
Tags: ai, automation, cyber, cyberattack, cybercrime, data, defense, incident, intelligence, malware, microsoft, phishing, vulnerabilityCybercriminals are weaponizing artificial intelligence to accelerate malware development, discover vulnerabilities faster, and create more sophisticated phishing campaigns, according to Microsoft’s latest Digital Defense Report covering trends from July 2024 through June 2025. In 80% of the cyber incidents Microsoft investigated last year, attackers sought to steal data primarily for profit rather than intelligence gathering.…
-
North Korean Hackers Exploit EtherHiding to Spread Malware and Steal Crypto Assets
Tags: attack, blockchain, crypto, cyber, cybercrime, cybersecurity, exploit, hacker, malicious, malware, north-korea, technology, threatThe cybersecurity landscape has witnessed a significant evolution in attack techniques with North Korean threat actors adopting EtherHiding, a sophisticated method that leverages blockchain technology to distribute malware and facilitate cryptocurrency theft. EtherHiding represents a fundamental shift in how cybercriminals store and deliver malicious payloads by embedding malware code within smart contracts on public blockchains…
-
North Korean Hackers Exploit EtherHiding to Spread Malware and Steal Crypto Assets
Tags: attack, blockchain, crypto, cyber, cybercrime, cybersecurity, exploit, hacker, malicious, malware, north-korea, technology, threatThe cybersecurity landscape has witnessed a significant evolution in attack techniques with North Korean threat actors adopting EtherHiding, a sophisticated method that leverages blockchain technology to distribute malware and facilitate cryptocurrency theft. EtherHiding represents a fundamental shift in how cybercriminals store and deliver malicious payloads by embedding malware code within smart contracts on public blockchains…