Tag: cybercrime

Wachsende Bedrohungslage durch KI-Cyberkriminalität und neue Ansätze für mehr Resilienz

Sep 29, 2025 7:08 AM

Tags: ai, bug, cybercrime, resilience

65 % der befragten IT-Führungskräfte halten ihre Systeme gegenüber KI-basierter Cyberkriminalität für unzureichend geschützt. Eine Lenovo-Studie zeigt eine wachsende Sicherheitslücke angesichts zunehmender KI-gestützter Cyberkriminalität: 65 % der befragten IT-Führungskräfte geben an, dass ihre Abwehrmechanismen veraltet sind und KI-Angriffen nicht standhalten können. Lediglich 31 % fühlen sich in der Lage, sich wirksam zu verteidigen. Diese… First…
Cyberattack on Co-op leaves shelves empty, data stolen, and $275M in lost revenue

Sep 28, 2025 7:09 PM

Tags: breach, cyberattack, cybercrime, data, group, theft

The cyberattack on UK retailer Co-op in April caused empty shelves, customer data theft, and a $275M revenue loss. In May, the cybercrime group behind the April Co-op cyberattack, who go online with the name DragonForce, told the BBC that they had stolen data from the British retail and provided proof of the data breach.…
Africa cybercrime crackdown includes hundreds of arrests, Interpol says

Sep 26, 2025 5:08 PM

Tags: cybercrime, interpol, network, scam

Several African countries targeted transnational criminal networks that used social media and other digital platforms to run romance and sextortion scams, Interpol said. First seen on therecord.media Jump to article: therecord.media/africa-cyber-fraud-crackdown-ghana-senegal-cote-divoire-angola-interpol
As fraud surges, UK prepares to replace its broken reporting service

Sep 26, 2025 3:08 PM

Tags: cybercrime, fraud, service

Action Fraud is out, and Report Fraud is in. U.K. authorities say the latest version of a national reporting center for financially motivated cybercrime and other fraud will go live later this year. First seen on therecord.media Jump to article: therecord.media/uk-action-fraud-replacement-report-fraud
As fraud surges, UK prepares to replace its broken reporting service

Sep 26, 2025 3:08 PM

Tags: cybercrime, fraud, service

Action Fraud is out, and Report Fraud is in. U.K. authorities say the latest version of a national reporting center for financially motivated cybercrime and other fraud will go live later this year. First seen on therecord.media Jump to article: therecord.media/uk-action-fraud-replacement-report-fraud
Malware Gangs Enlist Covert North Korean IT Workers in Corporate Attacks

Sep 26, 2025 2:09 PM

Tags: attack, corporate, cyber, cybercrime, korea, malware, north-korea, threat, virus

Malware operators aligned with North Korea have forged a sophisticated partnership with covert IT workers to target corporate organizations worldwide. This collaboration, detailed in a new white paper presented at Virus Bulletin 2025, sheds light on the intertwined operations of the DeceptiveDevelopment cybercrime syndicate and the WageMole activity cluster, revealing a hybrid threat that marries…
Malware Gangs Enlist Covert North Korean IT Workers in Corporate Attacks

Sep 26, 2025 2:09 PM

Tags: attack, corporate, cyber, cybercrime, korea, malware, north-korea, threat, virus

Malware operators aligned with North Korea have forged a sophisticated partnership with covert IT workers to target corporate organizations worldwide. This collaboration, detailed in a new white paper presented at Virus Bulletin 2025, sheds light on the intertwined operations of the DeceptiveDevelopment cybercrime syndicate and the WageMole activity cluster, revealing a hybrid threat that marries…
Interpol Cracks Down on Large-Scale African Scamming Networks

Sep 26, 2025 1:08 PM

Tags: cybercrime, interpol, network

The effort, named Operation Contender 3.0, led to the arrest of 260 suspected cybercriminals First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/interpol-african-scamming-networks/
Researchers Map Links Between Major Hacker Groups: LAPSUS$, Scattered Spider, ShinyHunters

Sep 26, 2025 12:09 PM

Tags: breach, cyber, cybercrime, exploit, government, group, hacker, social-engineering, tactics

A loosely connected cybercrime supergroup is exploiting social engineering to compromise Fortune 100 organizations and government agencies. LAPSUS$, Scattered Spider, and ShinyHunters”, three of the most notorious English-speaking cybercrime groups”, have increasingly blurred their lines through shared tactics, overlapping membership, and joint public channels. From 2023 through 2025, evidence has emerged of direct collaboration on…
Researchers Map Links Between Major Hacker Groups: LAPSUS$, Scattered Spider, ShinyHunters

Sep 26, 2025 12:09 PM

Tags: breach, cyber, cybercrime, exploit, government, group, hacker, social-engineering, tactics

A loosely connected cybercrime supergroup is exploiting social engineering to compromise Fortune 100 organizations and government agencies. LAPSUS$, Scattered Spider, and ShinyHunters”, three of the most notorious English-speaking cybercrime groups”, have increasingly blurred their lines through shared tactics, overlapping membership, and joint public channels. From 2023 through 2025, evidence has emerged of direct collaboration on…
Unveiling LummaStealer’s Technical Details Through ML-Based Detection Approach

Sep 26, 2025 11:09 AM

Tags: banking, cyber, cybercrime, detection, healthcare, law, ml

In early 2025, LummaStealer was in widespread use by cybercriminals targeting victims throughout the world in multiple industry verticals, including telecom, healthcare, banking, and marketing. A sweeping law enforcement operation in May brought this all to an abrupt halt. After a quiet period, we are now seeing new variants of LummaStealer emerge. In light of…
SpyCloud Report: 2/3 Orgs Extremely Concerned About Identity Attacks Yet Major Blind Spots Persist

Sep 26, 2025 9:09 AM

Tags: access, ai, attack, breach, corporate, credentials, cybercrime, cybersecurity, dark-web, data, data-breach, defense, endpoint, government, identity, intelligence, jobs, malware, monitoring, ransomware, risk, theft, threat

57% lack strong capabilities to invalidate exposed sessionsNearly two-thirds lack repeatable remediation workflowsAbout two-thirds do not have formal investigation protocolsLess than 20% can automate identity remediation across systemsOnly 19% of organizations have automated identity remediation processes in place. The rest rely on case-by-case investigation or incomplete playbooks that leave gaps attackers can exploit.”The defense mission…
SpyCloud Report: 2/3 Orgs Extremely Concerned About Identity Attacks Yet Major Blind Spots Persist

Sep 26, 2025 9:09 AM

Tags: access, ai, attack, breach, corporate, credentials, cybercrime, cybersecurity, dark-web, data, data-breach, defense, endpoint, government, identity, intelligence, jobs, malware, monitoring, ransomware, risk, theft, threat

57% lack strong capabilities to invalidate exposed sessionsNearly two-thirds lack repeatable remediation workflowsAbout two-thirds do not have formal investigation protocolsLess than 20% can automate identity remediation across systemsOnly 19% of organizations have automated identity remediation processes in place. The rest rely on case-by-case investigation or incomplete playbooks that leave gaps attackers can exploit.”The defense mission…
Operation HAECHI VI seized $439M from global cybercrime rings

Sep 25, 2025 8:16 PM

Tags: crypto, cybercrime, international, interpol, law

Interpol announced that Operation HAECHI VI seized $439M from global cybercrime rings, with 40 countries joining the five-month crackdown. Interpol announced that an international law enforcement operation, codenamed Operation HAECHI VI, resulted in the seizure of $439M in cash and crypto from cybercrime rings between April and August 2025. Authorities from 40 countries joint to…
Trinity of Chaos: The LAPSUS$, ShinyHunters, and Scattered Spider Alliance Embarks on Global Cybercrime Spree

Sep 25, 2025 7:16 PM

Tags: cybercrime

First seen on resecurity.com Jump to article: www.resecurity.com/blog/article/trinity-of-chaos-the-lapsus-shinyhunters-and-scattered-spider-alliance-embarks-on-global-cybercrime-spree
Mit ShadowV2 wird DDoS zu einem Cloud-nativen Abo-Dienst

Sep 25, 2025 6:16 PM

Tags: access, api, attack, botnet, business, ciso, cloud, container, cyberattack, cybercrime, ddos, docker, hacker, Internet, login, malware, saas, service

DDos-Attacken sind mittlerweile als Auftragsmodell verfügbar, wie eine aktuelle Analyse zeigt.Laut einer Darktrace-Analyse nutzt eine ShadowV2-Bot-Kampagne falsch konfigurierte Docker-Container auf AWS und rüstet sie für DDoS-as-a-Service-Angriffe auf.Was ShadowV2 dabei besonders macht, ist die professionelle Ausstattung mit APIs, Dashboards, Betreiber-Logins und sogar animierten Benutzeroberflächen. ‘Dies ist eine weitere Erinnerung daran, dass Cyberkriminalität kein Nebenjob mehr ist,…
SpamGPT Amps Up Enterprise Email Security Threats

Sep 25, 2025 5:16 PM

Tags: ai, cybercrime, email, phishing, spam

Researchers warn that SpamGPT, an AI-powered spam and phishing toolkit, lowers the barrier for cybercriminals with scalable, evasive email attacks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/spamgpt-amps-up-enterprise-email-security-threats/
Microsoft spots LLM-obfuscated phishing attack

Sep 25, 2025 5:16 PM

Tags: ai, attack, cybercrime, deep-fake, email, LLM, microsoft, phishing, tool

Cybercriminals are increasingly using AI-powered tools and (malicious) large language models to create convincing, error-free emails, deepfakes, online personas, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/25/microsoft-spots-llm-obfuscated-phishing-attack/
Schlag gegen Cybercrime: Interpol nimmt Betrügern über 400 Millionen US-Dollar ab

Sep 25, 2025 9:49 AM

Tags: cybercrime, interpol

Auch deutsche Strafverfolger waren an den Ermittlungen beteiligt. Weltweit wurden mehr als 68.000 mit Betrugsfällen verbundene Bankkonten gesperrt. First seen on golem.de Jump to article: www.golem.de/news/schlag-gegen-cybercrime-interpol-nimmt-betruegern-ueber-400-millionen-us-dollar-ab-2509-200477.html
FBI Warns of Fake IC3 Websites Designed to Steal Personal Data

Sep 24, 2025 12:16 PM

Tags: cybercrime, data, Internet, scam

The FBI is warning internet users about fake versions of its official IC3 cybercrime reporting website. Learn how to spot these ‘spoofed’ sites, avoid scams where criminals impersonate agents, and protect your personal information by following the FBI’s crucial safety tips. First seen on hackread.com Jump to article: hackread.com/fbi-warning-fake-ic3-websites-steal-data/
FBI Warns of Fake IC3 Websites Designed to Steal Personal Data

Sep 24, 2025 12:16 PM

Tags: cybercrime, data, Internet, scam

The FBI is warning internet users about fake versions of its official IC3 cybercrime reporting website. Learn how to spot these ‘spoofed’ sites, avoid scams where criminals impersonate agents, and protect your personal information by following the FBI’s crucial safety tips. First seen on hackread.com Jump to article: hackread.com/fbi-warning-fake-ic3-websites-steal-data/
FBI Warns of Fake IC3 Websites Designed to Steal Personal Data

Sep 24, 2025 12:16 PM

Tags: cybercrime, data, Internet, scam

The FBI is warning internet users about fake versions of its official IC3 cybercrime reporting website. Learn how to spot these ‘spoofed’ sites, avoid scams where criminals impersonate agents, and protect your personal information by following the FBI’s crucial safety tips. First seen on hackread.com Jump to article: hackread.com/fbi-warning-fake-ic3-websites-steal-data/
New “YiBackdoor” Malware Lets Hackers Run Commands and Steal Data

Sep 24, 2025 8:16 AM

Tags: backdoor, cyber, cybercrime, cybersecurity, data, hacker, malware, technology, threat, tool

Cybersecurity researchers at Zscaler ThreatLabz have identified a sophisticated new malware strain dubbed YiBackdoor, first detected in June 2025. This emerging threat represents a significant evolution in backdoor technology, sharing substantial code similarities with established malware families IcedID and Latrodectus. The discovery highlighted the continuous adaptation of cybercriminal tools, as YiBackdoor demonstrates capabilities that enable…
Delaware Health System Plans to Settle Rhysida Hack Lawsuit

Sep 23, 2025 10:16 PM

Tags: breach, cybercrime, group, healthcare, ransomware

Bayhealth Medical Center Was Among Cybercrime Group’s Many 2024 Healthcare Victims. Bayhealth Medical Center in Delaware – an alleged victim of a 2024 hack by the notorious and prolific ransomware gang Rhysida that resulted in a breach affecting nearly a half-million people – has agreed to a preliminary settlement in a proposed class action lawsuit…
Voluntarily Retirement Keeps Eluding Ransomware Attackers

Sep 23, 2025 8:16 PM

Tags: cybercrime, hacker, ransomware

What’s Left After Raking In Millions From Other People’s Blood, Sweat and Tears? Things that continue to elude scientific observation: the Loch Ness Monster, Bigfoot and the ransomware hacker who voluntarily chose retirement. There’s no such thing as ‘retirement’ in cybercrime, despite some ransomware hackers dangling promises to leave the field. First seen on govinfosecurity.com…
Back to School Means Back to Breaches

Sep 23, 2025 11:16 AM

Tags: breach, cybercrime, cybersecurity

Cybercriminals are increasingly targeting schools and universities. Learn how students, parents, and educators can strengthen cybersecurity defenses. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/back-to-school-means-back-to-breaches/
Hackers Using SVG Files to Deliver Malicious Payloads

Sep 23, 2025 9:16 AM

Tags: cyber, cybercrime, email, exploit, hacker, malicious, malware, social-engineering, usa

A recent malware campaign making the rounds in Latin America offers a stark example of how cybercriminals are evolving and finetuning their playbooks. Victims receive emails dressed up to look as though they come from trusted institutions, warning of lawsuits or court summons. This tried-and-tested social-engineering tactic exploits urgency to trick recipients into clicking links…
Hackers Exploit GitHub Notifications to Launch Phishing Attacks

Sep 23, 2025 9:16 AM

Tags: attack, credentials, cyber, cybercrime, cybersecurity, email, exploit, github, hacker, malicious, open-source, phishing, social-engineering

Cybersecurity researchers have uncovered a new phishing campaign that exploits GitHub’s official notification system to deliver malicious links and credential-stealing payloads. By capitalizing on the trust that open-source contributors place in GitHub’s communication channels, cybercriminals are able to bypass traditional email filters and social engineering defenses. The campaign begins with an email that closely mimics…
Cybercriminals are going after law firms’ sensitive client data

Sep 23, 2025 8:16 AM

Tags: communications, cybercrime, data, finance, law

Regardless of their size, all law firms hold valuable data, including client communications, financial records, and confidential legal strategies. That data has never been … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/23/law-firms-cyberthreats/
Cybercriminals are going after law firms’ sensitive client data

Sep 23, 2025 8:16 AM

Tags: communications, cybercrime, data, finance, law

Regardless of their size, all law firms hold valuable data, including client communications, financial records, and confidential legal strategies. That data has never been … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/09/23/law-firms-cyberthreats/