Tag: cybercrime
-
Adtech Abused by Threat Actors to Spread Malicious Advertisements
Malicious advertising campaigns have surged in sophistication, with cybercriminals exploiting and even operating adtech firms to deliver malware, credential stealers and phishing schemes directly through mainstream ad networks. A cluster of interconnected companies”, run through shell corporations, hosted on compromised infrastructure, and registered en masse via a notorious registrar”, has enabled a prolific threat actor,…
-
10 Millionen Dollar Belohnung Bandenboss auf der Flucht vor FBI
Tags: cybercrimeFirst seen on security-insider.de Jump to article: www.security-insider.de/ermittlungen-cybercrime-netzwerk-kopf-gesucht-a-3caa56f508c2f243299dbbc46abd966c/
-
Wave of 40,000+ Cyberattacks Target API Environments
The cybersecurity landscape has witnessed a dramatic escalation in API-targeted attacks during the first half of 2025, with security researchers documenting over 40,000 API incidents across more than 4,000 monitored environments. This surge represents a fundamental shift in how cybercriminals approach digital infrastructure, with APIs becoming the primary gateway for sophisticated attack campaigns designed to inject malicious…
-
DOJ Resentences BreachForums Founder to 3 Years for Cybercrime and Possession of CSAM
The U.S. Department of Justice (DoJ) on Tuesday resentenced the former administrator of BreachForums to three years in prison in connection with his role in running the cybercrime forum and possessing child sexual abuse material (CSAM).Conor Brian Fitzpatrick (aka Pompompurin), 22, of Peekskill, New York, pleaded guilty to one count of access device conspiracy, one…
-
Wave of 40,000+ Cyberattacks Target API Environments
The cybersecurity landscape has witnessed a dramatic escalation in API-targeted attacks during the first half of 2025, with security researchers documenting over 40,000 API incidents across more than 4,000 monitored environments. This surge represents a fundamental shift in how cybercriminals approach digital infrastructure, with APIs becoming the primary gateway for sophisticated attack campaigns designed to inject malicious…
-
Original BreachForums Admin Gets 3-Year Prison Sentence
Tags: cybercrimeProsecutors Asked Court to Sentence Conor ‘Pompompurin’ Fitzpatrick to 188 Months. Conor Brian Fitzpatrick, founder and administrator of the first iteration of the BreachForums cybercrime forum, received a three year prison sentence during a Tuesday resentencing in a Virginia federal court. Better known online as Pompompurin, 22-year-old Fitzpatrick pleaded guilty in July 2023. First seen…
-
‘Vane Viper’ Threat Group Tied to PropellerAds, Commercial Entities
Researchers say the commercial adtech platform and several other companies form the infrastructure of a massive cybercrime operation. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/vane-viper-threat-group-propellerads
-
Emerging Yurei Ransomware Claims First Victims
The cybercrime group, named after Japanese ghosts but believed to be from Morocco, uses a modified version of the Prince-Ransomware binary that includes a flaw allowing for partial data recovery. However, an extortion threat remains. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/emerging-yurei-ransomware-claims-first-victims
-
Cybercrime group accessed Google Law Enforcement Request System (LERS)
Google found threat actors created a fake account in its Law Enforcement Request System (LERS) and shut it down. Google confirmed that threat actors gained access to its Law Enforcement Request System (LERS) platform by creating a fake account. The Google Law Enforcement Request System (LERS) is a secure online portal for verified government agencies…
-
‘SlopAds’ Fraud Campaign Uses Novel Obfuscation Techniques
Steganography, Mobile Marketing Attribution, Code Obfuscation Deployed for Ad Fraud. A cybercrime crew using Android mobile apps to conduct advertising fraud took unusual pains to hide its activity, concealing malicious code in downloadable digital images and holding off from infecting the subset of users who organically found their apps through the Google Play store. First…
-
Windows Users Hit by VenomRAT in AI-Driven RevengeHotels Attack
RevengeHotels, also known as TA558, has escalated its long-standing cybercrime campaign by incorporating artificial intelligence into its infection chains, deploying the potent VenomRAT malware against Windows users. Active since 2015, this threat actor has traditionally targeted hotel guests and travelers, stealing payment card data through phishing emails. Recent campaigns, however, demonstrate a marked shift: AI-generated…
-
Millions of Customer Records Stolen in Cyberattack on Gucci, Balenciaga, and Alexander McQueen
Luxury retail giant Kering has confirmed a major data breach affecting its top fashion houses, including Gucci, Balenciaga, and Alexander McQueen. The cybercriminal group known as Shiny Hunters claims to have stolen private details tied to as many as 7.4 million unique email addresses. Potentially millions of customers around the world may now be at…
-
HybridPetya-Ransomware knackt Windows Secure Boot
Die Ransomware HybridPetya nutzt eine bereits gepatchte Microsoft-Lücke, um die UEFI Secure Boot-Funktion auszuhebeln.Forscher des Cybersicherheitsunternehmens ESET haben eine neue Ransomware namens HybridPetya aufgespürt, die der berüchtigten Petya- und NotPetya-Malware ähnelt. Wie ihre Vorgänger zielt die Schadsoftware auf die Master File Table (MFT) ab eine zentrale Datenbank auf NTFS-Partitionen, die alle Dateien und Verzeichnisse katalogisiert.Im…
-
HybridPetya-Ransomware knackt Windows Secure Boot
Die Ransomware HybridPetya nutzt eine bereits gepatchte Microsoft-Lücke, um die UEFI Secure Boot-Funktion auszuhebeln.Forscher des Cybersicherheitsunternehmens ESET haben eine neue Ransomware namens HybridPetya aufgespürt, die der berüchtigten Petya- und NotPetya-Malware ähnelt. Wie ihre Vorgänger zielt die Schadsoftware auf die Master File Table (MFT) ab eine zentrale Datenbank auf NTFS-Partitionen, die alle Dateien und Verzeichnisse katalogisiert.Im…
-
FBI warns of Scattered Spider and ShinyHunters attacks on Salesforce platforms
The FBI released an urgent notice warning organizations about a campaign by several cybercriminal groups to compromise Salesforce platforms. First seen on therecord.media Jump to article: therecord.media/fbi-warns-scattered-spider-salesforce
-
Threat Group Scattered Lapsus$ Hunters Says It’s Shutting Down
The bad actors behind the Scattered Lapsus$ Hunters threat group say they are shutting down operations and retiring, but cybersecurity pros say law enforcement pressure is a key reason for the decision and that the hackers will likely form new cybercrime operations. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/threat-group-scattered-lapsus-hunters-says-its-shutting-down/
-
Threat Group Scattered Lapsus$ Hunters Says It’s Shutting Down
The bad actors behind the Scattered Lapsus$ Hunters threat group say they are shutting down operations and retiring, but cybersecurity pros say law enforcement pressure is a key reason for the decision and that the hackers will likely form new cybercrime operations. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/threat-group-scattered-lapsus-hunters-says-its-shutting-down/
-
Hackers steal private data of Gucci, Balenciaga and McQueen customers
Cybercriminals steal details of potentially millions of people in attack on labels’ parent company KeringHackers have stolen data from customers of the luxury fashion group Kering, whose brands include Gucci, Balenciaga and Alexander McQueen.Cyber-attackers have stolen data of potentially millions of customers, including the names, phone numbers and email addresses of customers of the fashion…
-
Vietnam Probes Breach of Credit Agency Run by Central Bank
Cybercrime Group ShinyHunters Advertises 160 Million Stolen Records. Vietnam’s central bank is probing a hack attack that breached its credit reporting division, exposing personally identifiable information. The cybercrime group ShinyHunters claimed credit for the breach, advertising on a cybercrime forum 160 million stolen records for $175,000. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/vietnam-probes-breach-credit-agency-run-by-central-bank-a-29445
-
Razzia gegen Darknet-Drogenversand
Das Bundeskriminalamt ermittelt gegen drei verdächtigte Personen, die über das Darknet Drogen verkauft haben sollen.Ermittler haben im deutsch-niederländischen Grenzgebiet einen Darknet-Drogenversand ausgehoben. Dabei seien Ecstasy und Kokain im Wert von mehreren Millionen Euro sichergestellt worden, berichteten Polizei und Staatsanwaltschaft. Drei Männer im Alter von 33, 39 und 40 Jahren stehen im Verdacht, seit längerer Zeit Drogen…
-
FBI Releases IOCs on Cyber Threats Exploiting Salesforce for Data Theft
Tags: advisory, breach, cyber, cybercrime, cybersecurity, data, exploit, infrastructure, tactics, theft, threatThe Federal Bureau of Investigation (FBI) has released a detailed flash advisory disclosing indicators of compromise (IOCs) and tactics used by two cybercrime groups”, UNC6040 and UNC6395″, to breach Salesforce customer environments and siphon sensitive data. Coordinated with the Department of Homeland Security Cybersecurity and Infrastructure Security Agency (DHS/CISA), the bulletin aims to equip security…
-
AI-Powered Villager Pen Testing Tool Hits 11,000 PyPI Downloads Amid Abuse Concerns
Tags: ai, china, cybercrime, framework, intelligence, malicious, penetration-testing, pypi, RedTeam, toolA new artificial intelligence (AI)-powered penetration testing tool linked to a China-based company has attracted nearly 11,000 downloads on the Python Package Index (PyPI) repository, raising concerns that it could be repurposed by cybercriminals for malicious purposes.Dubbed Villager, the framework is assessed to be the work of Cyberspike, which has positioned the tools as a…
-
FBI Alert: Two Cybercriminal Groups Are Actively Compromising Salesforce
The post FBI Alert: Two Cybercriminal Groups Are Actively Compromising Salesforce appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/fbi-alert-two-cybercriminal-groups-are-actively-compromising-salesforce/
-
FBI warns of Salesforce attacks by UNC6040 and UNC6395 groups
The U.S. FBI issued a flash alert to warn of malicious activities carried out by two cybercriminal groups tracked as UNC6040 and UNC6395. The FBI issued a FLASH alert with IOCs for cybercriminal groups UNC6040 and UNC6395, which are increasingly targeting Salesforce platforms for data theft and extortion. >>The Federal Bureau of Investigation (FBI) is…
-
FBI Warns of UNC6040 and UNC6395 Targeting Salesforce Platforms in Data Theft Attacks
The U.S. Federal Bureau of Investigation (FBI) has issued a flash alert to release indicators of compromise (IoCs) associated with two cybercriminal groups tracked as UNC6040 and UNC6395 for a string of data theft and extortion attacks.”Both groups have recently been observed targeting organizations’ Salesforce platforms via different initial access mechanisms,” the FBI said.UNC6395 is…
-
Operation Eastwood: Measuring the Real Impact on NoName057(16)
Introduction On July 16, 2025, Europol revealed the details of Operation Eastwood, a coordinated international strike against one of the most active pro-Russian cybercrime groups, NoName057(016). The announcement promised a major disruption to the group’s activities. In this blog, we explore whether Operation Eastwood had any real impact on NoName057(016), and how the group’s activities……
-
Ransomware Attack
Ransomware has become one of the most devastating forms of cybercrime in the modern era. From hospitals forced to cancel surgeries to global supply chains brought to a standstill, ransomware doesn’t just lock data”, it cripples organizations. The damage goes far beyond financial losses. Ransomware can erode trust, tarnish reputations, and create lasting business disruption.…
-
Vietnam, Panama governments suffer incidents leaking citizen data
Vietnam’s credit information bureau and Panama’s finance ministry are each responding to apparent data breaches claimed by high-profile cybercrime groups. First seen on therecord.media Jump to article: therecord.media/vietnam-cic-panama-finance-ministry-cyberattacks
-
British rail passengers urged to stay on guard after hack signals failure
Tags: cybercrimePassengers of the UK’s state-owned London North Eastern Railway (LNER) have been warned to be vigilant after cybercriminals accessed traveller’s contact details and some information about past journeys. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/british-rail-passengers-hack-signals-failure