Tag: cybercrime
-
The password that sank a 158-year-old business
The 2023 collapse of the 158-year old UK logistics company KNP resulted in the loss of 700 jobs. The devastating cyber attack that shuttered the company has returned to the spotlight this week with a BBC Panorama documentary examining the real-world consequences of ransomware and the rapidly evolving scale of cybercrime in the UK. The…
-
Suspected XSS Forum Admin Arrested in Ukraine
The individual is accused of numerous illicit cybercrime and ransomware activities that have generated at least $7m in profit First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/suspected-xss-forum-admin-arrested/
-
Clorox Sues IT Service Provider Cognizant for Causing 2023 Cyber-Attack
Cognizant handed over a password to the cybercriminal without asking any authentication questions First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/clorox-sues-cognizant-2023/
-
Analysis Finds 131 Vulnerable Exposed Ports Per Organization
An analysis published today by ReliaQuest finds the number of exposed ports through which cybercriminals can gain access to IT environments has increased to 131 in the first half of 2025, a 27% increase. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/analysis-finds-131-vulnerable-exposed-ports-per-organization/
-
Suspected admin of major dark web cybercrime forum arrested in Ukraine
French law enforcement said the alleged administrator of the long-running cybercrime forum XSS, formerly known as DaMaGeLab, was arrested in Ukraine. First seen on therecord.media Jump to article: therecord.media/suspected-xss-cybercrime-marketplace-admin-arrested
-
Authorities in Ukraine nab alleged admin of Russian-language cybercrime forum
Officials accuse the unnamed suspect of running XSS.is, a key and long-running marketplace with more than 50,000 registered users. The suspect allegedly made more than $8.2 million. First seen on cyberscoop.com Jump to article: cyberscoop.com/xss-cybercrime-forum-admin-arrest/
-
UK to ban public sector from paying ransomware demands
Ransomware, considered by British authorities to be the UK’s greatest cybercrime threat, costing the nation billions of pounds and with the capbility to bring essential services to a standstill, is in the gunsights of government. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/uk-to-ban-public-sector-from-paying-ransomware-demands
-
Hackers Selling macOS 0-Day LPE Exploit on Dark Forums
A threat actor claiming to possess a zero-day Local Privilege Escalation (LPE) exploit targeting Apple’s macOS operating system has emerged on underground cybercriminal forums, offering the vulnerability for sale at a substantial price point. The alleged exploit, if genuine, represents a significant security concern for macOS users across multiple operating system versions, potentially allowing attackers…
-
Dark Web Travel Agencies Exploit Cheap Deals to Steal Credit Card Data
Dark web travel agencies have developed into highly skilled organizations operating in the murky corners of cybercrime, using hacked credit card information, compromised loyalty accounts, and faked identities to provide drastically reduced travel services. According to recent analysis by SpiderLabs, these operations exploit popular booking aggregators rather than targeting specific hotel chains or airlines, adapting…
-
Cybercriminals from GLOBAL GROUP Target All Platforms with Golang Ransomware
A notorious ransomware actor known by the alias $$$ has unveiled GLOBAL GROUP, positioning it as a cutting-edge Ransomware-as-a-Service (RaaS) operation. Promising automated negotiations, cross-platform payloads, and lucrative affiliate splits, the group claims innovation in scalable extortion. However, deep forensic analysis of malware samples, infrastructure setups, and operational logic uncovers that GLOBAL is merely a…
-
UK government to ban public bodies from paying ransoms to hackers
Tags: attack, computer, cyber, cybercrime, government, hacker, healthcare, international, office, ransom, ransomware, russiaMeasure intended to send message to international cybercriminals ‘that the UK is united in fight against ransomware’The UK government is planning to ban public bodies from paying ransoms to computer hackers, and private companies will be required to inform authorities if they plan to cave into cash demands.The stance, announced on Tuesday by the Home…
-
Cybercriminals Use Zoho WorkDrive Folders to Spread Obfuscated PureRAT Malware
A targeted attack against a U.S.-based certified public accounting firm was discovered in May 2025 by cybersecurity experts, according to a recent study described in eSentire’s Threat Response Unit (TRU) Positives report. The campaign leveraged a novel crypter named >>Ghost Crypt
-
Europol Sting Leaves Russian Cybercrime’s ‘NoName057(16)’ Group Fractured
National authorities have issued seven arrest warrants in total relating to the cybercrime collective known as NoName057(16), which recruits followers to carry out DDoS attacks on perceived enemies of Russia. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/europol-sting-russian-cybercrime-noname05716
-
Europol targets Kremlin-backed cybercrime gang NoName057(16)
The hacking group NoName057(16) has been operating since 2022, launching cyber attacks on government organisations, media bodies, critical infrastructure, and private companies in Ukraine, America, Canada, and across Europe in a seeming attempt to silence voices that the group considers anti-Russian. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/europol-targets-kremlin-backed-cybercrime-gang-noname057-16
-
CrushFTP Servers Hit by Critical Zero-Day Vulnerability CVE-2025-54309
A new zero-day vulnerability in CrushFTP file transfer servers is being actively exploited by cybercriminals, compromising systems around the world. Tracked as CVE-2025-54309, the CrushFTP zero-day vulnerability was first observed in active exploitation on July 18, 2025. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/crushftp-zero-day-flaw-cve-2025-54309/
-
Who’s Watching You? FBI IG Looks to Plug Holes in Ubiquitous Technical Surveillance
Security gaps, coupled with savvy cybercriminals, lend urgency to mitigating the potential for exploitation posed by surveillance tech. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/whos-watching-you-fbi-ig-looks-to-plug-holes-in-ubiquitous-technical-surveillance/
-
Vom Kriminellen zum Kaufmann
Tags: cybercrimeModerne Cyberkriminelle lassen die Grenze zwischen digitaler Kriminalität und klassischer Geschäftstätigkeit zunehmend verschwimmen. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/cybercrime-kriminellen-kaufmann
-
Hackers Exploit FIDO MFA With Novel Phishing Technique
PoisonSeed Threat Actor Uses Cross-Device Login Feature and QR Code to Trick Users. Expel researchers have found a novel adversary-in-the-middle phishing technique used by PoisonSeed, a cybercrime group previously tied to large-scale cryptocurrency thefts, to sidestep one of the most secure forms of multifactor authentication – FIDO2 physical keys. First seen on govinfosecurity.com Jump to…
-
Novel malware from Russia’s APT28 prompts LLMs to create malicious Windows commands
Tags: ai, api, attack, computer, control, cyber, cyberattack, cybercrime, data, detection, dos, exploit, government, group, hacking, infrastructure, intelligence, LLM, malicious, malware, military, network, phishing, programming, russia, service, tool, ukraine, vulnerability, windows.pif (MS-DOS executable) extension, though variants with .exe and .py extensions have also been observed.CERT-UA attributes these attacks to a group it tracks as UAC-0001, but which is better known in the security community as APT28. Western intelligence agencies have officially associated this group with Unit 26165, or the 85th Main Special Service Center (GTsSS)…
-
Texas Drug, Alcohol Testing Firm Hack Affects Nearly 750,000
Cybercrime Group Bian Lian Claimed Responsibility for Attack Last Year. A Texas-based firm that conducts workplace drug and alcohol testing for private employers and for compliance with state and federal agencies, including the Department of Transportation, disclosed to regulators that a July 2024 hacking incident affected nearly 750,000 people. First seen on govinfosecurity.com Jump to…
-
Cambodia Cracks Down on Cybercrime: 1,000+ Arrests Across Five Provinces
Tags: cybercrimeWithin a single week, the Cambodia cybercrime crackdown First seen on thecyberexpress.com Jump to article: thecyberexpress.com/cambodia-cybercrime-crackdown/
-
Microsoft Uncovers Scattered Spider Tactics, Techniques, and Procedures in Recent Attacks
Microsoft has shed light on the sophisticated operations of Octo Tempest, a financially motivated cybercriminal group alternatively known as Scattered Spider, Muddled Libra, UNC3944, or 0ktapus. This threat actor has demonstrated a versatile arsenal of tactics, techniques, and procedures (TTPs) in end-to-end attacks targeting organizations across various sectors. Octo Tempest’s methodology typically begins with initial…
-
Clément Domingo: “We are not using AI correctly to defend ourselves”
Tags: access, ai, attack, control, credentials, cyber, cyberattack, cybercrime, cybersecurity, dark-web, finance, government, group, hacker, infrastructure, intelligence, Internet, jobs, law, malicious, malware, office, password, programming, ransom, startup, threat, tool, trainingstartup, but dedicated to cybercrime in a very efficient way,” Domingo tells via email. “Most have what we call affiliates, which allows them to operate worldwide and attack any organization or entity. In most cases, the startup keeps 20% of the ransom and the accomplice takes 80%.”These are companies that, as he details, offer all…
-
AI Cloaking Tools Enable HarderDetect Cyber-Attacks
Cybercriminals are using AI cloaking tools to evade detection, disguising phishing and malware sites First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-cloaking-tools-enable-complex/
-
Hackers Use DNS Queries to Evade Defenses and Exfiltrate Data
Cybercriminals are increasingly exploiting the Domain Name System (DNS) to bypass corporate security measures and steal sensitive data, according to new research from cybersecurity experts. This sophisticated technique, known as DNS tunneling, transforms the internet’s essential >>phonebook
-
Elite ‘Matanbuchus 3.0’ Loader Spruces Up Ransomware Infections
An upgraded cybercrime tool is designed to make targeted ransomware attacks as easy and effective as possible, with features like EDR-spotting and DNS-based C2 communication. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/matanbuchus-loader-ransomware-infections