Tag: cybercrime
-
Cl0p Ransomware’s Exfiltration Process Exposes RCE Vulnerability
Tags: computer, cyber, cybercrime, data, data-breach, flaw, group, incident response, ransomware, rce, remote-code-execution, vulnerabilityA newly disclosed vulnerability in the Python-based data-exfiltration utility used by the notorious Cl0p ransomware group has exposed the cybercrime operation itself to potential attack. The flaw, cataloged as GCVE-1-2025-0002, was identified by Italian security researcher Lorenzo N and published by the Computer Incident Response Center Luxembourg (CIRCL) on July 1, 2025. Vulnerability Details The…
-
A Group of Young Cybercriminals Poses the ‘Most Imminent Threat’ of Cyberattacks Right Now
The Scattered Spider hacking group has caused chaos among retailers, insurers, and airlines in recent months. Researchers warn that its flexible structure poses challenges for defense. First seen on wired.com Jump to article: www.wired.com/story/scattered-spider-most-imminent-threat/
-
Spain arrests hackers who targeted politicians and journalists
The Spanish police have arrested two individuals in the province of Las Palmas for their alleged involvement in cybercriminal activity, including data theft from the country’s government. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/spain-arrests-hackers-who-targeted-politicians-and-journalists/
-
U.S. Sanctions Russia’s Aeza Group for aiding crooks with bulletproof hosting
U.S. Treasury sanctions Russia-based Aeza Group and affiliates for aiding cybercriminals via bulletproof hosting services. The U.S. Treasury’s Office of Foreign Assets Control (OFAC) sanctioned Russia-based Aeza Group for aiding global cybercriminals via bulletproof hosting services. A bulletproof hosting service is a type of internet hosting provider that knowingly allows cybercriminals to host malicious content…
-
Cybercriminals Use Malicious PDFs to Impersonate Microsoft, DocuSign, and Dropbox in Targeted Phishing Attacks
Cisco’s Talos security team has uncovered a surge in sophisticated phishing campaigns leveraging malicious PDF payloads to impersonate trusted brands like Microsoft, DocuSign, and Dropbox. According to a recent update to Cisco’s brand impersonation detection engine, these attacks have expanded in scope, targeting a broader array of well-known organizations with deceptive emails designed to exploit…
-
Ransomware gang attacks German charity that feeds starving children
Cybercriminals are extorting the German humanitarian aid group Welthungerhilfe (WHH) for 20 bitcoin. The charity said it will not pay. First seen on therecord.media Jump to article: therecord.media/welthungerhilfe-german-hunger-relief-charity-ransomware-attack
-
Cl0p cybercrime gang’s data exfiltration tool found vulnerable to RCE attacks
Experts say they don’t expect the MOVEit menace to do much about it First seen on theregister.com Jump to article: www.theregister.com/2025/07/02/cl0p_rce_vulnerability/
-
U.S. Sanctions Russian Bulletproof Hosting Provider for Supporting Cybercriminals Behind Ransomware
Tags: control, country, cybercrime, group, international, malicious, office, ransomware, russia, service, threatThe U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has levied sanctions against Russia-based bulletproof hosting (BPH) service provider Aeza Group to assist threat actors in their malicious activities and targeting victims in the country and across the world.The sanctions also extend to its subsidiaries Aeza International Ltd., the U.K. branch of…
-
How Monitoring Users’ Holistic Digital Identities Can Help Businesses Eliminate Cybercriminals’ Greatest Advantage
Businesses must take the threat of identity-based attacks seriously and adapt their cybersecurity practices to address this challenge. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/07/how-monitoring-users-holistic-digital-identities-can-help-businesses-eliminate-cybercriminals-greatest-advantage/
-
Vercel’s v0 AI Tool Weaponized by Cybercriminals to Rapidly Create Fake Login Pages at Scale
Unknown threat actors have been observed weaponizing v0, a generative artificial intelligence (AI) tool from Vercel, to design fake sign-in pages that impersonate their legitimate counterparts.”This observation signals a new evolution in the weaponization of Generative AI by threat actors who have demonstrated an ability to generate a functional phishing site from simple text prompts,”…
-
U.S. Treasury Sanctions Bulletproof Hosting Firm Fueling Ransomware Campaigns
Tags: attack, control, cyber, cybercrime, data, group, international, network, office, ransomware, russia, theftThe U.S. Department of the Treasury’s Office of Foreign Assets Control (OFAC) has imposed sweeping sanctions onAeza Group, a Russia-based bulletproof hosting (BPH) provider, for its pivotal role in enabling global cybercrime, including ransomware attacks, data theft, and illicit drug trafficking. The action, announced Tuesday, targets Aeza Group’s international network, including affiliated companies in Russia…
-
Breaking the chain: How to disrupt cybercrime’s use of stolen data
First seen on scworld.com Jump to article: www.scworld.com/resource/breaking-the-chain-how-to-disrupt-cybercrimes-use-of-stolen-data
-
Cybercrime set to become the world’s third largest economy
Tags: cybercrimeFirst seen on scworld.com Jump to article: www.scworld.com/news/cybercrime-set-to-become-the-worlds-third-largest-economy
-
Russian bulletproof hosting service Aeza Group sanctioned by US for ransomware work
Support for ransomware, darknet drug markets and other cybercrime activity landed the Russian company Aeza Group on the U.S. government’s sanctions list, the Treasury Department said. First seen on therecord.media Jump to article: therecord.media/russia-bulletproof-hosting-aeza-group-us-sanctions
-
TA829 Hackers Use New TTPs and Enhanced RomCom Backdoor to Evade Detection
The cybercriminal group TA829, also tracked under aliases like RomCom, Void Rabisu, and Tropical Scorpius, has been observed deploying sophisticated tactics, techniques, and procedures (TTPs) alongside an updated version of its infamous RomCom backdoor, now dubbed SingleCamper (aka SnipBot). This group, known for blending financially motivated cybercrime with espionage campaigns often aligned with Russian state…
-
US Sanctions Aeza Group for Hosting Infostealers, Ransomware
Russian Bulletproof Host Also Designated a Front Company in the UK. The United States cut off from the U.S.-dominated international financial system a Russian provider of digital infrastructure to cybercriminal groups, accusing St. Petersburg-based Aeza Group of hosting infostealers and ransomware operations. The U.S. said Aeza is a bulletproof hosting service. First seen on govinfosecurity.com…
-
New Report Uncovers Major Overlaps in Cybercrime and State-Sponsored Espionage
Proofpoint has identified similarities between the tactics of a pro-Russian cyber espionage group and a cybercriminal gang First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/major-overlaps-cybercrime-espionage/
-
Chinesische Hacker haben über 1.000 SOHO-Geräte infiziert
Tags: backdoor, china, cisco, cyberattack, cybercrime, cyberespionage, hacker, iot, linux, malware, office, usa, vulnerability, windowsDutzende Cybercrime-Kampagnen mit Fokus auf Asien und die USA wurden als angebliche LAPD-Aktionen getarnt.Cybersecurity-Experten haben ein Netzwerk von mehr als 1.000 kompromittierten Small-Office- und Home-Office-Geräten (SOHO) entdeckt. Die Devices wurden laut den Experten dazu genutzt, eine langwierige Cyberspionage-Infrastrukturkampagne für chinesische Hacker-Gruppen zu ermöglichen. Das Strike-Team von SecurityScorecard entdeckte das dazugehörige Operational-Relay-Box (ORB)-Netzwerk und gab ihm…
-
Mit KI auf Spurensuche im Darknet: Sophos identifiziert Schlüsselakteure der Cyberkriminalität
Mittels sozialwissenschaftlicher Methoden unter anderem einem Klassifikationsmodell aus der Kriminologie und KI-gestützter Netzwerkanalyse konnte das Forschungsteam die Nutzer:innen in Gruppen einteilen: Wer ist besonders aktiv, wer ist spezialisiert, wer besitzt tiefes technisches Know-how? First seen on infopoint-security.de Jump to article: www.infopoint-security.de/mit-ki-auf-spurensuche-im-darknet-sophos-identifiziert-schluesselakteure-der-cyberkriminalitaet/a41274/
-
US-Regierung geht gegen nordkoreanische Fake-ITler vor
Nordkorea schleust Agenten als IT-Mitarbeiter mit falschen Identitäten in Unternehmen ein – in den USA wurden nun Verantwortliche hochgenommen. First seen on golem.de Jump to article: www.golem.de/news/cybercrime-us-regierung-geht-gegen-nordkoreanische-fake-itler-vor-2507-197631.html
-
CISOs must rethink defense playbooks as cybercriminals move faster, smarter
Tags: access, automation, breach, business, cisco, ciso, crowdstrike, cybercrime, cybersecurity, data, defense, finance, incident response, Intruder, okta, ransomware, siem, technology, threatThreat actor containment: Increasingly ‘surgical’ and best with a plan: Even after an intruder has been identified, today’s rapid pace of adversary activity is also straining cybersecurity teams’ ability to contain intruders before they can cause damage.”If I’m a CISO, if I’m responsible for detecting and remediating that incident before it progresses to becoming a…
-
Hacker zwischen Cybercrime und Spionage: Die Grenze verschwimmt
Staatliche Spionage und organisierte Cyberkriminalität gehen zunehmend Hand in Hand. Zwei Hackergruppen zeigen, wie schwer es geworden ist, Täter klar zuzuordnen und wie ausgeklügelt ihre Methoden sind. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/hacker-cybercrime-spionage
-
How cybercriminals are weaponizing AI and what CISOs should do about it
In a recent case tracked by Flashpoint, a finance worker at a global firm joined a video call that seemed normal. By the end of it, $25 million was gone. Everyone on the call … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/01/defending-ai-powered-cybercrime/
-
Threat Actors Exploit Facebook Ads to Distribute Malware and Steal Wallet Passwords
The Pi Network community eagerly celebrated Pi2Day, an event traditionally associated with platform updates, feature launches, and significant milestones. However, this year’s festivities have been overshadowed by a sinister wave of cyberattacks. Cybercriminals have capitalized on the event’s hype, launching a malicious ad campaign on Facebook to target unsuspecting users with phishing scams and malware…
-
How 2 Ransomware Attacks on 2 Hospitals Led to 2 Deaths in Europe
Two deadly Ransomware Attacks on European hospitals show cybercrime now risks lives not just data with patients dying after treatment delays. First seen on hackread.com Jump to article: hackread.com/how-ransomware-attacks-hospitals-2-deaths-in-europe/
-
Data breach at healthcare services firm Episource affects 5.4M
The incident, one of the largest breaches reported to federal regulators this year, came after a cybercriminal accessed data on the company’s computer systems over the winter. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/episource-healthcare-data-breach-impacts-5-4-million/751960/
-
Swiss nonprofit health organization breached by Sarcoma ransomware group
Sarcoma, a recently emerged cybercrime group, was responsible for a data breach of Swiss health nonprofit Radix, according to a statement by the Zurich-based organization. First seen on therecord.media Jump to article: therecord.media/sarcoma-ransomware-breach-swiss-healthcare-nonprofit-radix
-
FBI: Cybercriminals steal health data posing as fraud investigators
The Federal Bureau of Investigation (FBI) has warned Americans of cybercriminals impersonating health fraud investigators to steal their sensitive information. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-warns-cybercriminals-steal-health-data-posing-as-fraud-investigators/
-
RIFT: Open-Source Rust Malware Analyzer Released by Microsoft
Tags: cyber, cybercrime, exploit, intelligence, malware, microsoft, open-source, programming, rust, threat, toolAs cybercriminals and nation-state actors increasingly turn to the Rust programming language for malware development, Microsoft’s Threat Intelligence Center has unveiled a powerful new open-source tool called RIFT to help security analysts combat this growing threat. Rust, renowned for its speed, memory safety, and robustness, is now being exploited for its advantages in creating malware…