Tag: cybercrime
-
Researchers Reveal Connection Between Belsen and ZeroSeven Cybercrime Groups
In a groundbreaking analysis, cybersecurity firm KELA reveals striking parallels in operational style, target selection, and online presence that suggest a possible connection between two Yemen-linked threat actors: the recently surfaced Belsen Group and the long-standing ZeroSevenGroup. Who Is the Belsen Group? The Belsen Group made its debut in early January 2025 via a post…
-
Cybercriminals pwn 850k+ Americans’ healthcare data
Three US medical centers fess up to serious breaches First seen on theregister.com Jump to article: www.theregister.com/2025/09/18/850k_americans_affected_by_medical/
-
Cybercriminals pwn 850k+ Americans healthcare data
Three US medical centers fess up to serious breaches First seen on theregister.com Jump to article: www.theregister.com/2025/09/18/850k_americans_affected_by_medical/
-
Two teenage suspected Scattered Spider members charged in UK over TfL hack
A 19-year-old and an 18-year-old have been arrested and charged in the hack of London’s transport agency in 2024, an attack attributed to the Scattered Spider cybercrime collective. First seen on therecord.media Jump to article: therecord.media/scattered-spider-teenage-suspects-arrested-britain-nca
-
Cybercriminals Have a Weird New Way to Target You With Scam Texts
Scammers are now using “SMS blasters” to send out up to 100,000 texts per hour to phones that are tricked into thinking the devices are cell towers. Your wireless carrier is powerless to stop them. First seen on wired.com Jump to article: www.wired.com/story/sms-blasters-scam-texts/
-
AI is altering entry-level cyber hiring, and the nature of the skills gap
The certification trap and broken pipelines: Other experts argued that an over reliance on CVs and certifications is one of the biggest barriers to hiring success in cybersecurity because it acts to shut out otherwise qualified candidates.”Despite bringing valuable experience and perspectives, people with 10 years of work experience are put off because there is…
-
Attack on SonicWall’s cloud portal exposes customers’ firewall configurations
The company confirmed to CyberScoop that an unidentified cybercriminal accessed SonicWall’s customer portal through a series of brute-force attacks. First seen on cyberscoop.com Jump to article: cyberscoop.com/sonicwall-cyberattack-customer-firewall-configurations/
-
Microsoft and Cloudflare execute ‘rugpull’ on massive phishing empire
Tags: access, ai, attack, blockchain, breach, computer, credentials, crime, crimes, crypto, cybercrime, data, detection, exploit, extortion, finance, fraud, infrastructure, international, law, microsoft, phishing, programming, scam, service, strategy, threat, toolLegal victory with limitations: Microsoft’s investigation identified Joshua Ogundipe, based in Nigeria, as the operation’s leader and primary architect. The company filed a lawsuit against Ogundipe and four associates listed as John Does in late August, then obtained a court order from the US District Court for the Southern District of New York in early…
-
Microsoft and Cloudflare disrupt massive RaccoonO365 phishing service
Microsoft and Cloudflare have disrupted a massive Phishing-as-a-Service (PhaaS) operation, known as RaccoonO365, that helped cybercriminals steal thousands of Microsoft 365 credentials. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/microsoft-and-cloudflare-disrupt-massive-raccoono365-phishing-service/
-
DoJ resentenced former BreachForums admin to three years in prison
The U.S. Department of Justice (DoJ) resentenced the former administrator of the popular BreachForums hacking forum BreachForums to three years in prison. The U.S. DoJ resentenced the former BreachForums administrator, Conor Brian Fitzpatrick (aka Pompompurin), 22, to three years in prison. Authorities say he ran the notorious hacking forum, which traded stolen data and cybercrime…
-
Microsoft Takes Down 300+ Websites Behind RaccoonO365 Phishing Scheme
Tags: access, control, crime, crimes, cyber, cybercrime, infrastructure, microsoft, phishing, serviceMicrosoft’s Digital Crimes Unit (DCU) has seized control of 338 websites facilitating RaccoonO365, the rapidly expanding phishing-as-a-service platform that enables anyone to harvest Microsoft 365 credentials. Acting under a court order from the Southern District of New York, the DCU disrupted the operation’s technical infrastructure, denying cybercriminals access to victims and cutting off their revenue…
-
Scattered Spider Resurfaces With Financial Sector Attacks Despite Retirement Claims
Cybersecurity researchers have tied a fresh round of cyber attacks targeting financial services to the notorious cybercrime group known as Scattered Spider, casting doubt on their claims of going “dark.”Threat intelligence firm ReliaQuest said it has observed indications that the threat actor has shifted their focus to the financial sector. This is supported by an…
-
Adtech Abused by Threat Actors to Spread Malicious Advertisements
Malicious advertising campaigns have surged in sophistication, with cybercriminals exploiting and even operating adtech firms to deliver malware, credential stealers and phishing schemes directly through mainstream ad networks. A cluster of interconnected companies”, run through shell corporations, hosted on compromised infrastructure, and registered en masse via a notorious registrar”, has enabled a prolific threat actor,…
-
10 Millionen Dollar Belohnung Bandenboss auf der Flucht vor FBI
Tags: cybercrimeFirst seen on security-insider.de Jump to article: www.security-insider.de/ermittlungen-cybercrime-netzwerk-kopf-gesucht-a-3caa56f508c2f243299dbbc46abd966c/
-
Wave of 40,000+ Cyberattacks Target API Environments
The cybersecurity landscape has witnessed a dramatic escalation in API-targeted attacks during the first half of 2025, with security researchers documenting over 40,000 API incidents across more than 4,000 monitored environments. This surge represents a fundamental shift in how cybercriminals approach digital infrastructure, with APIs becoming the primary gateway for sophisticated attack campaigns designed to inject malicious…
-
DOJ Resentences BreachForums Founder to 3 Years for Cybercrime and Possession of CSAM
The U.S. Department of Justice (DoJ) on Tuesday resentenced the former administrator of BreachForums to three years in prison in connection with his role in running the cybercrime forum and possessing child sexual abuse material (CSAM).Conor Brian Fitzpatrick (aka Pompompurin), 22, of Peekskill, New York, pleaded guilty to one count of access device conspiracy, one…
-
Wave of 40,000+ Cyberattacks Target API Environments
The cybersecurity landscape has witnessed a dramatic escalation in API-targeted attacks during the first half of 2025, with security researchers documenting over 40,000 API incidents across more than 4,000 monitored environments. This surge represents a fundamental shift in how cybercriminals approach digital infrastructure, with APIs becoming the primary gateway for sophisticated attack campaigns designed to inject malicious…
-
Original BreachForums Admin Gets 3-Year Prison Sentence
Tags: cybercrimeProsecutors Asked Court to Sentence Conor ‘Pompompurin’ Fitzpatrick to 188 Months. Conor Brian Fitzpatrick, founder and administrator of the first iteration of the BreachForums cybercrime forum, received a three year prison sentence during a Tuesday resentencing in a Virginia federal court. Better known online as Pompompurin, 22-year-old Fitzpatrick pleaded guilty in July 2023. First seen…
-
‘Vane Viper’ Threat Group Tied to PropellerAds, Commercial Entities
Researchers say the commercial adtech platform and several other companies form the infrastructure of a massive cybercrime operation. First seen on darkreading.com Jump to article: www.darkreading.com/vulnerabilities-threats/vane-viper-threat-group-propellerads
-
Emerging Yurei Ransomware Claims First Victims
The cybercrime group, named after Japanese ghosts but believed to be from Morocco, uses a modified version of the Prince-Ransomware binary that includes a flaw allowing for partial data recovery. However, an extortion threat remains. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/emerging-yurei-ransomware-claims-first-victims
-
Cybercrime group accessed Google Law Enforcement Request System (LERS)
Google found threat actors created a fake account in its Law Enforcement Request System (LERS) and shut it down. Google confirmed that threat actors gained access to its Law Enforcement Request System (LERS) platform by creating a fake account. The Google Law Enforcement Request System (LERS) is a secure online portal for verified government agencies…
-
‘SlopAds’ Fraud Campaign Uses Novel Obfuscation Techniques
Steganography, Mobile Marketing Attribution, Code Obfuscation Deployed for Ad Fraud. A cybercrime crew using Android mobile apps to conduct advertising fraud took unusual pains to hide its activity, concealing malicious code in downloadable digital images and holding off from infecting the subset of users who organically found their apps through the Google Play store. First…
-
Windows Users Hit by VenomRAT in AI-Driven RevengeHotels Attack
RevengeHotels, also known as TA558, has escalated its long-standing cybercrime campaign by incorporating artificial intelligence into its infection chains, deploying the potent VenomRAT malware against Windows users. Active since 2015, this threat actor has traditionally targeted hotel guests and travelers, stealing payment card data through phishing emails. Recent campaigns, however, demonstrate a marked shift: AI-generated…
-
Millions of Customer Records Stolen in Cyberattack on Gucci, Balenciaga, and Alexander McQueen
Luxury retail giant Kering has confirmed a major data breach affecting its top fashion houses, including Gucci, Balenciaga, and Alexander McQueen. The cybercriminal group known as Shiny Hunters claims to have stolen private details tied to as many as 7.4 million unique email addresses. Potentially millions of customers around the world may now be at…
-
HybridPetya-Ransomware knackt Windows Secure Boot
Die Ransomware HybridPetya nutzt eine bereits gepatchte Microsoft-Lücke, um die UEFI Secure Boot-Funktion auszuhebeln.Forscher des Cybersicherheitsunternehmens ESET haben eine neue Ransomware namens HybridPetya aufgespürt, die der berüchtigten Petya- und NotPetya-Malware ähnelt. Wie ihre Vorgänger zielt die Schadsoftware auf die Master File Table (MFT) ab eine zentrale Datenbank auf NTFS-Partitionen, die alle Dateien und Verzeichnisse katalogisiert.Im…
-
HybridPetya-Ransomware knackt Windows Secure Boot
Die Ransomware HybridPetya nutzt eine bereits gepatchte Microsoft-Lücke, um die UEFI Secure Boot-Funktion auszuhebeln.Forscher des Cybersicherheitsunternehmens ESET haben eine neue Ransomware namens HybridPetya aufgespürt, die der berüchtigten Petya- und NotPetya-Malware ähnelt. Wie ihre Vorgänger zielt die Schadsoftware auf die Master File Table (MFT) ab eine zentrale Datenbank auf NTFS-Partitionen, die alle Dateien und Verzeichnisse katalogisiert.Im…
-
FBI warns of Scattered Spider and ShinyHunters attacks on Salesforce platforms
The FBI released an urgent notice warning organizations about a campaign by several cybercriminal groups to compromise Salesforce platforms. First seen on therecord.media Jump to article: therecord.media/fbi-warns-scattered-spider-salesforce
-
Threat Group Scattered Lapsus$ Hunters Says It’s Shutting Down
The bad actors behind the Scattered Lapsus$ Hunters threat group say they are shutting down operations and retiring, but cybersecurity pros say law enforcement pressure is a key reason for the decision and that the hackers will likely form new cybercrime operations. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/threat-group-scattered-lapsus-hunters-says-its-shutting-down/
-
Threat Group Scattered Lapsus$ Hunters Says It’s Shutting Down
The bad actors behind the Scattered Lapsus$ Hunters threat group say they are shutting down operations and retiring, but cybersecurity pros say law enforcement pressure is a key reason for the decision and that the hackers will likely form new cybercrime operations. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/09/threat-group-scattered-lapsus-hunters-says-its-shutting-down/