Tag: cybercrime
-
Dark Partners cybercrime gang fuels large-scale crypto heists
A sprawling network of fake AI, VPN, and crypto software download sites is being used by the “Dark Partner” threat actors to conduct a crypto theft attacks worldwide. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/dark-partners-cybercrime-gang-fuels-large-scale-crypto-heists/
-
How ‘Browserthe-Middle’ Attacks Steal Sessions in Seconds
Would you expect an end user to log on to a cybercriminal’s computer, open their browser, and type in their usernames and passwords? Hopefully not! But that’s essentially what happens if they fall victim to a Browser-in-the-Middle (BitM) attack.Like Man-in-the-Middle (MitM) attacks, BiTM sees criminals look to control the data flow between the victim’s computer…
-
‘Secure email’: A losing battle CISOs must give up
End-to-end encryption remains elusive: Email continues to be the dominant electronic communication tool today because it is well understood, relatively easy to use, and relatively inexpensive. By and large, businesses have approved email for sending confidential information, and we often convince ourselves that it is secure, can be secured with third-party tools, or it’s “good…
-
Operation Endgame gelingt Schlag gegen Cyberkriminalität
Internationalen Strafverfolgungsbehörden ist es bei der gemeinsamen Operation Endgame gelungen, die DanaBot-Malware zu neutralisieren und 16 Hintermänner festzunehmen. First seen on 8com.de Jump to article: www.8com.de/cyber-security-blog/operation-endgame-gelingt-schlag-gegen-cyberkriminalitat
-
Indian Police Arrest Cybercrime Gang Copycats of Myanmar Biz Model
The region offers attractive conditions: a large pool of tech workers, economic disparity, and weak enforcement of cybercrime laws, all of which attract businesses legitimate and shady. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/indian-police-arrest-cybercrime-gang-copycats-myanmar-biz-model
-
Cybercriminals Clone Antivirus Site to Spread Venom RAT and Steal Crypto Wallets
Tags: access, antivirus, credentials, crypto, cybercrime, cybersecurity, finance, malicious, rat, softwareCybersecurity researchers have disclosed a new malicious campaign that uses a fake website advertising antivirus software from Bitdefender to dupe victims into downloading a remote access trojan called Venom RAT.The campaign indicates a “clear intent to target individuals for financial gain by compromising their credentials, crypto wallets, and potentially selling access to their systems,” the…
-
Danabot Takedown Deals Blow to Russian Cybercrime
A multiyear investigation by a public-private partnership has resulted in the seizure of the botnet’s US-based infrastructure and indictments for its key players, significantly disrupting a vast cybercriminal enterprise. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/danabot-takedown-russian-cybercrime
-
US authorities charge 16 in operation to disrupt DanaBot malware
Authorities said malware linked to Russia-based cybercrime group infected more than 300,000 computers around the world with the malicious code. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/us-authorities-disrupt-danabot-malware/748991/
-
Adidas Customer Information Compromised Through Third-Party Vendor
German sportswear giant Adidas has confirmed a data breach after cybercriminals accessed customer data through a third-party customer service provider. The breach, disclosed on May 23, 2025, did not involve sensitive information such as passwords or payment details but did expose the contact information of customers who had previously interacted with Adidas’ help desk. This…
-
Hackers Reportedly Selling Over 500 Stolen Crypto Databases on Dark-Web Forums
A hackers has made news by allegedly selling a ZIP archive containing more than 500 compromised databases, which seems to be a serious blow to the cybersecurity of several cryptocurrency companies. This clandestine operation, taking place on dark-web forums, showcases the growing threat landscape within the crypto space where cybercriminals are increasingly targeting valuable digital…
-
Fake software activation videos on TikTok spread Vidar, StealC
Crooks use TikTok videos with fake tips to trick users into running commands that install Vidar and StealC malware in ClickFix attacks. Cybercriminals leverage AI-generated TikTok videos in ClickFix attacks to spread Vidar and StealC malware, reports Trend Micro. These videos trick users into running PowerShell commands disguised as software activation steps for tools like…
-
Cyber threats are changing and here’s what you should watch for
In this Help Net Security video, Stefan Tanase, Cyber Intelligence Expert at CSIS, gives an overview of how cybercriminals are changing their tactics, including using … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/26/cyber-threats-2025-video/
-
Security Affairs newsletter Round 525 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Securitythe weekly Security Affairs newsletterAffairs newsletter arrived! Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Silent Ransom Group targeting law firms, the FBI warns Leader of Qakbot cybercrime network…
-
Leader of Qakbot cybercrime network indicted in U.S. crackdown
The U.S. indicted Russian Rustam Gallyamov for leading the Qakbot botnet, which infected 700K+ devices and was used in ransomware attacks. The U.S. authorities have indicted Russian national Rustam Gallyamov, the leader of the Qakbot operation, which infected over 700,000 computers and facilitated ransomware attacks. Qakbot, also known as QBot, QuackBot and Pinkslipbot, is an…
-
NC Pathology Practice Notifying 236,000 of Data Theft Hack
Did Marlboro-Chesterfield Pathology Pay Cybercrime Gang Safepay a Ransom?. A North Carolina pathology practice is notifying nearly 236,000 patients of a hacking incident discovered in January. Marlboro-Chesterfield Pathology says it took steps to ensure the hackers deleted its stolen data. Newcomer ransomware group Safepay is apparently the culprit in the attack. First seen on govinfosecurity.com…
-
ConnectWise ScreenConnect Tops List of Abused RATs in 2025 Attacks
Cofense Intelligence’s May 2025 report exposes how cybercriminals are abusing legitimate Remote Access Tools (RATs) like ConnectWise and Splashtop to deliver malware and steal data. Learn about this growing threat. First seen on hackread.com Jump to article: hackread.com/connectwise-screenconnect-tops-abused-rats-2025/
-
N.C. Pathology Practice Notifying 236,000 of Data Theft Hack
Did Marlboro-Chesterfield Pathology Pay Cybercrime Gang Safepay a Ransom?. A North Carolina pathology practice is notifying nearly 236,000 patients of a hacking incident discovered in January. Marlboro-Chesterfield Pathology says it took steps to ensure the hackers deleted its stolen data. Newcomer ransomware group Safepay is apparently the culprit in the attack. First seen on govinfosecurity.com…
-
U.S. Authorities Seize DanaBot Malware Operation, Indict 16
U.S. authorities seized the infrastructure of the DanaBot malware and charged 16 people in an action that is part of the larger Operation Endgame, a multinational initiative launched last year to disrupt and take apart global cybercriminals operations. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/u-s-authorities-seize-danabot-malware-operation-indict-16/
-
Russian-led cybercrime network dismantled in global operation
Arrest warrants issued for ringleaders after investigation by police in Europe and North AmericaEuropean and North American cybercrime investigators say they have dismantled the heart of a malware operation directed by Russian criminals after a global operation involving British, Canadian, Danish, Dutch, French, German and US police.International arrest warrants have been issued for 20 suspects,…
-
GenAI Assistant DIANNA Uncovers New Obfuscated Malware
Deep Instinct’s GenAI-powered assistant, DIANNA, has identified a sophisticated new malware strain dubbed BypassERWDirectSyscallShellcodeLoader. This malware, reportedly crafted with the assistance of large language models (LLMs) such as ChatGPT and DeepSeek, underscores a chilling trend in cybercrime: the rise of AI-generated threats. Unlike traditional hand-coded malware, this strain is engineered with unprecedented speed, complexity, and…
-
M&S contractor ‘investigating whether it was gateway for cyber-attack’
Tata Consulting Services said to be holding internal inquiry into whether its staff or systems were used to gain access<ul><li><a href=”https://www.theguardian.com/business/live/2025/may/23/energy-price-cap-cut-great-britain-retail-sales-stock-markets-bonds-business-live-news”>Business live latest updates</li></ul>An Indian company that operates Marks & Spencer’s IT helpdesk is reportedly investigating whether it was used by cybercriminals to gain access to systems at the retailer, which is battling a <a…
-
Researchers Uncover Infrastructure and TTPs Behind ALCATRAZ Malware
Elastic Security Labs has recently exposed a sophisticated new malware family dubbed DOUBLELOADER, observed in conjunction with the RHADAMANTHYS infostealer. This discovery sheds light on the evolving tactics, techniques, and procedures (TTPs) of cybercriminals who leverage advanced obfuscation tools to hinder analysis. Notably, DOUBLELOADER is protected by ALCATRAZ, an open-source obfuscator first released in 2023,…
-
TikTok videos now push infostealer malware in ClickFix attacks
Cybercriminals are using TikTok videos to trick users into infecting themselves with Vidar and StealC information-stealing malware in ClickFix attacks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/tiktok-videos-now-push-infostealer-malware-in-clickfix-attacks/
-
Operation Endgame 2.0: DanaBusted
Tags: access, attack, backup, banking, breach, business, cloud, communications, control, crypto, cybercrime, data, defense, detection, email, espionage, firewall, fraud, government, group, Hardware, infection, intelligence, international, law, malicious, malware, middle-east, network, programming, ransomware, russia, service, supply-chain, switch, threat, tool, ukraine, update, windowsIntroductionOn May 22, 2025, international law enforcement agencies released information about additional actions that were taken in conjunction with Operation Endgame, an ongoing, coordinated effort to dismantle and prosecute cybercriminal organizations, including those behind DanaBot. This action mirrors the original Operation Endgame, launched in May 2024, which disrupted SmokeLoader, IcedID, SystemBC, Pikabot, and Bumblebee. Zscaler…
-
3AM ransomware attack poses as a call from IT support to compromise networks
Cybercriminals are getting smarter. Not by developing new types of malware or exploiting zero-day vulnerabilities, but by simply pretending to be helpful IT support desk workers. First seen on tripwire.com Jump to article: www.tripwire.com/state-of-security/3am-ransomware-attackers-pose-it-support-compromise-networks
-
Russian Hacker Indicted Over $24 Million Qakbot Ransomware Operation
The U.S. Department of Justice has unsealed a federal indictment against Rustam Rafailevich Gallyamov, 48, of Moscow, Russia, alleging he led the development and deployment of the notorious Qakbot malware. This action, announced on May 22, 2025, marks a significant milestone in a years-long multinational effort to disrupt cybercriminal networks that have inflicted hundreds of…
-
DragonForce Engages in Turf War for Ransomware Dominance
Sophos has observed DragonForce attacking rival ransomware operators including RansomHub as it seeks to expand its reach in the cybercrime marketplace First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/dragonforce-turf-war-ransomware/
-
BKA gelingt Schlag gegen Cyberkriminelle
Im Rahen der “Operation Endgame” wurden die derzeit einflussreichsten Schadsoftware-Varianten vom Netz genommen. BKASicherheitsbehörden ist ein Schlag gegen die weltweite Cyberkriminalität gelungen. Im Laufe dieser Woche seien dank der “Operation Endgame” die derzeit einflussreichsten Schadsoftware-Varianten vom Netz genommen und die dahinterstehenden Täter identifiziert worden, teilte das Bundeskriminalamt (BKA) mit.Von den insgesamt 37 identifizierten Akteuren werden…