Tag: cybercrime
-
Smishing Triad Upgrades Tools and Tactics for Global Attacks
Global smishing campaigns linked to Chinese cybercriminals escalate with Smishing Triad’s new tools and techniques First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/smishing-triad-upgrades-tools/
-
Initial Access Brokers Play a Vital Role in Modern Ransomware Attacks
The ransomware threat landscape has evolved dramatically in recent years, with specialized cybercriminals like Initial Access Brokers (IAbBs) emerging as critical enablers in the Ransomware-as-a-Service (RaaS) ecosystem. These actors serve as high-value middlemen, focusing on breaching organizational networks and selling access to other threat actors who execute the final stages of ransomware and Business Email…
-
Inside DragonForce, the Group Tied to M&S, Co-op and Harrods Hacks
Individuals allegedly linked to the DragonForce cybercriminal syndicate have claimed the attack on the three UK retailers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/dragonforce-goup-ms-coop-harrods/
-
Smishing on a Massive Scale: ‘Panda Shop’ Chinese Carding Syndicate
Resecurity found a new smishing kit called ‘Panda Shop,’ mimicking Smishing Triad tactics with improved features and new templates. Resecurity (USA) was the first company to identify the Smishing Triad, a group of Chinese cybercriminals targeting consumers across the globe. In August 2023, our team was able to identify their activity and locate the smishing…
-
US Readies Huione Group Ban Over Cybercrime Links
Huione Group Helped Criminals Launder Over $4 Billion Worth of Cybercrime Proceeds. The U.S. Department of Treasury set in motion a process to ban a Cambodian company’s access to the dollar financial system for running a vast illicit marketplace for cybercrime tools and laundering billions of dollars on behalf of North Korean and other cybercrime…
-
ANZ Bank to Eliminate Passwords for Digital Banking Services
Tags: authentication, banking, breach, credentials, cybercrime, finance, hacker, malware, mfa, password, serviceHackers Bypass MFA to Steal Australians’ Banking Credentials. Melbourne-based ANZ Bank will introduce passwordless authentication for digital banking services amid news that hackers have stolen the banking credentials of tens of thousands of Australians. Cybercriminals used infostealer malware to steal the credentials of more than 30,000 Australians. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/anz-bank-to-eliminate-passwords-for-digital-banking-services-a-28288
-
DarkGPT & Co: Schattenseite der Intelligenz – Cybercrime 2.0 im Zeitalter der KI
Die Ergebnisse des AI Security Report von Check Point legen nahe, dass Verteidiger nun davon ausgehen müssen, dass KI nicht nur gegen sie selbst, sondern auch gegen ihre Systeme, Plattformen und die von ihnen verwalteten Identitäten eingesetzt wird. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/darkgpt-co-schattenseite-der-intelligenz-cybercrime-2-0-im-zeitalter-der-ki/a40667/
-
Cybercrime Cooperation Has Become More Regional
Ex-Interpol Director Craig Jones on How Geopolitics Affects Global Cybercrime. Geopolitical conflicts have affected intergovernmental cooperation. Craig Jones, immediate past director of cybercrime at Interpol, says geopolitical instability has pushed countries to shift their focus toward data sovereignty, scrutinizing data storage, access and regulations. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/cybercrime-cooperation-has-become-more-regional-a-28279
-
Criminals Are Using AI to Put a New Face on Old Schemes
FBI’s Cynthia Kaiser on How AI Is Helping to Evolve Cyberthreats. Artificial intelligence is changing the way people work, including cybercriminals and fraudsters. But instead of introducing new types of cybercrime, AI has enhanced existing criminal activities, said Cynthia Kaiser, deputy assistant director at the FBI. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/criminals-are-using-ai-to-put-new-face-on-old-schemes-a-28257
-
TerraStealer Strikes: Browser Credential Sensitive”‘Data Heists on the Rise
Insikt Group has uncovered two new malware families, TerraStealerV2 and TerraLogger, attributed to the notorious financially motivated threat actor Golden Chickens, also known as Venom Spider. Active between January and April 2025, these tools signal a persistent evolution in the group’s Malware-as-a-Service (MaaS) platform, which has long been exploited by elite cybercrime syndicates like FIN6,…
-
Threat Actors Use AiTM Attacks with Reverse Proxies to Bypass MFA
Cybercriminals are intensifying their efforts to undermine multi-factor authentication (MFA) through adversary-in-the-middle (AiTM) attacks, leveraging reverse proxies to intercept sensitive data. As phishing tactics grow more advanced, traditional defenses like spam filters and user training are proving insufficient. Attackers deploy reverse proxies as intermediary servers to forward victim traffic to legitimate websites, creating an illusion…
-
RansomHub Taps SocGholish: WebDAV SCF Exploits Fuel Credential Heists
Tags: attack, credentials, cyber, cybercrime, exploit, malware, network, threat, tool, update, vulnerabilitySocGholish, a notorious loader malware, has evolved into a critical tool for cybercriminals, often delivering payloads like Cobalt Strike and, more recently, RansomHub ransomware. Darktrace’s Threat Research team has tracked multiple incidents since January 2025, where threat actors exploited SocGholish to compromise networks through fake browser updates and JavaScript-based attacks on vulnerable CMS platforms like…
-
Private-Public Partnership Vital for Fighting Cybercrime
FBI’s Sanjay Virmani Discusses Recent FBI Takedowns. Developing strong relationships with private sector and international partner organizations is vital for tackling cybercrime. A proactive approach ensures more efficient incident responses, said Sanjay Vermani, the special agent in charge of the FBI in San Francisco First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/private-public-partnership-vital-for-fighting-cybercrime-a-28232
-
Anthropic Flags AI-Driven Influence and Cybercrime Operations
First seen on scworld.com Jump to article: www.scworld.com/brief/anthropic-flags-ai-driven-influence-and-cybercrime-operations
-
Cyberthreats Surge as Attackers Target Compromised Identity
CrowdStrike’s Adam Meyers on Cybercriminals Moving From Endpoints to Softer Targets. With EDR making it difficult for cybercriminal to carry out attacks, they are now shifting focus to exploit vulnerabilities in compromised identities and unmanaged devices to move laterally across organizations, said Adam Meyers, senior vice president of counter adversary operations at CrowdStrike. First seen…
-
US wants to cut off key player in Southeast Asian cybercrime industry
The Treasury Department issued the proposed rulemaking Thursday, stating that Huione Group has helped launder funds from North Korean state-backed cybercrime operations and investment scams originating in Southeast Asia. First seen on therecord.media Jump to article: therecord.media/us-fincen-cut-off-huione-group-southeast-asia-cyber-scam
-
Industrie im Visier des Cybercrime Ransomware wird zur wachsenden Gefahr in der vernetzten Industrie
First seen on security-insider.de Jump to article: www.security-insider.de/iot-ransomware-industrie-a-ab0a92b3ce8a4d440e39d444cd09c22d/
-
Patients left in the dark months after cybercriminals leak testing lab data
It’s been almost a year since the Qilin cybercrime group breached sensitive data from U.K. pathology services company Synnovis, and its patient information page is still short on details about what was exposed and how many people were affected. First seen on therecord.media Jump to article: therecord.media/synnovis-health-data-breach-investigation-onging
-
The Rise of AI-Driven Cyberattacks: Accelerated Threats Demand Predictive and Real-Time Defenses
Artificial intelligence (AI) is transforming industries, but it’s also empowering cybercriminals to launch sophisticated, high-speed cyberattacks. AI-driven attacks, particularly those orchestrated by autonomous AI agents, operate at an accelerated pace, compressing the window for detection and protection. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/the-rise-of-ai-driven-cyberattacks-accelerated-threats-demand-predictive-and-real-time-defenses/
-
The organizational structure of ransomware threat actor groups is evolving before our eyes
The Ransomware-as-a-service (RaaS) model has not recovered from law enforcement disruption, and the entrance of novice actors along with non-Russian state-linked cybercriminals has led to uncertain outcomes for victims. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/05/the-organizational-structure-of-ransomware-threat-actor-groups-is-evolving-before-our-eyes/
-
Scammers Use Spain-Portugal Blackout for TAP Air Refund Phishing Scam
SEO: Cybercriminals are using the recent power outages in Spain and Portugal to launch phishing attacks disguised as… First seen on hackread.com Jump to article: hackread.com/spain-portugal-blackout-tap-air-refund-phishing-scam/
-
Hive0117 group targets Russian firms with new variant of DarkWatchman malware
Hive0117 targets Russian firms in multiple sectors with phishing attacks using a modified version of the DarkWatchman malware. A cybercrime group named Hive0117 is behind a fresh phishing campaign that targeted Russian organizations with a new version of the DarkWatchman malware, according to Russian cybersecurity firm F6. The financially-motivated group targeted organizations in the media,…
-
FBI Uncovers 42,000 Phishing Domains Tied to LabHost PhaaS Operation
The Federal Bureau of Investigation (FBI) has revealed the existence of 42,000 phishing domains associated with the notorious LabHost phishing-as-a-service (PhaaS) platform. This operation, which spanned from November 2021 through April 2024, was recently disabled by law enforcement and had enabled cybercriminals to target millions of victims worldwide. LabHost: A Major Player in Cybercrime LabHost,…
-
Low-tech phishing attacks are gaining ground
Cybercriminals are increasingly favoring low-tech, human-centric attacks to bypass email scanning technologies, according to VIPRE Security. The report is based on an analysis … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/05/01/cybercriminals-email-attacks/
-
Tech-law intel sharing speeds cybercrime crackdown
First seen on scworld.com Jump to article: www.scworld.com/brief/tech-law-intel-sharing-speeds-cybercrime-crackdown
-
AI-fueled cybercrime may outpace traditional defenses, Check Point warns
The security firm said in a new report that defenders should begin using AI to counter cyber criminals’ adoption of the technology. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ai-security-cyber-crime-data-leak-check-point-report/746669/
-
FBI shares massive list of 42,000 LabHost phishing domains
The FBI has shared 42,000 phishing domains tied to the LabHost cybercrime platform, one of the largest global phishing-as-a-service (PhaaS) platforms that was dismantled in April 2024. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/fbi-shares-massive-list-of-42-000-labhost-phishing-domains/
-
AiTM Phishing Kits Bypass MFA by Hijacking Credentials and Session Tokens
Tags: 2fa, attack, authentication, credentials, cyber, cybercrime, exploit, mfa, phishing, service, softwareDarktrace’s Security Operations Center (SOC) in late 2024 and early 2025, cybercriminals have been exploiting legitimate Software-as-a-Service (SaaS) platforms like Milanote to orchestrate sophisticated phishing campaigns. These attacks, bolstered by the Tycoon 2FA phishing kit, demonstrate an advanced Adversary-in-the-Middle (AiTM) approach that circumvents multi-factor authentication (MFA) protections. Leveraging Legitimate Services for Stealthy Attacks By abusing…