Tag: cybercrime

Cybercriminals are getting personal, and it’s working

Aug 7, 2025 8:11 AM

Tags: cybercrime, malicious, phishing

Cybercriminals are deploying unidentifiable phishing kits (58% of phishing sites) to propagate malicious campaigns at scale, indicating a trend towards custom-made or … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/07/email-attacks-q2-2025/
Cybercriminals are getting personal, and it’s working

Aug 7, 2025 8:11 AM

Tags: cybercrime, malicious, phishing

Cybercriminals are deploying unidentifiable phishing kits (58% of phishing sites) to propagate malicious campaigns at scale, indicating a trend towards custom-made or … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/08/07/email-attacks-q2-2025/
How to Prevent Helpdesk Social Engineering Attacks

Aug 7, 2025 6:11 AM

Tags: access, attack, authentication, breach, credentials, cybercrime, dark-web, data, deep-fake, defense, exploit, finance, flaw, malware, mfa, network, password, phone, psychology, ransomware, social-engineering, tactics, threat, unauthorized
How to Prevent Helpdesk Social Engineering Attacks

Aug 7, 2025 6:11 AM

Tags: access, attack, authentication, breach, credentials, cybercrime, dark-web, data, deep-fake, defense, exploit, finance, flaw, malware, mfa, network, password, phone, psychology, ransomware, social-engineering, tactics, threat, unauthorized
On the Rise: Ransomware Victims, Breaches, Infostealers

Aug 6, 2025 11:11 PM

Tags: breach, credentials, cybercrime, data, data-breach, exploit, ransomware, threat, vulnerability

Researchers See ‘Acceleration’ in Existing Threats, Ongoing Criminal Success. Cybercrime so far this year can be summarized as featuring more of everything, with researchers tracking increases in the number of ransomware and data breach victims, credentials stolen by infostealers, and new vulnerability disclosures with exploits coming to light. First seen on govinfosecurity.com Jump to article:…
VexTrio Cybercrime Outfit Run by Legit Ad Tech Firms

Aug 6, 2025 11:11 PM

Tags: cybercrime, hacker, malicious

New research reveals that a malicious traffic distribution system (TDS) is run not by hackers in hoodies, but by a series of corporations operating in the commercial digital advertising industry. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/vextrio-cybercrime-outfit-legit-ad-tech
#BHUSA: Researchers Expose Infrastructure Behind Cybercrime Network VexTrio

Aug 6, 2025 11:11 PM

Tags: cybercrime, infrastructure, network

According to Infoblox’s new report, the VexTrio cybercrime-enabling network originates from Italy and Eastern Europe First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/bhusa-cybercrime-network-vextrio/
Black Hat 2025: Security Researcher Unpacks Cybercrime’s Evolution”¦ and How AI Is Changing the Game

Aug 6, 2025 10:11 PM

Tags: ai, cybercrime, malware

From prank viruses to profit-driven cybercrime, Mikko Hypponen explains how today’s malware is targeted, professional, and all about money. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-black-hat-2025-cybercrime-evolution-ai-mikko-hypponen/
Threat Actors Use GenAI to Launch Phishing Attacks Mimicking Government Websites

Aug 6, 2025 6:11 PM

Tags: ai, attack, cyber, cybercrime, government, phishing, threat, tool

Threat actors are increasingly leveraging generative AI (GenAI) tools to craft highly convincing phishing websites that impersonate legitimate government portals. As highlighted by Zscaler ThreatLabz in their recent reports and blogs, the dual nature of GenAI empowering productivity for legitimate users while enabling cybercriminals has become a critical issue. These tools, such as DeepSite AI…
Cisco discloses data breach impacting Cisco.com user accounts

Aug 5, 2025 3:28 PM

Tags: attack, breach, cisco, cybercrime, data, data-breach, phishing

Cisco has disclosed that cybercriminals stole the basic profile information of users registered on Cisco.com following a voice phishing (vishing) attack that targeted a company representative. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisco-discloses-data-breach-impacting-ciscocom-user-accounts/
Ransomware goes cloud native to target your backup infrastructure

Aug 5, 2025 10:28 AM

Tags: access, api, authentication, backup, cloud, container, control, credentials, cybercrime, data, defense, exploit, google, group, identity, infrastructure, least-privilege, linkedin, linux, malicious, malware, mfa, north-korea, ransomware, social-engineering, strategy, threat, vulnerability, vulnerability-management

Credential compromise and misconfiguration woes: More sophisticated threat groups have developed social engineering techniques to the point where they reliably trick targets into helping them to bypass multi-factor authentication (MFA) controls before ransacking compromised cloud-hosted environments.For example, threat actors are using compromised OAuth tokens to bypass MFA and inject malicious code into developer ecosystems via…
Streamlit Vulnerability Exposes Users to Cloud Account Takeover Attacks

Aug 5, 2025 10:28 AM

Tags: attack, cloud, cyber, cybercrime, data, finance, flaw, framework, open-source, vulnerability

A critical security flaw in Streamlit, the popular open-source framework for building data applications, has been discovered that could allow cybercriminals to execute cloud account takeover attacks and manipulate financial data systems. The vulnerability, found in Streamlit’s file upload feature, demonstrates how a simple oversight in client-side validation can lead to devastating consequences for organizations…
Cybercrime auf leisen Sohlen: Wie Angreifer unbemerkt ins System schleichen

Aug 5, 2025 9:28 AM

Tags: cyberattack, cybercrime, zero-trust

Sicherheitsverletzungen sind heute Alltag doch sie müssen nicht zur Katastrophe führen. Wer Netzwerke intelligent segmentiert, Rechte einschränkt und Zero Trust lebt, kann Angriffe effektiv eindämmen. Nicht irgendwann sondern in Echtzeit. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/cybercrime-auf-leisen-sohlen-wie-angreifer-unbemerkt-ins-system-schleichen/a41606/
PXA Stealer Distributed via Telegram Harvests 200K Passwords and Credit Card Data

Aug 4, 2025 11:28 PM

Tags: api, control, credit-card, cyber, cybercrime, data, marketplace, network, password

SentinelLABS and Beazley Security have uncovered a sophisticated infostealer campaign deploying the Python-based PXA Stealer, which has rapidly evolved since late 2024 to incorporate advanced anti-analysis techniques, decoy content, and hardened command-and-control (C2) infrastructure. This operation, linked to Vietnamese-speaking cybercriminal networks, leverages Telegram’s API for automated data exfiltration and monetization, feeding into underground marketplaces like…
AI Fraud Funnels How Social Media Scams Are Fueling Targeted Email Attacks

Aug 4, 2025 11:28 PM

Tags: ai, attack, business, ciso, cybercrime, cybersecurity, deep-fake, email, fraud, Internet, phishing, risk, scam
Details emerge on BlackSuit ransomware takedown

Aug 4, 2025 8:28 PM

Tags: cybercrime, group, ransomware, russia

The Russian cybercrime group attacked more than 180 organizations before members abandoned the brand and dispersed to new ransomware groups earlier this year. First seen on cyberscoop.com Jump to article: cyberscoop.com/blacksuit-ransomware-takedown/
Hacking group D4rk4rmy claimed the hack of Monte-Carlo SociÃ©tÃ© des Bains de Mer

Aug 4, 2025 8:28 PM

Tags: cybercrime, dark-web, group, hacking, leak

The cybercrime D4rk4rmy added the Monte-Carlo SociÃ©tÃ© des Bains de Mer to the list of victims on its Tor dark web leak site. The cybercrime group D4rk4rmy claimed the hack of Monte-Carlo SociÃ©tÃ© des Bains de Mer (SBM). The company is Monaco’s premier luxury hospitality group, established in 1863. It operates iconic properties like the…
Vietnamese Hackers Use PXA Stealer, Hit 4,000 IPs and Steal 200,000 Passwords Globally

Aug 4, 2025 5:28 PM

Tags: api, breach, cybercrime, cybersecurity, data, hacker, malicious, password

Cybersecurity researchers are calling attention to a new wave of campaigns distributing a Python-based information stealer called PXA Stealer.The malicious activity has been assessed to be the work of Vietnamese-speaking cybercriminals who monetize the stolen data through a subscription-based underground ecosystem that automates the resale and reuse via Telegram APIs, according to a joint First…
Ransomware attacks: The evolving extortion threat to US financial institutions

Aug 4, 2025 2:28 PM

Tags: access, ai, antivirus, attack, backup, banking, breach, business, cloud, communications, compliance, control, credentials, crime, crimes, cyber, cybercrime, cybersecurity, dark-web, data, ddos, defense, detection, edr, email, encryption, endpoint, extortion, finance, firewall, governance, group, identity, incident response, infrastructure, insurance, intelligence, international, korea, law, leak, least-privilege, lessons-learned, linkedin, linux, lockbit, login, malicious, mfa, monitoring, network, north-korea, organized, phishing, ransom, ransomware, resilience, risk, rust, service, soc, social-engineering, software, startup, strategy, supply-chain, tactics, theft, threat, tool, training, update, usa, vmware, vulnerability, warfare, windows, zero-trust

Before sunrise on a chilly November morning, I got the kind of call no security leader ever wants. A mid-sized U.S. bank had been hit overnight hard. Customers couldn’t access their accounts, ATMs were non-functional and every screen in the company’s environment glowed with the same ominous message: their systems were encrypted, and data had…
Threat Actors Exploit Proofpoint and Intermedia Link Wrapping to Conceal Phishing Payloads

Aug 1, 2025 1:28 PM

Tags: cyber, cybercrime, exploit, malicious, phishing, service, threat

Cybercriminals are increasingly exploiting link wrapping features from vendors like Proofpoint and Intermedia to mask malicious payloads, leveraging the inherent trust users place in these security tools. Link wrapping, intended as a protective measure, reroutes URLs through vendor scanning services such as Proofpoint’s urldefense.proofpoint.com or Intermedia’s url.emailprotection.link to inspect and block threats at click time.…
Attackers wrap phishing links through URL scanning services to bypass detection

Aug 1, 2025 1:28 AM

Tags: access, attack, cybercrime, detection, email, exploit, login, malicious, microsoft, office, phishing, service, software, spam, threat, tool

urldefense.proofpoint.com and url.emailprotection.link (Intermedia).”Link wrapping is designed by vendors like Proofpoint to protect users by routing all clicked URLs through a scanning service, allowing them to block known malicious destinations at the moment of click,” Cloudflare researchers wrote in their report on the attacks. “While this is effective against known threats, attacks can still succeed…
Hackers Connected Raspberry Pi to ATM in Bank Heist Attempt

Jul 31, 2025 8:28 PM

Tags: access, cybercrime, finance, group, hacker, Hardware, network, switch

Runners Hired to Connect Device to Bank’s Network, Facilitating Remote Hacks. Researchers tied a cybercrime group tracked as UNC2891 to an attempted Asia-Pacific bank heist, in which remote attackers physically installed a 4G-enabled Raspberry Pi onto an ATM network switch, giving them remote access to the internal IT environment as part of an attempted cashout…
Ransomware gangs capitalize on law enforcement takedowns of competitors

Jul 31, 2025 6:28 PM

Tags: cybercrime, group, law, lockbit, ransomware

After authorities dismantled LockBit and RansomHub, other groups rushed in to snatch up their affiliates, according to a new report that highlights a cybercrime ecosystem in flux. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/ransomware-groups-competition-check-point-report/756451/
Silver Fox Hackers Exploit Weaponized Google Translate Tools to Deliver Windows Malware

Jul 31, 2025 5:28 PM

Tags: attack, cyber, cybercrime, exploit, google, hacker, intelligence, malware, threat, tool, windows

The Knownsec 404 Advanced Threat Intelligence Team has lately discovered increased activity from the Silver Fox cybercrime gang, which has been using fake versions of popular programs as weapons to spread malware in a complex cyber threat landscape. Tracing back to 2024, these attacks often masquerade as legitimate Google Translate interfaces, employing deceptive JavaScript redirects…
Hacker Arrested for Data Theft Targeting Spanish Bank Customers

Jul 31, 2025 2:28 PM

Tags: cyber, cybercrime, data, finance, hacker, theft

Spanish authorities have successfully apprehended a sophisticated cybercriminal who allegedly stole sensitive data from major financial institutions, educational organizations, and private companies across the country. The arrest represents a significant victory in the ongoing battle against cybercrime targeting Spanish citizens and businesses. A collaborative effort between the Mossos d’Esquadra (Catalan police) and Spain’s National Police…
Cybercriminals ‘Spooked’ After Scattered Spider Arrests

Jul 31, 2025 2:28 PM

Tags: attack, cyber, cybercrime, group, risk, threat

The arrest of members of the Scattered Spider cyber-attack group have temporarily halted new intrusions, however, similar threat actors continue to pose risks First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/cybercriminals-spooked-scattered/
Why stolen credentials remain cybercriminals’ tool of choice

Jul 31, 2025 8:28 AM

Tags: breach, credentials, cybercrime, jobs, tool

It’s often the case that the simplest tools have the longest staying power, because they ultimately get the job done. Take duct tape, for example: it’s a sturdy household … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/07/31/stolen-credentials/
Hackers Allegedly Breach Nokia’s Internal Network

Jul 31, 2025 7:28 AM

Tags: breach, corporate, cyber, cybercrime, data, group, hacker, network, threat, vulnerability

A cybercriminal group has allegedly infiltrated Nokia’s internal network through a vulnerable third-party contractor, potentially exposing sensitive information belonging to more than 94,500 employees in what security experts are calling one of the most extensive corporate data breaches affecting the telecommunications giant in recent years. The threat actor, identifying as Tsar0Byte, made claims about the…
Dollar Tree denies ransomware claims, says stolen data is from defunct discount chain

Jul 30, 2025 10:28 PM

Tags: breach, cybercrime, data, group, ransomware

Discount retail giant Dollar Tree denied its systems were impacted by ransomware after a cybercriminal group claimed to have attacked the company. First seen on therecord.media Jump to article: therecord.media/dollar-tree-discount-stolen-data
What we know about the cybercrime group Scattered Spider

Jul 30, 2025 7:29 PM

Tags: cybercrime, government, group, hacker

The notorious hacker collective has attracted the attention of government authorities in several nations around the globe.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/what-we-know-about-the-cybercrime-group-scattered-spider/756312/