Tag: cybercrime
-
Cybercrime now a national security threat, Google warns
First seen on scworld.com Jump to article: www.scworld.com/brief/cybercrime-now-a-national-security-threat-google-warns
-
The Benefits of the M&A Frenzy in Fraud Solutions
Emerging Vendors, Consolidation Drive Innovation in Fraud, AML, Scam Prevention. As cybercriminals exploit AI-generated deepfake scams and synthetic identity fraud, financial institutions are investing heavily in fraud detection, anti-money laundering solutions and identity verification to stay ahead. This demand is driving consolidation in the market. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/benefits-ma-frenzy-in-fraud-solutions-a-27533
-
Lazarus Group Targets Developers Worldwide with New Malware Tactic
Tags: crypto, cyber, cybercrime, group, korea, lazarus, malware, north-korea, software, supply-chain, tacticsNorth Korea’s Lazarus Group, a state-sponsored cybercriminal organization, has launched a sophisticated global campaign targeting software developers and cryptocurrency users. Dubbed Operation Marstech Mayhem, this operation leverages the group’s latest implant, >>Marstech1,
-
Razzia gegen Telefonbetrüger
Über Callcenter haben Kriminelle einen Schaden in zweistelliger Millionenhöhe angerichtet.Der Polizei ist ein Schlag gegen eine international agierende Bande von Telefonbetrügern gelungen. Nach Durchsuchungen in mehreren Bundesländern sei in Hagen in Nordrhein-Westfalen eine 50 Jahre alte Griechin festgenommen worden, die als einer der führenden Köpfe der Bande gilt. Das teilten das Cybercrime-Zentrum Karlsruhe sowie weitere…
-
Astaroth 2FA Phishing Kit Targets Gmail, Yahoo, Office 365, and Third-Party Logins
Tags: 2fa, authentication, credentials, cyber, cybercrime, cybersecurity, login, mfa, network, office, phishing, threatA new phishing kit named Astaroth has emerged as a significant threat in the cybersecurity landscape by bypassing two-factor authentication (2FA) mechanisms. First advertised on cybercrime networks in January 2025, Astaroth employs advanced techniques such as session hijacking and real-time credential interception to compromise accounts on platforms like Gmail, Yahoo, Office 365, and other third-party…
-
Dutch Authorities Dismantle Network of 127 CommandControl Servers
Dutch police and the Public Prosecution Service have taken down a network of 127 command-and-control servers. This network was operated by ZServers/XHost, a so-called bulletproof hosting provider offering cybercriminals a safe haven to facilitate illegal activities, such as spreading malware and carrying out cyberattacks. A bulletproof hoster is a hosting company that protects criminals by…
-
Harsher Punitive Action Against Cybercrime Sought by New Bipartisan Measure
Tags: cybercrimeFirst seen on scworld.com Jump to article: www.scworld.com/brief/harsher-punitive-action-against-cybercrime-sought-by-new-bipartisan-measure
-
Unusual attack linked to Chinese APT group combines espionage and ransomware
Tags: apt, attack, breach, china, cloud, country, credentials, crime, crimes, crypto, cyber, cybercrime, cyberespionage, data, encryption, espionage, exploit, finance, firewall, government, group, hacker, infection, insurance, intelligence, korea, microsoft, network, north-korea, ransom, ransomware, russia, software, tactics, technology, threat, veeam, vulnerabilityThe attacker demanded a $2-million ransom: The attack that resulted in the deployment of the RA World ransomware program, as well as data exfiltration, had the same chain: the toshdpdb.exe loading toshdpapi.dll then decrypting toshdp.dat which resulted in the PlugX variant being deployed. The difference is the attacker then chose to deploy the RA World…
-
Cyberkriminalität als globale Bedrohung: Neuer Report der Google Threat Intelligence Group
Laut den Daten des Dienstes ‘Mandiant Managed Defense” haben finanziell motivierte Akteure im Jahr 2024 fast viermal mehr Vorfälle verursacht als staatlich unterstützte Gruppen. First seen on infopoint-security.de Jump to article: www.infopoint-security.de/cyberkriminalitaet-als-globale-bedrohung-neuer-report-der-google-threat-intelligence-group/a39809/
-
Chinese espionage tools deployed in RA World ransomware attack
A China-based threat actor, tracked as Emperor Dragonfly and commonly associated with cybercriminal endeavors, has been observed using in a ransomware attack a toolset previously attributed to espionage actors. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-espionage-tools-deployed-in-ra-world-ransomware-attack/
-
Cybercriminals Exploit Pyramid Pentesting Tool for Covert C2 Communications
Cybersecurity analysts have identified that hackers are leveraging the open-source Pyramid pentesting tool to establish stealthy command-and-control (C2) communications. Originally designed as a post-exploitation framework for penetration testers, Pyramid has become an attractive option for malicious actors due to its ability to evade detection by endpoint security tools. The tool, first released on GitHub in…
-
Cybercrime evolving into national security threat: Google
“The vast cybercriminal ecosystem has acted as an accelerant for state-sponsored hacking, providing malware, vulnerabilities, and in some cases full-spectrum operations to states,” said Ben Read of Google Threat Intelligence Group. First seen on therecord.media Jump to article: therecord.media/cybercrime-evolving-nation-state-threat
-
Russian cybercriminal Alexander Vinnik is being released from U.S. custody in exchange for Marc Fogel
Russian cybercriminal Alexander Vinnik is being released from U.S. custody in exchange for Marc Fogel, a Trump administration source told CNN. The New York Times first reported that Alexander Vinnik, a Russian money laundering suspect, is being released from U.S. custody in exchange for Marc Fogel, according to a Trump administration source. Alexander Vinnik, a…
-
Feds Sanction Russian Cybercrime Bulletproof Hosting Service
US, UK and Australia Target Zservers for Supporting LockBit, Other Cybercrime Groups. A Russian bulletproof hosting service used by cybercriminals including the LockBit ransomware group has been sanctioned by Australian, British and American agencies. Zservers has been advertised in criminal forums as an aid to avoid law enforcement investigations and takedowns. First seen on govinfosecurity.com…
-
Lines Between Nation-State and Cybercrime Groups Disappearing: Google
Threat researchers with Google are saying that the lines between nation-state actors and cybercrime groups are blurring, noting that gangs backed by China, Russia, and others are using financially motivated hackers and their tools while attacks by cybercriminals should be seen as national security threats. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/lines-between-nation-state-and-cybercrime-groups-disappearing-google/
-
Widespread Exploitation of ThinkPHP and OwnCloud Flaws by Cybercriminals
Tags: attack, cve, cyber, cybercrime, exploit, flaw, update, vulnerability, vulnerability-managementGreyNoise has detected a significant surge in exploitation activity targeting two vulnerabilities, CVE-2022-47945 and CVE-2023-49103. The alarming uptick in attacks underscores critical issues in vulnerability management and patch prioritization. Cybercriminals are actively scanning and exploiting both vulnerabilities, though they are being perceived differently in terms of risk. GreyNoise observed a substantial increase in exploitation […]…
-
New Malware Abuses Microsoft Graph API to Communicate via Outlook
A newly discovered malware, named FINALDRAFT, has been identified leveraging Microsoft Outlook as a command-and-control (C2) communication channel through the Microsoft Graph API. This sophisticated malware was uncovered by Elastic Security Labs during an investigation targeting a foreign ministry. The discovery highlights the growing trend of cybercriminals exploiting legitimate cloud services for covert operations, blending…
-
US reportedly releases Russian cybercrime figure Alexander Vinnik in prisoner swap
Alexander Vinnik, who ran the defunct cryptocurrency exchange BTC-e and pleaded guilty last year to participating in a money laundering scheme, is heading back to Russia as part of a prisoner swap that freed an American teacher, reports said. First seen on therecord.media Jump to article: therecord.media/alexander-vinnik-reported-released-prisoner-swap-russia-us
-
Cybercriminals Exploit Valentine’s Day with Romance Scams, Phishing Attacks
As Valentine’s Day approaches, cybercriminals are ramping up their efforts to exploit consumers through romance scams, phishing campaigns and fraudulent e-commerce offers. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/cybercriminals-exploit-valentines-day-with-romance-scams-phishing-attacks/
-
Warning: Cybercrime Services Underpin National Security Risk
Tags: china, cybercrime, cybersecurity, google, hacking, iran, korea, north-korea, ransomware, risk, russia, serviceRussia, China, Iran and North Korea Tapping Cybercrime Services, Google Says. The cybercrime-as-a-service economy continues to power ransomware and other criminal enterprises, as well as serve as an accelerant for state-sponsored hacking, collectively posing an increasing risk to Western national security, cybersecurity researchers warn. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/warning-cybercrime-services-underpin-national-security-risk-a-27502
-
Cl0p Ransomware Hide Itself on Compromised Networks After Exfiltrate the Data
The Cl0p ransomware group, a prominent player in the cybercrime landscape since 2019, has intensified its operations by employing advanced techniques to remain undetected within compromised networks. Known for its association with the TA505 threat group, Cl0p has shifted its focus from merely encrypting files to leveraging double extortion tactics exfiltrating sensitive data and threatening…
-
India’s Cybercrime Problems Grow as Nation Digitizes
More than half of attacks on Indian businesses come from outside the country, while 45% of those targeting consumers come from Cambodia, Myanmar, and Laos. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/indias-cybercrime-problems-nation-digitizes
-
Ermittler zerschlagen Ransomware-Gruppierung 8Base
Die Gruppierung 8Base nutzte die Ransomware ‘Phobos” und agierte weltweit als höchst professionelle kriminelle Organisation. In Deutschland fanden 365 Phobos-Angriffe statt.Ermittlern aus Bayern ist es zusammen mit internationalen Partnern gelungen, mehrere mutmaßliche Mitglieder einer Gruppe von Cyberkriminellen festzunehmen. Vier führende Köpfe der Gruppierung mit dem Namen 8Base seien in Thailand festgenommen worden, teilte die Zentralstelle…
-
U.S. adversaries increasingly turning to cybercriminals and their malware for help
A Google Threat Intelligence Group report notes that Russia in particular has been doing this since the Ukraine war began. First seen on cyberscoop.com Jump to article: cyberscoop.com/u-s-adversaries-increasingly-turning-to-cybercriminals-and-their-malware-for-help/
-
Cybercrime Threatens National Security, Google Threat Intel Team Says
On the eve of the Munich Security Conference, Google argues that the cybercriminal threat should be treated as a national security threat like state-backed hacking groups. The post Cybercrime Threatens National Security, Google Threat Intel Team Says appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/cybercrime-threatens-national-security-google-threat-intel-team-says/
-
Bipartisan Senate bill would strengthen cybercrime penalties
The legislation from Sens. Rounds and Gillibrand would amend federal criminal code on computer fraud and stiffen punishments. First seen on cyberscoop.com Jump to article: cyberscoop.com/cybercrime-computer-fraud-bill-senate/
-
Russian Cybercrime Network Targeted for Sanctions Across US, UK and Australia
Russia-based bulletproof hosting services provider Zservers was sanctioned for providing services to support LockBit ransomware operations. The post Russian Cybercrime Network Targeted for Sanctions Across US, UK and Australia appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/russian-cybercrime-network-targeted-for-sanctions-across-us-uk-and-australia/
-
VeraCore zero-day vulnerabilities exploited in supply chain attacks
Cybercriminals maintained access to one victim;organization for more than four years. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/veracore-zero-day-vulnerabilities-exploited-in-supply-chain-attacks/739784/