Tag: cybercrime
-
Ransomware Extortion Drops to $813.5M in 2024, Down from $1.25B in 2023
Ransomware attacks netted cybercrime groups a total of $813.5 million in 2024, a decline from $1.25 billion in 2023.The total amount extorted during the first half of 2024 stood at $459.8 million, blockchain intelligence firm Chainalysis said, adding payment activity slumped after July 2024 by about 3.94%.”The number of ransomware events increased into H2, but…
-
Cybercriminals Abusing ScreenConnect RMM Tool for Persistent Access
Tags: access, cyber, cybercrime, cybersecurity, exploit, malicious, monitoring, software, threat, toolCybersecurity experts have identified an alarming trend of cybercriminals exploiting ConnectWise ScreenConnect, a widely-used Remote Monitoring and Management (RMM) tool, to establish persistent access to compromised systems. Threat Actors Exploit Legitimate Software for Malicious Gains Silent Push Threat Analysts and other researchers have observed a surge in the abuse of this legitimate software, leveraging its…
-
Despite Catastrophic Hacks, Ransomware Payments Dropped Dramatically Last Year
Ransomware gangs continued to wreak havoc in 2024, but new research shows that the amounts victims paid these cybercriminals fell by hundreds of millions of dollars. First seen on wired.com Jump to article: www.wired.com/story/2024-ransomware-payments-fall-chainalysis/
-
Cybercriminals Use Go Resty and Node Fetch in 13 Million Password Spraying Attempts
Cybercriminals are increasingly leveraging legitimate HTTP client tools to facilitate account takeover (ATO) attacks on Microsoft 365 environments.Enterprise security company Proofpoint said it observed campaigns using HTTP clients Axios and Node Fetch to send HTTP requests and receive HTTP responses from web servers with the goal of conducting ATO attacks.”Originally sourced from public First seen…
-
Weltweit größten Plattformen – Behörden schalten Cybercrime-Foren ab
Tags: cybercrimeFirst seen on security-insider.de Jump to article: www.security-insider.de/abschaltung-internationale-cybercrime-plattformen-a-4b7c72e4aaccdbb436c8d24ad1578547/
-
Credential Theft Becomes Cybercriminals’ Favorite Target
Researchers measured a threefold increase in credential stealing between 2023 and 2024, with more than 11.3 million such thefts last year. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/credential-theft-cybercriminals-favorite-target
-
Global ransomware payments plunge by a third amid crackdown
Money stolen falls from record $1.25bn to $813m as more victims refuse to pay off criminal gangsRansomware payments fell by more than a third last year to $813m (£650m) as victims refused to pay cybercriminals and law enforcement cracked down on gangs, figures reveal.The decline in such cyber-attacks where access to a computer or its…
-
Chinese CDN Exploiting AWS Microsoft Cloud to Host Malicious Websites
Tags: china, cloud, cyber, cybercrime, cybersecurity, exploit, malicious, microsoft, network, serviceA recent investigation by cybersecurity firm Silent Push has revealed how a China-linked Content Delivery Network (CDN), known as FUNNULL, is exploiting major cloud providers like Amazon Web Services (AWS) and Microsoft Azure to host malicious websites. The technique, termed >>infrastructure laundering,
-
Cybercriminals Eye DeepSeek, Alibaba LLMs for Malware Development
Check Point has observed cybercriminals toy with Alibaba’s Qwen LLM to develop infostealers First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/deepseek-alibaba-llms-malware/
-
Threat Actors Exploiting DeepSeek’s Rise to Fuel Cyber Attacks
Amid the surging popularity of DeepSeek, a cutting-edge AI reasoning model from an emerging Chinese startup, cybercriminals have wasted no time leveraging the widespread attention to launch fraudulent schemes. While the innovative AI tool has captivated global audiences, its meteoric rise has brought with it a new wave of malicious campaigns that prey on users’…
-
Nigeria Touts Cyber Success, Even as Cybercrime Rises in Africa
Organizations continue to be at high risk from cybercrime in Africa, despite law enforcement takedowns of cybercriminal syndicates in Nigeria and other African nations. First seen on darkreading.com Jump to article: www.darkreading.com/cyber-risk/nigeria-touts-cyber-success-african-cybercrime-rises
-
Cybercriminals Exploit Big Tech Cloud IPs in Infrastructure Laundering Scheme
A new report from Silent Push reveals how a China-linked CDN called FUNNULL is exploiting major cloud providers First seen on securityonline.info Jump to article: securityonline.info/cybercriminals-exploit-big-tech-cloud-ips-in-infrastructure-laundering-scheme/
-
Cybercriminals Court Traitorous Insiders via Ransom Notes
Ransomware actors are offering individuals millions to turn on their employers and divulge private company information, in a brand-new cybercrime tactic. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/cybercriminals-traitorous-insiders-ransom-notes
-
DOJ, Dutch police take down group selling phishing tools to cybercriminals
First seen on scworld.com Jump to article: www.scworld.com/news/doj-dutch-police-take-down-group-selling-phishing-tools-to-cybercriminals
-
Russian SmokeLoader Campaign in Ukraine Uses 7-Zip Zero-Day
Tags: credentials, cybercrime, espionage, government, hacker, open-source, russia, ukraine, vulnerability, zero-dayEspionage and Cybercrime Campaign Tied to 7-Zip Mark-of-the-Web Bypass Hits. Russian hackers targeting Ukrainian government agencies and businesses – including a major automotive manufacturer – have been targeting a zero-day vulnerability in the open source and widely used 7-Zip archive utility, to infect systems with credential-stealing SmokeLoader malware. First seen on govinfosecurity.com Jump to article:…
-
âš¡ THN Weekly Recap: Top Cybersecurity Threats, Tools and Tips [3 February]
This week, our news radar shows that every new tech idea comes with its own challenges. A hot AI tool is under close watch, law enforcement is shutting down online spots that help cybercriminals, and teams are busy fixing software bugs that could let attackers in. From better locks on our devices to stopping sneaky…
-
Russian Cybercrime Groups Exploiting 7-Zip Flaw to Bypass Windows MotW Protections
A recently patched security vulnerability in the 7-Zip archiver tool was exploited in the wild to deliver the SmokeLoader malware.The flaw, CVE-2025-0411 (CVSS score: 7.0), allows remote attackers to circumvent mark-of-the-web (MotW) protections and execute arbitrary code in the context of the current user. It was addressed by 7-Zip in November 2024 with version 24.09.”The…
-
How to Root Out Malicious Employees
Malicious employees and insider threats pose one of the biggest security risks to organizations, as these users have more access and permissions than cybercriminals attacking the organization externally. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/how-to-root-out-malicious-employees/
-
Cybercriminals Exploiting HTTP Client Tools to Hijack Microsoft 365 Accounts
A recent report by Proofpoint has revealed an alarming trend of cybercriminals exploiting HTTP client tools to target Microsoft 365 accounts. These tools, originally designed for legitimate use, are now being repurposed for large-scale account takeover (ATO) attacks, employing tactics such as brute force login attempts and Adversary-in-the-Middle (AiTM) techniques. With a growing reliance on…
-
Surge in Infostealer Attacks Threatens EMEA Organizations’ Data Security
Check Point Research has found over 10 million stolen credentials associated with EMEA organizations exposed on cybercrime markets First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/surge-in-infostealer-attacks-emea/
-
Texas to Establish Cyber Command Amid “Dramatic” Rise in Attacks
Texas Governor Greg Abbott announced a Cyber Command, designed to combat surging attacks on the state by nation-states and cybercriminals First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/texas-cyber-command-rise-attacks/
-
Hackers Exploiting 7-Zip Zero-Day Vulnerability to Deploy SmokeLoader Malware
A newly identified zero-day vulnerability in the widely used 7-Zip archiving software, designated as CVE-2025-0411. This critical flaw, which was exploited in the wild, is enabling threat actors to bypass vital Windows security protections and deploy SmokeLoader malware. The campaign has predominantly targeted Ukrainian organizations, with experts suspecting links to Russian cybercrime groups amid the…
-
Musk’s DOGE effort could spread malware, expose US systems to threat actors
Tags: access, ai, api, attack, authentication, ceo, cio, computer, computing, control, cyber, cybercrime, cybersecurity, data, defense, email, exploit, governance, government, hacking, infection, infosec, international, jobs, malicious, malware, network, office, privacy, ransomware, risk, service, technology, threat, toolOver the past 10 days, an astonishing series of actions by Elon Musk via his Department of Government Efficiency (DOGE) project has elevated the cybersecurity risk of some of the most sensitive computing systems in the US government. Musk and his team of young, inexperienced engineers, at least one of whom is not a US…
-
Studie: Cyberkriminelle überraschend KI-skeptisch
Eine aktuelle Analyse von Cybercrime-Foren zeigt: Trotz aller Befürchtungen setzen Kriminelle Künstliche Intelligenz bislang nur begrenzt für ihre Angriffe ein. Doch das könnte sich bald ändern. Mit ‘DeepSeek” taucht ein neues KI-gestütztes Tool auf, das als Open Source frei verfügbar ist und so möglicherweise zur willkommenen Beute für Cyberkriminelle wird. First seen on itsicherheit-online.com Jump…
-
HTTP Client Tools Weaponized in Account Takeover Attacks
Proofpoint research reveals a growing trend of cybercriminals exploiting legitimate HTTP client tools to orchestrate account takeover (ATO) First seen on securityonline.info Jump to article: securityonline.info/http-client-tools-weaponized-in-account-takeover-attacks/
-
Ransomware Groups Weathered Raids, Profited in 2024
Cybercriminals posted nearly 6,000 breaches to data-leak sites last year “, and despite significant takedowns, they continued to thrive in a record-breaking year for ransomware. First seen on darkreading.com Jump to article: www.darkreading.com/endpoint-security/ransomware-weathered-raids-profited-2024
-
XE Group Cybercrime Gang Moves from Credit Card Skimming to Zero-Day Exploits
Vietnamese cybercrime gang shifts from credit card-skimming to exploiting at least two zero-day vulnerabilities enterprise software product. The post XE Group Cybercrime Gang Moves from Credit Card Skimming to Zero-Day Exploits appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/xe-group-cybercrime-gang-moves-from-credit-card-skimming-to-zero-day-exploits/
-
Crazy Evil gang runs over 10 highly specialized social media scams
The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. Since 2021, the Crazy Evil gang has become a major cybercriminal group, using phishing, identity fraud, and malware to steal cryptocurrency. Security experts identified six Crazy Evil’s subteams, called AVLAND, TYPED, DELAND, ZOOMLAND, DEFI,…
-
Hackers Exploit AWS Microsoft Azure for Large-Scale Cyber Attacks
Silent Push, a cybersecurity research firm, has introduced the term >>infrastructure laundering
-
KI spielt in Cybercrime-Foren weiterhin nur eine Nebenrolle
Eine aktuelle Untersuchung von Sophos X-Ops in einschlägigen Cybercrime-Foren zeigt: Bedrohungsakteure setzen KI nach wie vor nur zögerlich ein. Könnten die neuesten Entwicklungen das ändern? First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/ki-spielt-in-cybercrime-foren-weiterhin-nur-eine-nebenrolle