Collecting Cyber-News from over 60 sources

Tag: cybercrime

Nursing Home, Rehab Chain Says Hack Affects Nearly 70,000

Jan 27, 2025 11:03 PM

Tags: breach, cybercrime, data, hacking, healthcare, russia, theft

RansomHub Theft Hit Patients of 2 Dozen HCF Facilities and Home Healthcare Unit. A chain of more than two dozen skilled nursing and rehabilitation facilities is notifying tens of thousands of patients whose information was compromised in a hacking incident last fall. Russian-speaking cybercriminal gang RansomHub claims to have published 250 gbytes of data stolen…
TalkTalk confirms data breach involving a third-party platform

Jan 27, 2025 10:03 PM

Tags: attack, breach, cyber, cybercrime, data, data-breach, threat

UK telecommunications firm TalkTalk disclosed a data breach after a threat actor announced the hack on a cybercrime forum. UK telecommunications company TalkTalk confirmed a data breach after a threat actor claimed responsibility for the cyber attack on a cybercrime forum and offered for sale alleged customer data. A threat actor named >>b0nd
Cyberkriminalität: Anklage gegen mutmaßlichen Cybererpresser

Jan 27, 2025 10:03 PM

Tags: cybercrime, extortion, malware

Ein tatverdächtiger Ukrainer wurde wegen Malware-Einsatz und Lösegeld-Erpressung angeklagt. Der Mann soll einer weltweit agierenden Cybercrime-Gruppe angehören. First seen on heise.de Jump to article: www.heise.de/news/Cyberkriminalitaet-Anklage-gegen-mutmasslichen-Cybererpresser-10258341.html
New ransomware group Funksec is quickly gaining traction

Jan 27, 2025 9:03 PM

Tags: access, ai, attack, computer, control, country, cybercrime, data, data-breach, ddos, detection, email, encryption, extortion, government, group, leak, LLM, malware, password, powershell, ransom, ransomware, russia, rust, service, threat, tool, usa, windows

Threat reports for December showed a newcomer to the ransomware-as-a-service (RaaS) landscape quickly climbing the ranks. Called Funksec, this group appears to be leveraging generative AI in its malware development and its founders are tied to hacktivist activity.Funksec was responsible for 103 out of 578 ransomware attacks tracked by security firm NCC Group in December,…
Bösartiges WordPress-Plugin hilft, Zahlungsdaten zu stehlen

Jan 27, 2025 2:03 PM

Tags: cybercrime, phishing, wordpress

Cybersicherheitsexperten von Slashnext haben vor kurzem in einem Blogbeitrag ihren neuesten Fund aus einem russischen Cybercrime-Forum vorgestellt: das bösartige WordPress-Plugin . Das Phishing-Plugin ermöglicht es Angreifern, die Zahlungsdaten von Online-Shoppern abzugreifen unerkannt, in Echtzeit und mit erheblichem Schadenspotenzial. Zur Anwendung kommen kann es dabei sowohl in kompromittierten Websites regulärer E-Commerce-Unternehmen als auch in von […]…
Meet GhostGPT: The Malicious AI Chatbot Fueling Cybercrime and Scams

Jan 23, 2025 9:22 PM

Tags: ai, cybercrime, malicious, scam

Abnormal Security uncovers GhostGPT, an uncensored AI chatbot built for cybercrime. Learn how it boosts cybercriminals’ abilities, makes… First seen on hackread.com Jump to article: hackread.com/ghostgpt-malicious-ai-chatbot-fuel-cybercrime-scams/
GhostGPT: Uncensored Chatbot Used by Cyber Criminals for Malware Creation, Scams

Jan 23, 2025 4:23 PM

Tags: cyber, cybercrime, malware, phishing, scam

Researchers from Abnormal Security discovered an advert for the chatbot on a cybercrime forum and tested its capabilities by asking it to create a DocuSign phishing email. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/what-is-ghostgpt/
Experts Find Shared Codebase Linking Morpheus and HellCat Ransomware Payloads

Jan 23, 2025 4:23 PM

Tags: cybercrime, malware, ransomware

An analysis of HellCat and Morpheus ransomware operations has revealed that affiliates associated with the respective cybercrime entities are using identical code for their ransomware payloads.The findings come from SentinelOne, which analyzed artifacts uploaded to the VirusTotal malware scanning platform by the same submitter towards the end of December 2024.”These two payload samples are First…
GhostGPT Jailbreaked ChatGPT that Creates Malware Exploits

Jan 23, 2025 3:22 PM

Tags: ai, chatgpt, cyber, cybercrime, exploit, intelligence, malicious, malware, tool

Artificial intelligence (AI) tools have revolutionized how we approach everyday tasks, but they also come with a dark side. Cybercriminals are increasingly exploiting AI for malicious purposes, as evidenced by the emergence of uncensored chatbots like WormGPT, WolfGPT, and EscapeGPT. The latest and most concerning addition to this list isGhostGPT, a jailbroken variant of ChatGPT…
New GhostGPT AI Chatbot Facilitates Malware Creation and Phishing

Jan 23, 2025 1:22 PM

Tags: access, ai, cybercrime, malicious, malware, phishing

Cybercriminals are selling access to the malicious GenAI chatbot via Telegram, providing rapid assistance for a range of nefarious activities, according to Abnormal Security First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ghostgpt-ai-chatbot-malware/
What Makes Bulletproof Hosting Providers a Growing Danger in Australia

Jan 23, 2025 12:22 PM

Tags: attack, cyber, cybercrime, data, infrastructure, phishing, ransomware, scam, theft

The Australian Cyber Security Centre has issued a warning about Bulletproof Hosting Providers (BPH), which play a central role in enabling cybercrime. These providers offer infrastructure that helps cybercriminals carry out attacks such as ransomware campaigns, data theft, and phishing scams, all while remaining largely undetectable. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/acsc-targets-bulletproof-hosting-providers/
Geben Sie LLM-Alarmismus keine Chance!

Jan 23, 2025 6:22 AM

Tags: ai, ciso, cybercrime, hacking, LLM, malware, phishing, ransomware, risk, social-engineering, tool, vulnerability
Cybercriminals Exploit AnyDesk to Impersonate CERT-UA in Sophisticated Phishing Campaign

Jan 23, 2025 1:22 AM

Tags: access, attack, cyber, cybercrime, exploit, phishing, tool

In a recent alert, CERT-UA researchers have unveiled a series of cyber-attacks leveraging the legitimate remote access tool First seen on securityonline.info Jump to article: securityonline.info/cybercriminals-exploit-anydesk-to-impersonate-cert-ua-in-sophisticated-phishing-campaign/
Zendesk’s Subdomain Registration Exposed to Phishing, Pig Butchering Scams

Jan 22, 2025 10:22 PM

Tags: cybercrime, data-breach, exploit, phishing, scam, vulnerability

CloudSEK uncovers a Zendesk vulnerability allowing cybercriminals to exploit subdomains for phishing and investment scams. Learn about the… First seen on hackread.com Jump to article: hackread.com/zendesk-subdomain-registration-abused-phishing-scams/
Fraud Watch: E-Skimmers and Scam E-Commerce Sites Still Bite

Jan 22, 2025 9:24 PM

Tags: breach, cybercrime, fraud, scam, software, tool

Criminals Listed 269 Million Stolen Payment Card For Sale in 2024, Researchers Find. It’s an old story: Criminals rake in profits by using digital e-skimming software, running scam e-commerce sites and selling stolen payment card data. Unfortunately, it’s made continually new thanks to adaptability of cybercriminals, who keep their tool set relevant and ever more…
25 on 2025: APAC security thought leaders share their predictions and aspirations

Jan 22, 2025 8:22 PM

Tags: access, advisory, ai, api, attack, authentication, awareness, best-practice, breach, business, ciso, cloud, compliance, control, cryptography, csf, cyber, cyberattack, cybercrime, cybersecurity, dark-web, data, data-breach, deep-fake, detection, disinformation, encryption, endpoint, exploit, extortion, finance, framework, fraud, government, group, hacking, Hardware, identity, incident, incident response, infrastructure, injection, intelligence, international, iot, malicious, malware, microsoft, monitoring, network, nist, phishing, privacy, ransomware, regulation, resilience, risk, risk-management, scam, service, skills, social-engineering, software, spear-phishing, strategy, supply-chain, tactics, technology, threat, tool, training, update, vulnerability, warfare, zero-trust

As threat actors and security teams harness the growing potential of artificial intelligence (AI), who will prevail? From generative AI (GenAI) to agentic AI, we look through the lens of 25 of Asia-Pacific’s thought leaders in security and dive into their predictions and goals for the year. src=”https://b2b-contenthub.com/wp-content/uploads/2025/01/Athikom.jpg?quality=50&strip=all” alt=”athikom” loading=”lazy” width=”400px”>Athikom Kanchanavibhu Chief Information Security…
Is That Really ProtonMail? New Credential Harvesting Threats Targeting Cloud Apps

Jan 22, 2025 6:22 PM

Tags: cloud, credentials, cybercrime, exploit, threat

Imagine sipping your morning coffee, scrolling through your inbox, when a seemingly innocent ProtonMail message catches your eye. But this isn’t your typical email”, it’s a credential-harvesting attempt targeting specific cloud services. Today, cybercriminals are not just focusing on well-known platforms like DocuSign and Microsoft. They’re expanding their reach, exploiting a variety of cloud apps…
Cybersecurity is tough: 4 steps leaders can take now to reduce team burnout

Jan 22, 2025 7:22 AM

Tags: ai, attack, breach, business, ciso, compliance, control, corporate, cybercrime, cybersecurity, group, incident response, international, jobs, risk, soc, tactics, threat

Working in cybersecurity is only getting harder. Cybercriminals continue to up their game as security teams scramble to catch up with attack tactics and techniques. Organizations put near-impossible demands on their security departments, often with little or no support.The “always-on” nature of many roles in cybersecurity (from SOC analyst to incident response to the CISO)…
Weaponized VS Code Impersonate Zoom App Steals Cookies From Chrome

Jan 22, 2025 7:22 AM

Tags: browser, chrome, cyber, cybercrime, exploit, google, malicious, software, tactics

A newly identified extension for Visual Studio Code (VS Code) has been found to impersonate a legitimate Zoom application, enabling cybercriminals to steal sensitive cookies from Google Chrome. This incident marks a significant escalation in the tactics employed by malicious actors to exploit trusted software ecosystems. The Discovery The nefarious extension, uploaded to the VS…
Cyberkriminalität im Jahr 2025: Worauf Sie achten sollten

Jan 22, 2025 6:22 AM

Tags: cybercrime, risk

Zu Beginn des neuen Jahres teilt HervÃ© Lambert, Global Consumer Operations Manager bei Panda Security, seine Einblicke in die sich entwickelnde Welt der Cybersicherheit. Hier ist ein Überblick über seine Einschätzungen zu den aktuellen Risiken und den Herausforderungen, die uns 2025 erwarten. Die aktuelle Cybersicherheitslandschaft Im Jahr 2024 wurden Cyberbedrohungen immer ausgefeilter, was Einzelpersonen… First…
Three Keys to Modernizing Data Security: DSPM, AI, and Encryption

Jan 21, 2025 10:22 PM

Tags: access, ai, automation, best-practice, business, cloud, compliance, container, control, cyber, cybercrime, data, data-breach, detection, encryption, GDPR, incident response, infrastructure, privacy, regulation, risk, saas, security-incident, skills, software, strategy, threat, tool, vulnerability

Three Keys to Modernizing Data Security: DSPM, AI, and Encryption andrew.gertz@t“¦ Tue, 01/21/2025 – 14:56 Organizations worldwide face a “perfect storm” of increasing and ever-evolving cyber threats. Internal and external factors are at play, elevating cyber risks and their consequences and mandating new approaches to safeguard data. A recent study based on responses from over…
Microsoft Teams vishing attacks trick employees into handing over remote access

Jan 21, 2025 9:23 PM

Tags: access, attack, backdoor, control, credentials, cybercrime, data, detection, email, exploit, group, hacking, lockbit, malicious, malware, microsoft, monitoring, network, office, password, phishing, powershell, ransomware, russia, service, social-engineering, sophos, spam, tactics, threat, tool, vpn, windows

Attackers believed to be affiliated with ransomware groups have recently been observed using a technique in which they bombard employees with spam emails and then call them on Microsoft Teams posing as technical support representatives from their organizations.The goal of this formerly uncovered social engineering tactic is to create a sense of urgency and trick…
Forescout Report Detail Hunters International Ransomware Gang Tactics

Jan 21, 2025 5:22 PM

Tags: cybercrime, international, ransomware, service, tactics

An analysis of the operations of Hunters International, the ransomware-as-a-service platform that has been used to compromise more than 200 organizations, conducted by Forescout Technologies reveals the cybercriminal syndicate that created it is employing a wide range of new and old tactics and techniques. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/forescout-report-detail-hunters-international-ransomware-gang-tactics/
EU to take aim at healthcare cyber threat

Jan 21, 2025 8:22 AM

Tags: attack, cyber, cyberattack, cybercrime, cybersecurity, data, data-breach, extortion, healthcare, malicious, ransomware, service, threat, tool

The European Commission is presenting an action plan to strengthen cybersecurity in healthcare as one of its key priorities in the first 100 days of the commission’s new mandate.The healthcare sector has been under increasing pressure from cyberattacks in the past few years, with 309 cybersecurity incidents reported by member states in 2023. Ransomware tops…
Trotz Kritik von Experten – UN bringt umstrittene Cybercrime-Konvention auf den Weg

Jan 21, 2025 8:22 AM

Tags: cybercrime

First seen on security-insider.de Jump to article: www.security-insider.de/un-uebereinkommen-cyberkriminalitaet-a-ae5d7fcbd7d00968b8ffe094d1d983aa/
IntelBroker’s Digital Trail: OSINT Analysis Exposes Cybercriminal’s Operations

Jan 21, 2025 5:22 AM

Tags: cybercrime, data

IntelBroker, one of the most prominent figures in the cybercrime landscape, has left a trail of high-profile data First seen on securityonline.info Jump to article: securityonline.info/intelbrokers-digital-trail-osint-analysis-exposes-cybercriminals-operations/
HPE is investigating IntelBroker’s claims of the company hack

Jan 21, 2025 1:22 AM

Tags: breach, cybercrime, data, threat

HPE is probing claims by the threat actor IntelBroker who is offering to sell alleged stolen source code and data from the company. Last week, the notorious threat actor IntelBroker announced on a popular cybercrime forum the sale of data allegedly stolen from HPE. IntelBroker, known for leaking data from major organizations, made the headlines…
Washington Man Admits to Role in Multiple Cybercrime, Fraud Schemes

Jan 20, 2025 6:22 PM

Tags: cybercrime, finance, fraud, identity, smishing, theft

Marco Raquan Honesty has pleaded guilty to his roles in several fraud schemes, including smishing, identity theft, and bank account takeover. The post Washington Man Admits to Role in Multiple Cybercrime, Fraud Schemes appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/washington-man-admits-to-role-in-multiple-cybercrime-fraud-schemes/
From Dark Web to Jackpot: How Cybercriminals Exploit Stolen Credentials in iGaming

Jan 20, 2025 12:22 PM

Tags: breach, credentials, cybercrime, dark-web, exploit

It is essential to address credential stuffing directly and collaborate with the broader iGaming community to mitigate its risks. First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/01/from-dark-web-to-jackpot-how-cybercriminals-exploit-stolen-credentials-in-igaming/
Trump’s Digital Footprint: Unveiling Malicious Campaigns Amid Political Milestones

Jan 18, 2025 11:22 AM

Tags: cyber, cybercrime, malicious, threat

As the political landscape heats up, so does the activity in the cyber threat domain. High-profile events such as inaugurations often become a prime opportunity for cybercriminals to launch malicious campaigns. With Trump’s upcoming inauguration on January 20th, our research sheds light on the digital threats tied to such politically charged events, focusing on previous……