Collecting Cyber-News from over 60 sources

Tag: cybercrime

Hackers use Google Search ads to steal Google Ads accounts

Jan 15, 2025 9:02 PM

Tags: credentials, cybercrime, google, hacker, phishing

Ironically, cybercriminals now use Google search advertisements to promote phishing sites that steal advertisers’ credentials for the Google Ads platform. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/hackers-use-google-search-ads-to-steal-google-ads-accounts/
US, Japan and S. Korea urge crypto industry to take action against North Korean hackers

Jan 15, 2025 5:02 PM

Tags: crypto, cybercrime, government, group, hacker, korea, lazarus, malicious, north-korea

The governments said North Korea’s notorious Lazarus Group hackers “continue to demonstrate a pattern of malicious behavior in cyberspace by conducting numerous cybercrime campaigns to steal cryptocurrency and targeting exchanges, digital asset custodians, and individual users.”]]> First seen on therecord.media Jump to article: therecord.media/us-japan-south-korea-urge-crypto-industry-of-north-korean-hackers
Microsoft sues overseas threat actor group over abuse of OpenAI service

Jan 14, 2025 8:46 AM

Tags: access, ai, computer, country, credentials, crime, crimes, cybercrime, data-breach, exploit, fraud, group, hacker, Internet, law, malicious, microsoft, openai, organized, service, software, threat, tool

Microsoft has filed suit against 10 unnamed people (“Does”), who are apparently operating overseas, for misuse of its Azure OpenAI platform, asking the Eastern District of Virginia federal court for damages and injunctive relief.The suit was filed in late December but was not made public until last Friday, when the initial sealed filings were revealed.…
Hotel chain ditches Google search for DuckDuckGo, ‘subjected to fraud attempts daily’

Jan 14, 2025 8:46 AM

Tags: apple, attack, authentication, browser, chrome, cloud, control, cybercrime, cybersecurity, data-breach, fraud, google, jobs, malware, mfa, monitoring, phishing, privacy, ransomware, risk, scam, service, tool, windows

At the end of 2021, Nordic Choice Hotels, now renamed Strawberry, was hit by a major ransomware attack that paralyzed operations for just over a week. Everything had to be done manually, says Martin Belak, who is responsible for the hotel chain’s technical security.”The receptionists worked with whiteboards to keep track of which rooms were…
US attacks ransomware supply chain with indictment of three cryptocurrency mixer operators

Jan 14, 2025 8:46 AM

Tags: attack, business, control, crypto, cybercrime, group, hacking, law, offense, office, ransomware, russia, service, supply-chain

The US Department of Justice indicted three Russian citizens on Friday for allegedly running services that helped criminals launder cryptocurrency; the services are suspected to have been used to hide the proceeds of ransomware attacks.The US Department of Treasury’s Office of Foreign Assets Control (OFAC) had previously sanctioned the two cryptocurrency mixer services the accused…
US Charges 3 Russians for Operating Cryptocurrency Mixers Used by Cybercriminals

Jan 13, 2025 3:26 PM

Tags: crypto, cybercrime, russia

The US Justice Department has announced charges against three Russians for operating the Blender and Sinbad cryptocurrency mixers. The post US Charges 3 Russians for Operating Cryptocurrency Mixers Used by Cybercriminals appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/us-charges-3-russians-for-operating-cryptocurrency-mixers-used-by-cybercriminals/
Hackers Using YouTube Links and Microsoft 365 Themes to Steal Logins

Jan 13, 2025 12:26 PM

Tags: attack, cyber, cybercrime, hacker, login, malicious, microsoft, password, phishing, social-engineering, tactics

Cybercriminals are executing sophisticated phishing attacks targeting Microsoft 365 users by employing deceptive URLs that closely resemble legitimate O365 domains, creating a high degree of trust with unsuspecting victims. The attackers leverage social engineering tactics, often claiming imminent password expiration, to induce panic and pressure users into clicking malicious links. Upon clicking, users are redirected…
Phishing click rates tripled in 2024 despite user training

Jan 13, 2025 9:26 AM

Tags: adobe, ai, attack, awareness, business, cloud, credentials, cybercrime, data, deep-fake, detection, email, finance, identity, LLM, login, malicious, malware, microsoft, network, office, phishing, scam, service, social-engineering, spam, technology, threat, tool, training

For years organizations have invested in security awareness training programs to teach employees how to spot and report phishing attempts. Despite those efforts, enterprise users were three times as likely in 2024 to land on phishing pages compared to the previous year, according to a report from security vendor Netskope.Based on telemetry collected from its…
Phishing texts trick Apple iMessage users into disabling protection

Jan 12, 2025 9:26 PM

Tags: apple, cybercrime, exploit, phishing

Cybercriminals are exploiting a trick to turn off Apple iMessage’s built-in phishing protection for a text and trick users into re-enabling disabled phishing links. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/phishing-texts-trick-apple-imessage-users-into-disabling-protection/
FunkSec: The Rising Ransomware Group Blurring the Lines Between Cybercrime and Hacktivism

Jan 12, 2025 5:26 AM

Tags: cybercrime, group, ransomware

A new player in the ransomware scene, FunkSec, has emerged with a mix of audacious claims, low-tech methods, First seen on securityonline.info Jump to article: securityonline.info/funksec-the-rising-ransomware-group-blurring-the-lines-between-cybercrime-and-hacktivism/
Fake CrowdStrike Recruiters Distribute Malware Via Phishing Emails

Jan 11, 2025 4:30 PM

Tags: crowdstrike, cybercrime, cybersecurity, email, malware, phishing

SUMMARY Cybercriminals are deploying a tricky new phishing campaign impersonating the cybersecurity firm CrowdStrike’s recruiters to distribute a… First seen on hackread.com Jump to article: hackread.com/fake-crowdstrike-recruiters-malware-phishing-emails/
2025 Cybersecurity and AI Predictions

Jan 11, 2025 11:42 AM

Tags: access, ai, api, attack, backdoor, backup, browser, business, chrome, communications, compliance, control, corporate, crowdstrike, crypto, cybercrime, cybersecurity, dark-web, data, deep-fake, defense, detection, exploit, finance, firmware, flaw, framework, fraud, GDPR, hacker, Hardware, identity, intelligence, international, korea, LLM, malicious, mitigation, monitoring, network, open-source, privacy, regulation, resilience, risk, risk-assessment, scam, service, skills, supply-chain, switch, technology, threat, tool, training, unauthorized, vulnerability

The cybersecurity and AI landscape continues to evolve at a breathtaking pace, and with it, the associated risks. Snowballing cybercrime costs are compounded by a cybersecurity workforce gap of nearly 4.8 million professionals, as reported by ISC2. Meanwhile, ISACA’s end-2024 State of Cybersecurity Report shows that nearly half of those surveyed claim no involvement in…
Russian nationals arrested by US, accused of running crypto mixers Blender and Sinbad

Jan 11, 2025 11:42 AM

Tags: crypto, cybercrime, russia

The U.S. announced indictments of three Russian nationals who allegedly ran the cryptocurrency mixers Blender and Sinbad in support of cybercriminal operations. Two have reportedly been arrested.]]> First seen on therecord.media Jump to article: therecord.media/russian-nationals-indicted-blender-sinbad-crypto-mixers
Russian nationals charged with operating crypto mixers that masked cybercrime funds

Jan 11, 2025 11:42 AM

Tags: crypto, cybercrime, hacking, russia

The DOJ said the men behind Blender.io and Sinbad.io “made it easier for state-sponsored hacking groups” to profit off their crimes. First seen on cyberscoop.com Jump to article: cyberscoop.com/russians-crypto-mixers-doj-charges/
Fake CrowdStrike ‘Job Interviews’ Become Latest Hacker Tactic

Jan 11, 2025 11:42 AM

Tags: crowdstrike, cybercrime, email, hacker, jobs, malicious, malware

Cybercriminals are luring victims into downloading the XMRig cryptomining malware via convincing emails, inviting them to schedule fake interviews using a malicious link. First seen on darkreading.com Jump to article: www.darkreading.com/threat-intelligence/crowdstrike-job-interviews-hacker-tactic
DoJ Indicts Three Russians for Operating Crypto Mixers Used in Cybercrime Laundering

Jan 11, 2025 11:42 AM

Tags: crypto, cybercrime, finance, intelligence, russia, service

The U.S. Department of Justice (DoJ) on Friday indicted three Russian nationals for their alleged involvement in operating the cryptocurrency mixing services Blender.io and Sinbad.io.Roman Vitalyevich Ostapenko and Alexander Evgenievich Oleynik were arrested on December 1, 2024, in coordination with the Netherlands’ Financial Intelligence and Investigative Service, Finland’s National Bureau of First seen on thehackernews.com…
Weaponized LDAP Exploit Deploys Information-Stealing Malware

Jan 10, 2025 1:18 PM

Tags: cve, cyber, cybercrime, exploit, malicious, malware, tool, vulnerability

Cybercriminals are exploiting the recent critical LDAP vulnerabilities (CVE-2024-49112 and CVE-2024-49113) by distributing fake proof-of-concept exploits for CVE-2024-49113 (dubbed >>LDAPNightmare
Hackers Targeting Users Who Lodged Complaints On Government portal To Steal Credit Card Data

Jan 10, 2025 1:18 PM

Tags: access, credit-card, cyber, cybercrime, data, exploit, government, hacker, middle-east, service, software, unauthorized, vulnerability

Fraudsters in the Middle East are exploiting a vulnerability in the government services portal. By impersonating government officials, they target individuals who have filed commercial complaints. Using Remote Access Software, the fraudsters can then steal credit card information and conduct unauthorized transactions that circumvent traditional OTP-based security measures, highlighting the evolving nature of cybercrime and…
Ransomware Gets Smarter: HexaLocker V2 Introduces Powerful New Mechanisms

Jan 10, 2025 11:18 AM

Tags: cybercrime, cybersecurity, encryption, group, open-source, ransomware

HexaLocker V2 has arrived on the market. This new version of the notorious HexaLocker ransomware has brought with it a series of improvements, including a new persistence mechanism, enhanced encryption algorithms, and an open-source stealer known as Skuld. These changes reflect the ongoing sophistication of cybercriminal groups and their ability to circumvent traditional cybersecurity defenses.…
Fake-Shops, Ransomware, KI: Bayerns Cybercrime-Bilanz

Jan 10, 2025 9:20 AM

Tags: ai, cybercrime, ransomware

Die Fallzahlen für die bayerische Cybercrime-Spezialstaatsanwaltschaft sind nach wie vor hoch. Die Täter setzen immer stärker auf Künstliche Intelligenz. First seen on it-daily.net Jump to article: www.it-daily.net/it-sicherheit/cybercrime/fake-shops-ransomware-ki-bayerns-cybercrime-bilanz
8 Cyber Predictions for 2025: A CSO’s Perspective

Jan 10, 2025 1:18 AM

Tags: access, ai, attack, authentication, business, ceo, ciso, cloud, compliance, computing, control, credentials, cryptography, cyber, cyberattack, cybercrime, cybersecurity, data, defense, detection, encryption, exploit, extortion, firewall, framework, governance, group, hacker, hacking, healthcare, identity, intelligence, international, law, leak, malicious, mfa, microsoft, network, north-korea, organized, phishing, privacy, ransom, ransomware, regulation, risk, risk-management, service, social-engineering, software, strategy, supply-chain, theft, threat, tool, update, wifi, zero-trust

As we step into 2025, the cyberthreat landscape is once again more dynamic and challenging than the year before. In 2024, we witnessed a remarkable acceleration in cyberattacks of all types, many fueled by advancements in generative AI. For security leaders, the stakes are higher than ever. In this post, I’ll explore cyberthreat projections and…
New Mirai botnet targets industrial routers

Jan 9, 2025 9:18 PM

Tags: access, attack, botnet, cctv, china, credentials, cve, cybercrime, data, ddos, exploit, germany, network, password, remote-code-execution, router, russia, update, vulnerability, zero-day

According to security analysis, the Gayfemboy botnet, based on the notorious Mirai malware, is currently spreading around the world. Researchers from Chainxin X Lab found that cybercriminals have been using the botnet since November 2024 to attack previously unknown vulnerabilities. The botnet’s preferred targets include Four-Faith and Neterbit routers or smart home devices.Experts from VulnCheck reported at the end of…
Webinar: Learn How to Stop Encrypted Attacks Before They Cost You Millions

Jan 9, 2025 1:18 PM

Tags: attack, cybercrime, data, encryption, malware, ransom, ransomware

Ransomware isn’t slowing down”, it’s getting smarter. Encryption, designed to keep our online lives secure, is now being weaponized by cybercriminals to hide malware, steal data, and avoid detection.The result? A 10.3% surge in encrypted attacks over the past year and some of the most shocking ransom payouts in history, including a $75 million ransom…
UN Cybercrime Treaty Faces Long Odds to US Passage

Jan 9, 2025 11:18 AM

Tags: cybercrime, group, Internet, privacy, technology

US Senate Unlikely to Ratify Contentious Cybercrime Treaty Amid Mounting Concerns. Experts tell Information Security Media Group that a controversial United Nations cybercrime convention is unlikely to be ratified in the U.S. Senate due to mounting concerns from technology, human rights and privacy advocates over its potential impact on internet security and privacy protections. First…
UN Cybercrime Treaty Faces Longs Odds to US Passage

Jan 9, 2025 1:18 AM

Tags: cybercrime, group, Internet, privacy, technology

US Senate Unlikely to Ratify Contentious Cybercrime Treaty Amid Mounting Concerns. Experts tell Information Security Media Group that a controversial United Nations cybercrime convention is unlikely to be ratified in the U.S. Senate due to mounting concerns from technology, human rights, and privacy advocates over its potential impact on internet security and privacy protections. First…
Thousands of credit cards stolen in Green Bay Packers store breach

Jan 8, 2025 5:18 PM

Tags: breach, credit-card, cybercrime, data, hacking

American football team Green Bay Packers says cybercriminals stole the credit card data of over 8,500 customers after hacking its official Pro Shop online retail store in a September breach. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/thousands-of-credit-cards-stolen-in-green-bay-packers-store-breach/
How initial access brokers (IABs) sell your users’ credentials

Jan 8, 2025 5:18 PM

Tags: access, breach, corporate, credentials, cybercrime, network, software

Initial Access Brokers (IABs) are specialized cybercriminals that break into corporate networks and sell stolen access to other attackers. Learn from Specops Software about how IABs operate and how businesses can protect themselves. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/how-initial-access-brokers-iabs-sell-your-users-credentials/
Six Tech Trends Shaping the Future of Brand Experiences

Jan 8, 2025 3:18 PM

Tags: 5G, access, ai, business, cloud, compliance, corporate, cybercrime, data, email, encryption, google, iot, jobs, network, password, privacy, ransom, service, software, strategy, switch, technology, threat

Six Tech Trends Shaping the Future of Brand Experiences madhav Wed, 01/08/2025 – 12:38 Business success relies on balancing positive brand experiences and maintaining consumer trust. Consumers want efficiency”, 2024 research from Thales found that 22% of consumers will give up after less than a minute if they’re having a frustrating customer experience”, but they…
Cyberattacks and Industry Vulnerabilities: What 2025 Holds

Jan 8, 2025 2:18 PM

Tags: cyberattack, cybercrime, data, finance, tactics, technology, vulnerability

The rise of cyberattacks has changed the dynamics of global industries, with cybercriminals increasingly targeting sectors that hold vast amounts of sensitive data, financial resources, or critical infrastructure. As cybercriminals refine their tactics and use more sophisticated technology, certain industries are becoming more vulnerable to breaches. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/5-industries-targeted-by-cybercriminals/
How Nation-State Actors and Organised Hackers Involving in Their Ways of Cyber Attacks

Jan 8, 2025 1:18 PM

Tags: attack, cyber, cybercrime, group, hacker, organized, tactics

The distinction between nation-state actors and organized cybercriminals is becoming increasingly blurred. Both groups now leverage similar tactics, techniques, and procedures (TTP) in their cyber operations, resulting in a complex landscape where motivations and objectives often intersect. This article delves into the intricate dynamics between these two types of cyber operatives, examining their methods, motivations,…