Tag: group
-
Ransomware Hackers Leak Under Armour Customer Data
Russia-Linked Ransomware Group Dumps Customer Data After Failed Extortion Attempt. Under Armour may trade on the blood, sweat, respect slogan, but a Russia-linked ransomware group hasn’t been abiding, after they stole data pertaining to 72.7 million of the athleisure giant’s customers, then leaked it on darkweb sites after saying the retailer refused to pay a…
-
Smarter DDoS security at scale
Block first, ask questions later: One way to minimize the impact of encrypted attack traffic is to simply drop it before decrypting. There are several methods we employ to filter out the garbage quickly and efficiently:Known source blocking: Many attackers are now using open internet proxies to hide the source of their HTTPS attacks. We constantly…
-
More employees get AI tools, fewer rely on them at work
People across many organizations now have access to AI tools, and usage keeps spreading. Some groups rely on AI during regular work, others treat it as an occasional helper. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/23/deloitte-enterprise-ai-adoption/
-
Ransomware gang’s slip-up led to data recovery for 12 US firms
Tags: access, attack, backup, breach, business, citrix, cloud, corporate, cyber, data, data-breach, detection, encryption, endpoint, exploit, finance, group, incident response, infosec, infrastructure, law, linux, network, phishing, powershell, ransom, ransomware, risk, software, spear-phishing, sql, threat, tool, veeam, vulnerabilityscrutinize and audit your backups. If you have a regular backup schedule, is there unexpected or unexplained activity? Von Ramin Mapp notes that crooks are known to time data exfiltration to match corporate off-site backups as a way to hide their work;monitor for encrypted data leaving your environments and see where it goes. Does this…
-
Watchdog group sues for TSA data sharing agreement with ICE
The lawsuit comes a day after a TSA official vigorously defended the practice as critical to “national security” in testimony to Congress. First seen on cyberscoop.com Jump to article: cyberscoop.com/american-oversight-sues-tsa-ice-over-data-sharing-partnership-fight-records/
-
Spanish judge closes NSO Group spyware probe due to lack of cooperation from Israel
The case dates to May 2022, when the court launched a probe into the alleged spying on devices belonging to Prime Minister Pedro Sánchez and Defence Minister Margarita Robles. First seen on therecord.media Jump to article: therecord.media/spanish-judge-closes-nso-group-spyware-probe-israel
-
Voidlink Linux Malware Was Built Using an AI Agent, Researchers Reveal
Sophisticated malware previously thought to be the work of a well-resourced cyber-crime group was built by one person – with the aid of AI tools First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/voidlink-linux-malware-built-using/
-
Pro-Russian denial-of-service attacks target UK, NCSC warns
The UK’s National Cyber Security Centre (NCSC) has issued a warning about the threat posed by distributed denial-of-service (DDoS) attacks from Russia-linked hacking groups who are reported to be continuing to target British organisations. First seen on bitdefender.com Jump to article: www.bitdefender.com/en-us/blog/hotforsecurity/pro-russian-denial-of-service-attacks-target-uk-ncsc-warns
-
Pro-Russian hacktivist campaigns continue against UK organizations
The UK’s National Cyber Security Centre reports ongoing cyber operations by Russian-aligned hacktivist groups targeting organizations in the UK and abroad. NoName057(16) … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/21/russian-hacktivist-groups-target-uk-organizations/
-
Pro-Russian hacktivist campaigns continue against UK organizations
The UK’s National Cyber Security Centre reports ongoing cyber operations by Russian-aligned hacktivist groups targeting organizations in the UK and abroad. NoName057(16) … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/21/russian-hacktivist-groups-target-uk-organizations/
-
Cybercriminals speak the language young people trust
Criminal groups actively recruit, train, and retain people in structured ways. They move fast, pay in crypto, and place no weight on age. Young people are dealing with a new … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/01/21/children-cybercrime-recruitment/
-
Everest Ransomware Group Allegedly Claims Breach of McDonald’s India Systems
The Everest ransomware group has claimed responsibility for a major cyberattack targeting McDonald’s India, allegedly exfiltrating 861 GB of sensitive corporate and customer data. The threat actors posted breach details on their dark web leak site on January 20, 2026, threatening public release if McDonald’s fails to respond within their specified deadline. Scope of Alleged…
-
Everest Ransomware Group Allegedly Claims Breach of McDonald’s India Systems
The Everest ransomware group has claimed responsibility for a major cyberattack targeting McDonald’s India, allegedly exfiltrating 861 GB of sensitive corporate and customer data. The threat actors posted breach details on their dark web leak site on January 20, 2026, threatening public release if McDonald’s fails to respond within their specified deadline. Scope of Alleged…
-
Everest Ransomware Group Allegedly Claims Breach of McDonald’s India Systems
The Everest ransomware group has claimed responsibility for a major cyberattack targeting McDonald’s India, allegedly exfiltrating 861 GB of sensitive corporate and customer data. The threat actors posted breach details on their dark web leak site on January 20, 2026, threatening public release if McDonald’s fails to respond within their specified deadline. Scope of Alleged…
-
Everest Ransomware Claims McDonalds India Breach Involving Customer Data
The notorious Everest ransomware group is claiming to have breached McDonald’s India, the Indian subsidiary of the American… First seen on hackread.com Jump to article: hackread.com/everest-ransomware-mcdonalds-india-breach-customer-data/
-
EU plans cybersecurity overhaul to block foreign high-risk suppliers
The European Commission has proposed new cybersecurity legislation mandating the removal of high-risk suppliers to secure telecommunications networks and strengthening defenses against state-backed and cybercrime groups targeting critical infrastructure. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/eu-plans-cybersecurity-overhaul-to-block-foreign-high-risk-suppliers/
-
ClickFix to CrashFix: KongTuke Used Fake Chrome Ad Blocker to Install ModeloRAT
Huntress discovers ‘CrashFix,’ a new attack by KongTuke hacker group using fake ad blockers to crash browsers and trick office workers into installing ModeloRAT malware. First seen on hackread.com Jump to article: hackread.com/clickfix-crashfix-kongtuke-fake-chrome-ad-blocker-modelorat/
-
$12B Scam Market Tudou Guarantee Shuts Down
Telegram-Based Marketplace Closes After Prince Group Founder’s Arrest. Telegram marketplace Tudou Guarantee, which processed over $12 billion in fraud transactions, has ceased operations following the arrest of Prince Group chairman Chen Zhi, who was extradited to China in January. Elliptic said it was the third-largest illicit marketplace of all time. First seen on govinfosecurity.com Jump…
-
$12B Scam Market Tudou Guarantee Shuts Down
Telegram-Based Marketplace Closes After Prince Group Founder’s Arrest. Telegram marketplace Tudou Guarantee, which processed over $12 billion in fraud transactions, has ceased operations following the arrest of Prince Group chairman Chen Zhi, who was extradited to China in January. Elliptic said it was the third-largest illicit marketplace of all time. First seen on govinfosecurity.com Jump…
-
Fight for the Future, EFF, Others Push Back Against Growing ICE Surveillance
The privacy rights group Fight for the Future was one of 44 organizations that sent a letter to lawmakers urging them to pull back on funding for ICE, noting the growing threats to U.S. citizens and others as the agency spends millions of dollars on its growing surveillance capabilities. First seen on securityboulevard.com Jump to…
-
UK authorities warn of pro-Russia groups targeting critical infrastructure, local government
The alert comes just over a month after a joint advisory from CISA, the FBI and Western allies citing hacktivist activity against OT providers.; First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/uk-warn-pro-russia-critical-infrastructure/809992/
-
UK warns of sustained cyberthreat from pro-Russian hacktivists
The National Cyber Security Centre highlighted the group known as NoName057(16) and other Russia-aligned operations that have targeted U.K. websites. First seen on therecord.media Jump to article: therecord.media/uk-ncsc-warning-russia-aligned-hacktivist-groups
-
For the price of Netflix, crooks can now rent AI to run cybercrime
Group-IB says crims forking out for Dark LLMs, deepfakes, and more at subscription prices First seen on theregister.com Jump to article: www.theregister.com/2026/01/20/group_ib_ai_cycercrime_subscriptions/
-
AI Supercharges Attacks in Cybercrime’s New ‘Fifth Wave’
Weaponized AI is fueling a new wave of cybercrime, said Group-IB in its latest report First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/ai-supercharges-attacks-cybercrime/
-
Telegram-based illicit billionaire marketplace Tudou Guarantee stopped transactions
Major Telegram-based illicit marketplace Tudou Guarantee appears to be shutting down its operations, according to Elliptic. Blockchain cybersecurity firm Elliptic reports that Tudou Guarantee, a major Telegram-based illicit marketplace in Southeast Asia, has stopped transactions in its public groups after handling over $12 billion. The researchers noted that other services still run, so a full…
-
Scam Marketplace Tudou Guarantee Shutters Telegram Ops
A notorious marketplace for fraud, Tudou Guarantee, appears to have closed its public Telegram groups First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/scam-market-tudou-guarantee-shut/
-
Tudou Guarantee Marketplace Halts Telegram Transactions After Processing Over $12 Billion
A Telegram-based guarantee marketplace known for advertising a broad range of illicit services appears to be winding down its operations, according to new findings from Elliptic.The blockchain intelligence company said Tudou Guarantee has effectively ceased transactions through its public Telegram groups following a period of significant growth. The marketplace is estimated to have processed First…
-
Mandiant pushes organizations to dump insecure NTLMv1 by releasing a way to crack it
Tags: attack, authentication, computer, credentials, crypto, cve, data, data-breach, email, encryption, group, Hardware, international, mandiant, microsoft, network, ntlm, phishing, risk, service, supply-chain, theft, threat, vulnerability, windowspass-the-hash. The benefit is time and money saved: Mandiant reckons its rainbow table allows the recovery of an NTLMv1 key in 12 hours using a computer costing $600, rather than relying on third party services or expensive hardware to brute-force the keys.None of this makes NTLMv1 less secure or easier to target than it already…