Tag: service
-
Splunk Patches Multiple Vulnerabilities Enabling DoS Attacks and Data Exposure
Splunk has released security updates to fix three newly disclosed vulnerabilities that could allow low-privileged users to access sensitive data or disrupt Splunk Enterprise deployments through denial-of-service (DoS) conditions. The patches address issues in both Splunk Enterprise and the Splunk Cloud Platform, as well as the Splunk AI Toolkit app. The flaws include improper access…
-
FBI Warns Kali365 PhaaS Platform Targets Microsoft 365 Users to Steal Logins
The U.S. Federal Bureau of Investigation (FBI) has issued a Public Service Announcement (Alert I-052126-PSA) warning about a newly identified Phishing-as-a-Service (PhaaS) platform named Kali365, which is actively targeting Microsoft 365 users. First observed in April 2026, the platform enables attackers to bypass multi-factor authentication (MFA) by exploiting OAuth-based authentication flows. Kali365 PhaaS Platform Targets Microsoft…
-
Operation Dragon Whistle Targets Changzhou University with Malicious LNK Files
A recent phishing campaign dubbed “Operation Dragon Whistle” highlights an evolving trend in cyberattacks: threat actors abusing legitimate developer tools and cloud services to maintain stealth and persistence. Although initially linked to targeting academic environments such as Changzhou University, new analysis reveals overlapping tactics used in a broader campaign aimed at government-linked organizations, including Pakistan’s…
-
Authorities Take Down “First VPN” Service Used in Ransomware Attacks
Authorities in Europe have dismantled a major criminal VPN service known as “First VPN,” which was widely used by ransomware operators and cybercriminal groups to conceal their activities. The coordinated operation, led by French and Dutch authorities with support from Eurojust and Europol, marks a significant disruption to cybercrime infrastructure across multiple countries. Criminal VPN…
-
Integrity or Innovation? Mixed Signals in Trump’s Exec Orders
New White EOs Tighten Know Your Customer Rules While Easing Fintech Oversight Both the White House’s recent executive orders deal with the financial services industry and discuss the importance of integrity and innovation in combatting fraud. But read them together and another picture emerges that could confuse seasoned fraud and compliance practitioners. First seen on…
-
Law enforcement shuts down VPN service used by two dozen ransomware gangs
First VPN promised hackers complete anonymity for their cyberattacks. But Europol said it was able to notify the service’s users that they have now been identified. First seen on techcrunch.com Jump to article: techcrunch.com/2026/05/21/law-enforcement-shuts-down-vpn-service-used-by-two-dozen-ransomware-gangs/
-
Police op targets VPN service favoured by ransomware gangs
A multinational police operation has taken down the infamous First VPN service that provided cover for cyber criminal gangs and ransomware operators. First seen on computerweekly.com Jump to article: www.computerweekly.com/news/366643536/Police-op-targets-VPN-service-favoured-by-ransomware-gangs
-
Two Americans plead guilty to assisting India-based tech support scam centers
Adam Young, 42, and Harrison Gevirtz, 33, pleaded guilty to misprision of a felony after they were accused of offering phone numbers, call routing services, call tracking tools and call forwarding services to India-based telemarketing fraudsters. First seen on therecord.media Jump to article: therecord.media/two-americans-plead-guilty-india-call-center-scams
-
Global law enforcement operation takes First VPN offline
Police seized First VPN in a global crackdown, exposed its cybercrime users, and shut down infrastructure tied to ransomware and data theft. A major international law enforcement operation has taken First VPN offline, a service that had become a quiet staple for ransomware crews, data thieves, and other cybercriminals trying to hide in plain sight. >>The coordinated…
-
European authorities take down prolific cybercrime VPN service
Officials arrested the alleged administrator of First VPN, seized its servers and domains. Europol said the service appeared in almost every major recent cybercrime investigation. First seen on cyberscoop.com Jump to article: cyberscoop.com/europol-take-down-first-vpn-cybercrime/
-
Cybercriminal VPN Dismantled in Europol Crackdown
First VPN, a service used by ransomware actors and fraudsters, was dismantled by Europol First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/first-vpn-takedown-europol/
-
Snyk Boosts Partner Services For AI Security With Launch Of New Delivery Program: Exclusive
Snyk is debuting a new services delivery program for partners as the company seeks to help unlock massive AI security opportunities in the channel, the vendor told CRN exclusively. First seen on crn.com Jump to article: www.crn.com/news/security/2026/snyk-boosts-partner-services-for-ai-security-with-launch-of-new-delivery-program-exclusive
-
Authorities dismantle First VPN, used by ransomware actors
First VPN, a virtual private network service marketed to cybercriminals, promising anonymity for its users, was taken offline on May 19 and 20 as part of Operation Saffron. … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2026/05/21/operation-saffron-first-vpn-takedown/
-
Microsoft Disrupts Malware-Signing Service Used by Ransomware Gangs
Microsoft disrupted Fox Tempest, a malware-signing service accused of abusing Azure certificates to disguise ransomware and malware as trusted software. The post Microsoft Disrupts Malware-Signing Service Used by Ransomware Gangs appeared first on TechRepublic. First seen on techrepublic.com Jump to article: www.techrepublic.com/article/news-microsoft-fox-tempest-malware-signing-service/
-
Europe dismantles VPN service used by cybercriminals to hide ransomware attacks
The international operation targeted a service known as First VPN, which had been marketed for years on Russian-speaking cybercrime forums as a secure way for criminals to evade law enforcement. First seen on therecord.media Jump to article: therecord.media/europe-dismantles-first-vpn
-
Europol Seizes First VPN Used by Ransomware Gangs, Arrests Administrator
Europol has seized First VPN, a service used by ransomware gangs, arrested its administrator and gained access to data linked to thousands of users. First seen on hackread.com Jump to article: hackread.com/europol-seizes-first-vpn-ransomware-administrator-arrest/
-
Police seize “First VPN” service used in ransomware, data theft attacks
A virtual private network service called ‘First VPN,’ used in ransomware and data theft attacks, has been taken offline in a joint international law enforcement operation. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/police-seize-first-vpn-service-used-in-ransomware-data-theft-attacks/
-
Fake Android Apps Commit Carrier Billing Fraud for Premium Services
The disguised apps use WebView automation, JavaScript injection, and OTP interception to avoid detection and complete fraudulent subscriptions. First seen on darkreading.com Jump to article: www.darkreading.com/mobile-security/fake-android-apps-carrier-billing-fraud
-
IAM as a Service Warum Identity-Management zur Cloud-Plattform wird
Identity and Access-Management galt lange als klassisches Infrastrukturprojekt: komplex, teuer und eng an interne Verzeichnisdienste gekoppelt. Doch mit Cloud-Transformation, hybriden Arbeitsmodellen und KI-gestützten Anwendungen gerät das traditionelle IAM-Modell zunehmend an seine Grenzen. Genau hier setzt der Ansatz ‘IAM as a Service” (IAMaaS) an, den Airlock in seinem aktuellen Whitepaper als Zukunftsmodell für modernes Customer Identity…
-
IAM as a Service Warum Identity-Management zur Cloud-Plattform wird
Identity and Access-Management galt lange als klassisches Infrastrukturprojekt: komplex, teuer und eng an interne Verzeichnisdienste gekoppelt. Doch mit Cloud-Transformation, hybriden Arbeitsmodellen und KI-gestützten Anwendungen gerät das traditionelle IAM-Modell zunehmend an seine Grenzen. Genau hier setzt der Ansatz ‘IAM as a Service” (IAMaaS) an, den Airlock in seinem aktuellen Whitepaper als Zukunftsmodell für modernes Customer Identity…
-
Android Malware Spotted Subscribing Victims to Paid Services Without Consent
Cybersecurity researchers expose a 10-month global Android malware campaign using fake apps to secretly charge users through premium SMS bills. First seen on hackread.com Jump to article: hackread.com/android-malware-subscribe-services-without-consent/
-
Microsoft Warns of Two Actively Exploited Defender Vulnerabilities
Microsoft has disclosed that a privilege escalation and a denial-of-service flaw in Defender has come under active exploitation in the wild.The former, tracked as CVE-2026-41091, is rated 7.8 on the CVSS scoring system. Successful exploitation of the flaw could allow an attacker to gain SYSTEM privileges.”Improper link resolution before file access (‘link following’) in Microsoft…
-
P2PInfect Botnet Targets Kubernetes via Exposed Redis
A persistent P2Pinfect botnet campaign targeting Google Kubernetes Engine (GKE) clusters through exposed Redis instances, highlighting how a single cloud misconfiguration can enable long-term compromise. In several investigated environments, attackers maintained access for up to six months, with consistent botnet activity detected through FortiCNAPP composite alerts. The intrusion chain began with publicly exposed Redis services,…
-
P2PInfect Botnet Targets Kubernetes via Exposed Redis
A persistent P2Pinfect botnet campaign targeting Google Kubernetes Engine (GKE) clusters through exposed Redis instances, highlighting how a single cloud misconfiguration can enable long-term compromise. In several investigated environments, attackers maintained access for up to six months, with consistent botnet activity detected through FortiCNAPP composite alerts. The intrusion chain began with publicly exposed Redis services,…
-
Präzise Angriffserkennung trifft professionellen Betrieb: Kritische OT-Infrastrukturen schützen
Controlware arbeitet ab sofort eng mit dem OT-Security-Spezialisten OMICRON zusammen, um Betreiber von Energieanlagen und -netzen gegen Cyberangriffe abzusichern, Ausfälle zu vermeiden und Vorgaben wie NIS2 und EnWG umzusetzen. Der IT-Dienstleister und Managed Service Provider flankiert die von OMICRON entwickelte Angriffserkennungstechnologie StationGuard mit umfangreichen Beratungs-, Integrations- und Betriebsleistungen und bietet der Energiebranche so ganzheitliche OT-Security-Lösungen,……
-
Two U.S. Executives Plead Guilty in India-Based Tech Support Fraud Schemes
Two U.S.-based business executives have pleaded guilty to their roles in enabling large-scale tech-support fraud operations linked to call centers in India, according to the U.S. Department of Justice. Adam Young, 42, former CEO of a telecommunications services company based in Miami, and Harrison Gevirtz, 33, former CSO from Las Vegas, admitted to knowingly supporting…
-
BadIIS Malware Hijacks IIS Servers to Redirect Users to Illicit Sites
A new variant of the BadIIS malware that hijacks Microsoft IIS web servers to redirect users to illicit websites, highlighting an evolving malware-as-a-service (MaaS) ecosystem operated by Chinese-speaking cybercrime groups. The newly analyzed variant is marked by embedded “demo.pdb” strings, which Talos used to trace its development history. Evidence suggests the malware has been actively…
-
BadIIS Malware Hijacks IIS Servers to Redirect Users to Illicit Sites
A new variant of the BadIIS malware that hijacks Microsoft IIS web servers to redirect users to illicit websites, highlighting an evolving malware-as-a-service (MaaS) ecosystem operated by Chinese-speaking cybercrime groups. The newly analyzed variant is marked by embedded “demo.pdb” strings, which Talos used to trace its development history. Evidence suggests the malware has been actively…
-
WantToCry Ransomware Exploits SMB to Encrypt Remote Files
A new ransomware campaign named “WantToCry” that leverages exposed Server Message Block (SMB) services to gain access and encrypt victim data without deploying traditional malware on compromised systems. This approach significantly reduces the detection surface, making it harder for conventional security tools to identify the attack. The name “WantToCry” appears to reference the infamous WannaCry…