Bleeping Computer
Ransomware attack on indie game maker wiped all player accounts
A ransomware attack on the "Ethyrial: Echoes of Yore" MMORPG last Friday destroyed 17,000 player accounts, deleting their in-game items and progress in the game.
The Record
Sacked Ukrainian cyber chief released on bail amid corruption probe
Ukraine's former cybersecurity chief was released from detention on Friday on $700,000 bail, according to Ukraine’s anti-corruption non-profit.
DarkReading
Kinsing Cyberattackers Target Apache ActiveMQ Flaw to Mine Crypto
Active exploit of the critical RCE flaw targets Linux systems to achieve full system compromise.
The Hacker News
Kinsing Hackers Exploit Apache ActiveMQ Vulnerability to Deploy Linux Rootkits
The Kinsing threat actors are exploiting a critical security flaw in vulnerable Apache ActiveMQ servers to infect Linux systems with cryptocurrency mi
The Record
Binance agrees to pay $4.3 billion for money laundering violations, CEO steps down
Binance, the largest cryptocurrency exchange in the world, agreed to pay more than $4 billion in settlements with several U.S. law enforcement agencies after years of investigations uncovered widespread criminal use of the platform.
The Hacker News
Randstorm Exploit: Bitcoin Wallets Created b/w 2011-2015 Vulnerable to Hacking...
...🚨 Bitcoin wallets created from 2011 to 2015 vulnerable to "Randstorm" exploit, potentially allowing...
The Record
British Library says ransomware hackers stole data from HR files
The British Library — one of the largest libraries in the world and the national library of the United Kingdom — said the ransomware gang behind a recent attack on its systems appeared to leak data stolen from its human resources files.
Trend Micro
CVE-2023-46604 (Apache ActiveMQ) Vulnerability Exploited to Infect Systems With Cryptominers and Rootkits
We uncovered the active exploitation of the Apache ActiveMQ vulnerability CVE-2023-46604 to download and infect Linux systems with the Kinsing malware (also known as h2miner) and cryptocurrency miner.
Ars Technica
The FCC says new rules will curb SIM swapping. I’m pessimistic
SIM swaps and port-out scams are a fact of life. New rules aren't likely to change that.
Infosecurity News
Cyber-Criminals Exploit Gaza Crisis With Fake Charity
Attackers sought crypto donations of $100-$5000 using Bitcoin, Litecoin and Ethereum addresses...
Infosecurity News
Royal Ransomware Gang Demands $275m in a Year
CISA highlights links to newer Blacksuit variant
The Record
Crooks leverage Google quiz messages as part of bitcoin scam...
Scammers have discovered a way to create a new quiz in Google Forms, use a victim’s email address to respond to it, and then exploit the feature that releases the score of the quiz to send malicious emails, Cisco Talos said.
The Record
Boeing investigating leaked data after LockBit allegedly publishes stolen info
Airplane maker Boeing said it is investigating data leaked by a prominent Russia-based ransomware gang that was allegedly stolen from the company.
The Record
More than $100 million stolen from Poloniex crypto platform
...million from cryptocurrency trading platform Poloniex on Friday, taking off with millions worth of Bitcoin...
Bleeping Computer
Fake Ledger Live app in Microsoft Store steals $768,000 in crypto
Microsoft has recently removed from its store a fraudulent Ledger Live app for cryptocurrency management after multiple users lost at least $768,000 worth of cryptocurrency assets.
The Hacker News
Offensive and Defensive AI: Let’s Chat(GPT) About It
Get the full story on the dangers of the rapidly growing consumer application, ChatGPT, and learn how to resist cyber crime.
The Record
Atlassian confirms ransomware is exploiting latest Confluence bug
An Atlassian spokesperson said the company had evidence to support what cybersecurity researchers reported over the weekend: A vulnerability affecting the Confluence Data Center and Confluence Server products was being used in cybercrime.
Bleeping Computer
TellYouThePass ransomware joins Apache ActiveMQ RCE attacks
Internet-exposed Apache ActiveMQ servers are also targeted in TellYouThePass ransomware attacks targeting a critical remote code execution (RCE) vulnerability previously exploited as a zero-day.
Cyber Security News
U.S. Government Recovers $2.4 Million From A Business Emails Hack
The hackers frauded $2.4 Million through business emails, but the U.S. Government reclaimed the Money and returned it to the victims.
DarkReading
'KandyKorn' macOS Malware Lures Crypto Engineers
Posing as fellow engineers, the North Korean state-sponsored cybercrime group Lazarus tricked crypto-exchange developers into downloading the hard-to-detect malware.
Cyber Security News
Knight Ransomware Attacking Windows Computer to Exfiltrate Sensitive Data
Several industrial sectors have been attacked by the Knight ransomware organisation that includes retail, and healthcare organisations.
DarkReading
'Prolific Puma' Hacker Gives Cybercriminals Access to .us Domains
Cybercriminals are upping their phishing with shortened links and showing that coveted, regulated top-level domains aren't as exclusive as you'd think.
Bleeping Computer
Dozens of countries will pledge to stop paying ransomware gangs
An alliance of 40 countries will sign a pledge during the third annual International Counter-Ransomware Initiative summit in Washington, D.C., to stop paying ransoms demanded by cybercriminal groups.
Bleeping Computer
Massive cybercrime URL shortening service uncovered via DNS data
A threat actor that security researchers call Prolific Puma has been providing link shortening services to cybercriminals for at least four years while keeping a sufficiently low profile to operate undetected.
The Hacker News
YoroTrooper: Researchers Warn of Kazakhstan's Stealthy Cyber Espionage Group
YoroTrooper is a unique threat actor - likely originating from Kazakhstan. Get the latest info on tactics, techniques, tools, and targeting of this ac
SecurityWeek
'YoroTrooper' Espionage Group Linked to Kazakhstan
The YoroTrooper espionage group likely consists of individuals from Kazakhstan, Cisco’s Talos security researchers report.
The Hacker News
Malvertising Campaign Targets Brazil's PIX Payment System with GoPIX Malware
Brazil's popular PIX payment system is under attack! Cybercriminals are using a new malware, GoPIX, to target users searching for "WhatsApp web."
The Record
Kazakhstan-based hackers targeting gov’t websites in Central Asia, Cisco says
Hackers believed to be based in Kazakhstan are targeting other members of the Commonwealth of Independent States in a wide-ranging espionage campaign, according to new research.
Bleeping Computer
Palestine crypto donation scams emerge amid Israel-Hamas war
As thousands of civilians die amid the deadly Israel-Hamas war, scammers are capitalizing on the horrific events to collect donations by pretending to be legitimate charities. BleepingComputer has come across several posts on X (formerly Twitter), Telegram and Instagram where scammers list dubious cryptocurrency wallet addresses.
The Hacker News
Europol Dismantles Ragnar Locker Ransomware Infrastructure, Nabs Key Developer
Europol takes down Ragnar Locker's infrastructure, arrests key suspect in France.
Cyber Security News
Authorities Seized RagnarLocker Ransomware Dark Web Site
The dark web site used by the notorious RagnarLocker ransomware group has been seized by a coordinated international law enforcement action.
The Record
Hacker accused of breaching Finnish psychotherapy center facing 30,000 counts
Kivimäki allegedly hacked into the Finnish firm Vastaamo, which managed dozens of psychotherapy centers throughout the country, in 2018, stealing the private treatment records of over 33,000 patients.
Bleeping Computer
E-Root admin faces 20 years for selling stolen RDP, SSH accounts
Sandu Diaconu, the operator of the E-Root marketplace, has been extradited to the U.S. to face a maximum imprisonment penalty of 20 years for selling access to compromised computers.
Bleeping Computer
India targets Microsoft, Amazon tech support scammers in nationwide crackdown
India's Central Bureau of Investigation (CBI) raided 76 locations in a nationwide crackdown on cybercrime operations behind tech support scams and cryptocurrency fraud.
ZDNet
What is ransomware? Everything you need to know and how to reduce your risk
The ransomware business is booming, and really anyone can be the next victim. Here's how to protect yourself and your organization from an attack. Too late for prevention? We'll show you what to do next.
Infosecurity News
US Charge Man with Running Stolen Credentials Marketplace
Authorities believe the E-Root marketplace listed more than 350,000 computer credentials for sale
Cyber Security News
Former Navy IT Manager Sentenced for Selling People’s Sensitive Information on Dark web
Former Navy IT Manager Marquis Hooper was punished with five years for hacking a computer database that contained sensitive Information.
The Record
Concerns grow as LockBit knockoffs increasingly target popular vulnerabilities
Hackers are using a leaked toolkit used to create do-it-yourself versions of the popular LockBit ransomware, making it easy for even amateur cybercriminals to target common vulnerabilities.
Bleeping Computer
Ex-Navy IT head gets 5 years for selling people’s data on darkweb
Marquis Hooper, a former U.S. Navy IT manager, has received a sentence of five years and five months in prison for illegally obtaining US citizens' personally identifiable information (PII) and selling it on the dark web.
SecurityWeek
Finland Charges Psychotherapy Hacker With Extortion
Finland charged a hacker, accused of the theft of tens of thousands of records from psychotherapy patients, with over 21,000 counts of extortion.
The Record
Moldovan accused of running cybercrime marketplace to face charges in US
A Moldovan national has been extradited from the United Kingdom to face charges related to allegedly running an online marketplace selling access to compromised computers.
The Record
Colonial Pipeline attributes ransomware claims to ‘unrelated’ third-party data breach
Colonial Pipeline said there has been no disruption to pipeline operations or their systems after a ransomware gang made several threats on Friday afternoon.
The Hacker News
North Korea's Lazarus Group Launders $900 Million in Cryptocurrency
Report reveals Lazarus Group, tied to North Korea, involved in $900 million cross-chain bridge laundering
Cyber Security News
Top 10 SaaS Security Risks and How to Mitigate Them
Top 10 SaaS Security Risks and How to Mitigate Them. 1. Data Breaches, 2. Account Hijacking, 3. Lack of Identity and Access Management (IAM).
-1.webp)
Cyber Security News
BunnyLoader: New Malware-as-a-Service (MaaS) Under Rapid Development
A new malware-as-a-service (MaaS) loader under the name “BunnyLoader” has been discovered to be sold in multiple hacking forums.
SecurityWeek
$200 Million in Cryptocurrency Stolen in Mixin Network Hack
Mixin Network suspends deposits and withdrawals after hackers steal $200 million in digital assets from its centralized database.
Cyber Security News
New BBTok Banking Malware Server-Side Software Generates Victim-Specific Payload
Banking malware is a malicious program that is mainly designed and used by threat actors to steal the following sensitive financial information from victims' computers or mobile devices.
Bleeping Computer
TikTok flooded by 'Elon Musk' cryptocurrency giveaway scams
TikTok is flooded by a surge of fake cryptocurrency giveaways posted to the video-sharing platform, with almost all of the videos pretending to be themes based on Elon Musk, Tesla, or SpaceX.
SecurityWeek
In Other News: China Blames NSA for Hack, AI Jailbreaks, Netography Spin-Off
Noteworthy stories that might have slipped under the radar: China blames NSA for a cyberattack, AI jailbreaks, and Netography spin-off.
SecurityWeek
Google Feature Blamed for Retool Breach That Led to Cryptocurrency Firm Hacks
A recently introduced Google account sync feature has been blamed after sophisticated hackers attacked 27 cryptocurrency firms via Retool.
SecurityWeek
North Korean Hackers Steal $53 Million in Cryptocurrency From CoinEx
North Korean hackers stole $53 million in cryptocurrency from crypto exchange CoinEx after the hot wallet private key was leaked.
Bleeping Computer
Rollbar discloses data breach after hackers stole access tokens
Software bug-tracking company Rollbar disclosed a data breach after unknown attackers hacked its systems in early August and gained access to customer access tokens.
Bleeping Computer
Hackers steal $53 million worth of cryptocurrency from CoinEx
Global cryptocurrency exchange CoinEX announced that someone hacked its hot wallets and stole large amounts of digital assets that were used to support the platform's operations.
The Record
Phishing campaign uses Word documents to distribute three malware strains
Researchers identified a new phishing campaign that uses Microsoft Word documents to distribute malware that can log what a victim types, siphon cryptocurrency funds, and steal sensitive data.
DarkReading
Attackers Abuse Google Looker Studio to Evade DMARC, Email Security
Cyberattackers are tapping the legitimacy of the Web-based data-visualization tool in a campaign aimed at stealing credentials and defrauding hundreds of business users.
SecurityWeek
FBI Blames North Korean Hackers for $41 Million Stake.com Heist
FBI says North Korean hacking group Lazarus has stolen $41 million in cryptocurrency from online betting platform Stake.com.
Bleeping Computer
Google Looker Studio abused in cryptocurrency phishing attacks
Cybercriminals are abusing Google Looker Studio to create counterfeit cryptocurrency phishing websites that phish digital asset holders, leading to account takeovers and financial losses.
The Hacker News
New Python Variant of Chaes Malware Targets Banking and Logistics Industries
Chaes malware leveled up by switching to Python, refining communication, and slipping through defenses.
Bleeping Computer
New ‘YouPorn’ sextortion scam threatens to leak your sex tape
A new sextortion scam is making the rounds that pretends to be an email from the adult site YouPorn, warning that a sexually explicit video of you was uploaded to the site and suggesting you pay to have it taken down.
Bleeping Computer
Fake YouPorn extortion scam threatens to leak your sex tape
A new sextortion scam is making the rounds that pretends to be an email from the adult site YouPorn, warning that a sexually explicit video of you was uploaded to the site and suggesting you pay to have it taken down.
Trend Micro
Revisiting 16shop Phishing Kit, Trend-Interpol Partnership
In this entry, we summarize the security analyses and investigations done on phishing-as-a-service 16shop through the years. We also outline the partnership between Trend Micro and Interpol in taking down the main administrators and servers of this massive phishing campaign.
Cyber Security News
FBI Dismantle the Notorious Qakbot Infrastructure Used For Ransomware Attacks
More than 700,000 victim computers were infected by the Qakbot malware, which contributed to ransomware deployments and caused damage worth hundreds of millions of dollars.
Infosecurity News
FBI-Led Operation Duck Hunt Shuts Down QakBot Malware
With Operation Duck Hunt, the FBI took control of the botnet, allowed victims to uninstall the malware loader and seized $8.6m in cryptocurrency
SecurityWeek
Operation ‘Duck Hunt’: Qakbot Malware Disrupted, $8.6 Million in Cryptocurrency Seized
U.S. law enforcement announce the disruption of the notorious Qakbot cybercrime operation and the release of an auto-disinfection tool.
The Record
Pay our ransom instead of a GDPR fine, cybercrime gang tells its targets
A group that operates through a data leak blog called Ransomed tells its alleged victims that shelling out an extortion payment is smarter than facing a government fine for a data breach.
CyberSecurity Dive
Prospect Medical stolen data listed for sale by emerging ransomware group
Rhysida claims it stole more than 500,000 Social Security numbers, financial, legal and medical files. And it’s all for sale on the dark web.
SecurityWeek
North Korean APT Hacks Internet Infrastructure Provider via ManageEngine Flaw
North Korea-linked Lazarus Group exploited a ManageEngine vulnerability to compromise an internet backbone infrastructure provider.
DarkReading
What the Hive Ransomware Case Says About RaaS and Cryptocurrency
Hive tells us a lot about ransomware-as-a-service trends and the best ways to defend against attacks.
Infosecurity News
Sextortion Scams Surge 178% in a Year
Emails use social engineering to con victims
Security Affairs
DoJ charged Tornado Cash founders with laundering more than $1 billion
The U.S. DoJ charged two men with operating the Tornado Cash service and laundering more than $1 Billion in criminal proceeds. The U.S. Justice Department charged two Tornado Cash founders ROMAN STORM and ROMAN SEMENOV have been charged with one count of conspiracy to commit money laundering and one count of conspiracy to violate the […]
CyberScoop
Unmasking crypto crime: An analysis of China and Iran
Experts explore the growing influence of cryptocurrency in Iran and China, shedding light on large-scale mining operations, money laundering and fentanyl trafficking.
DarkReading
FBI Warns of Cryptocurrency Heists by North Korea's Lazarus Group
The most recent stolen bitcoin comes just after three major operations occurred in June, with millions...
Security Affairs
FBI identifies wallets holding cryptocurrency funds stolen by North Korea
The wallets hold roughly 1,580 Bitcoin (roughly $41 million at the current rate) that […]...
Bleeping Computer
FBI: Lazarus hackers readying to cash out $41 million in stolen crypto
The FBI warned that North Koreans are likely readying to cash out tens of millions worth of stolen cryptocurrency out of hundreds of millions stolen in the last year alone.
SecurityWeek
FBI Finds 1,580 Bitcoin in Crypto Wallets Linked to North Korean Hackers...
...has published information on six crypto wallets in which North Korean hackers moved roughly 1,580 Bitcoin...
Bleeping Computer
WinRAR zero-day exploited since April to hack trading accounts
A WinRar zero-day vulnerability tracked as CVE-2023-38831 was actively exploited to install malware when clicking on harmless files in an archive, allowing the hackers to breach online cryptocurrency trading accounts.
The Record
North Korea’s Lazarus hackers behind recent crypto heists: FBI
The FBI attributed three recent cyberattacks on cryptocurrency platforms to the North Korean government’s APT38 hacking group and warned that Pyongyang is likely to attempt to cash out the stolen proceeds.
Naked Security
FBI warns about scams that lure you in as a mobile beta-tester
Apps on your iPhone must come from the App Store. Except when they don’t… we explain what to look out for.
Security Affairs
QwixxRAT, a new Windows RAT appears in the threat landscape
QwixxRAT is a new Windows remote access trojan (RAT) that is offered for sale through Telegram and Discord platforms. The Uptycs Threat Research team discovered the QwixxRAT (aka Telegram RAT) in early August 2023 while it was advertised through Telegram and Discord platforms. The RAT is able to collect sensitive data and exfiltrate them by […]
SecurityWeek
US Shuts Down Bulletproof Hosting Service LolekHosted, Charges Its Polish Operator
US authorities have announced charges against a Polish national who allegedly operated the LolekHosted.net bulletproof hosting service.
Infosecurity News
Authorities Take Down Lolek Bulletproof Hosting Provider
A Polish national arrested in the US could face up to 45 years in prison if convicted on all counts
Security Affairs
Police dismantled bulletproof hosting service provider Lolek Hosted
A joint operation conducted by European and U.S. law enforcement agencies dismantled the bulletproof hosting service provider Lolek Hosted. Lolek Hosted is a bulletproof hosting service provider used to facilitate the distribution of information-stealing malware, and also to launch DDoS (distributed denial of service) attacks, manage fictitious online shops, manage botnet servers and distribute spam messages […]
Bleeping Computer
Knight ransomware distributed in fake Tripadvisor complaint emails
The Knight ransomware is being distributed in an ongoing spam campaign that pretends to be TripAdvisor complaints.
Naked Security
S3 Ep147: What if you type in your password during a meeting?
Latest episode – listen now! (Full transcript inside.)
DarkReading
Custom Yashma Ransomware Crashes Into the Scene
The threat actor is targeting organizations in Bulgaria, China, Vietnam, and various English-speaking nations.
Infosecurity News
Vietnamese-Origin Ransomware Operation Mimics WannaCry Traits
Cisco Talos said what sets this operation apart is the novel approach to delivering ransom notes
CyberScoop
Report: New ransomware gang emerges in Vietnam
Researchers discovered a new ransomware gang that appears to be in the early stages of their extortion campaigns.
The Hacker News
New Malware Campaign Targets Inexperienced Cyber Criminals with OpenBullet Configs
New malware campaign uses OpenBullet configs to target inexperienced cyber criminals, delivering a dangerous RAT that steals sensitive information.
The Hacker News
New SkidMap Redis Malware Variant Targeting Vulnerable Redis Servers
Attention Linux users! A dangerous new variant of SkidMap malware is targeting vulnerable Redis services across various distributions.
The Record
Suspected Vietnamese hacker targets Chinese, Bulgarian organizations with new ransomware
Researchers believe a new strain of ransomware is being used to target organizations in China, Vietnam, Bulgaria and several other English-speaking countries.
Naked Security
“Crocodile of Wall Street” and her husband plead guilty to giant-sized cryptocrimes
Sentences still to be decided, but she could get up to 10 years and he could get as many as 20.
Security Affairs
Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016
The hackers stole 120,000 Bitcoin and the theft had serious repercussions […]...
Security Affairs
Malicious packages in the NPM designed for highly-targeted attacks
Researchers discovered a new set of malicious packages on the npm package manager that can exfiltrate sensitive developer data. On July 31, 2023, Phylum researchers observed the publication of ten different “test” packages on the npm package manager that were developed to exfiltrate sensitive developer source code and other confidential information. All of these packages […]
The Hacker News
NYC Couple Pleads Guilty to Money Laundering in $3.6 Billion Bitfinex Hack
A married couple from NYC pleads guilty to money laundering charges related to the 2016 Bitfinex hack.
SecurityWeek
New York Couple Plead Guilty to Bitcoin Laundering...
A married couple from New York dubbed "Bitcoin Bonnie and Crypto Clyde" pleaded guilty to laundering ... billions of dollars in stolen bitcoin...
The Record
‘Crypto couple’ pleads guilty to money laundering, as husband admits to carrying out Bitfinex hack
A New York man in court for laundering the proceeds of a 2016 heist on the Bitfinex cryptocurrency platform admitted to carrying out the hack himself, a twist in a case that has beguiled investigators.
Infosecurity News
SSNDOB Marketplace Admin Pleads Guilty
Site was used to trade stolen data
Infosecurity News
North Korean Hackers Bag Another $100m in Crypto Heists
Two new breaches traced back to prolific Lazarus group
The Record
Couple accused of laundering stolen Bitfinex cryptocurrency reaches plea deal
A couple accused of laundering billions worth of stolen cryptocurrency has agreed to a plea deal, according to documents filed in federal court on Friday.
The Record
‘It feels like a digital hurricane’: Coastal Mississippi county recovering from ransomware attack
A coastal Mississippi county is in the process of recovering from a wide-ranging ransomware attack that took down nearly all of the government’s in-office computers.