SecurityWeek
400,000 Linux Servers Hit by Ebury Botnet
The Ebury Linux botnet has ensnared over 400,000 Linux systems in 15 years, with roughly 100,000 still infected.
SecurityWeek
The Ebury Linux botnet has ensnared over 400,000 Linux systems in 15 years, with roughly 100,000 still infected.
The Record
Sonne Finance, which allows people to lend and borrow funds without the need for intermediaries, said it would commit to not pursuing the heist any further if the perpetrator accepted an undisclosed bounty and returned the stolen cryptocurrency.
Infosecurity News
The 15-year-old Ebury botnet is more active than ever, as ESET found 400,000 Linux servers compromised for cryptocurrency theft and financial gain
Bleeping Computer
A malware botnet known as 'Ebury' has infected almost 400,000 Linux servers since 2009, with roughly 100,000 still compromised as of late 2023.
Ars Technica
Rare bitcoin fragments are worth many times their face value....
Cyber Security News
The botnet, operated by the threat group behind the Ebury malware, has been active since at least 2009 but has evolved over the past decade.
Bleeping Computer
Since April, millions of phishing emails have been sent through the Phorpiex botnet to conduct a large-scale LockBit Black ransomware campaign.
Infosecurity News
Affiliates of prolific Black Basta ransomware group have breached over 500 global organizations
Security Affairs
Black Basta ransomware affiliates have breached over 500 organizations between April 2022 and May 2024, FBI and CISA reported.
SecurityWeek
Organizations must look beyond preventive measures when it comes to dealing with today’s ransomware threats and invest in ransomware response.
Infosecurity News
Europol and Eurojust targeted the orchestrators of a cryptocurrency scam launched in December 2017
Infosecurity News
Russian national Alexander Vinnik has pleaded guilty to his role in a multibillion-dollar money laundering conspiracy
The Hacker News
Russian operator of BTC-e crypto exchange pleads guilty to money laundering charges spanning 2011-2017.
Security Affairs
Alexander Vinnik, a Russian operator of virtual currency exchange BTC-e pleaded guilty to participating in a money laundering scheme.
SecurityWeek
Yaroslav Vasinskyi was sentenced to 13 years and seven months in prison for his alleged role in the REvil ransomware operation.
Security Affairs
A Ukrainian national, a member of the REvil group, has been sentenced to more than 13 years in prison for his role in extortion activities.
Bleeping Computer
Yaroslav Vasinskyi, a Ukrainian national, was sentenced to 13 years and seven months in prison and ordered to pay $16 million in restitution for his involvement in the REvil ransomware operation.
The Hacker News
A Ukrainian hacker part of the notorious REvil gang has been sentenced to over 13 years for orchestrating 2,500+ attacks demanding $700M in crypto ran
CyberSecurity Dive
Legislators slammed Andrew Witty over the company’s lack of cybersecurity practices and the impact of the breach, which may have compromised the data of a third of Americans.
CSO
Despite paying a $22 million ransom in Bitcoin to regain access to encrypted files, the company cannot...
SecurityWeek
The Change Healthcare cyberattack started when hackers entered a server that lacked a basic form of security: multi-factor authentication.
The Record
Yaroslav Vasinskyi also was ordered to pay more than $16 million in restitution for his role in the REvil operation.
The Hacker News
How does blockchain pseudonymity enable financial crime detection? By combining it with knowledge of licit and illicit crypto services, machine learni
Security Affairs
Finnish hacker was sentenced to more than six years in prison for hacking into an online psychotherapy clinic and attempted extortion.
Cyber Security News
Google has introduced Gemini 1.5 Pro for malware analysis, an advanced AI tool capable of processing up to 1 million tokens.
The Record
Aleksanteri Kivimäki, formerly known by the first name Julius and the hacker handle Zeekill, was convicted on all charges relating to the hack of Helsinki-based Vastaamo.
The Record
The CEO of one of the largest banks in the world discusses cryptocurrency and artificial intelligence, as well as how he's been able to influence cybersecurity culture.
Security Affairs
As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector
Infosecurity News
The two founders of Samourai Wallet have been charged with money laundering and unlicensed money-transmitting offenses
Cyber Security News
Rodriguez and Hill, founders of the cryptocurrency service Samourai, arrested for operating an unlicensed money-transmitting business.
Cyber Security News
Black hat SEO methods are used by hackers to manipulate search engine rankings and make malicious or fraudulent websites more visible.
The Hacker News
The U.S. DOJ has made a significant move by arresting the founders of Samourai, a crypto mixer, for laundering over $100M
DarkReading
An exploit for the vulnerability allows attackers to escape a virtual file system sandbox to download system files and potentially achieve RCE.
The Record
Samourai Wallet's domain and servers were also seized, and a seizure warrant for its mobile application was served on the Google Play Store.
Bleeping Computer
You rarely root for a cybercriminal, but a new malware campaign targeting child exploiters doesn't make you feel bad for the victims.
SecurityWeek
Akira ransomware has hit over 250 organizations worldwide and received over $42 million in ransom payments.
Infosecurity News
A joint advisory from Europol and US and Dutch government agencies estimated that Akira made around $42m in ransomware proceeds from March 2023 to January 2024
CSO
United HealthGroup said it has already taken $872 million in dealing with the attack and the disruption it caused.
The Record
The group’s large number of attacks shortly after emerging has led experts to believe it is made up of experienced ransomware actors.
Trend Micro
On April 18, 2024, the UK’s Metropolitan Police Service and others conducted an operation that succeeded in taking down the Phishing-as-a-Service provider LabHost.
The Record
Analysts at Sophos X-Ops are comparing the low-budget cybercrime tools to “junk guns” — cheap, imported weapons that flooded the U.S. in the 1960s and 1970s.
Cyber Security News
A San Fernando Valley man has been taken into custody by federal authorities on criminal charges related to a purported scheme to sell and
Security Affairs
A joint investigation conducted by U.S. and Australian authorities led to the arrest of two key figures behind the Firebird RAT operation.
Bleeping Computer
A joint police operation between the Australian Federal Police (AFP) and the FBI has led to the arrest and charging of two individuals who are believed to be behind the development and distribution of the "Firebird" remote access trojan (RAT), later rebranded as "Hive."
The Record
Bulgarian national Irina Dilkinska assisted in day-to-day operations of OneCoin, a multi-level marketing (MLM) network that duped victims out of at least $4 billion, according to the U.S. government.
SecurityWeek
MarineMax confirms suffering a data breach as a result of a ransomware attack, with the attackers claiming to have obtained 180,000 files.
DarkReading
Our collection of the most relevant reporting and industry perspectives for those guiding cybersecurity strategies and focused on SecOps. Also included: Australia gets its cyber-groove back, and 2023's zero-day field day.
Ars Technica
Former Canonical employee calls out the "Safe" label applied to Snap apps.
DarkReading
Threat actors are widely adopting the fast-growing, low-cost phishing-as-a-service (PhaaS) platform, which is sold via Telegram.
The Record
A standoff between the world's biggest cryptocurrency platform and the Nigerian government has disrupted lives and raised new questions for foreign operations there.
Infosecurity News
Discovered by Sekoia in 2023, the kit is associated with Adversary-in-The-Middle (AiTM) attacks
Bleeping Computer
Cybercriminals have been increasingly using a new phishing-as-a-service (PhaaS) platform named 'Tycoon 2FA' to target Microsoft 365 and Gmail accounts and bypass two-factor authentication (2FA) protection.
SecurityWeek
...group has taken credit for the cyberattack on MarineMax and is offering to sell stolen data for 15 bitcoin...
The Record
U.N. experts reported on the activity of North Korean cyberthreat actors, including those known to researchers as Kimsuky, the Lazarus Group, Andariel and BlueNoroff.
SecurityWeek
Praefortis is a new company pushing ethical and transparent recovery of lost or forgotten crypto wallet passwords.
Bleeping Computer
The U.S. Federal Trade Commission (FTC) warned today that scammers are impersonating its employees to steal thousands of dollars from Americans.
The Hacker News
Moldovan national gets 3+ years in US prison for running E-Root Marketplace, a massive platform selling stolen login details.
Infosecurity News
Sandu Boris Diaconu was involved in conspiracy to commit access device and computer fraud
SecurityWeek
Sandu Diaconu has been sentenced to 42 months in prison for operating a marketplace for compromised credentials.
The Record
A federal high court in Abuja has ordered the world’s largest cryptocurrency exchange Binance to provide Nigeria’s Economic and Financial Crimes Commision (EFCC) with information on all the Nigerians who are using its trading platform.
The Record
MediaWorks says it is investigating after a hacker claimed to have stolen the data of just over 2.4 million people and began targeting individuals for extortion payments.
Security Affairs
US DoJ sentenced a Moldovan national (31) to 42 months in federal prison for operating the E-Root cybercrime marketplace.
Bleeping Computer
Moldovan national Sandu Boris Diaconu has been sentenced to 42 months in prison for operating E-Root, a major online marketplace that sold access to hacked computers worldwide.
Bleeping Computer
A former manager at a telecommunications company in New Jersey pleaded guilty to conspiracy charges for accepting money to perform unauthorized SIM swaps that enabled an accomplice to hack customer accounts.
The Record
Sandu Boris Diaconu, 31, was an administrator for the E-Root Marketplace, which authorities took down in 2020.
Ars Technica
33-year-old Canadian-Russian national pleaded guilty last month.
The Hacker News
Mikhail Vasiliev, a 34-year-old Russian-Canadian, sentenced to nearly 4 years in jail for his role in the LockBit ransomware operation.
SecurityWeek
Cybersecurity firm Claroty discusses the reasons the healthcare industry has long been a primary target for ransomware attacks.
Bleeping Computer
Russian-Swedish national Roman Sterlingov was convicted by a federal jury in Washington, D.C., for operating Bitcoin...
The Record
U.S. federal court for operating a notorious cryptocurrency mixer that moved about $400 million in bitcoin...
The Hacker News
Hackers are getting creative with CHAVECLOAK. This malware can block screens, log keystrokes, and even show fake pop-up windows to steal banking login
Ars Technica
Affiliate claims payment came from AlphV victim, and AlphV took the money and ran.
Bleeping Computer
The ALPHV/BlackCat ransomware gang has shut down its servers amid claims that they scammed the affiliate responsible for the attack on Optum, the operator of the Change Healthcare platform, of $22 million.
The Record
The American Hospital Association is accusing the parent company of Change Healthcare — which for two weeks has dealt with a cybersecurity incident that has caused disruptions at pharmacies nationwide — of failing to adequately address the issues healthcare providers face getting reimbursed for services as a result of the attack.
Bleeping Computer
Ransomware attacks on healthcare over the last few months have been relentless, with numerous ransomware operations targeting hospitals and medical services, causing disruption to patient care and access to prescription drugs in the USA.
Ars Technica
Malicious submissions have been a fact of life for code repositories. AI is no different.
Security Affairs
The LockBit gang is back and set up a new infrastructure after the recent attempt by law enforcement to disrupt their operation.
Security Affairs
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
Bleeping Computer
The LockBit ransomware gang received more than $125 million in ransom payments over the past 18 months, according to the analysis of hundreds of cryptocurrency wallets associated with the operation.
Infosecurity News
Law enforcement agencies involved in Operation Cronos have announced they have been in contact with the LockBit kingpin aka LockbitSupp
DarkReading
Vulnerability CVE-2024-23204, affecting Apple's popular Shortcuts app, suggests a critical need for ongoing security awareness in the macOS and iOS ecosystem.
Cyber Security News
ANY.RUN, an interactive malware sandbox, has published a comprehensive analysis of the growing threat that crypto-malware poses.
SecurityWeek
The ransomware threat will continue to grow and expand. It is the quintessential business plan for cybercriminals.
Infosecurity News
Since emerging in May 2023, the group claims to have victimized 77 companies and public institutions
The Hacker News
North Korean Hackers Target Defense Sector! Learn how state-sponsored actors employ sophisticated techniques via LinkedIn job scams.
Bleeping Computer
...carried out numerous large-scale cryptocurrency heists over the years, has switched to using YoMix bitcoin...
Infosecurity News
Chainalysis data reveals a near-30% fall in the value of digital currency being laundered in 2023
DarkReading
A malware with every malicious feature in the book is adding new pages, with a fresh ability to invade the lowest levels of a Windows machine.
The Hacker News
Glupteba botnet has been found to include an undocumented UEFI bootkit feature, enhancing its stealth and persistence capabilities significantly.
SecurityWeek
Romanian hospitals turn to pen and paper after ransomware attack on centralized healthcare management system.
The Record
Four more Romanian hospitals were confirmed on Tuesday to have been affected by a ransomware attack against an IT platform, bringing the total to 25 facilities whose data has been encrypted. Another 75 hospitals in the country using the platform have been disconnected from the internet as investigators determine if they too are impacted.
Security Affairs
Belarusian/Cypriot national linked with cryptocurrency exchange BTC-e is facing charges that can lead maximum penalty of 25 years in prison
The Hacker News
Former operator of defunct crypto exchange BTC-e faces 25 years in prison for alleged $4 billion money laundering scheme.
Security Affairs
A new round of the weekly Security Affairs newsletter arrived! Every week the best security articles from Security Affairs are free for you.
SecurityWeek
FTC and fundraising software company Blackbaud reach settlement over poor security practices that led to a major data breach.
CyberSecurity Dive
The company is required to delete unnecessary data and inform the agency of future breaches.
Bleeping Computer
Blackbaud has settled with the Federal Trade Commission after being charged with poor security and reckless data retention practices, leading to a May 2020 ransomware attack and a data breach affecting millions of people.
SecurityWeek
Daniel James Junk sentenced to six years in prison for stealing millions in cryptocurrency through SIM swapping.
Security Affairs
German police seized 50,000 Bitcoin from the former operator of the now-defunct piracy website movie2k.to...
The Record
A Belarusian and Cypriot national allegedly connected with the defunct cryptocurrency exchange BTC-e is in U.S. custody and faces charges related to money laundering, federal prosecutors said Thursday.