CyberNews
Europol confirms web platform breach
Europol confirmed one of it web portals was breached.
CyberNews
Europol confirmed one of it web portals was breached.
The Cyber Express
An unidentified threat actor known as "pwns3c" has offered access to a database purported to contain sensitive data and documents
Cyber Security News
The European Union's law enforcement agency, Europol, has confirmed a security breach of its web portal but says no operational data was compromised.
Security Affairs
Notorius threat actor IntelBroker claims that Europol has suffered a data breach that exposed FOUO and other classified data.
HACKRead
The notorious IntelBroker hacker claims to have successfully breached the European Union Agency for Law Enforcement Cooperation (Europol).
HACKRead
The norotious IntelBroker hackers claims to have breached a leading cybersecurity company selling its access for $20,000 in XMR cryptocurrency.
SecurityWeek
A botnet dismantled in January and used by Russia-linked APT28 consisted of more than just Ubiquiti Edge OS routers.
Ars Technica
How and why nation-state hackers and cybercriminals coexist in the same router botnet.
Trend Micro
This blog entry aims to highlight the dangers of internet-facing routers and elaborate on Pawn Storm's exploitation of EdgeRouters, complementing the FBI's advisory from February 27, 2024.
The Cyber Express
Julius Kivimäki, one of Europe's most sought-after cyber criminals, has been sentenced to more than six years jail for attempting
The Record
Aleksanteri Kivimäki, formerly known by the first name Julius and the hacker handle Zeekill, was convicted on all charges relating to the hack of Helsinki-based Vastaamo.
Security Affairs
As cryptocurrencies have grown in popularity, there has also been growing concern about cybercrime involvement in this sector
Bleeping Computer
North Korean hackers have been exploiting the updating mechanism of the eScan antivirus to plant backdoors on big corporate networks and deliver cryptocurrency miners through GuptiMiner malware.
Cyber Security News
A sophisticated malware campaign has been compromising the update mechanism of eScan antivirus software to distribute malicious backdoors and cryptocurrency mining software.
CyberNews
Researchers observe a flood of crude and amateurish ransomware. But it’s cheap, difficult to trace, and comes in many flavors.
SC Magazine
A cryptominer campaign leveraged five vulnerabilities in OpenMetadata to infect environments.
Bleeping Computer
In an ongoing Kubernetes cryptomining campaign, attackers target OpenMetadata workloads using critical remote code execution and authentication vulnerabilities.
CyberNews
Eighteen companies in Sweden, disguised as legitimate data centers for AI or other activities, have been found exploiting tax incentives to mine cryptocurrency.
SecurityWeek
Charles O. Parks III was arrested and charged with defrauding two cloud-services providers of $3.5 million.
The Hacker News
Two arrested for developing and distributing Hive RAT malware & a Nebraska man indicted for a massive $3.5 million cloud cryptojacking scheme.
Ars Technica
Indictment says man tricked cloud providers into giving him services he never paid for.
Bleeping Computer
The U.S. Department of Justice has announced the arrest and indictment of Charles O. Parks III, known as "CP3O," for allegedly renting large numbers of cloud servers to conduct crypto mining and then skipping out on paying the bills.
The Cyber Express
A dark web actor has allegedly proposed the Telecom Argentina access sale for $100 on a hacking forum. According to
CyberNews
A senior security engineer has been found guilty of multiple attacks on decentralized cryptocurrency exchanges
The Hacker News
Former security engineer sentenced to 3 years for stealing $12.3M from crypto exchanges using insider skills.
Bleeping Computer
Former Amazon security engineer Shakeeb Ahmed was sentenced to three years in prison for hacking two cryptocurrency exchanges in July 2022 and stealing over $12 million.
Bleeping Computer
A Romanian botnet group named 'RUBYCARP' is leveraging known vulnerabilities and performing brute force attacks to breach corporate networks and compromise servers for financial gain.
Infosecurity News
Sysdig stated that by deploying multiple miners, the group decreased attack time and detection risk
HACKRead
The IntelBroker hacker and their affiliates have leaked a trove of sensitive records, which they claim jeopardize the United States national security.
Bleeping Computer
A new hacking campaign dubbed "ShadowRay" targets an unpatched vulnerability in Ray, a popular open-source AI framework, to hijack computing power and leak sensitive data from thousands of companies.
SC Magazine
After authorities disrupted LockBit and ALPHV/BlackCat, smaller extortion groups are scrambling to recruit their former affiliates.
Trend Micro
CVE-2024-27198 and CVE-2024-27199 are vulnerabilities within the TeamCity On-Premises platform that can allow attackers to gain administrative control over affected systems.
Krebs on Security
Borrowing from the playbook of ransomware purveyors, the darknet narcotics bazaar Incognito Market has begun extorting all of its vendors and buyers, threatening to publish cryptocurrency transaction and chat records of users who refuse to pay a fee ranging from…
HACKRead
The IntelBroker hacker claims to have breached Acuity, a US federal contractor and is now selling data belonging to ICE and USCIS
Cyber Security News
ANY.RUN, an interactive malware sandbox, has published a comprehensive analysis of the growing threat that crypto-malware poses.
DarkReading
More than 3,000 unique attacks hitting Hadoop and Druid honeypots in just the past month indicate an attacker testing phase.
Bleeping Computer
Security researchers discovered a new campaign that targets Redis servers on Linux hosts using a piece of malware called 'Migo' to mine for cryptocurrency.
Security Affairs
The Raccoon Infostealer operator, Mark Sokolovsky, was extradited to the US from the Netherlands to appear in a US court.
HACKRead
The hackers, infamously known as IntelBroker and Sanggiero, claim to possess a trove of data from Robert Half stolen through a data breach.
The Hacker News
Cybercriminals are targeting Mexican users with a new variant of the Mispadu banking malware, exploiting a patched Windows SmartScreen bypass flaw
HACKRead
Cybersecurity researchers have identified threat actors on a dark web forum selling AnyDesk accounts, ranging from 18,000 to 30,000 accounts.
Bleeping Computer
A financially motivated threat actor using USB devices for initial infection has been found abusing legitimate online platforms, including GitHub, Vimeo, and Ars Technica, to host encoded payloads embedded in seemingly benign content.
DataBreaches
Ashish Khaitan reports: The IntelBroker hacker group has claimed responsibility for a potential cyberattack on a popular (undisclosed) mobile banking app...
The Cyber Express
The IntelBroker hacker group has claimed responsibility for a potential cyberattack on a popular (undisclosed) mobile banking app boasting over
Bleeping Computer
Julius Aleksanteri Kivimäki, the suspect believed to be behind an attack against one of Finland's largest psychotherapy clinics, Vastaamo, was allegedly identified by tracing what has been believed to be untraceable Monero transactions.
Ars Technica
Stablecoins like Tether also used for scams and sanctions evasion.
Bleeping Computer
A new campaign targeting vulnerable Docker services deploys an XMRig miner and the 9hits viewer app on compromised hosts, allowing a dual monetization strategy.
SecurityWeek
Ukrainian authorities have arrested an individual allegedly involved in a $2 million cryptojacking operation.
Security Affairs
Researchers devised a new attack that exploits misconfigurations in Apache Hadoop and Flink to deploy cryptocurrency miners.
Bleeping Computer
A 29-year-old man in Ukraine was arrested this week for using hacked accounts to create 1 million virtual servers used to mine $2 million in cryptocurrency.
Bleeping Computer
A 29-year-old man in Ukraine was arrested this week for using hacked accounts to create 1 million virtual servers used to mine $2 million in cryptocurrency.
The Hacker News
29-year-old Ukrainian arrested for a major cryptojacking scheme, netting over $2M in profits.
The Hacker News
New cyberattack targets Apache Hadoop & Flink using misconfigurations to deploy crypto miners
DarkReading
The adversary is exploiting two known misconfigurations in the big data technologies to drop a Monero cryptominer.
Bleeping Computer
Security researchers are detecting hundreds of IP addresses on a daily basis that scan or attempt to exploit Apache RocketMQ services vulnerable to a remote command execution flaw identified as CVE-2023-33246 and CVE-2023-37582.
Bleeping Computer
In 2023, we saw numerous law enforcement operations targeting cybercrime operations, including cryptocurrency scams, phishing attacks, credential theft, malware development, and ransomware attacks.
Cyber Security News
Kingdom Market, a dark web marketplace that sold drugs, malicious software, criminal services, and counterfeit documents.
HACKRead
The 8220 Gang is exploiting multiple vulnerabilities, including the Oracle WebLogic Server vulnerability, to propagate cryptojacking malware in the Americas, Europe, and Africa.
The Hacker News
German law enforcement takes down dark web giant "Kingdom Market," specializing in narcotics and malware sales to tens of thousands of users.
Infosecurity News
Police in Germany have dismantled notorious drugs and cybercrime marketplace Kingdom Market
The Cyber Express
German law enforcement agencies have successfully taken down Kingdom Market, a notorious darknet marketplace serving as a hub for illegal
Security Affairs
The German police seized the dark web marketplace Kingdom Market as a result of an international law enforcement operation.
Bleeping Computer
The Federal Criminal Police Office in Germany (BKA) and the internet-crime combating unit of Frankfurt (ZIT) have announced the seizure of Kingdom Market, a dark web marketplace for drugs, cybercrime tools, and fake government IDs.
The Record
German police said they posted a takedown notice on the website and are now analyzing Kingdom Market's server infrastructure to identify the people behind the website's operation.
The DFIR Report
This report is a little different than our typical content. We were able to analyze data from a perspective we typically don’t get to see… a threat actor’s host! In … Read More
The Record
Shakeeb Ahmed, 34, faces up to five years in federal prison for two separate multimillion-dollar hacks in July 2022 of decentralized cryptocurrency exchanges.
Bleeping Computer
A new cybercrime marketplace, OLVX, has emerged and is quickly gaining new customers looking to purchase tools to conduct online fraud and cyberattacks.
Cyber Security News
The Apache ActiveMQ vulnerability was actively targeted by threat actors to get unauthorized access to messaging systems.
The DFIR Report
In December 2022, we observed an intrusion on a public-facing MSSQL Server, which resulted in BlueSky ransomware. First discovered in June 2022, BlueSky ransomware has code links to Conti and … Read More
CSO
General Electric has confirmed that it has started an investigation into the data breach claims made by IntelBroker.
CyberNews
New ransomware linked by security researchers to suspected scammers who pretended to sell passport details on the dark web.
DarkReading
Active exploit of the critical RCE flaw targets Linux systems to achieve full system compromise.
Cyber Security News
An attack campaign that installs XMRig Coinminer on Windows web servers that run on Apache has been discovered recently.
Bleeping Computer
The Kinsing malware operator is actively exploiting the CVE-2023-46604 critical vulnerability in the Apache ActiveMQ open-source message broker to compromise Linux systems.
Trend Micro
We uncovered the active exploitation of the Apache ActiveMQ vulnerability CVE-2023-46604 to download and infect Linux systems with the Kinsing malware (also known as h2miner) and cryptocurrency miner.
DataBreaches
On November 2, DataBreaches reported that the same threat actors that had hacked and exfiltrated data from Clark County School District in Las Vegas had also...
Cyber Security News
welcome to Cyber Writes' weekly publication - the Threat and Vulnerability Roundup! Get ready to dive into the latest and greatest in cybersecurity, as we bring you the most up-to-date information each week.
The Hacker News
StripedFly, a stealthy malware posing as a crypto miner, has infected over a million devices worldwide and has flown under the radar for 5 years.
DataBreaches
How many school districts have to get massively hacked by the same method before the U.S. Department of Education, CISA, and states start really pressuring...
Cyber Security News
Recently, under the name EleKtra-Leak has been identified, to be targeting AWS credentials within minutes of their public exposure on GitHub.
SecurityWeek
A threat actor has been using automated tools to clone public GitHub repositories and harvest AWS IAM credentials.
DarkReading
Cyber adversaries are scanning public GitHub repositories in real-time, evading Amazon quarantine controls, and harvesting AWS keys.
DarkReading
Cyber adversaries are scanning public GitHub repositories in real-time, evading Amazon quarantine controls, and harvesting AWS keys.
Bleeping Computer
A new NuGet typosquatting campaign pushes malicious packages that abuse Visual Studio's MSBuild integration to execute code and install malware stealthily.
The Hacker News
Cybersecurity experts uncover a coordinated malware campaign on NuGet package manager. Get the details now:
The Hacker News
EleKtra-Leak cryptojacking campaign is exploiting exposed AWS IAM credentials on public GitHub repositories
CyberScoop
The Russian cybersecurity firm discovered sophisticated malware that combined cryptocurrency mining and espionage capabilities.
Bleeping Computer
A sophisticated cross-platform malware platform named StripedFly flew under the radar of cybersecurity researchers for five years, infecting over a million Windows and Linux systems during that time.
DarkReading
Sophisticated Windows and Linux malware for stealing data and conducting cyber espionage has flown under the radar, disguised as a cryptominer.
Cyber Security News
The FBI warned about attacks on government and non-profit organizations in April, which involved deploying multiple malware strains on victim devices.
The Record
A malware campaign that the U.S. warned about in April is still dumping cryptominers, keyloggers and more on organizations worldwide, Kaspersky said.
The Record
Hackers are using a leaked toolkit used to create do-it-yourself versions of the popular LockBit ransomware, making it easy for even amateur cybercriminals to target common vulnerabilities.
Bleeping Computer
A group of cyber activists under the Ukrainian Cyber Alliance banner has hacked the servers of the Trigona ransomware gang and wiped them clean after copying all the information available.
The Record
The Ukrainian Cyber Alliance hacktivism group says it wiped out the Trigona gang's servers, defaced its website and exfiltrated data about the operation.
Bleeping Computer
Malicious NuGet packages appearing to have over 2 million downloads impersonate crypto wallets, crypto exchange, and Discord libraries to infect developers with the SeroXen remote access trojan.
The Hacker News
Malicious NuGet package distributing SeroXen RAT targets .NET developers.
Cyber Security News
A new malware-as-a-service (MaaS) loader under the name “BunnyLoader” has been discovered to be sold in multiple hacking forums.
SecurityWeek
A high-severity vulnerability can be exploited to execute code remotely on any Windows endpoint within a Kubernetes cluster.
The Record
Researchers identified a new phishing campaign that uses Microsoft Word documents to distribute malware that can log what a victim types, siphon cryptocurrency funds, and steal sensitive data.
Infosecurity News
Apache flaw can enable remote command execution
Loading more articles....