A joint operation of European law enforcement agencies and coordinated by Europol dismantled a criminal ring involved in investment fraud. A joint investigation of European law enforcement agencies supported by Europol and Eurojust dismantled a large criminal network involved in investment fraud and money laundering. The operation, led by Germany, involved authorities from Bulgaria, Israel, Latvia, […]
The post European police dismantle major online investment fraud ring that causes €30 Million in losses appeared first on Security Affairs.
Read More European police dismantle major online investment fraud ring that causes €30 Million in losses
Modern ransomware has two dimensions: pay to get your data back, and pay not to have your data dumped on the Internet. The DC police are the victims of this ransomware, and the criminals have just posted personnel records — “including the results of psychological assessments and polygraph tests; driver’s license images; fingerprints; social security numbers; dates of birth; and residential, financial, and marriage histories” — for two dozen police officers.
The negotiations don’t seem to be doing well. The criminals want $4M. The DC police offered them $100,000…
Read More Ransomware Is Getting Ugly
President Joe Biden said Thursday that Vladimir Putin was not connected to a Russia-based criminal cyber attack on a huge US fuel pipeline but that he will raise the issue at an expected summit.
Read More Biden to Bring Up Russian Hackers Issue With Putin
The operation was carried out against an organized group that used online trading platforms to swindle victims out of US$36 million
Read More European police bust major online investment fraud ring
The post European police bust major online investment fraud ring appeared first on WeLiveSecurity
U.K. Foreign Secretary Dominic Raab on Wednesday urged global cooperation to combat cyberattacks by “hostile state actors” and criminal gangs.
Read More UK Foreign Secretary Calls for Cooperation on Cybersecurity
Raab also pledged 22 million pounds ($31 million) in support to “vulnerable” countries in Africa and the Indo…
Norway-based green energy solutions provider Volue has been working on restoring systems after being targeted in a ransomware attack.
Read More Green Energy Company Volue Hit by Ransomware
All that glisters is not gold/Often have you heard that told/Gilded tombs do worms enfold
Read More Beware fake online trading apps, on iOS as well as Android
In 2020, Apple removed or rejected hundreds of thousands of applications from the App Store for engaging in various forms of fraudulent behavior, including spam, mischief, and privacy violations.
Read More Apple Removed 95,000 Fraudulent Applications From App Store in 2020
Following the ransomware attack that impacted the pipeline operated by Georgia-based Colonial Pipeline, security firms are providing detailed information on the cybercriminal gang behind the attack.
Read More Security Researchers Dive Into DarkSide Ransomware
Many CISOs see themselves as Superman — soaring overhead, cape fluttering, and ready to swoop in and save the day at a moment’s notice if a crisis arises. There have been entire summits and award ceremonies based around the idea of CISOs as superheroes…
Read More The best CISOs think like Batman, not Superman
This is a major story: a probably Russian cybercrime group called DarkSide shut down the Colonial Pipeline in a ransomware attack. The pipeline supplies much of the East Coast. This is the new and improved ransomware attack: the hackers stole nearly 100 gig of data, and are threatening to publish it. The White House has declared a state of emergency and has created a task force to deal with the problem, but it’s unclear what they can do. This is bad; our supply chains are so tightly coupled that this kind of thing can have disproportionate effects…
Read More Ransomware Shuts Down US Pipeline
The small organization has been led by four East European nationals that pleaded guilty to conspiring to cyber-crime activities and “engage in a Racketeer Influenced Corrupt Organization (RICO) arising from their providing ‘bulletproof hosting’ service…
Read More Bulletproof Hosting Admins Admit Guilt
The city of Tulsa, Oklahoma, has been hit by a ransomware attack over the weekend that impacted its government’s network and shut down its websites. One of the biggest cities in the US by population size, the City of Tulsa, was victim of a ransomware attack that affected its government’s network and forced the shutdown […]
The post City of Tulsa, is the last US city hit by ransomware attack appeared first on Security Affairs.
Read More City of Tulsa, is the last US city hit by ransomware attack
U.S. CISA has published an analysis of the FiveHands ransomware, the same malware that was analyzed a few days ago by researchers from FireEye’s Mandiant experts. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) has published an analysis of the FiveHands ransomware that was recently detailed by FireEye’s Mandiant. At the end of April, researchers […]
The post CISA MAR report provides technical details of FiveHands Ransomware appeared first on Security Affairs.
Read More CISA MAR report provides technical details of FiveHands Ransomware
Microsoft is warning of a large-scale BEC campaign that targeted hundreds of organizations leveraging typo-squatted domains registered days before the attacks. Business email compromise (BEC) attacks represent a serious threat for organizations worldwide, according to the annual report released by FBI’s Internet Crime Complaint Center, the 2020 Internet Crime Report, in 2020, the IC3 received 19,369 Business […]
The post Microsoft warns of a large-scale BEC campaign to make gift card scam appeared first on Security Affairs.
Read More Microsoft warns of a large-scale BEC campaign to make gift card scam
The attack overwhelmed the systems of a Belgian ISP, leading to widespread service outages and disruptions
Read More DDoS attack knocks Belgian government websites offline
The post DDoS attack knocks Belgian government websites offline appeared first on WeLiveSecurity
A new cybercrime gang, tracked as UNC2529, has targeted many organizations in the US and other countries using new sophisticated malware. A new financially motivated threat actor, tracked by FireEye Experts as UNC2529, has targeted many organizations in the United States and other countries using several new pieces of malware. The group targeted the organization […]
The post UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware appeared first on Security Affairs.
Read More UNC2529, a new sophisticated cybercrime gang that targets U.S. orgs with 3 malware
Financial institutions (FIs), such as banks and insurance providers, are reporting significantly increased threat levels from COVID-related cybercrime, according to a research by BAE Systems Applied Intelligence. A huge jump in new pandemic-related thr…
Read More Financial institutions experiencing jump in new pandemic-related threats
The agency’s new initiative will also warn about the high cost of the free lunch – the increased risk of malware exposure
Read More INTERPOL aims to deal a blow to digital piracy
The post INTERPOL aims to deal a blow to digital piracy appeared first on WeLiveSecurity
The Threat Report Portugal: Q1 2021 compiles data collected on the malicious campaigns that occurred from January to March, Q1, of 2021. Threat Report Portugal Q1 2021: Phishing and malware by numbers. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática. This feed is […]
The post Threat Report Portugal: Q1 2021 appeared first on Security Affairs.
Read More Threat Report Portugal: Q1 2021
Babuk ransomware operators shut down their affiliate program and announced to stop using ransomware, the group plans to move on data theft. Recently the Babuk ransomware operators made the headlines for the ransomware attack against the DC Police Department. Experts believe that the decision of the group to leave the ransomware practice could be the […]
The post Babuk crew announced it will stop ransomware attacks appeared first on Security Affairs.
Read More Babuk crew announced it will stop ransomware attacks
UNICC and Group-IB detected and took down a massive multistage scam campaign circulating online on April 7, World Health Day. Group-IB, a global threat hunting and adversary-centric cyber intelligence company that specializes in investigating hi-tech cybercrimes, and the United Nations International Computing Centre (UNICC), detected and took down a massive multistage scam campaign circulating online on April 7, World Health Day. […]
The post Saving World Health Day: UNICC and Group-IB take down scam campaign impersonating the World Health Organization appeared first on Security Affairs.
Read More Saving World Health Day: UNICC and Group-IB take down scam campaign impersonating the World Health Organization
The data breach notification site now allows you to check if your login credentials may have been compromised by Emotet
Read More FBI teams up with ‘Have I Been Pwned’ to alert Emotet victims
The post FBI teams up with ‘Have I Been Pwned’ to alert Emotet victims appeared first on WeLiveSecurity
Listen now – latest episode – lots of fun but with a serious (and educational!) side.
Read More S3 Ep30: AirDrop worries, Linux pests and ransomware truths [Podcast]
In December 2020, the world discovered that the SolarWinds’ Orion Platform had been compromised by cybercriminals, potentially affecting thousands of businesses the world over. Security groups such as the National Cyber Security Centre (NCSC) pro…
Read More The Winds of Change – What SolarWinds Teaches Us
What is REvil? REvil is an ambitious criminal ransomware-as-a-service (RAAS) enterprise that first came to prominence in April 2019, following the demise of another ransomware gang GandCrab. The REvil group is also known sometimes by other names such a…
Read More REvil ransomware – what you need to know
Excellent New Yorker article on North Korea’s offensive cyber capabilities.
Read More On North Korea’s Cyberattack Capabilities
Gustafsson’s firm, founded when she was 30, is marketed as a digital parallel of a human body fighting illnessPoppy Gustafsson runs a cutting-edge and gender-diverse cybersecurity firm on the brink of a £3bn stock market debut, but she is happy to refe…
Read More Poppy Gustafsson: the Darktrace tycoon in new cybersecurity era
Easy to redeem and hard to trace, gift cards remain a hot commodity in the criminal underground
Read More $38 million worth of gift cards stolen and sold on dark web
The post $38 million worth of gift cards stolen and sold on dark web appeared first on WeLiveSecurity
The company was left to deal with three months’ worth of IT problems
Read More Vengeful IT worker gets jail time for deleting company’s Microsoft user accounts
The post Vengeful IT worker gets jail time for deleting company’s Microsoft user accounts appeared first on WeLiveSecurity
The Bureau received over 28,000 reports of COVID-19-themed scams last year
Read More FBI: Cybercrime losses topped US$4.2 billion in 2020
The post FBI: Cybercrime losses topped US$4.2 billion in 2020 appeared first on WeLiveSecurity
Mandiant/FireEye researchers have tentatively linked the Accellion FTA zero-day attacks to FIN11, a cybercrime group leveraging CLOP ransomware to extort targeted organizations. Accellion has also confirmed on Monday that “out of approximately 30…
Read More Accellion FTA attacks, extortion attempts might be the work of FIN11
FireEye experts linked a series of attacks targeting Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. Security experts from FireEye linked a series of cyber attacks against organizations running Accellion File Transfer Appliance (FTA) servers to the cybercrime group UNC2546, aka FIN11. “Starting in mid-December 2020, malicious actors that Mandiant […]
The post FIN11 cybercrime group is behind recent wave of attacks on FTA servers appeared first on Security Affairs.
Read More FIN11 cybercrime group is behind recent wave of attacks on FTA servers
Malwarebytes announced the findings of its report which explores how the global pandemic forced many employees to quickly become a remote workforce and confined consumers to their homes. In the wake of this change, cybercriminals ditched many of their …
Read More Criminals leveraging shift to remote work to develop targeted attacks
The Federal Bureau of Investigation (FBI) has issued a warning about the risks of telephony denial-of-service (TDoS) attacks on call centers. The United States’ Federal Bureau of Investigation (FBI) is warning of the consequences of telephony denial-of-service (TDoS) attacks on call centers, which in some cases could threaten people’s lives. TDoS attacks could render telephone systems unavailable […]
The post FBI warns of the consequences of telephony denial-of-service (TDoS) attacks appeared first on Security Affairs.
Read More FBI warns of the consequences of telephony denial-of-service (TDoS) attacks
How 2020 Has Shaped The Way We Live Our Lives I’ve had such a busy morning! I’ve hunted down my favourite foundation, bought a puzzle mat, stocked up on special dog food for our naughty new puppy, ordered the groceries, made a few appointments and chatted with several friends. And guess what? I haven’t left […]
The post How 2020 Has Shaped The Way We Live Our Lives appeared first on McAfee Blogs.
Read More How 2020 Has Shaped The Way We Live Our Lives
Researchers from threat intelligence Cyble have discovered threat actors abusing the Ngrok platform in a fresh phishing campaign. Researchers at the threat intelligence firm Cyble discovered a new wave of phishing attacks targeting multiple organizations that are abusing the ngrok platform, a secure and introspectable tunnel to the localhost. ngrok is a cross-platform application used to […]
The post Hackers abusing the Ngrok platform phishing attacks appeared first on Security Affairs.
Read More Hackers abusing the Ngrok platform phishing attacks
An international operation conducted in Ukraine and France lead to the arrest of criminals believed to be affiliated with the Egregor RaaS. Some affiliated with the Egregor RaaS, not the main ransomware gang, have been arrested as a result of a joint operation conducted by law enforcement in Ukraine and France. Authorities did not reveal […]
The post French and Ukrainian police arrested Egregor ransomware affiliates/partners in Ukraine appeared first on Security Affairs.
Read More French and Ukrainian police arrested Egregor ransomware affiliates/partners in Ukraine
Social media is no stranger to scams. However, recent trends show scammers have started to show more aggression toward businesses since the beginning of the pandemic. Being able to recognize these scams can help you prevent injury to your business. Soc…
Read More Scams Starting on Social Media and Targeting Your Business
The administrators of the most popular carding marketplace on the dark web Joker’s Stash announced his retirement. Cybercriminal behind the most prominent carding marketplace on the dark web Joker’s Stash retires, he will shut down its servers and destroy the backups. According to Forbes, the man has amassed a billion dollars worth of Bitcoin with […]
The post The kingpin behind Joker’s Stash retires with a billionaire exit appeared first on Security Affairs.
Read More The kingpin behind Joker’s Stash retires with a billionaire exit
Practical tips on how to avoid getting scammed in the first place, as well as what to do if it does happen.
Read More Fallen victim to online fraud? Here’s what to do…
The COVID-19 pandemic continued to influence the cybercrime landscape in 2020, ESET reveals. Most notably, the new attack surface created by the shift to work from home brought further growth of Remote Desktop Protocol (RDP) attacks, albeit at a slower…
Read More Researchers spot massive increase in RDP attack attempts
In November last year, we lost our much-loved family dog. We were all so devasted. Harley was a very handsome black and white Cavoodle who died from a paralysis tick bite after giving us 12 years of love. After lots of tears and weeks of sadness, we have decided it’s time to start our search […]
The post Here’s What I’m Doing to Avoid Being Caught Up in A Puppy Scam appeared first on McAfee Blogs.
Read More Here’s What I’m Doing to Avoid Being Caught Up in A Puppy Scam
British police have arrested eight men in connection with a series of SIM-swapping attacks which saw criminals hijack the social media accounts of well-known figures and their families. The UK’s National Crime Agency (NCA) says it made arrests in…
Read More Eight men arrested following celebrity SIM-swapping attacks
A total of eight criminals have been arrested on 9 February as a result of an international police operation into a series of SIM swapping attacks. Eight men were arrested in England and Scotland as part of a year-long international investigation into a series of SIM swapping attacks targeting high-profile victims in the United States. […]
The post Law enforcement arrested 8 people that targeted celebrities with SIM swapping attacks appeared first on Security Affairs.
Read More Law enforcement arrested 8 people that targeted celebrities with SIM swapping attacks
Thanks to cyberattacks making regular headlines in the news, it’s no secret that massive data breaches are a significant threat to organizations. However, a report from F-Secure highlights the rarely-discussed impact these attacks can have on people an…
Read More People are often the collateral damage of attacks on corporations
An international operation conducted by Ukraine’s police, along with the US and Australia peers, shut down the world’s largest phishing Service U-Admin. Last week, an international operation conducted by Ukraine’s police, along with the US and Australian authorities, lead to the shut down of the world’s phishing framework U-Admin. The National Police and its Main […]
The post Ukraine’s police arrested the author of the U-Admin phishing kit appeared first on Security Affairs.
Read More Ukraine’s police arrested the author of the U-Admin phishing kit
While the incursion was thwarted in time, cyberattacks targeting critical infrastructure are a major cause for concern
Read More Hacker attempts to poison Florida city’s water supply
The post Hacker attempts to poison Florida city’s water supply appeared first on WeLiveSecurity
The law enforcement action is one of the most significant operations against cybercriminal enterprises ever
Read More Emotet botnet disrupted in global operation
The post Emotet botnet disrupted in global operation appeared first on WeLiveSecurity
Exclusive: former cybersecurity chief calls for law change and warns situation is ‘close to getting out of control’Insurers are inadvertently funding organised crime by paying out claims from companies who have paid ransoms to regain access to data and…
Read More Insurers ‘funding organised crime’ by paying ransomware claims
Kaspersky investigators uncover evidence that may support US claims Moscow was behind attackA Moscow-based cybersecurity company has reported that some of the malicious code employed against the US government in a cyber-attack last month overlaps with …
Read More Global cyber-espionage campaign linked to Russian spying tools
Detection is a key point in threat hunting. During the past few weeks, stright in the middle of the winter “holidays” (well, maybe if you live in a place where no COVID-19 lockdown was involved), many people re/started a studying program on cybersecurity. Some of them wrote to me asking if there is a way […]
Read More C2 Traffic Patterns: Personal Notes
It’s hardly fun and games for top gaming companies and their customers as half a million employee credentials turn up for sale on the dark web
Read More Stolen employee credentials put leading gaming firms at risk
The post Stolen employee credentials put leading gaming firms at risk appeared first on WeLiveSecurity
A roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, December 2020.A suspected nation-state sophisticated cyber-attack of SolarWinds which led to the distribu…
Read More Cyber Security Roundup for January 2021
UK police also give some food for thought to those on the verge of breaking the law
Read More 21 arrested after allegedly using stolen logins to commit fraud
The post 21 arrested after allegedly using stolen logins to commit fraud appeared first on WeLiveSecurity
Article by Beau PetersThe movie industry is infamous for its loose depictions of hacking and cybersecurity. Hollywood often gets a lot wrong about hacking and digital protections, but what does it get right? The power of film in influencing the future …
Read More Fact vs. Fiction: Film Industry’s Portrayal of Cybersecurity
Analysis: trade in stolen data is a boon for investigators and a headache for KremlinIn early 2019, the journalist Andrei Zakharov managed to buy his own phone and banking records in a groundbreaking investigation into Russia’s thriving markets in stol…
Read More Outing of FSB hit squad highlights Russia’s data security problem
How To Stay Safe While Shopping Online This Holiday Season I’m pleased to report that I’ve achieved a number of personal bests in 2020 but the one I’m most proud about is my achievement in the highly skilled arena of online shopping. I’ve shopped online like I’m competing in the Olympics: groceries, homewares, clothing – […]
The post Christmas Shopping 2020 appeared first on McAfee Blogs.
Read More Christmas Shopping 2020
Cristiano Ronaldo tops McAfee India’s Most Dangerous Celebrity 2020 List During COVID-19, people stuck inside have scoured the internet for content to consume – often searching for free entertainment (movies, TV shows, and music) to avoid any extra costs. As these habits increase, so do the potential cyber threats associated with free internet content – […]
The post Cristiano Ronaldo tops McAfee India’s Most Dangerous Celebrity 2020 List appeared first on McAfee Blogs.
Read More Cristiano Ronaldo tops McAfee India’s Most Dangerous Celebrity 2020 List
How Searching For Your Favourite Celebrity May Not End Well 2020 has certainly been the year for online entertainment. With many Aussies staying home to stay well, the internet and all its offerings have provided the perfect way for us all to pass time. From free movies and TV shows to the latest celebrity news, […]
The post How Searching For Your Favourite Celebrity May Not End Well appeared first on McAfee Blogs.
Read More How Searching For Your Favourite Celebrity May Not End Well
Anna Kendrick Is McAfee’s Most Dangerous Celebrity 2020 During COVID-19, people stuck inside have scoured the internet for content to consume – often searching for free entertainment (movies, TV shows, and music) to avoid any extra costs. As these habits increase, so do the potential cyberthreats associated with free internet content – making our fourteenth […]
The post Anna Kendrick Is McAfee’s Most Dangerous Celebrity 2020 appeared first on McAfee Blogs.
Read More Anna Kendrick Is McAfee’s Most Dangerous Celebrity 2020
Russian cybercrime gang is believed to be responsible for taking Garmin services offlineA ransomware attack that took the GPS and smartwatch business Garmin entirely offline for more than three days is believed to have been carried out by a Russian cyb…
Read More Ransomware attack on Garmin thought to be the work of ‘Evil Corp’
US company forced to shut down call centres, website and some other online servicesGarmin down: how to still get your activities on to Strava Garmin has been forced to shut down its call centres, website and some other online services after a ransomwar…
Read More Smartwatch maker Garmin hit by outages after ransomware attack
After six months from Cyber Threats Trends launch it’s time to check its main findings. When I decided to develop my own Cyber Threats Observatory I was not sure about its effectiveness and I was even more skeptical about the real usage from international cybersecurity communities. Fortunately many students, researchers and professionals used such a […]
Read More Cyber Threats Trends 6 Months Of Findings