Security News

India is grappling with a three-and-a-half year surge in cyber crime, with analysis suggesting cities like Bengaluru and Gurgaon - centers of India's tech development - are also hubs of evil activity. The report - A Deep Dive into Cybercrime Trends Impacting India from the non-profit Future Crime Research Foundation - identified cyber crime hot spots, as well as the most popular types of infosec assaults, from January 2020 until June 2023.

A new malware loader called HijackLoader is gaining traction among the cybercriminal community to deliver various payloads such as DanaBot, SystemBC, and RedLine Stealer. The disclosure comes as Flashpoint disclosed details of an updated version of an information-stealing malware known as RisePro that was previously distributed via a pay-per-install malware downloader service dubbed PrivateLoader.

The U.K. and U.S. governments on Thursday sanctioned 11 individuals who are alleged to be part of the notorious Russia-based TrickBot cybercrime gang. "Russia has long been a safe haven for cybercriminals, including the TrickBot group," the U.S. Treasury Department said, adding it has "Ties to Russian intelligence services and has targeted the U.S. Government and U.S. companies, including hospitals."

The USA and the United Kingdom have sanctioned eleven Russian nationals associated with the TrickBot and Conti ransomware cybercrime operations. After numerous takedown attempts by the U.S. government, the Conti ransomware gang took control of the TrickBot operation and its development, using it to enhance more advanced and stealthy malware, such as BazarBackdoor and Anchor.

The likelihood of substantially more frequent, devious, and harmful attacks is portended by the complex attacks on connected cars that we have seen devised by industry researchers. How are attacks on tomorrow's connected cars likely to evolve?

A controversial United Nations proposal has a new foe, Microsoft, which has joined the growing number of organizations warning delegates that the draft version of the UN cybercrime treaty only succeeds in justifying state surveillance - not stopping criminals, as originally intended. "The risk is that the treaty will not be a tool for prosecuting criminals but rather a weapon that allows for intrusive data access and surveillance instruments," she wrote in a LinkedIn post.

From BT and Nvidia to Grand Theft Auto 6, pair were on a total tear Two teenage members of the chaotic Lapsus$ cyber-crime gang helped compromise computer systems of Uber and Nvidia, and also...

In recent years, ransomware groups have evolved their tactics to not only encrypt data but also exfiltrate it, making it a double-edged weapon for extortion. The rise of data extortion ransomware has coincided with a dramatic increase in both the number of groups active and the number of attacks against organizations.

A "Staggering" 120,000 computers infected by stealer malware have credentials associated with cybercrime forums, many of them belonging to malicious actors. "Hackers around the world infect computers opportunistically by promoting results for fake software or through YouTube tutorials directing victims to download infected software," Hudson Rock CTO Alon Gal told The Hacker News.

Israeli cyber-intelligence firm KELA notes that although hacktivism appears to be about causing service disruption through DDoS attacks or reputation damage via data leaks, the modus operandi of these threat groups encompasses a broader scope of activities, including common cybercrime tactics. Starting with the pro-Russia group Killnet, KELA says the hacktivists promoted a botnet for hire in November 2021, but their monetization methods expanded significantly in 2023.