Security News

EFF on the UN Cybercrime Treaty
2023-04-19 10:07

EFF has a good explainer on the problems with the new UN Cybercrime Treaty, currently being negotiated in Vienna. The draft treaty has the potential to rewrite criminal laws around the world, possibly adding over 30 criminal offenses and new expansive police powers for both domestic and international criminal investigations.

FIN7 and Ex-Conti Cybercrime Gangs Join Forces in Domino Malware Attacks
2023-04-17 13:50

A new strain of malware developed by threat actors likely affiliated with the FIN7 cybercrime group has been put to use by the members of the now-defunct Conti ransomware gang, indicating collaboration between the two crews. The latest intrusion wave, spotted by IBM Security X-Force two months ago, involves the use of Dave Loader, a crypter previously attributed to the Conti group, to deploy the Domino backdoor.

Russia-pushed UN Cybercrime Treaty may rewrite global law. It's ... not great
2023-04-14 23:46

The UN Cybercrime Treaty, to the extent it gets adopted, is expected to define global norms for lawful surveillance and legal processes available to investigate and prosecute cybercriminals. What concerns Rodriguez and other representatives of advocacy groups at the briefing is that the treaty negotiators will compromise on surveillance, privacy, and human rights.

RTM Locker: Emerging Cybercrime Group Targeting Businesses with Ransomware
2023-04-13 16:40

"The 'Read The Manual' Locker gang uses affiliates to ransom victims, all of whom are forced to abide by the gang's strict rules," cybersecurity firm Trellix said in a report shared with The Hacker News. Attack chains mounted by the group have since evolved to deploy a ransomware payload on compromised hosts.

FBI Cracks Down on Genesis Market: 119 Arrested in Cybercrime Operation
2023-04-06 09:01

"Account access credentials advertised for sale on Genesis Market included those connected to the financial sector, critical infrastructure, and federal, state, and local government agencies," the U.S. Department of Justice said in a statement. DoJ called Genesis Market one of the "Most prolific initial access brokers in the cybercrime world."

North Korean APT43 Group Uses Cybercrime to Fund Espionage Operations
2023-03-29 05:32

A new North Korean nation-state cyber operator has been attributed to a series of campaigns orchestrated to gather strategic intelligence that aligns with Pyongyang's geopolitical interests since 2018. "APT43 is a prolific cyber operator that supports the interests of the North Korean regime," Mandiant researchers said in a detailed technical report published Tuesday.

FBI confirms access to Breached cybercrime forum database
2023-03-24 21:59

Today, the FBI confirmed they have access to the database of the notorious BreachForums hacking forum after the U.S. Justice Department also officially announced the arrest of its owner. 20-year-old Conor Brian Fitzpatrick was charged for his involvement in the theft and sale of sensitive personal information belonging to "Millions of U.S. citizens and hundreds of U.S. and foreign companies, organizations, and government agencies" on the Breached cybercrime forum.

BreachForums shuts down ... but the RaidForums cybercrime universe will likely spawn a trilogy
2023-03-22 00:45

BreachForums has reportedly shut down for good, just days after US authorities arrested the online criminal marketplace's alleged chief administrator. BreachForums appeared on the dark web shortly after the demise of a similar stolen-data bazaar, RaidForums.

Alleged BreachForums owner ‘Pompompurin’ arrested on cybercrime charges
2023-03-17 23:32

U.S. law enforcement arrested on Wednesday a New York man believed to be Pompompurin, the owner of the BreachForums hacking forum. During the arrest, the defendant allegedly admitted that his real name was Connor Brian Fitzpatrick and that he was Pompourin, the owner of the Breach Forums cybercrime forum.

Hacker leaks alleged Activision employee data on cybercrime forum
2023-02-27 17:08

A threat actor has posted data the alleged data stolen from American game publisher Activision in December 2022 on a hacking forum, highlighting the data's value for phishing operations. In a forum post to the Breached hacking forum, a website used by threat actors to sell and publish stolen data, the hackers claims to have stolen the data from Activision Azure database.