Security News

The criminal charges come as Iran has apparently stepped up its malicious activity against America and its allies - exploiting well-known software vulnerabilities to conduct espionage, deploy ransomware, steal money, data and credentials and good old-fashioned election misinformation and meddling, according to the government and private security firms. The trio are accused of conducting a hacking campaign to break into computer systems of "Hundreds of victims" in the US, UK, Israel, Iran and other countries, according to court documents [PDF].

Google says some former Conti ransomware gang members, now part of a threat group tracked as UAC-0098, are targeting Ukrainian organizations and European non-governmental organizations. Google TAG says its attribution is based on multiple overlaps between UAC-0098, Trickbot, and the Conti cybercrime group.

KELA surveyed 400 security team members in the US who were responsible for gathering cybercrime threat intelligence daily to better understand if they're proactively scanning the dark web and other cybercrime sources, what tools they're using, the gaps they see in their cybercrime threat intelligence approach, and more. "We found organizations may be less prepared for threats emerging from the cybercrime underground than they should be," said David Carmiel, CEO of KELA. "At KELA, our extensive intelligence expertise has shown us just how complex the cybercrime underground really is. The threats are much more comprehensive, and what organizations know and refer to as the dark web is changing within the hour."

The National Police of Ukraine took down a network of call centers used by a cybercrime group focused on financial scams and targeting victims of cryptocurrency scams under the guise of helping them recover their stolen funds. The fraudsters behind these illegal call centers were also allegedly involved in scamming citizens of Ukraine and European Union countries interested in cryptocurrency, securities, gold, and oil investments.

Nation-state threat actors are increasingly adopting and integrating the Sliver command-and-control framework in their intrusion campaigns as a replacement for Cobalt Strike. Sliver, first made public in late 2019 by cybersecurity company BishopFox, is a Go-based open source C2 platform that supports user-developed extensions, custom implant generation, and other commandeering options.

A financially motivated cybercrime group has been linked to an ongoing wave of attacks aimed at hospitality, hotel, and travel organizations in Latin America with the goal of installing malware on compromised systems. Enterprise security firm Proofpoint, which is tracking the group under the name TA558 dating all the way back to April 2018, called it a "Small crime threat actor."

A Minnesota computer store suing its crime insurance provider has had its case dismissed, with the courts saying it was a clear instance of social engineering, a crime for which the insurer was only liable to cover a fraction of total losses. Travelers, which filed a motion to dismiss, said SJ's policy clearly delineated between computer fraud and social engineering fraud.

Three different offshoots of the notorious Conti cybercrime cartel have resorted to the technique of call-back phishing as an initial access vector to breach targeted networks. "Three autonomous threat groups have since adopted and independently developed their own targeted phishing tactics derived from the call back phishing methodology," cybersecurity firm AdvIntel said in a Wednesday report.

Protect your business from cybercrime with this dark web monitoring service We may be compensated by vendors who appear on this page through methods such as affiliate links or sponsored partnerships. In addition to using a VPN and anti-malware software, it's also smart to invest in a service like Dark Web Monitoring for Business.

Cybercrime is being supercharged through "Plug and play" malware kits that make it easier than ever to launch attacks. The HP Wolf Security threat team worked with Forensic Pathways, a leading group of global forensic professionals, on a three-month dark web investigation, scraping and analyzing over 35 million cybercriminal marketplaces and forum posts to understand how cybercriminals operate, gain trust, and build reputation.