Security News

There's yet another group of miscreants out there hijacking insecure Ivanti devices: A new, financially motivated gang dubbed Magnet Goblin has emerged from the shadowy digital depths with a knack for rapidly exploiting newly disclosed vulnerabilities before vendors have issued a fix. The cybercrime crew has targeted US medical, manufacturing, and energy-sector organizations, according to Check Point, which said it spotted Magnet Goblin abusing security holes in Ivanti's code to break into networks back in January just one day after a proof-of-concept, or PoC, exploit was made public.

The Düsseldorf Police in Germany have seized Crimemarket, a massive German-speaking illicit trading platform with over 180,000 users, arresting six people, including one of its operators. Known as Crimemarket, it was the largest cybercrime market in the country and a hub for trading illegal drugs, narcotics, and cybercrime services, while it also hosted tutorials/guides for conducting various crimes.

The Düsseldorf Police in Germany have seized Crimemarket, the largest German-speaking illicit trading platform on the internet, arresting six people, including one of its operators. "In a concerted campaign, investigators across Germany and abroad took action against the largest German-speaking criminal trading platform on the Internet on Thursday evening," reads a machine-translated announcement.

The Phishing as a Service platform 'LabHost' has been helping cybercriminals target North American banks, particularly financial institutes in Canada, causing a notable increase in activity. LabHost isn't a new provider, but its popularity surged after introducing custom phishing kits for Canadian banks in the first half of 2023.

While Apple isn't explicitly named in the recently unsealed court papers, it's not difficult to deduce that the identity of "Company A," as written in the indictment, is the consumer tech megacorp. Looking deeper into the case background, it's also revealed that one of the defendants redeemed one of the stolen gift cards to their personal app store account, where they purchased Final Cut Pro - software developed by Apple that only runs on Apple hardware.

Interpol has arrested 31 people following a three-month operation to stamp out various types of cybercrime.Spanning 55 countries, from Albania to Australia, Operation Synergia identified more than 1,300 malicious servers, dismantling more than 70 percent of those used as part of command and control infrastructure that supported phishing, banking malware, and ransomware.

An international law enforcement operation code-named 'Synergia' has taken down over 1,300 command and control servers used in ransomware, phishing, and malware campaigns. The Synergia operation identified and took down command and control servers between September and November 2023, with 60 law enforcement agencies from 55 countries participating in the operation.

We'll also explore the challenges of balancing intelligence gathering with privacy and legal considerations and look at strategies for prioritizing intelligence inputs in decision-making. What advice would you give to a CISO that wants to integrate cybercrime intelligence into an existing security infrastructure to enhance threat detection and response capabilities?

40-year-old Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his role in creating and distributing the TrickBot malware, the U.S. Department of...

A previously unknown traffic distribution system named 'VexTrio' has been active since at least 2017, aiding 60 affiliates in their cybercrime operations through a massive network of 70,000 sites. A new report by Infoblox focuses on a much larger-scale TDS operation named VexTrio, which works with notorious cybercrime campaigns and operators like ClearFake and SocGholish, among others.