Security News

Trending cybercrimes and the big impact of lesser-known breaches
2021-07-28 04:30

Sontiq released the Mid-Year 2021 Cybercrime Report, which highlights five key trends and the 2021 data breaches that pose the highest level of risk to victims. The report's insights were derived from data generated by Sontiq's call center, Identity Restoration Team, and through BreachIQ data breach analysis.

Dutch Police Arrest Alleged Member of 'Fraud Family' Cybercrime Gang
2021-07-23 14:00

Authorities in the Netherlands have arrested a 24-year-old believed to be a developer of phishing frameworks for a cybercrime ring named "Fraud Family." According to the Dutch National Police, the man worked together with a 15-year-old accomplice to develop and sell phishing panels that allowed cybercriminals to steal banking credentials from unsuspecting users.

BT tries to crack cyber crime, grabs stake in Safe Security
2021-07-23 05:56

BT is looking to cash in on ever-growing global concerns over digital crime, and has confirmed making a multi million pound investment in US-based cyber risk management firm Safe Security. As part of the deal, BT plans to combine Safe Security's "SAFE platform" with its own managed security services to provide added protection for its customers in the UK against cyber threats.

Defeating the Organized Cybercrime Ecosystem
2021-07-13 12:30

The recent attack against users of the Kaseya VSA platform is yet another example of the increasingly organized dynamic of cybercrime. These attacks demonstrate the fact that an organized cybercrime network is flourishing under the surface.

Where do all those cybercrime payments go?
2021-07-09 18:57

Presumably conscious of the preceding Colonial Pipeline attack in which a $4.4 million blackmail payoff resulted in a decryptor that, though functional in theory, was worthless in practice because it ran far too slowly, the REvil crew even blithely claimed that their so-called universal decryptor would allow everyone to "Recover from attack [sic] in less than an hour". Account privileges that attackers typically go after include the local SYSTEM account or even Domain Administrator, which puts the attackers on an equal footing with your own sysadmins.

Interpol: Moroccan Citizen Arrested for Website Defacements, Other Cybercrimes
2021-07-07 08:44

Authorities have arrested a Moroccan citizen believed to have orchestrated cyberattacks against over one hundred websites, in addition to engaging in various other nefarious activities. Operating under the online moniker Dr HeX, the individual is believed to have defaced more than 130 websites between 2009 and 2018.

New Ransomware 'Diavol' Linked to Notorious Cybercrime Gang
2021-07-02 15:00

Wizard Spider, the notorious cybercrime gang that operated the TrickBot botnet and the Ryuk and Conti ransomware families, may have developed a new ransomware family, Fortinet reports. Dubbed Diavol, the ransomware shows similarities with Conti, but the observed attacks lack some of the tactics previously associated with Wizard Spider.

Trickbot cybercrime group linked to new Diavol ransomware
2021-07-01 20:11

FortiGuard Labs security researchers have linked a new ransomware strain dubbed Diavol to Wizard Spider, the cybercrime group behind the Trickbot botnet. Diavol and Conti ransomware payloads were deployed on different systems in a ransomware attack blocked by the company's EDR solution in early June 2021.

Member of FIN7 Cybercrime Gang Sentenced to Prison in U.S.
2021-06-25 11:51

A Ukrainian man has been sentenced to seven years in prison in the United States for his role within the cybercrime group known as FIN7. Operating since at least 2015, the financially-motivated FIN7 group targeted businesses worldwide to steal payment card data.

Ransomware Attackers Partnering With Cybercrime Groups to Hack High-Profile Targets
2021-06-16 20:28

As ransomware attacks against critical infrastructure skyrocket, new research shows that threat actors behind such disruptions are increasingly shifting from using email messages as an intrusion route to purchasing access from cybercriminal enterprises that have already infiltrated major targets. "Ransomware operators often buy access from independent cybercriminal groups who infiltrate major targets and then sell access to the ransomware actors for a slice of the ill-gotten gains," researchers from Proofpoint said in a write-up shared with The Hacker News.