Security News

Europol's Serious Organized Crime Threat Assessment report 2021 summarizes the criminal threat of the last four years and provides insights into what to expect over the next four years. Organized crime is not limited to cybercrime, but cybercrime has become a major part of organized criminal activity.

NortonLifeLock revealed that in the past year nearly 330 million people across 10 countries were victims of cybercrime and more than 55 million people were victims of identity theft. The report, conducted online by The Harris Poll among over 10,000 adults in 10 countries including 1,000 in the United States, also found 25% of Americans detected unauthorized access to an account or device in the past 12 months.

The Swarmshop cyber-underground "Card shop" has been hit by hackers, who lifted the site's database of stolen payment-card data and leaked it online. Card shops, are online cybercriminal forums where stolen payment-card data is bought and sold.

Bitdefender released a report revealing top cybersecurity threats, frequency of threats and cybercrime trends of 2020. "Our 2020 findings depict consumers under constant assault from cybercriminals looking to capitalize on fear and societal uncertainty accompanying the global pandemic," said Bogdan Botezatu, director of threat research and reporting at Bitdefender.

Alongside shifts in what types of financial institutions were being targeted, Kaspersky also noticed regional malware actors going global and advanced persistent threats that aren't normally involved in financial crimes broadening their horizons to include such acts in 2020. In terms of specific numbers, Kaspersky noticed a slight decline in the number of users hit by phishing attacks in 2020, with only 13.21% being targeted, compared to 15.7% in 2019.

The FBI this week published its Internet Crime Report for 2020, and the agency said it received nearly 800,000 cybercrime complaints last year, with reported losses totaling $4.2 billion. The number of complaints received by the FBI in 2020 increased significantly compared to the previous year, when it got roughly 467,000 complaints.

The Federal Bureau of Investigation has published its annual report on cybercrime affecting victims in the U.S., noting a record number of complaints and financial losses in 2020 compared to the previous year. The Internet Crime Complaint Center received last year 791,790 complaints - up by 69% from 2019 - of suspected internet crime causing more than $4 billion in losses.

Criminals have been targeting organizations that run Exchange hoping to breach ones that haven't patched the latest bugs, says ESET. Four critical zero-day vulnerabilities in Microsoft Exchange have paved the way for attackers to take over accessible Exchange servers even without knowing the credentials. The four Exchange vulnerabilities in question were first uncovered by vulnerability researcher Orange Tsai, who reported them to Microsoft on Jan. 5, according to ESET. But security firm Volexity, which also alerted Microsoft, claims the exploitation of these flaws started on Jan. 3.

Since the beginning of this year, an unknown threat actor has been hacking cybercrime forums and leaking user data publicly or offering it for sale. In January, a threat actor announced on underground forum Raid Forums that they breached Verified, an established Russian-language cybercrime forum.

In what's a case of hackers getting hacked, a prominent underground online criminal forum by the name of Maza has been compromised by unknown attackers, making it the fourth forum to have been breached since the start of the year. The intrusion is said to have occurred on March 3, with information about the forum members - including usernames, email addresses, and hashed passwords - publicly disclosed on a breach notification page put up by the attackers, stating "Your data has been leaked" and "This forum has been hacked."