Security News

European and American officials said Thursday that they have arrested 20 people in several countries for allegedly belonging to an international ring that laundered millions of euros stolen by cybercriminals through malware schemes. The international police operation "2BaGoldMule" led by Portuguese investigators and the FBI included 14 more European countries, under the umbrella of Europol.

The FIN11 financial crime gang is shifting its tactics from phishing and credential-theft to ransomware, researchers said. According to FireEye Mandiant researchers, FIN11 is notable for its "Sheer volume of activity," known to run up to five disparate wide-scale email phishing campaigns per week.

Criminals quickly exploited the pandemic to attack vulnerable people; phishing, online scams and the spread of fake news became an ideal strategy for cybercriminals seeking to sell items they claim will prevent or cure COVID-19. The value of being able to access data of criminal communication on an encrypted network is perhaps the most effective illustration of how encrypted data can provide law enforcement with crucial leads beyond the area of cybercrime.

As we'll explain below, the curiously mangled phrase "To increase the quality and quantity of waste material" doesn't just refer to the ruined files that a ransomware attack leaves behind after they've been scrambled with a cryptographic key known only to the crooks. Even though the twisted history of ransomware groups can be hard to follow - at least, those who haven't been caught and prosecuted - it looked as right away as though the report of the gang's demise was a scam all of its own, and that they almost immediately returned with a ransomware strain known as Sodinokibi.

When attackers first gain access to the network, they will use a variety of techniques to escalate their privileges in order to gain higher level permissions and begin lateral movement. Privilege escalation is the most critical link in the attack chain as it allows an attacker to accomplish several steps, including gaining network persistence, building-in additional backdoors and, ultimately, accessing critical assets.

The Grugq has written an excellent essay on how the Russian cybercriminal gang FIN7 operates. The secret of FIN7's success is their operational art of cyber crime.

The period has seen strong transaction volume growth compared to 2019 but an overall decline in global attack volume. The EMEA region saw lower overall attack rates in comparison to most other global regions from January through June 2020.

State securities officials say cybercrime including email attacks are on the rise during the pandemic, and they're warning people to be careful online. A statement from the Alabama Securities Commission says social engineering attacks have been increasing with more people working at home and children using virtual learning because of the coronavirus outbreak.

Researchers at Digital Shadows, a San Francisco-based provider of digital risk protection solutions, have analyzed the traffic statistics of several popular cybercrime forums and they have shared some interesting observations. After seeing Altenen's post, researchers at Digital Shadows decided to look at the traffic statistics of several popular cybercriminal forums, and compared the findings to their own perception of these websites.

Cybercrime costs organizations $24.7, YOY increase of more than $2 every minute, a RiskIQ report reveals. The report covers the top threats facing today's organizations, which are proliferating at a clip of 375 per minute, and reflects the current surge in attacks leveraging the COVID-19 pandemic.