Security News

We'll also explore the challenges of balancing intelligence gathering with privacy and legal considerations and look at strategies for prioritizing intelligence inputs in decision-making. What advice would you give to a CISO that wants to integrate cybercrime intelligence into an existing security infrastructure to enhance threat detection and response capabilities?

40-year-old Russian national Vladimir Dunaev has been sentenced to five years and four months in prison for his role in creating and distributing the TrickBot malware, the U.S. Department of...

A previously unknown traffic distribution system named 'VexTrio' has been active since at least 2017, aiding 60 affiliates in their cybercrime operations through a massive network of 70,000 sites. A new report by Infoblox focuses on a much larger-scale TDS operation named VexTrio, which works with notorious cybercrime campaigns and operators like ClearFake and SocGholish, among others.

The threat actors behind ClearFake, SocGholish, and dozens of other actors have established partnerships with another entity known as VexTrio as part of a massive "criminal affiliate program," new...

Security researchers analyzing the activity of the recently emerged 3AM ransomware operation uncovered close connections with infamous groups, such as the Conti syndicate and the Royal ransomware gang. The 3AM ransomware gang's activity was first documented publicly in mid-September when the Threat Hunter Team at Symantec, now part of Broadcom, revealed that they noticed threat actors switching to ThreeAM ransomware after failing to deploy the LockBit malware.

Security researchers have pinned a DDoS botnet that's infected potentially millions of smart TVs and set-top boxes to an eight-year-old cybercrime syndicate called Bigpanzi. "The potential for Bigpanzi-controlled TVs and STBs to broadcast violent, terroristic, or pornographic content, or to employ increasingly convincing AI-generated videos for political propaganda, poses a significant threat to social order and stability," said researchers at Chinese security biz Qianxin.

The U.S. Department of Justice announced the end of a transnational investigation into the dark web xDedic cybercrime marketplace, charging 19 suspects for their involvement in running and using the market's services. Law enforcement estimated at the time of its takedown that fraudulent activities facilitated through the xDedic cybercrime market totaled more than $68 million.

In 2023, we saw numerous law enforcement operations targeting cybercrime operations, including cryptocurrency scams, phishing attacks, credential theft, malware development, and ransomware attacks. While some of these operations were more successful than others, law enforcement has been increasingly using hack-back tactics to infiltrate operations and disrupt them.

The Federal Criminal Police Office in Germany and the internet-crime combating unit of Frankfurt have announced the seizure of Kingdom Market, a dark web marketplace for drugs, cybercrime tools, and fake government IDs. The law enforcement operation also included authorities from the United States, Switzerland, Moldova, and Ukraine, while one of the administrators has been arrested in the US. Kingdom Market was an English-speaking marketplace on the dark web with international reach that has operated since March 2021.

Security teams then use more AI in response to the AI-driven threats, and threat actors augment their AI to keep up, and the cycle continues. There are trust issues with AI security solutions, and the data models used to develop AI-powered security products appear to be perennially at risk.