Security News

The Dark Web is a small portion of the Internet, but it concentrates many cybercriminals and threat actors who generally exchange ideas, thoughts, tips, tricks and experience through hidden forums. Many of these cybercriminals also sell various goods and services; Privacy Affairs has published a new report about the average prices of those services in 2022.

These days, cybercriminals are living off the cloud, according to Katie Nickels, director of intelligence for Red Canary and a SANS Certified Instructor. "It's not enough to pay attention to the operating systems, the endpoints, said Nickels, speaking on a SANS Institute panel about the most dangerous new attack techniques at RSA Conference."Adversaries, a lot of their intrusions, are using cloud services of different types.

A cybercriminal stole 1 million Facebook account credentials over 4 months. As phishing attacks continue to be a go-to for threat actors, one scam found that a user had stolen a million Facebook account credentials over a span of just four months.

Single factor authentication has been the standard for many years on Internet-facing services, but it clearly lacks security. While 2FA drastically increases the security of Internet services, it can still be bypassed by some methods.

Rather than the typical ransom request for data restoration that has become commonplace, criminals are increasingly expanding their radius. Secondhand victims, including dental practices and insurance providers, could be potential targets based on the data obtained in the primary ransomware attack.

Top executives and their families are increasingly being targeted on their personal devices and home networks, as sophisticated threat actors look for new ways to bypass corporate security and get direct access to highly sensitive data. In this video for Help Net Security, Chris Pierson, CEO at BlackCloak, shares on these issues and emerging areas of risk for executives.

A new report from the FBI raises warnings about a credential theft threat targeting academic partners of identified US colleges and universities. These credential stuffing attacks are particularly concerning, because once an attacker is in possession of one login credential, he might run tools like OpenBullet to automatically check if they are valid for dozens or hundreds of other websites.

Credit card skimming is a technique that consists of using malicious code installed on compromised merchant websites to steal credit card information sent by the website's customers when they complete online payments. Once the attacker has access to the website's content, they need to add malicious code to steal the credit card information provided by the unsuspecting customers.

Cybercriminal actors previously observed delivering BazaLoader and IcedID as part of their malware campaigns are said to have transitioned to a new loader called Bumblebee that's under active development. "Threat actors using Bumblebee are associated with malware payloads that have been linked to follow-on ransomware campaigns," the researchers said.

Cybercriminals are leveraging advanced tactics in their phishing-kits granting them a high delivery success rate of spoofed e-mails which contain malicious attachments right before the end of the 2021 IRS income tax return deadline in the U.S. April 18th, 2022 - there was a notable campaign detected which leveraged phishing e-mails impersonating the IRS, and in particular one of the industry vendors who provide solutions to government agencies which including e-mailing, digital communications management, and the content delivery system which informs citizens about various updates. The IT services vendor actors impersonated is widely used by major federal agencies, including the DHS, and other such WEB-sites of States and Cities in the U.S. The identified phishing e-mail warned the victims about overdue payments to the IRS, which should then be paid via PayPal, the e-mail contained an HTML attachment imitating an electronic invoice.