Security News

Of these compromised identity records, one in four contained information about the user's network or physical location, putting the individual's identity, platforms they have access to, and physical well-being at risk. Taking a deeper look into how stolen data empowers bad actors to perpetrate cybercrimes including account takeover, fraud, and ransomware, researchers analyzed the exposures of the average digital identity being traded in the criminal underground and found that the average identity appears in as many as nine breaches and is associated with 15 breach records.

The U.S. Department of Justice has charged global cryptocurrency exchange KuCoin and two of its founders for failing to adhere to anti-money laundering requirements, allowing threat actors to use the platform to launder money. Founded in 2017 by Chinese citizens Chun Gan and Ke Tang, KuCoin is one of the largest cryptocurrency exchange platforms to buy, sell, trade, and store a variety of digital currencies.

Developed by OpenAI, ChatGPT has garnered attention across industries for its ability to generate relevant responses to various queries. As the adoption of ChatGPT accelerates, so do discussions surrounding its ethical and security implications.

Application programming interfaces (APIs) are the connective tissue behind digital modernization, helping applications and databases exchange data more effectively. The State of API Security in...

The rise of advanced persistent threats, phishing-as-a-service, ransomware-as-a-service models, and nation-state-sponsored cyber-attacks further compounds the complexity of the threat landscape. It's crucial for enterprises to adapt swiftly, implementing threat intelligence programs to expedite vulnerability remediation and the deployment of suitable security controls tailored to the dynamic threat environment evolution.

A new phishing campaign has been observed delivering remote access trojans (RAT) such as VCURMS and STRRAT by means of a malicious Java-based downloader. “The attackers stored malware on public...

In this piece, we'll probe a notorious ransomware gang, ShinyHunters, to shed light on cybercriminal incentives and the objectives they pursue, as well as the effects for victims - and steps your team can take to reduce risk. His role in ShinyHunters was to create specialized phishing pages masquerading as a target company's login portal to lure employees to enter their credentials.

A new DNS threat actor dubbed Savvy Seahorse is leveraging sophisticated techniques to entice targets into fake investment platforms and steal funds. “Savvy Seahorse is a DNS threat actor who...

Cybercriminals are using a network of hired money mules in India using an Android-based application to orchestrate a massive money laundering scheme. The malicious application, called XHelper, is...

Group-IB found these compromised credentials within the logs of information-stealing malware traded on illicit dark web marketplaces. Throughout the reporting period, Group-IB experts uncovered 27 new advertisements for ransomware-as-a-service programs on dark web forums, including well known groups such as Qilin, as well as other collectives that have yet to be seen in the wild.