Security News

San Francisco police have been using driverless cars for surveillance to assist in law enforcement investigations. A handful of tech giants have pledged more than $30 million to implement a plan to improve open-source and software supply chain security.

The RaidForums hacker forum, used mainly for trading and selling stolen databases, has been shut down and its domain seized by U.S. law enforcement during Operation TOURNIQUET, an action coordinated by Europol that involved law enforcement agencies in several countries. According to the DoJ, the marketplace offered for sale more than 10 billion unique records from hundreds of stolen databases that impacted people residing in the U.S. In a separate announcement today, Europol says that RaidForums had more than 500,000 users and "Was considered one of the world's biggest hacking forums".

German police have located and closed down the servers of Hydra, allegedly one of the world's biggest underground online stores. According to a report from the BBC, locating the actual servers used to run Hydra was not an easy task, but German police said they started following up on a tip in the middle of 2021 that suggested the servers were actually hosted in Germany.

Brian Krebs has a detailed post about hackers using fake police data requests to trick companies into handing over data.Virtually all major technology companies serving large numbers of users online have departments that routinely review and process such requests, which are typically granted as long as the proper documents are provided and the request appears to come from an email address connected to an actual police department domain name.

The City of London Police on Friday disclosed that it has charged two of the seven teenagers, a 16-year-old and a 17-year-old, who were arrested last week for their alleged connections to the LAPSUS$ data extortion gang. "Both teenagers have been charged with: three counts of unauthorized access to a computer with intent to impair the reliability of data; one count of fraud by false representation and one count of unauthorized access to a computer with intent to hinder access to data," Detective Inspector Michael O'Sullivan, from the City of London Police, said in a statement.

A] large-scale social engineering and extortion campaign against multiple organizations, with some seeing evidence of destructive elements. More recent campaigns have expanded to include organizations globally spanning a variety of sectors.

The Ukrainian cyberpolice have arrested a group of phishing actors who managed to steal payment card data from at least 70,000 people after luring them to fake mobile service top up sites. According to the announcement from law enforcement, the actors used the stolen information to empty their victims' bank accounts.

Spain's National Police Agency, the Policía Nacional, said last week it dismantled an unnamed cybercriminal organization and arrested eight individuals in connection with a series of SIM swapping attacks that were carried out with the goal of financial fraud. The suspects of the crime ring masqueraded as trustworthy representatives of banks and other organizations and used traditional phishing and smishing techniques to obtain personal information and bank data of victims before draining money from their accounts.

Last summer, the San Francisco police illegally used surveillance cameras at the George Floyd protests. It prohibits city agencies like the SFPD from acquiring, borrowing, or using surveillance technology, without prior approval from the city's Board of Supervisors, following an open process that includes public participation.

Some 15 server infrastructures used by crims to prepare ransomware attacks were seized by cops yesterday as part of an international sting to take down VPNLab.net. The VPN provider's service gave users "Shielded communications and internet access" that was used in "Support of serious criminals acts such as ransomware deployment and other cybercrime activities," Europol said today.