LockBit leaks expose nearly 200 affiliates and bespoke data-stealing malware Operation Cronos's 'partners' continue to trickle the criminal empire's secrets Cyber-crime21 Feb 2024 | 15
Orgs are having a major identity crisis while crims reap the rewards Hacking your way in is so 2022 – logging in is much easier Security21 Feb 2024 | 8
Cops turn LockBit ransomware gang's countdown timers against them Authorities dismantle cybercrime royalty by making mockery of their leak site Cyber-crime20 Feb 2024 | 17
Insider steals 79,000 email addresses at work to promote own business After saying they're very sorry, they escape with a slap on the wrist Security20 Feb 2024 | 38
LockBit ransomware gang disrupted by global operation Updated Website has been seized and replaced with law enforcement logos from eleven nations Security20 Feb 2024 | 12
ALPHV gang claims it's the attacker that broke into Prudential Financial, LoanDepot Ransomware group continues to exploit US regulatory requirements to its advantage Cyber-crime19 Feb 2024 |
Zeus, IcedID malware kingpin faces 40 years in slammer Nearly a decade on the FBI’s Cyber Most Wanted List after getting banks to empty vics' accounts Cyber-crime16 Feb 2024 | 1
Cutting kids off from the dark web – the solution can only ever be social Expert weighs in after Brianna Ghey murder amid worrying rates of child cybercrime Cyber-crime16 Feb 2024 | 93
Feds dismantle Russian GRU botnet built on 1,000-plus home, small biz routers Beijing, now Moscow.… Who else is hiding in broadband gateways? Security15 Feb 2024 | 14
Cybercriminals are stealing iOS users' face scans to break into mobile banking accounts Deepfake-enabled attacks against Android and iPhone users are netting criminals serious cash Research15 Feb 2024 | 30
China's Volt Typhoon spies broke into emergency network of 'large' US city Jeez, not now, Xi. Can't you see we've got an election and Ukraine and Gaza and cost of living and layoffs and ... Security14 Feb 2024 | 9
Romanian hospital ransomware crisis attributed to third-party breach Emergency impacting more than 100 facilities appears to be caused by incident at software provider Cyber-crime14 Feb 2024 | 1
Southern Water cyberattack expected to hit hundreds of thousands of customers Brit utility also curiously disappears from Black Basta leak site Cyber-crime14 Feb 2024 | 44
ALPHV blackmails Canadian pipeline after 'stealing 190GB of vital info' Updated Gang still going after critical infrastructure because it's, you know, critical Cyber-crime13 Feb 2024 | 11
Crooks hook hundreds of exec accounts after phishing in Azure C-suite pond Plenty of successful attacks observed with dangerous follow-on activity Cyber-crime13 Feb 2024 | 6
Infosys subsidiary named as source of Bank of America data leak Looks like LockBit took a swipe at an outsourced life insurance application Cyber-crime13 Feb 2024 | 15
Jet engine dealer to major airlines discloses 'unauthorized activity' Pulls part of system offline as Black Basta docs suggest the worst Cyber-crime12 Feb 2024 | 6
Meet VexTrio, a network of 70K hijacked websites crooks use to sling malware, fraud Some useful indicators of compromise right here Cyber-crime10 Feb 2024 | 9
Ivanti discloses fifth vulnerability, doesn't credit researchers who found it Software company's claim of there being no active exploits also being questioned Security09 Feb 2024 | 5
Uncle Sam sweetens the pot with $15M bounty on Hive ransomware gang members Honor among thieves about to be put to the test Cyber-crime09 Feb 2024 | 3
FBI: Give us warrantless Section 702 snooping powers – or China wins Analysis Never mind the court orders obtained to thwart Volt Typhoon botnet Security09 Feb 2024 | 22
Raspberry Robin devs are buying exploits for faster attacks One of most important malware loaders to cybercrims who are jumping on vulnerabilities faster than ever Research08 Feb 2024 | 2
Cybercrime duo accused of picking $2.5M from Apple's orchard Security researcher buddies allegedly tag team a four-month virtual gift card heist at Cupertino tech giant Cyber-crime08 Feb 2024 | 2
The spyware business is booming despite government crackdowns Updated 'Almost zero data being shared across the industry on this particular threat,' we're told Security07 Feb 2024 | 35
Chinese Coathanger malware hung out to dry by Dutch defense department Attack happened in 2023 using a bespoke backdoor, confirming year-old suspicions CSO06 Feb 2024 | 13
EquiLend back in the saddle as ransom payment rumors swirl Still no word on how the intruders broke in or the full extent of any possible data compromise Cyber-crime06 Feb 2024 |
New kids on the ransomware block in 2023: Akira and 8Base lead dozens of newbies How good are your takedowns when fresh gangs are linked to previous ops, though? Research06 Feb 2024 | 1
Ivanti devices hit by wave of exploits for latest security hole At this point you might be better off just shutting the stuff down Security05 Feb 2024 | 5
AnyDesk revokes signing certs, portal passwords after crooks sneak into systems Horse, meet stable door Cyber-crime05 Feb 2024 | 6
Lurie Children's Hospital back to pen and paper after cyberattack It's the second Chicago hospital to disclose a major incident in the same week Cyber-crime05 Feb 2024 | 9
SBF likely off the hook for misplaced FTX funds after cops bust SIM swap ring Infosec In Brief PLUS: more glibc vulns discovered; DraftKings hacker sentenced; and a hefty dose of critical vulnerabilities Security05 Feb 2024 | 4
Interpol's latest cybercrime intervention dismantles ransomware, banking malware servers Efforts part of internationally coordinated operations carried out in recent months Cyber-crime02 Feb 2024 | 2
LockBit shows no remorse for ransomware attack on children's hospital It even had the gall to set the ransom demand at $800K … for a nonprofit Cyber-crime01 Feb 2024 | 42
Congress told how Chinese goons plan to incite 'societal chaos' in the US American public is way ahead of them Security01 Feb 2024 | 83
FBI confirms it issued remote kill command to blow out Volt Typhoon's botnet Disinfects Cisco and Netgear routers to thwart Chinese critters Security31 Jan 2024 | 43
Nearly 4-year-old Cisco vuln linked to recent Akira ransomware attacks Evidence mounts of an exploit gatekept within Russia's borders Research31 Jan 2024 |
US shorts China's Volt Typhoon crew targeting America's criticals Invaders inveigle infrastructure Security30 Jan 2024 | 7
Microsoft sheds some light on Russian email heist – and how to learn from Redmond's mistakes Step one, actually turn on MFA CSO27 Jan 2024 | 17
Guess the company: Takes your DNA, blames you when criminals steal it, can’t spot a cyberattack for 5 months Breach filings show Reddit post led to the discovery rather than any sophisticated cyber defenses Cyber-crime26 Jan 2024 | 36
Akira ransomware gang says it stole passport scans from Lush in 110 GB data heist Updated Cosmetics brand goes from Jackson Pollocking your bathwater to cleaning up serious a digital mess Cyber-crime26 Jan 2024 | 35
Trickbot malware scumbag gets five years for infecting hospitals, businesses Most of the crew still at large Cyber-crime25 Jan 2024 | 8
EquiLend drags systems offline after admitting attacker broke in Securities lender processes trillions of dollars worth of Wall Street transactions every day Cyber-crime25 Jan 2024 | 1
Psst … wanna jailbreak ChatGPT? Thousands of malicious prompts for sale Turns out it's pretty easy to make the model jump its own guardrails AI + ML25 Jan 2024 | 25
HPE joins the 'our executive email was hacked by Russia' club Moscow-backed Cozy Bear may have had access to the green rectangular email cloud for six months Cyber-crime25 Jan 2024 | 7
What Microsoft's latest email breach says about this IT security heavyweight Comment Senator Wyden tells The Reg this latest infosec lapse is 'inexcusable' CSO24 Jan 2024 | 45
GCHQ's NCSC warns of 'realistic possibility' AI will help state-backed malware evade detection That means Brit spies want the ability to do exactly that, huh? Cyber-crime24 Jan 2024 | 25
CISA boss swatted: 'While my own experience was certainly harrowing, it was unfortunately not unique' Election officials, judges, politicians, and gamers are in swatters' crosshairs Cyber-crime23 Jan 2024 | 46
Accused PII seller faces jail for running underground fraud op More than 5,000 victims claimed over a 3-year period but filing reckons accused didn't even use a VPN Security23 Jan 2024 | 2
UK water giant admits attackers broke into system as gang holds it to ransom Comes mere months after Western intelligence agencies warned of attacks on water providers Cyber-crime23 Jan 2024 | 35
Australia imposes cyber sanctions on Russian it says ransomwared health insurer 'Aleksandr Ermakov' isn't allowed down under after being linked to ten-million-record leak Cyber-crime23 Jan 2024 | 9
Atlassian Confluence Server RCE attacks underway from 600+ IPs If you're still running a vulnerable instance then 'assume a breach' Security22 Jan 2024 | 5
Slug slimes aerospace biz AerCap with ransomware, brags about 1TB theft Loanbase admits massive loss of customer data to thieves, too Security22 Jan 2024 | 1
Subway's data torpedoed by LockBit, ransomware gang claims Fast food chain could face a footlong recovery process if allegations are true Cyber-crime22 Jan 2024 | 8
Russians invade Microsoft exec mail while China jabs at VMware vCenter Server Plus: Uncle Sam says Ivanti exploits 'consistent with PRC' snoops Cyber-crime20 Jan 2024 | 9
Five ripped off IT giant with $7M+ in bogus work expenses, prosecutors claim Account manager and pals blew it on hotels, cruise, fancy meals and more allegedly Cyber-crime19 Jan 2024 | 37
Thieves steal 35.5M customers’ data from Vans sneakers maker But what kind of info was actually compromised? None of your business Cyber-crime19 Jan 2024 | 8
Two more Citrix NetScaler bugs exploited in the wild Just when you thought you had recovered from Bleed Cyber-crime18 Jan 2024 | 2
Google TAG: Kremlin cyber spies move into malware with a custom backdoor The threat hunters believe COLDRIVER has used SPICA since at least November 2022 Research18 Jan 2024 | 5
Vast botnet hijacks smart TVs for prime-time cybercrime Updated 8-year-old op responsible for DDoS attacks and commandeering broadcasts to push war material Research18 Jan 2024 | 7
What's worse than paying an extortion bot that auto-pwned your database? Paying one that lied to you and only saved the first 20 rows of each table Research17 Jan 2024 | 17
FBI: Beware of thieves building Androxgh0st botnets using stolen creds Infecting networks via years-old CVEs that should have been patched by now CSO17 Jan 2024 |
Ivanti zero-day exploits explode as bevy of attackers get in on the act Customers still patchless and mitigation only goes so far Cyber-crime16 Jan 2024 | 6