May 23, 2024 at 02:59PM A Moroccan cybercrime group, Storm-0539, has evolved the gift card scam by targeting retailer systems to create and cash out gift cards. Utilizing social engineering and phishing, they compromise employee accounts to gain access. Microsoft reports a surge in their activity, advising organizations to adopt stringent security measures to combat … Read more
May 20, 2024 at 04:26PM HP Inc. released its quarterly HP Wolf Security Threat Insights Report, highlighting cyber attackers’ tactics of using open redirects, overdue invoice lures, and Living-off-the-Land techniques to evade defenses. Notable campaigns included ‘Cat-Phishing’ through open redirects, abuse of Windows BITS, and HTML smuggling attacks. HP emphasized the value of threat containment … Read more
May 18, 2024 at 06:20PM The Android banking trojan “Grandoreiro” is a persistent threat, despite a recent law enforcement crackdown. It’s now targeting English-speaking countries and using diverse phishing lures, including government impersonation emails. The latest variant features advanced evasive tactics, expanded targeting, and detailed victim profiling. IBM analysts have noted its ability to avoid … Read more
May 18, 2024 at 01:14PM The Android banking trojan “Grandoreiro” is spreading in a large-scale phishing campaign across 60+ countries, targeting accounts of about 1,500 banks. Despite law enforcement efforts in January 2024, it has reemerged with new features and is now targeting English-speaking countries, employing diverse phishing lures and expanded capabilities, indicating a resilient … Read more
May 17, 2024 at 12:06PM The U.S. Department of Justice charged two suspects for leading a crime ring that laundered over $73 million from cryptocurrency scams known as “pig butchering.” Victims were lured through messaging and social media platforms, with funds drained into accounts under the fraudsters’ control. The defendants face up to 20 years … Read more
May 16, 2024 at 03:51AM The popular hacking forum BreachForums has been shut down as part of an international law enforcement operation led by the United States. The FBI and Justice Department, with help from other agencies, have taken down the website and arrested one of its administrators, Baphomet. Further details about the incident are … Read more
May 15, 2024 at 06:37PM The FBI, along with global law enforcement, has seized control of BreachForums, a ransomware brokerage site. The operation, involving international partners, took down the site and its Telegram channel. This marks a significant blow to cybercriminals trading in stolen data and carrying out double extortion attacks. It is a major … Read more
May 15, 2024 at 04:44PM Phishing attacks mimicking legitimate DocuSign requests are on the rise due to the availability of fake templates and login credentials in the underground market. Attackers leverage the familiarity of DocuSign emails to trick users into revealing sensitive information. Companies are at risk of data theft and extortion, and employees should … Read more
May 15, 2024 at 02:51PM Law enforcement agencies, including the FBI and international partners, have seized control of the BreachForums website and its associated Telegram channel, known for illicit activity such as selling stolen data. The administrators of the forum, including Baphomet and ShinyHunters, are under FBI control, and the public is encouraged to report … Read more
May 15, 2024 at 02:37PM Two brothers, Anton Peraire-Bueno and James Pepaire-Bueno, were indicted by the U.S. Department of Justice for allegedly manipulating the Ethereum blockchain to steal $25 million worth of cryptocurrency in a scheme that took just 12 seconds to execute. If convicted, they face a maximum penalty of 20 years in prison … Read more