Cops cuff 22-year-old Brit suspected of being Scattered Spider leader

June 17, 2024 at 09:03AM Spanish police arrested the alleged leader of cybercrime gang Scattered Spider before he could board a flight to Naples. Suspect, a 22-year-old British national, is linked to attacks on 45 US companies and has amassed a fortune through cybercrime. The group is known for SIM-swapping and ransomware attacks and continues … Read more

Notorious cyber gang UNC3944 attacks vSphere and Azure to run VMs inside victims’ infrastructure

June 17, 2024 at 02:42AM The notorious cyber gang UNC3944, implicated in recent attacks on Snowflake and MGM Entertainment, is now targeting SaaS applications. They have shifted to primarily focusing on data theft extortion without using ransomware and employ social engineering tactics to compromise high-privilege accounts. UNC3944 has expanded its targets to include various SaaS … Read more

U.K. Hacker Linked to Notorious Scattered Spider Group Arrested in Spain

June 16, 2024 at 12:54AM Law enforcement authorities have arrested a 22-year-old man, believed to be a key member of the cybercrime group “Scattered Spider.” The arrest, in Palma de Mallorca, was a joint effort between the FBI and the Spanish Police. The individual is associated with high-profile ransomware attacks and SIM-swapping activities. This is … Read more

Scattered Spider hackers switch focus to cloud apps for data theft

June 14, 2024 at 11:06AM Scattered Spider gang, also known as Octo Tempest, engages in social engineering attacks to steal data from SaaS apps. They use SMS phishing and SIM swapping for on-premise access. Their tactics expanded to cloud infrastructures without ransomware. They create new virtual machines, disable security protections, and exfiltrate data to cloud … Read more

Microsoft delays Windows Recall amid privacy and security concerns

June 13, 2024 at 10:14PM Microsoft delays AI-powered Windows Recall feature initially set for a public preview on Copilot+ PCs to seek further testing and security. Amid concerns over privacy and security, it will now first be available for preview with Windows Insiders. This follows criticism and efforts to enhance security, including making the feature … Read more

Snowflake Breach Exposes 165 Customers’ Data in Ongoing Extortion Campaign

June 11, 2024 at 03:21AM As many as 165 Snowflake customers had their data potentially exposed in a campaign targeting data theft and extortion, identified as UNC5537 by Mandiant. The group is believed to operate under various aliases, targeting organizations worldwide and collaborating with a party based in Turkey. Snowflake is taking measures to enhance … Read more

Frontier Communications: 750k people’s data stolen in April attack on systems

June 7, 2024 at 02:14PM Frontier Communications confirmed a cyberattack impacting 751,895 individuals, with stolen data limited to names and social security numbers. The company engaged cybersecurity experts, strengthened network security, and notified relevant authorities. Although claims of data theft affecting over 2 million people were made, the involvement of ransomware was not acknowledged by … Read more

Hackers Target Python Developers with Fake “Crytic-Compilers” Package on PyPI

June 6, 2024 at 02:24AM A malicious Python package called crytic-compilers was discovered on the Python Package Index, posing as a legitimate library named crytic-compile. It was designed to deliver an information stealer called Lumma. Additionally, more than 300 WordPress sites have been compromised with malicious Google Chrome update pop-ups, leading to the deployment of … Read more

RansomHub extortion gang linked to now-defunct Knight ransomware

June 5, 2024 at 08:43AM RansomHub is a new Ransomware-as-a-Service believed to have evolved from the defunct Knight ransomware project. It operates as a data theft and extortion group, recently targeting United Health subsidiary Change Healthcare and international auction house Christie‚Äôs. Symantec analysts found commonalities with Knight, indicating a likely derived lineage, though operated by … Read more

361 million stolen accounts leaked on Telegram added to HIBP

June 3, 2024 at 03:50PM Have I Been Pwned service added a trove of 361 million stolen credentials obtained from cybersecurity researchers who collected them from Telegram cybercrime channels. The stolen data includes username and password combinations, along with raw cookies, and was shared for free on Telegram. The credentials have affected numerous websites, and … Read more