Collaborate Disseminate
CrowdStrike says The Com-affiliated threat groups are using voice phishing and fake SSO pages to break into SaaS environments and steal data fast for extortion.
The post Two new extortion crews are speedrunning the Scattered Spider playbook appeared first on CyberScoop.
Continue reading Two new extortion crews are speedrunning the Scattered Spider playbook
Xu Zewei was allegedly directed by China’s intelligence services to conduct a sweeping espionage campaign to steal data on COVID-19 research and other U.S. policy interests.
The post Chinese national extradited to US for pandemic-era Silk Typhoon attacks appeared first on CyberScoop.
Continue reading Chinese national extradited to US for pandemic-era Silk Typhoon attacks
Some attackers, which researchers link to The Com, have swatted company executives to increase leverage and pressure victims to pay their ransom demands.
The post BlackFile actively extorting data-theft victims in retail and hospitality sector appeared first on CyberScoop.
Continue reading BlackFile actively extorting data-theft victims in retail and hospitality sector
The company said it found more evidence of compromise across its customer base. Exposure, which has yet to be defined, poses significant downstream risk.
The post Vercel attack fallout expands to more customers and third-party systems appeared first on CyberScoop.
Continue reading Vercel attack fallout expands to more customers and third-party systems
Angelo Martino helped accomplices extort a combined $75.3 million in ransom payments from five victim companies.
The post Former DigitalMint ransomware negotiator pleads guilty to extortion scheme appeared first on CyberScoop.
Continue reading Former DigitalMint ransomware negotiator pleads guilty to extortion scheme
Tyler Robert Buchanan “was the glue that held this gang together,” a cybercrime researcher said. He faces up to 22 years in federal prison.
The post Scottish man pleads guilty to attack spree that created Scattered Spider’s notoriety appeared first on CyberScoop.
The attack, which originated at Context.ai, showcases the pitfalls of interconnected cloud applications and SaaS integrations with overly privileged permissions.
The post Vercel’s security breach started with malware disguised as Roblox cheats appeared first on CyberScoop.
Continue reading Vercel’s security breach started with malware disguised as Roblox cheats
GreyNoise researchers spotted a consistent trend in forthcoming vulnerabilities affecting security tools, providing defenders an early-warning system for likely imminent attacks.
The post Network ‘background noise’ may predict the next big edge-device vulnerability appeared first on CyberScoop.
Continue reading Network ‘background noise’ may predict the next big edge-device vulnerability
Kejia Wang and Zhenxing Wang established shell companies and hosted laptop farms to help operatives obtain jobs at more than 100 U.S. companies.
The post US nationals sentenced for aiding North Korea’s tech worker scheme appeared first on CyberScoop.
Continue reading US nationals sentenced for aiding North Korea’s tech worker scheme
Operation PowerOFF’s latest globally coordinated action identified more than 75,000 alleged cybercriminals. Officials warned each of them to stop jamming up traffic.
The post Officials seize 53 DDoS-for-hire domains in ongoing crackdown appeared first on CyberScoop.
Continue reading Officials seize 53 DDoS-for-hire domains in ongoing crackdown