Collaborate Disseminate
The cybercrime and fraud operations, including fraudulent art sales, were linked to financial losses of more than $40 million.
The post Two dozen arrested, hundreds of malicious IPs taken down in African cybercrime operation appeared first on CyberScoop.
If school administrators, medical organizations and other crucial industries haven’t already had enough bad news over the past year, a new hacking group that relies on emerging techniques to rip off its victims should fulfill that need. What makes the pain even worse is that the group is using an innovative structure that’s becoming more common in the cybercrime underworld. This ransomware gang, dubbed Egregor, in recent months appears to have hacked more than 130 targets, including schools, manufacturing firms, logistics companies and financial institutions, according to the U.K.-based security firm Sophos. Egregor works much like other strains of ransomware — holding data hostage until a victim pays a fee — though in some ways the group behind it also exemplifies the current state of the hacking economy. Rather than relying on lone hackers who mastermind massive data breaches, or dark web forums frequented only by Russian scammers, today’s cybercriminals […]
The post The anatomy of a modern day ransomware conglomerate appeared first on CyberScoop.
Continue reading The anatomy of a modern day ransomware conglomerate
The post One, Two, Three Phish: Adversaries Target Mobile Users appeared first on Cofense.
One, Two, Three Phish: Adversaries Target Mobile Users was first posted on March 26, 2020 at 9:08 am.©2018 "Cofense". Use of this feed is for pers… Continue reading One, Two, Three Phish: Adversaries Target Mobile Users
The post One, Two, Three Phish: Adversaries Target Mobile Users appeared first on Cofense.
One, Two, Three Phish: Adversaries Target Mobile Users was first posted on March 25, 2020 at 5:58 pm.©2018 "Cofense". Use of this feed is for pers… Continue reading One, Two, Three Phish: Adversaries Target Mobile Users
The post One, Two, Three Phish: Adversaries Target Mobile Users appeared first on Cofense.
One, Two, Three Phish: Adversaries Target Mobile Users was first posted on March 25, 2020 at 5:58 pm.©2018 "Cofense". Use of this feed is for pers… Continue reading One, Two, Three Phish: Adversaries Target Mobile Users
The post Threat Actors Innovate to Exploit COVID-19, Delivering OpenOffice .OPD Attachments on a Shoestring Budget appeared first on Cofense.
Threat Actors Innovate to Exploit COVID-19, Delivering OpenOffice .OPD Attachments on a Shoestring Budget was … Continue reading Threat Actors Innovate to Exploit COVID-19, Delivering OpenOffice .OPD Attachments on a Shoestring Budget
The post Threat Actors Innovate to Exploit COVID-19, Delivering OpenOffice .OPD Attachments on a Shoestring Budget appeared first on Cofense.
Threat Actors Innovate to Exploit COVID-19, Delivering OpenOffice .OPD Attachments on a Shoestring Budget was … Continue reading Threat Actors Innovate to Exploit COVID-19, Delivering OpenOffice .OPD Attachments on a Shoestring Budget
Digital scammers are stealing victims’ personal information in new ways, preferring rogue mobile applications and account takeover attacks after a generation of using phishing as their primary hacking technique. Fraud attacks from rogue mobile applications increased by more than 300 percent, up to 41,313 incidents in the first quarter of this year from 10,390 events in the fourth quarter of last year. The figure represents 50 percent of the attacks detected in a fraud report released Wednesday by RSA, with phishing attacks making up 29 percent, trojan horses at 12 percent and brand abuse at 9 percent. Phishing attacks increased by less than 1 percent from one quarter to the next. That jump in rogue apps coincides with an uptick in research from other security companies reporting malware that steal victims’ information by appearing as legitimate programs. VidMate, an Android app that allowed users to download videos from services like […]
The post Fraud via rogue apps exploded by 300 percent in just a few months appeared first on CyberScoop.
Continue reading Fraud via rogue apps exploded by 300 percent in just a few months
A gang of payment-card scammers has targeted 201 college and university campus stores, trying to steal students’ financial data in a Magecart-style attack, according to new research. The new cybercrime group, labeled Mirrorthief, injected malicious code on payment checkout pages at hundreds of U.S. and Canadian stores, according to TrendMicro research published Friday. By compromising PrismWeb, an e-commerce platform designed for college stores, the attackers could collect payment card details, names, addresses and phone numbers, researchers said. PrismWeb is made by PrismRBS, a subsidiary of the Nebraska Book Company. TendMicro’s report comes as security researchers continue to grapple with an expansion of payment-card thievery along with an apparent surge in demand for stolen financial information. Success by one group inspires imitators in another. The most prominent, Magecart, is a collection of perhaps 12 hacking campaigns that steal payment information by secretly collecting data from online checkout pages. TrendMicro researchers noted that Mirrorthief is […]
The post Payment scammers hit 201 campus checkouts with Magecart-inspired tactics appeared first on CyberScoop.
Continue reading Payment scammers hit 201 campus checkouts with Magecart-inspired tactics
Private sector cybersecurity companies are increasingly stuck with difficult decisions when it comes to publicizing research into malware. Over the past few years, nation-states have increasingly devoted time, money and man-hours to creating sophisticated weapons that wreak havoc once they are unleashed on the internet. When private companies find these nation-state tools and break them apart for examination, the dynamic gets complicated very quickly: No longer are they just trying to figure out who is responsible — they have to tiptoe around the ramifications of how a public report could impact relationships with governments around the world. Beyond merely attributing sophisticated malware, large-scale cybersecurity firms are often left with tough questions: Should those based in the United States avoid publicly releasing research on cyber-espionage campaigns if they look to be conducted by allied governments? What does a company owe its clients when handling homegrown digital threats? Do these companies have a plan of action for […]
The post In the opaque world of government hacking, private firms grapple with allegiances appeared first on Cyberscoop.
Continue reading In the opaque world of government hacking, private firms grapple with allegiances