Cyber Crime

Pierluigi Paganini July 12, 2024
Smishing Triad Is Targeting India To Steal Personal and Payment Data at Scale

Resecurity has identified a new campaign by the Smishing Triad that is targeting India to steal personal and payment data at scale Resecurity (USA) identified a new campaign targeting India Post (Department of Posts, India) by the Smishing Triad, which reportedly started amplifying around July 8, 2024, based on multiple victim reports and the detection […]

Pierluigi Paganini July 12, 2024
October ransomware attack on Dallas County impacted over 200,000 people

The ransomware attack that hit Dallas County in October 2023 has impacted more than 200,000 individuals exposing their personal information. In October 2023 the Play ransomware group hit Dallas County, Texas, and added the city to its Tor leak site claiming the theft of sensitive documents from multiple departments. Dallas refused to pay the ransom […]

Pierluigi Paganini July 11, 2024
CrystalRay operations have scaled 10x to over 1,500 victims

A threat actor known as CrystalRay targeted 1,500 victims since February using tools like SSH-Snake and various open-source utilities. The Sysdig Threat Research Team (TRT) first spotted the threat actor CrystalRay on February 2024 and observed it using the SSH-Snake open-source software penetration testing tool. The experts collected new evidence that revealed that the threat actor expanded its operations. […]

Pierluigi Paganini July 11, 2024
Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware

Multiple threat actors exploit a recently disclosed security PHP flaw CVE-2024-4577 to deliver multiple malware families. The Akamai Security Intelligence Response Team (SIRT) warns that multiple threat actors are exploiting the PHP vulnerability CVE-2024-4577 to deliver multiple malware families, including Gh0st RAT, RedTail cryptominers, and XMRig. “Threat actors continued the speedy-time-from-disclosure-to-exploitation trend and were quick […]

Pierluigi Paganini July 09, 2024
Evolve Bank data breach impacted over 7.6 million individuals

The Lockbit ransomware attack on Evolve Bank has compromised the personal information of over 7.6 million individuals. At the end of June, the LockBit gang announced that it had breached the systems of the Federal Reserve of the United States and exfiltrated 33 TB of sensitive data, including “Americans’ banking secrets.” Despite the announcement, data leaked data […]

Pierluigi Paganini July 09, 2024
More than 31 million customer email addresses exposed following Neiman Marcus data breach

The recent data breach suffered by the American luxury department store chain Neiman Marcus has exposed more than 31 million customer email addresses. In May 2024, the American luxury retailer and department store chain Neiman Marcus disclosed a data breach following the security breach of the cloud-based data warehousing company Snowflake. The luxury retailer disclosed […]

Pierluigi Paganini July 09, 2024
Avast released a decryptor for DoNex Ransomware and its predecessors

Avast developed and released a decryptor for the DoNex ransomware family that allows victims to recover their files for free. Avast researchers identified a cryptographic flaw in the DoNex ransomware and its predecessors that allowed them to develop a decryptor. The experts revealed the weakness during the Recon 2024 conference. Avast also released a decryptor […]

Pierluigi Paganini July 08, 2024
RockYou2024 compilation containing 10 billion passwords was leaked online

Threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. The Cybernews researchers reported that threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. The compilation (“rockyou2024.txt”) contains 9,948,575,739 unique plaintext passwords was posted on July 4th by a user with the […]

Pierluigi Paganini July 06, 2024
GootLoader is still active and efficient

Researchers warn that the malware GootLoader is still active and threat actors are still using it in their campaigns. Threat actors continue to use GootLoader malware in their campaigns, Cybereason researchers warn. The malware has evolved, resulting in several versions, with GootLoader 3 currently in use. Despite updates to the payload, the infection strategies and overall […]

Pierluigi Paganini July 05, 2024
Hackers leak 170k Taylor Swift’s ERAS Tour Barcodes

The threat actor Sp1d3rHunters leaked valid Taylor Swift ’s ERAS Tour barcodes threatening to leak more data and blackmailing Ticketmaster. A threat actor that goes online with the moniker Sp1d3rHunters leaked 170,000 valid barcodes for Taylor Swift’s ERAS Tour for free. The bar codes are valid for the upcoming concerts of Taylor Swift in Miami, […]