A suspected Scattered Spider member linked to cyber attacks on Las Vegas casinos was arrested on September 17. The Las Vegas Metropolitan Police Department arrested on September 17 a suspected Scattered Spider member linked to attacks on Las Vegas casinos for computer intrusion, extortion, and identity theft. Between August and October 2023, multiple Las Vegas […]
RCMP shuts down TradeOgre, seizing $40M from crime, the first crypto exchange closure and largest asset seizure in Canada’s history. The Royal Canadian Mounted Police shut down the crypto exchange TradeOgre and seized $40M worth of crypto assets. This is the first crypto exchange shut down by the Canadian authorities. “RCMP Federal Policing – Eastern […]
The FBI warns that criminals are spoofing the IC3 site to steal personal data and commit fraud targeting cybercrime reporters. The FBI warned that attackers are spoofing the official Crime Complaint Center (IC3) website to steal personal data and commit financial fraud, targeting users who report cybercrimes. The fake websites mimic the real IC3 domain […]
Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape Malware Newsletter SmokeLoader Rises From the Ashes Hive0154, aka Mustang Panda, drops updated Toneshell backdoor and novel SnakeDisk USB worm Popular Tinycolor npm Package Compromised in Supply Chain Attack Affecting 40+ Packages Self-replicating Shai-hulud worm spreads […]
U.K. police arrested two teens from the Scattered Spider group for their role in the August 2024 cyberattack on Transport for London. U.K. law enforcement authorities arrested two teenagers who are members of the notorious Scattered Spider hacking group in connection with their role in the cyber attack that hit Transport for London (TfL). Transport for London (TfL) […]
Microsoft and Cloudflare disrupted the RaccoonO365 phishing service, used to steal thousands of user credentials. A joint operation conducted by Microsoft and Cloudflare has taken down the infrastructure used by the RaccoonO365 phishing service (tracked by Microsoft as Storm-2246). Microsoft announced that its Digital Crimes Unit shut down RaccoonO365, seizing 338 sites used to steal […]
The U.S. Department of Justice (DoJ) resentenced the former administrator of the popular BreachForums hacking forum BreachForums to three years in prison. The U.S. DoJ resentenced the former BreachForums administrator, Conor Brian Fitzpatrick (aka Pompompurin), 22, to three years in prison. Authorities say he ran the notorious hacking forum, which traded stolen data and cybercrime […]
Researchers uncovered a new supply chain attack targeting the npm registry that impacted over 40 packages belonging to multiple maintainers. Security researchers at Socket uncovered a malicious update to @ctrl/tinycolor, a package with 2.2M weekly downloads on npm. While investigating the case, they discovered it was linked to a larger supply chain attack that compromised […]
An ex-employee caused an insider breach at FinWise Bank, exposing data of 689,000 American First Finance customers. FinWise Bank is a Utah-based community bank, FDIC-insured, that partners with fintechs and lenders to offer consumer loans, small business financing, and deposit services. FinWise Bank notified the Maine AG that a data breach tied to the U.S.-based […]
Crooks stole personal data of millions of Gucci, Balenciaga, and Alexander McQueen customers: parent firm Kering confirmed the breach. Hackers stole private data of millions of Gucci, Balenciaga, and Alexander McQueen customers, including names, contacts, addresses, and spending details. The parent company, Kering, confirmed the security breach and notified data protection authorities. The firm did […]