Cybersecurity professionals are finding it more attractive to take their talents to the Dark Web and earn money working on the offensive side of cybercrime. This puts enterprises in a tough spot: cut into profit growth to keep cybersecurity skills from flowing to the highest bidder, or figure out how to defend their networks against those who know their weaknesses most intimately.…
Tag: DARK WEB
Several internet forums are bombarded with headlines claiming that a “Mr Green Gaming user database has been leaked” as a serious security breach threatens the online gaming community. Significant concerns about online security and privacy have been raised due to the incident, which resulted in the personal details of 27,000 gamers being compromised. …
Read More
Publicly available exploits incite unwarranted chaos
Executive Summary
On March 4, 2024, JetBrains released a blog post detailing the security patch for TeamCity, which is a Continuous Integration and Continuous Delivery (CI/CD) server developed by JetBrains and plays a crucial role within organizations across the globe. …
Mar 06, 2024NewsroomCyber Crime / Ransomware
The threat actors behind the BlackCat ransomware have shut down their darknet website and likely pulled an exit scam after uploading a bogus law enforcement seizure banner.
“ALPHV/BlackCat did not get seized. They are exit scamming their affiliates,” security researcher Fabian Wosar said.…
The cybercrime group called GhostSec has been linked to a Golang variant of a ransomware family called GhostLocker.
“TheGhostSec and Stormous ransomware groups are jointly conducting double extortion ransomware attacks on various business verticals in multiple countries,” Cisco Talos researcher Chetan Raghuprasad said in a report shared with The Hacker News.…
Intel-Ops
·
Follow
9 min read ·
Mar 5, 2024
—
On February 29th 2024, CISA released an advisory on Phobos ransomware.
https://www.cisa.gov/news-events/cybersecurity-advisories/aa24-060a
Intel-Ops is actively tracking infrastructure assessed to belong to the 8Base Ransomware group, an operator of Phobos ransomware. Our Threat Intel customers will be proactively blocking this threat.…
As generative AI technology becomes more widely available, cybercriminals likely will take advantage of it to enhance their synthetic identity fraud capabilities. Unfortunately, current fraud detection tools likely will not be enough to address the rising threat of generative AI-driven synthetic identity fraud, which could spell financial losses in the coming years, experts say.…
After days of outages that have caused chaos across the US healthcare system, United Healthcare’s Change Healthcare subsidiary decided the best bet was to pay off the BlackCat/ALPHV ransomware affiliate that breached its systems on Feb. 23. Unsurprisingly, paying the extortion didn’t provide the tidy end to the cyber incident that the healthcare technology services provider hoped it would.…
The widespread sale of credentials obtained from AI-based gaming platforms and services is a worrying trend in the cyber underworld, as shown by a new analysis by antivirus company Kaspersky. An astounding 3.6 crore credentials, including login and password information, have been stolen and sold on the dark web in the last three years.…
Mar 05, 2024NewsroomMalware / Artificial Intelligence
More than 225,000 logs containing compromised OpenAI ChatGPT credentials were made available for sale on underground markets between January and October 2023, new findings from Group-IB show.
These credentials were found within information stealer logs associated with LummaC2, Raccoon, and RedLine stealer malware.…
Authorities in Germany last week announced the takedown of the cybercrime marketplace ‘Crimemarket’ and the arrest of six people believed to be linked with its operations.
Crimemarket, authorities say, was the “biggest illegal, German-speaking online trading platform”, enabling miscreants to trade narcotics, weapons, cybercrime tools, and illegal services (including money laundering, cybercrime, and guides for criminal activities).…
Pharmacies and hospitals nationwide are experiencing disruptions as a result of ransomware attacks, which leaves patients with difficulties filling prescriptions or obtaining medical care. UnitedHealth Group, a healthcare provider in the United States, announced on Thursday that it had been hacked by a ransomware gang known as Black Cat, otherwise known as AlphV. …
Read More
Chunghwa Telecom Company, Ltd. (literally Chinese Telecom Company) is the largest integrated telecom service provider in Taiwan, and the incumbent local exchange carrier of PSTN, Mobile, and broadband services in the country.
Threat actors stole sensitive information from the company, including military and government documents, revealed Taiwan’s Defense Ministry.…
Have you or anyone near you became a victim of online scamming? This article will introduce you to online scams, how the waves of scammers target their victims and in which ways, and what damage they inflict.
This article’s contents are based on AhnLab’s in-house data as well as externally available information.…
The digital sphere has witnessed a surge in AI-fueled tax fraud, presenting a grave threat to individuals and organisations alike. Over the past year and a half, the capabilities of artificial intelligence tools have advanced rapidly, outpacing government efforts to curb their malicious applications.
LexisNexis’ Government group CEO, Haywood Talcove, recently exposed a new wave of AI tax fraud, where personally identifiable information (PII) like birthdates and social security numbers are exploited to file deceitful tax returns.…
Georgia’s largest county is still repairing damage inflicted on its government a month ago by hackers who shut down office phone lines, left clerks unable to issue vehicle registrations or marriage licenses and threatened to publicly release sensitive data they claimed to have stolen unless officials paid ransom.…
A phishing kit dubbed CryptoChameleon has been discovered targeting cryptocurrency platforms, including employees of Binance and Coinbase — as well as the Federal Communications Commission (FCC).
According to an analysis from Lookout, the victims primarily use Apple iOS and Google Android devices with single sign-on (SSO) solutions, including Okta, Outlook, and Google.…
The Patchwork APT group, identified in December 2015 but probably active since 2009, is a cyber espionage entity suspected to be based in India. It targets a variety of high-profile entities, including government, defense, and diplomatic organizations, primarily in South and Southeast Asia, but has also expanded its operations to other regions.…
On a bi-weekly basis, FortiGuard Labs gathers data on ransomware variants of interest that have been gaining traction within our datasets and the OSINT community. The Ransomware Roundup report aims to provide readers with brief insights into the evolving ransomware landscape and the Fortinet solutions that protect against those variants.…
The threat actors behind the LockBit ransomware operation have resurfaced on the dark web using new infrastructure, days after an international law enforcement exercise seized control of its servers. To that end, the notorious group has moved its data leak portal to a new .onion address on the TOR network, listing 12 new victims as of writing.…