A bipartisan pair of senators is taking another shot at their bill to expand the U.S. Secret Service’s investigative powers for financial cybercrime probes. The Combatting Money Laundering in Cyber Crime Act from Sens. Catherine Cortez Masto, D-Nev., and Chuck Grassley, R-Iowa, would update federal law to strengthen the Secret Service’s authority, enabling the agency…
Category: Cybercrime
Cybercrime, Global Security News
Cyberkriminalität richtet immer größere Schaden an
supimol kumying – shutterstock.com Ungeachtet vereinzelter Fahndungserfolge internationaler Sicherheitsbehörden erwirtschaften Cyberkriminelle von Jahr zu Jahr steigende Gewinne. Nach einer Analyse des Rückversicherers Munich Re haben die von Hackern und sonstigen Online-Tätern weltweit angerichteten Schäden im vergangenen Jahr ein weiteres Mal zugenommen. Demnach könnte die Zahl der weltweiten Erpressungsattacken mit bösartiger “Ransomware” um ein Viertel zugenommen…
china, Cybercrime, Cybersecurity, Global Security News, Hackers, hacking, Security
Someone is trying to recruit security researchers in bizarre hacking campaign
An obscure wannabe hacker’s tantalizing (and clearly sketchy) job offer has some security researchers asking, why?
cisco, Cisco Talos, credential theft, Cybercrime, Cybersecurity, Global Security News, identity, identity authentication, Ransomware, Research, Threats
Identity lapses ensnared organizations at scale in 2024
Cybercriminals predominantly relied on weaknesses in identity controls to afflict organizations in 2024, with valid accounts being the main way they gained access for the second year in a row, Cisco Talos said in an annual report released Monday. Across the incident response cases Cisco Talos responded to last year, 60% involved an identity attack…
crowdstrike, Cybercrime, Cybersecurity, Dtex Systems, Global Security News, North Korea, North Korean IT workers, Palo Alto Networks, Research, Threats, Unit 42
The North Korea worker problem is bigger than you think
North Korean nationals have infiltrated businesses across the globe with a more expansive level of organization and deep-rooted access than previously thought, insider risk management firm DTEX told CyberScoop. This swarm of technical North Korean experts isn’t just intruding businesses as ad hoc freelance IT workers; they’ve gained full-time employment as engineers and specialists of…
CryptoCurrency, Cybercrime, Cyberlaw, Cybersecurity, Digital Currency, Global Security News, Security Bloggers Network, Wallet
Advanced Malware Targets Cryptocurrency Wallets
More attacks targeting cryptocurrency users. Microsoft has identified a new Remote Access Trojan, named StilachiRAT, that has sophisticated capabilities to remain stealthy and persistent so it can harvest crypto wallet credentials via web browsers. The malware targets many widely used cryptocurrency wallet browser extensions: 1. Bitget Wallet (Formerly BitKeep) 2. Trust Wallet 3. …
Canada, Cybercrime, Cybersecurity, Department of Justice (DOJ), extradition, Global Security News, hacking, indictment, North America, Ransomware, Snowflake, Threats
Canadian citizen allegedly involved in Snowflake attacks consents to extradition to US
A Canadian citizen is one step closer to standing trial in the United States for his alleged involvement in a series of attacks targeting as many as 165 Snowflake customers, one of the most widespread and damaging attack sprees on record. Connor Moucka consented to extradition on Friday to face 20 federal charges, including conspiracy…
Cybercrime, Global Security News
KI als Turbo für Kriminelle
width=”2500″ height=”1406″ sizes=”(max-width: 2500px) 100vw, 2500px”>Europol warnt: Kriminelle nutzen KI, um ihre Operationen zu automatisieren und zu verstärken. Golden Dayz – shutterstock.com Von Cyberbetrug über Ransomware bis hin zu Drogenhandel und Geldwäsche: Das Internet ist laut Europol zum Hauptschauplatz für kriminelle Machenschaften geworden. „Nahezu alle Formen schwerer und organisierter Kriminalität hinterlassen einen digitalen Fußabdruck“, betont…
APT37, APT43, china, Cybercrime, Cybersecurity, Evil Corp, Exploits, Global Security News, Government, India, Iran, Microsoft, microsoft windows, nation state threats, nation-state hackers, North Korea, pakistan, Ransomware, Research, Russia, Stanford University, Threats, trend micro, vulnerability, Windows, Zero Day Initiative, zero days
Nation-state groups hit hundreds of organizations with Microsoft Windows zero-day
Cybercriminals working on behalf of at least six nation-states are actively exploiting a zero-day vulnerability in Microsoft Windows to commit espionage, steal data and cryptocurrency, according to Trend Micro researchers. The vulnerability, which Trend Micro tracks as ZDI-CAN-25373, allows attackers to execute hidden malicious commands due to the way Windows displays the contents of shortcut…
credential theft, Cybercrime, Cybersecurity, Data Breaches, Flashpoint, Global Security News, identity, identity theft, Information stealing malware, infostealers, malware, Ransomware, Research, stolen credentials
Infostealers fueled cyberattacks and snagged 2.1B credentials last year
Cybercriminals used information-stealing malware to a devastating effect last year, capturing sensitive data that fueled ransomware, breaches and attacks targeting supply chains and critical infrastructure, according to a new report. Infostealers were used to steal 2.1 billion credentials last year, accounting for nearly two-thirds of 3.2 billion credentials stolen from all organizations, Flashpoint said in a…
Asia Pacific, Censys, Cybercrime, Cybersecurity, FCC, Federal Bureau of Investigation (FBI), FTC, Global Security News, imessage, Palo Alto Networks, Scam, Social Engineering, Threat Intelligence, Threats, Unit 42
Who is sending those scammy text messages about unpaid tolls?
It’s not just you. Seemingly everyone is getting those text messages that serve as a notification of an unpaid toll road violation. The past due is usually less than $25, but is often paired with threats of excessive penalties, suspended vehicle registrations and threats to report the fare to state motor vehicle agencies. None of…
Cybercrime, Cybersecurity, Global IT News, Global Security News, hacking, In Brief, LockBit, Ransomware, Russia, Security
Accused LockBit ransomware developer extradited to the US
The U.S. Department of Justice announced that Rostislav Panev, who developed code and maintained infrastructure for LockBit, is now in U.S. custody. © 2024 TechCrunch. All rights reserved. For personal use only.
CryptoCurrency, Cybercrime, Cybersecurity, GitHub, Global Security News, Lazarus Group, malware, North Korea, npm, Research, Socket, software security, Threats
Lazarus Group deceives developers with 6 new malicious npm packages
Lazarus Group has burrowed deeper into the npm registry and planted six new malicious packages designed to deceive software developers and disrupt their workflows, researchers at cybersecurity firm Socket said in a Monday blog post. The North Korea-linked threat group embedded BeaverTail malware into the npm packages to install backdoors and steal credentials and data…
ACLU, Cybercrime, Cybersecurity, Electronic Frontier Foundation, encryption, Exploits, Global Security News, Government, National Center for Missing and Exploited Children, Section 230, Stop CSAM Act
Legislative push for child online safety runs afoul of encryption advocates (again)
Two members of the Senate Judiciary Committee are preparing to introduce a bipartisan bill that would mandate tech companies to more swiftly report and remove child sexual abuse material hosted on their platforms, but critics warn it could result in the weakening or elimination of encrypted messaging services that many Americans rely on. The Stop…
Bitcoin, Crypto, Cybercrime, Exclusive, Garantex, Global IT News, Global Security News, India, money laundering, Russia, Security, tether
Garantex administrator arrested in India under extradition law
Garantex co-founder Aleksej Besciokov was arrested in India’s Kerala on Tuesday under the country’s extradition law. © 2024 TechCrunch. All rights reserved. For personal use only.
Cybercrime, Global Security News
Neun Prozent der Betriebe wurden ausgespäht
Im Fokus der Spione stehen innovative, forschende Unternehmen, die im internationalen Wettbewerb stehen. AlyoshinE – Shutterstock.com Neun Prozent der Betriebe in Deutschland sind einer Befragung zufolge innerhalb von fünf Jahren Opfer eines Spionageangriffs geworden. Rund zwölf Prozent berichteten über mindestens einen Verdachtsfall oder Angriff auf ihren Betrieb, teilte das Nürnberger Institut für Arbeitsmarkt- und Berufsforschung mit. Betroffen…
Check Point, Cybercrime, Cybersecurity, Dark Storm, DDoS, Elon Musk, F5, Global Security News, Threats, Twitter, X
X suffered a DDoS attack. Its CEO and security researchers can’t agree on who did it.
Social media service X was hit by a series of distributed denial-of-service attacks Monday, which rendered the platform formerly known as Twitter inaccessible at times for users with intermittent outages and errors, according to researchers. The cause of those attacks has been much harder to discern. Elon Musk, the site’s owner, described the incident as…
Crypto, CryptoCurrency, Cybercrime, Cybersecurity, Global Security News, International, money laundering, Security
Long Arm of the Law Comes for Russian Crypto: Why Secret Service Seized Garantex
Authorities say Garantex has processed more than $96 billion in transactions since it launched in 2019.
Cybercrime, Cybersecurity, Exploits, extortion, Federal Bureau of Investigation (FBI), Global Security News, Healthcare, Ransomware, Threats
Ransomware poseurs are trying to extort businesses through physical letters
The FBI and threat researchers are warning executives to be on the lookout for physical letters in the mail threatening to leak sensitive corporate data. The letters, which are stamped “time sensitive read immediately” and shipped directly to executives through the Postal Service, are part of a nationwide scam designed to extort victims into paying…
CryptoCurrency, Cybercrime, Cybersecurity, Department of Justice (DOJ), Elliptic, Europe, Europol, Garantex, Geopolitics, Global Security News, Lazarus Group, Ransomware, Russia, sanctions, Secret Service, Technology, Telegram
Russian crypto exchange Garantex seized in international law enforcement operation
U.S. and European law enforcement agencies have seized the infrastructure of Garantex, a cryptocurrency exchange accused of laundering billions in criminal proceeds, in a sweeping international operation that signals heightened focus on illicit financial flows in cryptocurrency markets. According to Justice Department documents unsealed Friday, the Moscow-based exchange processed approximately $96 billion in cryptocurrency transactions…
APT27, china, Cybercrime, Cybersecurity, Exploits, Global Security News, hacking, ivanti, Microsoft Threat Intelligence Center, Research, silk typhoon, Threats
Silk Typhoon shifted to specifically targeting IT management companies
The Chinese state-backed threat group Silk Typhoon shifted tactics in late 2024 to broaden access and enable follow-on attacks against downstream customers of its initial targets, Microsoft Threat Intelligence said in a blog released Wednesday. The Chinese espionage group, which is also known as APT27, has abused stolen API keys and credentials for privileged access…
Asia Pacific, china, Cybercrime, Cybersecurity, Department of Justice (DOJ), Federal Bureau of Investigation (FBI), Geopolitics, Global Security News, Government, indictment, Legal, Threats, Treasury Department
US indicts 12 Chinese nationals for vast espionage attack spree
The Justice Department on Wednesday indicted 12 Chinese nationals for their alleged involvement in an extensive nation-state-backed espionage campaign that included a spree of attacks on U.S. federal and state agencies, including the late 2024 attack targeting the Treasury Department. Officials accused the Chinese individuals, including two officers of China’s Ministry of Public Security, eight…
crowdstrike, Cybercrime, Cybersecurity, Global Security News, hacking, Palo Alto Networks, Ransomware, ReliaQuest, Research, Threat Intelligence, Threats, Unit 42
Cybercriminals picked up the pace on attacks last year
Threat actors became increasingly efficient last year, rapidly achieving lateral movement and swiftly stealing data at a faster clip than ever before, according to multiple threat intelligence firms. The reduced time frame is a clear indicator that cybercriminals are constantly improving their ability to be successful. With the abuse of legitimate system tools to help…
Cybercrime, Europol, Global Security News, law enforcement, U.S. courts
Investigator says differing names for hacker groups, hackers studying investigative methods hinders law enforcement
Malicious hacking groups pay close attention to public documents related to criminal prosecutions, and the lack of standardized names for those groups hampers U.S. federal law enforcement, an investigator said in a recent speech. The investigator, who could not be named under the conditions of the speech, said those are just two of many problems…
Cybercrime, Exploits, Global Security News
Interna von Ransomware-Gruppe Black Basta durchgesickert
Über die vergangenen Jahre hat Black Basta mit mehr als 500 Opfern weltweit von sich Reden gemacht. Durchgesickerte Chat-Protokolle enthüllen die innere Funktionsweise und interne Konflikte der Gruppe. DC Studio – shutterstock.com Black Basta betrat erstmals im April 2022 die Hackerbühne und nutzte den inzwischen weitgehend verschwundenen QakBot, auch bekannt als QBot. Einem von der…
cyber espionage, Cybercrime, Cybersecurity, data theft, Department of Justice (DOJ), Global Security News, Google Threat Intelligence Group, North America, Ransomware, Research, Russia, Snowflake, Threats, Unit 221B
Army soldier linked to Snowflake attack spree allegedly tried to sell data to foreign spies
U.S. authorities say a 21-year-old U.S. Army soldier attempted to sell stolen sensitive information to a foreign intelligence service as part of a broader effort to extort victims and leak call records of high-ranking public officials. In November while on active duty, Cameron Wagenius made multiple attempts to extort $500,000 from a major telecommunications company…
AI, Artificial Intelligence (AI), Cybercrime, deepfakes, Global Security News, Microsoft, Microsoft Digital Crimes Unit, North America, openai
Microsoft IDs developers behind alleged generative AI hacking-for-hire scheme
Microsoft has identified individuals from Iran, China, Vietnam and the United Kingdom as primary players in an alleged international scheme to hijack and sell Microsoft accounts that could bypass safety guidelines for generative AI tools. In December, Microsoft petitioned a Virginia court to seize infrastructure and software from 10 unnamed individuals who the company claims…
blockchain, Chainalysis, Crypto, crypto crime, CryptoCurrency, Cybercrime, Cybersecurity, Elliptic, ethereum, Exploits, Global Security News, Lazarus Group, Money, North Korea, TRM Labs
Crypto analysts stunned by Lazarus Group’s capabilities in $1.46B Bybit theft
Last week’s $1.46 billion Ethereum theft by North Korean-linked Lazarus Group has sent shockwaves through the cybercrime ecosystem, as it has not only joined the ranks of the largest known financial thefts in history but also demonstrated that the group’s skillset is presenting new challenges for defenders. In the wake of the theft, numerous experts…
Cybercrime, Cybersecurity, data theft, encryption, extortion, Global Security News, Incident Response, Palo Alto Networks, Ransomware, Research, Threats, Uncategorized, Unit 42
Threat actors are increasingly trying to grind business to a halt
Cybercriminals intentionally disrupted operations at a growing rate last year, Palo Alto Networks’ threat intelligence firm Unit 42 said in an annual incident response report released Tuesday. Of the nearly 500 major cyberattacks Unit 42 responded to last year, 86% involved business disruption, including operational downtime, fraud-related losses, increased operating costs and negative reputational impacts. …
Black Basta, Conti, Cybercrime, Cybersecurity, Global Security News, Google Threat Intelligence Group, Ransomware, Recorded Future, Research
What defenders are learning from Black Basta’s leaked chat logs
Black Basta’s internal chat logs, which were leaked earlier this month, are providing defenders with actionable intelligence on the ransomware group’s operations, cybercrime experts told CyberScoop. Researchers sifting through Black Basta’s exposed communications found details about the group’s preferred tools and techniques, including custom malware loaders, indicators of compromise, cryptocurrency wallets and email addresses associated…
Apple, Cybercrime, Cybersecurity, Data Privacy, encryption, Global Security News, Government, lawful access, Technology, United Kingdom (U.K.)
Apple pulls end-to-end encryption feature from UK after demands for law enforcement access
Apple has pulled Advanced Data Protection, a feature that provides end-to-end encrypted data storage through iCloud, from the United Kingdom following a fight with the British government over law enforcement access. Starting Friday, U.K. users who attempt to access the feature on their phones or computers will be denied. Users who already had Advanced Data…
Cybercrime, Global Security News
Security-Infotainment: Die besten Hacker-Dokus
Sie fühlen sich leer ohne Security-Dashboard? Diese Dokumentationen überbrücken den Schmerz bis zum nächsten Arbeitstag. Foto: Gorodenkoff – shutterstock.com Wenn Sie in Ihrer Profession als Sicherheitsentscheider voll aufgehen, brauchen Sie möglicherweise auch zwischen den Arbeitstagen ihre tägliche Dosis Cybersecurity. Falls Ihnen die zahlreichen Annäherungen Hollywoods an das Thema viel zu weit von der Realität entfernt…
CFTC, Crypto, crypto crime, Cybercrime, Emerging Tech, Global Security News, Government, Securities and Exchange Commission (SEC)
SEC rebrands cryptocurrency unit to focus on emerging technologies
The Securities and Exchange Commission announced Thursday that it was changing its Crypto Assets and Cyber Unit to the “Cyber and Emerging Technologies Unit.” The regulator said its new unit will “focus on combatting cyber-related misconduct and to protect retail investors from bad actors in the emerging technologies space.” The newly rebranded unit will be…
Android, Cybercrime, Global IT News, Global Security News, Google Play, Media & Entertainment, privacy, Security, Spyware, stalkerware, vietnam
Your Android phone could have stalkerware. Here’s how to remove it
This simple guide helps you identify and remove common consumer-grade spyware apps from your Android phone. © 2024 TechCrunch. All rights reserved. For personal use only.
Cybercrime, Cybersecurity, Global Security News, Google Threat Intelligence Group, GRU, messaging apps, phishing, Research, Russia, Sandworm, signal, Threats, Uncategorized
Russia-aligned threat groups dupe Ukrainian targets via Signal
Russian state threat groups have compromised Signal accounts used by Ukrainian military and government personnel to eavesdrop on real-time communications, Google Threat Intelligence Group said in a report released Wednesday. “This is a persistent, ongoing campaign being carried out by multiple different Russia-aligned threat actors,” Dan Black, principal analyst at Google Threat Intelligence Group, said…
Cybercrime, Cybersecurity, Darktrace, edge devices, Exploits, Fortinet, Global Security News, ivanti, Palo Alto Networks, Research, Threats, vulnerabilities, vulnerability
Edge device vulnerabilities fueled attack sprees in 2024
Edge devices harboring zero-day and n-day vulnerabilities were linked to the most consequential attack campaigns last year, Darktrace said in an annual threat report released Wednesday. Darktrace’s threat researchers found the most frequent vulnerability exploits in customers’ instances of Ivanti Connect Secure and Ivanti Policy Secure appliances, along with firewall products from Fortinet and Palo…
BitDefender, comparitech, Cybercrime, Cybersecurity, Exploits, Featured, Global Security News, News, phishing, Scams, Security Awareness, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X, Spotlight, valentine's day
Cybercriminals Exploit Valentine’s Day with Romance Scams, Phishing Attacks
As Valentine’s Day approaches, cybercriminals are ramping up their efforts to exploit consumers through romance scams, phishing campaigns and fraudulent e-commerce offers. The post Cybercriminals Exploit Valentine’s Day with Romance Scams, Phishing Attacks appeared first on Security Boulevard.
APT44, Asia Pacific, china, Cybercrime, Global Security News, Google, Iran, North Korea, Russia, Sandworm, Trellix, Ukraine
U.S. adversaries increasingly turning to cybercriminals and their malware for help
Governments of the United States’ chief adversaries in cyberspace, especially Russia, have increasingly been relying on cybercriminals and their tools to advance their goals, according to a Google report published Tuesday. There’s long been overlap between government and criminal cyber operators, but governments are now enjoying the benefits of collaboration and borrowing more — both…
Computer Fraud and Abuse Act (CFAA), Cybercrime, Global Security News, Kirsten Gillibrand, Mike Rounds, North America, Policy
Bipartisan Senate bill would strengthen cybercrime penalties
Cybercrimes could be punished more harshly under a new bill from a pair of senators that seeks to amend U.S. criminal code on computer fraud. The Cyber Conspiracy Modernization Act from Sens. Mike Rounds, R-S.D., and Kirsten Gillibrand, D-N.Y., would modify the Computer Fraud and Abuse Act (CFAA) to establish a specific penalty for conspiracy…
bulletproof hosting, Cybercrime, Global Security News, LockBit, North America, Ransomware, Threats, Treasury Department, Zservers
U.S. sanctions bulletproof hosting provider for supplying LockBit infrastructure
A consortium of U.S., Australian and U.K. officials announced coordinated sanctions Tuesday against Zservers, a Russia-based bulletproof hosting provider. The action targets the company for its role in facilitating ransomware attacks, most notably those conducted by the LockBit ransomware-as-a-service (RaaS) group. Officials detailed that Zservers has long been linked to cybercriminal forums, where it has…
8base, Clop, Cybercrime, Cybersecurity, DoD Cyber Crime Center, Europe, Federal Bureau of Investigation (FBI), Global Security News, LockBit, Ransomware, Threats
Thai authorities detain four Europeans in ransomware crackdown
In a sweeping international law enforcement operation, Thai authorities arrested four Europeans in Phuket, accusing them of orchestrating ransomware attacks affecting Swiss companies worldwide. The suspects are allegedly tied to the 8Base ransomware-as-a-service (RaaS) gang, which extorted $16 million worth of Bitcoin from over 1,000 individuals. The operation, termed “Phobos Aetor,” reflected a tightly coordinated…
Cybercrime, Cybersecurity, Exploits, Global Security News, intezer, Research, Solis Security, Threats, VeraCore, XE Group, zero days
From credit card fraud to zero-day exploits: Xe Group expanding cybercriminal efforts
A cybercriminal organization that has been operating for over a decade has moved from credit-card skimming to exploiting zero-day vulnerabilities, according to a joint investigation by cybersecurity firms Solis Security and Intezer. The group, tracked as XE Group, now poses heightened risks to global supply chains, particularly in manufacturing and distribution sectors, by leveraging stealthier…
Amy Klobuchar, Cybercrime, fbi, Federal Bureau of Investigation, Federal Bureau of Investigation (FBI), FISA, Global Security News, Government, John Cornyn, Kash Patel, Peter Welch, Policy, Ross Ulbricht, Section 702, Senate Judiciary Committee, silk road
FBI nominee Kash Patel gets questions on cybercrime investigations, Silk Road founder, surveillance powers
A senator on Thursday questioned whether the president’s pick to lead the FBI might harm cybercrime investigations with his plans for the bureau. At a nomination hearing of the Senate Judiciary Committee, Amy Klobuchar, D-Minn., asked Kash Patel about comments he made in September. “I’d shut down the FBI Hoover building on day one and…
Cybercrime, Department of Justice (DOJ), Global Security News, HeartSender, phishing kit, Saim Raza, Threats
Department of Justice partners with Dutch police to break up HeartSender network
Authorities in the United States and the Netherlands have dismantled a sophisticated Pakistan-based cybercrime network known as Saim Raza. The operation, dubbed “Operation Heart Blocker,” culminated Wednesday with the coordinated seizure of 39 domains and servers. Also known as HeartSender, Saim Raza was responsible for developing and selling phishing kits, with the Department of Justice…
Cybercrime, Cybersecurity, Europol, fbi, Global IT News, Global Security News, law enforcement, Operation Talent, Security, US Department of Justice
US Justice Department says cybercrime forum allegedly affected 17 million Americans
U.S. prosecutors accused an Argentinian national living in Spain of being an “active administrator” of Nulled, one of the two hacking forums seized and shut down by authorities. © 2024 TechCrunch. All rights reserved. For personal use only.
Cybercrime, Cybersecurity, Europol, fbi, Global IT News, Global Security News, Hackers, law enforcement, nulled, Operation Talent, Security
International police coalition takes down two prolific cybercrime and hacking forums
Authorities said the two forums — Cracked and Nulled — had more than 10 million users. © 2024 TechCrunch. All rights reserved. For personal use only.
cracked, Cybercrime, Cybersecurity, Federal Bureau of Investigation (FBI), Global Security News, nulled, Threats
FBI seizes major cybercrime forums in coordinated domain takedown
The Federal Bureau of Investigation, along with several other international law enforcement departments, has seized control of several high-profile online platforms linked to cybercrime in a sweeping operation aimed at disrupting digital marketplaces for stolen credentials and hacking tools. The domains of forums Cracked[.]io and Nulled[.]to now redirect to FBI-controlled servers, signaling efforts to dismantle…
Cybercrime, Department of Justice (DOJ), Global Security News, North Korea, North Korean IT workers
DOJ indicts five in North Korean fake IT worker scheme
The U.S. government delivered another blow to North Korea’s fake IT worker scheme Thursday, with the Department of Justice announcing indictments against five men for fraudulently obtaining remote credentials to work with American companies and generate revenue for Pyongyang. The indictments of North Korean nationals Jin Sung-Il and Pak Jin-Song, Mexican national Pedro Ernesto Alonso…
Asia Pacific, BreachForums, Cybercrime, Department of Justice (DOJ), Global Security News, Pompompurin, Threats
BreachForums founder to be resentenced after court vacates previous punishment
A U.S. appeals court has vacated the initial sentence given to Conor Brian Fitzpatrick, who pleaded guilty in 2023 for charges related to his work as founder of the notorious BreachForums website. The appeal, filed by the U.S. government, signals that a new sentence could be much more harsh than the one initially issued last…
Asia Pacific, china, Cybercrime, Flax Typhoon, Global Security News, Office of Foreign Assets Control (OFAC), Salt Typhoon, Treasury Department
Treasury sanctions Chinese cybersecurity company, affiliate for Salt Typhoon hacks
The Department of the Treasury has sanctioned a Chinese national and a cybersecurity company based in Sichuan, China, for taking part in the Salt Typhoon hacking campaign that has swept up data from at least nine U.S. telecommunications companies. The department’s Office of Foreign Assets Control (OFAC) named Yin Kecheng of Shanghai and the Sichuan…
Asia Pacific, china, Cybercrime, Department of Justice, Global Security News, Government, PlugX, Remote access trojan, Sekoia, Threats
Law enforcement action deletes PlugX malware from thousands of machines
U.S. and international law enforcement agencies have removed the PlugX malware from thousands of computers worldwide in a coordinated campaign to blunt the effectiveness of one of the most infamous pieces of malware used by malicious cyber actors. According to recently unsealed court documents from the Eastern District of Pennsylvania, the U.S. Department of Justice…
Artificial Intelligence, Artificial Intelligence (AI), china, CISA, Commerce Department, critical infrastructure, Cybercrime, Cybersecurity and Infrastructure Security Agency, Cybersecurity and Infrastructure Security Agency (CISA), Department of Defense, Department of Defense (DOD), Dept of Commerce, DOD, Executive order, Global Security News, Government, North America, Policy, privacy, quantum computing, regulation
Second Biden cyber executive order directs agency action on fed security, AI, space
A draft cybersecurity executive order would tackle cyber defenses in locations ranging from outer space to the U.S. federal bureaucracy to its contractors, and address security risks embedded in subjects like cybercrime, artificial intelligence and quantum computers. The draft, a copy of which CyberScoop obtained, constitutes one big last stab at cybersecurity in the Biden…
crypto mixer, Cybercrime, Department of Justice (DOJ), Federal Bureau of Investigation (FBI), Global Security News, money laundering, Russia
Russian nationals charged with operating crypto mixers that masked cybercrime funds
Three Russian nationals were indicted this week for their roles in managing a pair of cryptocurrency mixing services, operations that were funded in part by money gained through ransomware attacks. The indictment from a federal grand jury in the Northern District of Georgia alleges that Roman Vitalyevich Ostapenko, 55, Alexander Evgenievich Oleynik, 44, and Anton…
Budapest Convention, Chris Painter, Cybercrime, David Kaye, Electronic Frontier Foundation, Geopolitics, Global Forum on Cyber Expertise, Global Security News, human rights, North America, Policy, privacy, Russia, State Department, treaties, United Nations
After UN adoption, controversial cybercrime treaty’s next steps could prove vital
A divisive United Nations cybercrime treaty — one that critics say is a huge danger to human rights and that the United States cautiously agreed to advance — is now in the hands of member nations. The U.N. General Assembly adopted the treaty without a vote last week, leaving ratification to individual states. If the…
Cybercrime, Global Security News, North Korea, North Korean IT workers, South Korea
South Korea sanctions 15 North Koreans for IT worker scams, financial hacking schemes
The South Korean government has sanctioned more than a dozen individuals and one organization for a wide-ranging global scheme to fund North Korea’s nuclear and missile programs through impersonating IT workers abroad, stealing cryptocurrency and facilitating cyberattacks. South Korean officials on Thursday identified 15 North Korean nationals and the Chosun Geumjeong Economic Information Technology Exchange…
Cybercrime, Cybersecurity, Department of Justice (DOJ), Global Security News, Government, LockBit, Ransomware, Threats, Uncategorized
Justice Department unveils charges against alleged LockBit developer
The U.S. Department of Justice revealed charges Friday against Rostislav Panev, a dual Russian and Israeli national, for his alleged role as a developer in the notorious LockBit ransomware group. Panev was arrested in Israel following a U.S. provisional arrest request and is currently awaiting extradition. Authorities allege that Panev has been an instrumental figure…
APT41, Asia Pacific, backdoor, china, Cybercrime, Geopolitics, Global Security News, Government, malware, nation-state hackers, php, QiAnXin, Threats, Winnti
PHP backdoor looks to be work of Chinese-linked APT group
Cybersecurity researchers at a China-based cybersecurity company have uncovered an advanced PHP backdoor that suggests a new asset in the arsenal of Chinese-linked Advanced Persistent Threat group Winnti. Researchers at QiAnXin’s XLab discovered the backdoor, which they titled Glutton, targeting China, the United States, Cambodia, Pakistan, and South Africa. After initially discovering the malware in…
AI, Cybercrime, Cybersecurity, Global Security News, regulation, Regulatory Compliance, Security Boulevard (Original), Social - Facebook, Social - LinkedIn, Social - X
Why We Should Insist on Future-Proofing Cybersecurity Regulatory Frameworks
There are concerns around the future adaptability and efficacy of regulatory frameworks, particularly among the developer community. The post Why We Should Insist on Future-Proofing Cybersecurity Regulatory Frameworks appeared first on Security Boulevard.
764, Cybercrime, Cybersecurity, Department of Justice, Global Security News, Sextortion, The Com
Arizona man arrested for alleged involvement in violent online terror networks
Baron Martin, a 20-year-old resident of Tucson, Arizona, was arrested Wednesday on charges of producing child sexual abuse material and cyberstalking. His arrest is connected to his involvement in online terror networks, specifically 764 and CVLT, which are known for violent extremist activities. Martin, also known under the alias “Convict,” is charged with significant involvement…
Cybercrime, Department of Justice, Global Security News, Government, kosovo, rydox
Cybercriminal marketplace Rydox seized in international law enforcement operation
The Justice Department announced Thursday that it had participated in a coordinated effort to seize and dismantle Rydox, an online marketplace for stolen personal information and cybercrime tools. The operation led to the arrest of three individuals alleged to be the site’s administrators. Rydox has been linked to over 7,600 illicit sales and generated substantial…
china, Cybercrime, Department of Justice, Department of Justice (DOJ), Department of State, Geopolitics, Global Security News, Justice Department, Mandiant, North America, North Korea, North Korean IT workers, Russia, State Department, U.S. courts, U.S. Department of Justice, U.S. Department of State
Court indicts 14 North Korean IT workers tied to $88 million in illicit gains
A federal court has indicted 14 more North Korean IT workers as part of an ongoing U.S. government campaign to crack down on Pyongyang’s use of tech professionals to swindle American companies and nonprofits. The Justice Department said the 14 indicted workers generated at least $88 million throughout a conspiracy that stretched over approximately six…
business email compromise (BEC), Cybercrime, Department of Justice (DOJ), Global Security News, North America, Treasury Department
Notorious Nigerian cybercriminal tied to BEC scams extradited to U.S.
Abiola Kayode, a 37-year-old Nigerian national, has been extradited from Ghana to the United States to face charges of conspiracy to commit wire fraud. Kayode, who was on the FBI’s Most Wanted cybercriminal list, is charged with participating in a business email compromise (BEC) scheme and romance fraud from January 2015 to September 2016, defrauding…
booter and stresser services, Cybercrime, Cybersecurity, DDoS, Department of Justice (DOJ), Europe, Europol, Global Security News, Government, National Crime Agency, Threats
International crackdown disrupts DDoS-for-hire operations
In a sweeping international crackdown, law enforcement agencies from 15 countries, including the United States and multiple European nations, have dismantled 27 of the most popular platforms used for carrying out distributed denial-of-service (DDoS) attacks, Europol announced Wednesday. The operation, known as PowerOFF, has led to the arrest of three administrators in France and Germany…