Cybercrime News, Articles and Updates

Government push for email authentication help cut back on BEC scam, study

Despite major investments in cybersecurity, email fraud continues to rise as cybercriminals' tactics become more advanced.

DDoS round-up: Russia claims election website was attacked; New tool offers memcached amplification attacks

Russian officials are claiming their Central Election Commission's website repelled a distributed denial of attack last Sunday during the country's national elections, which incumbent President Vladimir Putin predictably won in a landslide victory.

Credential stuffing attack suspected after several UK National Lottery accounts compromised

As many as 150 player accounts registered with the UK's National Lottery were compromised, accessed and potentially viewed by an unauthorized party, according to an online statement from Camelot, the parent company that runs the sweepstakes.

Chelsea Manning accuser Lamo dies in Kansas

In June 2010, Wired published chat logs between former hacker Lamo and Manning, in which Manning allegedly confessed to being the leaker.

Russian hackers target European agency with updated DealersChoice Adobe Flash exploit tool

The aggressive Russian APT group Sofacy targeted yet another European government agency earlier this month, attempting to infect the organization with unknown malware using a crafty new variant of its Adobe Flash-based exploit platform DealersChoice.

McCabe claims Russian probe behind his firing

McCabe said his ouster is an attempt to discredit him as a witness in Robert Mueller's investigation into Russian meddling and former FBI Director James Comey's firing.

Selfies sold alongside personal info pose new threats to wallets

Cybercriminals are selling selfies alongside their data dumps on Russian language dark web forums offering potential buyers more options to exploit victims.

Evolved Prilex malware lets cybercriminals clone chip and PIN cards

Prilex, a point-of-sale malware program that's historically been used to steal money or payment card information Brazilian ATMs and retailers, has now evolved into a comprehensive tool suite that lets cybercriminals steal chip and PIN card data and create their own functioning, fraudulent plastic cards.

Mueller subpoenas Trump Org docs relating to Russia

There is no indication that the Trump family business or the White House will resist the subpoena.

Breaches expose 50,000 student and teacher records at Leon County Schools; more districts likely affected

The records of roughly 50,000 students, parents, teachers and staff members from the Leon County Schools District in Tallahassee, Fla. were compromised in two related breach incidents involving a third-party education services provider.

Google policy change abolishes ads for cryptocurrencies

Google this week updated its financial services policy, effective June 2018, to prohibit the advertising of cryptocurrencies and related content.

Trump administration imposes sanctions on Russia for election interference, NotPetya

The administration imposed sanctions on Russian individuals and organizations, many of them identified in an indictment obtained by Special Counsel Robert Mueller, in retaliation for election interference and "malicious" cyberattacks.

BlackTDS offering lets cybercriminals purchase drive-by attacks as a service

The makers of a new "Traffic Distribution System" that performs malicious drive-by attacks as a service to paying cybercriminals have been advertising their product in underground online markets since December last year, according to a new report from Proofpoint.

Gwent Police sat on data breach exposure for a year before informing ICO

Gwent Police failed to inform up to 450 people that hackers may have accessed their confidential information after it found that an online tool that allowed citizens to report incidents to the Police was exposed to hackers.

Cyber-attacks against Russia may follow attempted nerve agent killing in UK

Offensive cyber-attacks against Russia are reported to be among options under consideration by the UK if it is dissatisfied with Russia's explanation by midnight today of the use in this country of Russian nerve agent Novichok.

Sophisticated hacking tools now in the hands of petty cybercriminals

Sophisticated hacking tools and techniques like watering-hole attacks, once used only by nation states or proxies, now increasingly used by criminal hackers, fueling concerns that state-sponsored hackers may have gone rogue.

Cybercriminals trained up for March Madness

Like any other major sporting event that draws millions of viewers, March Madness will attract bad actors trying steal money and wreak havoc.

Slingshot APT campaign exposed after six years of sophisticated spying

A cyber espionage campaign bearing all of the hallmarks of an extremely advanced nation-state actor used malware to spy on international targets for six years before it was finally detected and exposed, Kaspersky Lab reported on Friday.

Avast: CCleaner hackers planned to infect victims with third-stage Chinese hacking tool

The hackers who injected malicious code into a version of computer maintenance app CCleaner last year may have been preparing to deliver third-stage malware to at least a select few of the 2.27 million computers that had downloaded the tainted utility program.

RedisWannaMine cryptojacking attack exploits EternalBlue vulnerability and public Redis servers

A newly discovered and unusually sophisticated cryptojacking attack attempts to install cryptominers on both database and application servers by targeting misconfigured Redis servers, as well as Windows servers that are susceptible to the EternalBlue NSA exploit.

AlphaBay PR flack pleads guilty to conspiracy charge

The public spokesperson for the now defunct Dark Web marketplace AlphaBay has pleaded guilty conspiracy to commit access device fraud.

FBI used Best Buy's Geek Squad as confidential informants, FOIA docs show

Documents released the Electronic Frontier Foundation under a FOIA request "show that Best Buy officials have enjoyed a particularly close relationship" with the FBI for a decade.

Gozi ISFB malware spreading more havoc in 2018

After monitoring the malware distributor for the past six months, Talos said in a blog post that Gozi ISFB remains active in 2018 leveraging a wider distribution surface in attack recent campaigns.

'Kill switch' counters the memcached vulnerability

The countermeasure benignly "suppresses" a memcached DDoS attack threat, while leaving compromised servers online, says Corero, which disclosed the fix to national security agencies, as well as its customers.

ComboJack malware steals digital payments, cryptocurrency, by modifying info saved to clipboards

Researchers have discovered a new malware that steals cryptocurrency and other electronic funds by surreptitiously modifying wallet or payment information whenever victims copy it to their devices' clipboards.