cybercriminals

Credential stuffing is a cyberattack in which public usernames and passwords are used to gain fraudulent access to accounts through large-scale automated login requests. The heavy use of accounts, password reuse, and massive amounts of compromised credentials on the darknet create a perfect...

Even in the current era of digital evolution, malicious hackers continue to use attack vectors created decades ago. Research shows notable periods of resurgence in some methods considered obsolete. This indicates that, although the specifics of attacks may change over time, the points of...

Cryptographic attacks are sweeping the world like a tsunami. In Russia, companies with previously compromised credentials are more likely to fall under the wave. Another situation is when victims used publicly available applications with vulnerabilities, such as Microsoft Exchange. If the first...

Hackers deploy their own C2 infrastructure at the company's facilities for free, and don't hesitate to use them for malicious purposes. Cybercriminals are increasingly using the Microsoft Graph API to manage malware and bypass detection systems. According to researchers from Symantec, such...

The Reserve Bank of India (RBI, the Central Bank) intends to allow the country's banks to temporarily block accounts that are used for fraudulent schemes by cybercriminals. As reported by Reuters, citing sources, the regulator is considering such measures due to the growth of online crime in the...

Experts are sounding the alarm, claiming that Africa and the West need a unified cyber defense. Performanta identified a trend of shifting malicious digital attacks from government actors to developing countries. According to the company's analysis, organizations in developing countries are...

How ransomware for dummies is distributed on shadow forums and what it threatens. Experts from Sophos cyber intelligence department identified 19 different types of ransomware on four shadow forums between June 2023 and February 2024, which were offered for sale for relatively small amounts...

Partner programs will bring down a flurry of deception on the elderly by Victory Day. Cybercriminals are launching new large-scale fraud campaigns, timed to coincide with May 9. F. A. C. C. T. experts have discovered new partner programs aimed at older people — including veterans. Over the past...

Kaspersky Lab analyzed the events of the past and came to a disappointing conclusion. The latest Kaspersky Lab study analyzes in detail the consequences of the LockBit 3.0 constructor leak that occurred in 2022. Then cybercriminals were able to create flexibly customized versions of malware...

How new tools with unknown origins are monetized. According to a new Cisco Talos report, Vietnamese hackers have been distributing a new infostealer since May 2023 in order to get their hands on financial data. Called CoralRaider, the campaign targeted victims in India, China, South Korea...

The exchange is experiencing its second attack in 2 months. The FixedFloat project team has revealed information about the second platform security breach, which is caused by the same cybercriminals as the attack in February. On April 1, attackers exploited a vulnerability in the FixedFloat...

Scammers used new methods of deception in the East, earning $100 million. During Ramadan, Resecurity recorded a significant increase in the number of fraudulent activities and scams, coinciding with an increase in retail and online transactions. Cybercriminals are particularly active in the...

A resident of Grodno transferred more than Br50 thousand to fraudsters. BelTA learned this from Inna Poznyak, official representative of the USC for the Grodno region. "Since the beginning of the year, more than 30 criminal cases have been initiated in the Grodno region, in which the victims...

How the Achilles heel of the UDP protocol can lead to a digital catastrophe. Researchers at the CISPA identified a new type of denial-of-service (DoS) attack, dubbed "Loop DoS". The attack affects application-level protocols, causing endless communication cycles between network services and...

The US Department of Justice has announced the return of a $2.3 million cryptocurrency linked to a Pig Butchering scam that affected at least 37 US residents. During the investigation of one of these schemes in 2023, when a Massachusetts resident lost $400 thousand, the police tracked transfers...

Compromise could have been avoided if the affected organization had listened to the experts recommendations in time. As a result of a large-scale data security breach of France's largest employment agency, the personal information of more than 43 million citizens was compromised. The event...

How search engine advertising has become a powerful tool for hackers. Recent research has revealed that Chinese users who search for official versions of programs such as Notepad++ and VNote through search engines like Baidu are increasingly becoming victims of sophisticated attackers. Attacks...

The group used phishing sites to steal money from bank cards. The trial of a young programmer accused of participating in a large-scale hacker operation has ended in Belarus. The group, consisting of about 700 people, used phishing sites to steal money from bank cards. Fraudsters operated...

The original of this material © Kommersant, 19.03.2021, The Dark Side of the Darknet, Illustrations: Kommersant Yulia Stepanova, Yulia Tishina The shadow market for trading in personal data and access to IT infrastructure is a phenomenon that cannot be ignored, if only because of its impact on...

Users of Roblox and OpenAI services were particularly affected. Kaspersky Lab has discovered that in three years, hackers stole more than 36 million pairs of usernames and passwords* from various services related to artificial intelligence and gaming accounts. In the period from 2021 to 2023...