cybercrime Archives - Help Net Security

cybercrime

Phishers use encrypted file attachments to steal Microsoft 365 account credentials

May 26, 2023

Phishers are using encrypted restricted-permission messages (.rpmsg) attached in phishing emails to steal Microsoft 365 account credentials. “[The campaigns] are low …

New Buhti ransomware uses leaked payloads and public exploits

May 26, 2023

A newly identified ransomware operation has refashioned leaked LockBit and Babuk payloads into Buhti ransomware, to launch attacks on both Windows and Linux systems. Use of …

Legion AWS credential harvester and hijacker analyzed

May 24, 2023

Researchers from Cado Labs recently encountered an update to the emerging cloud-focused malware family, Legion. This sample iterates upon the credential harvesting features of …

Legitimate Android app transforms into data-snooping malware

May 24, 2023

ESET researchers have discovered a trojanized Android app named iRecorder – Screen Recorder. It was available on Google Play as a legitimate app in September 2021, with …

Online scams target bargain-hunting holiday travelers

May 23, 2023

30% of adults have fallen victim or know someone who has fallen victim to an online scam while trying to save money when booking travel, according to McAfee. 34% of those who …

Malicious links and misaddressed emails slip past security controls

May 22, 2023

The majority of organizations use six or more communication tools, across channels, with email remaining the channel seen as the most vulnerable to attacks (38%), according to …

Infamous cybercrime marketplace offers pre-order service for stolen credentials

May 17, 2023

Infostealer malware, which consist of code that infects devices without the user’s knowledge and steals data, remains widely available to buy through underground forums and …

New trends in ransomware attacks shape the future of cybersecurity

May 16, 2023

Corvus Insurance analyzed data from the dark web and ransomware leak sites. Researchers uncovered a 60% increase in ransomware victims in March 2023, marking the highest …

Fraud victims risk more than money

May 12, 2023

Digital fraud has significant financial and psychological repercussions on victims, according to Telesign. Businesses may find a new reason to fear digital fraud as the …

Turla’s Snake malware network disrupted by Five Eyes’ authorities

May 10, 2023

The US Justice Department announced the completion of court-authorized operation MEDUSA, to disrupt a global peer-to-peer network of computers compromised by sophisticated …

56,000+ cloud-based apps at risk of malware exfiltration

May 10, 2023

The technology sector had the highest number of malware-infected employees, most exposed corporate credentials and the majority of all stolen cookies, according to SpyCloud. …

Think your data has no value? Scammers disagree

May 5, 2023

In the first quarter of 2023 there was a significant increase in cyberattacks exploiting trust in established tech brands Microsoft and Adobe, according to Avast. The Avast …

cybercrime

Phishers use encrypted file attachments to steal Microsoft 365 account credentials

New Buhti ransomware uses leaked payloads and public exploits

Legion AWS credential harvester and hijacker analyzed

Legitimate Android app transforms into data-snooping malware

Online scams target bargain-hunting holiday travelers

Malicious links and misaddressed emails slip past security controls

Infamous cybercrime marketplace offers pre-order service for stolen credentials

New trends in ransomware attacks shape the future of cybersecurity

Fraud victims risk more than money

Turla’s Snake malware network disrupted by Five Eyes’ authorities

56,000+ cloud-based apps at risk of malware exfiltration

Think your data has no value? Scammers disagree

Don't miss

Phishers use encrypted file attachments to steal Microsoft 365 account credentials

New Buhti ransomware uses leaked payloads and public exploits

Strengthening travel safety protocols with ISO 31030

Phishing campaign targets ChatGPT users

Barracuda email security appliances hacked via zero-day vulnerability (CVE-2023-2868)