LockBit’s developer charged for enabling global ransomware attacks netting $500M; U.S. leads extradition effort.
Category: cybercrime/malcode – Page 10
Lazarus Group’s CookiePlus malware targets nuclear engineers, showcasing DPRK’s evolving arsenal and $1.34B in 2024 crypto thefts.
The BadBox Android malware botnet has grown to over 192,000 infected devices worldwide despite a recent sinkhole operation that attempted to disrupt the operation in Germany.
Researchers from BitSight warn that the malware appears to have expanded its targeting scope beyond no-name Chinese Android devices, now infecting more well-known and trusted brands like Yandex TVs and Hisense smartphones.
Germany’s BSI disrupts BADBOX malware targeting 30,000 devices, halting ad fraud, data theft, and proxy misuse.
A threat actor tracked as MUT-1244 has stolen over 390,000 WordPress credentials in a large-scale, year-long campaign targeting other threat actors using a trojanized WordPress credentials checker.
Researchers at Datadog Security Labs, who spotted the attacks, say that SSH private keys and AWS access keys were also stolen from the compromised systems of hundreds of other victims, believed to include red teamers, penetration testers, security researchers, as well as malicious actors.
The victims were infected using the same second-stage payload pushed via dozens of trojanized GitHub repositories delivering malicious proof-of-concept (PoC) exploits that targeted known security flaws, along with a phishing campaign prompting targets to install a fake kernel upgrade camouflaged as a CPU microcode update.
Iranian-linked IOCONTROL malware targets IoT, OT, and SCADA systems with advanced evasion tactics.
The Spanish police, working with colleagues in Peru, conducted a simultaneous crackdown on a large-scale voice phishing (vishing) scam ring in the two countries, arresting 83 individuals.
Thirty-five of the arrested people were located across Spain, including in Madrid, Barcelona, Mallorca, Salamanca, and Vigo, and another 48 were arrested in Peru.
The leader of the ring was also apprehended in Spain during the 29 simultaneous raids conducted by the cooperating police forces, which also seized cash, mobile phones, computers, and documents.
Today, AI agents have evolved to become more modular and sophisticated. Agents like ChatGPT can engage in conversations and assist in a wide range of workflows, including customer service and financial decision-making.
Technologies such as retrieval-augmented generation (RAG) allow AI systems to combine different data sources dynamically, making them more adaptive and helpful in real-world applications. As AI’s influence expands into industries such as finance, healthcare and cybersecurity, it is becoming clear that AI agents are critical components of modern business operations.
Despite the remarkable progress in AI, deploying these systems presents several challenges. One of the primary concerns is the risk of bias embedded in the datasets used to train AI agents. AI systems learn from historical data, which can contain patterns of discrimination that, if unchecked, lead to biased decisions, such as favoring particular groups over others in hiring or lending scenarios.
PowerOFF dismantles 27 DDoS stresser services, arrests administrators, and exposes CDN/WAF misconfiguration risks.
Secret Blizzard has a track record of targeting various sectors to facilitate long-term covert access for intelligence collection, but their primary focus is on ministries of foreign affairs, embassies, government offices, defense departments, and defense-related companies across the world.
The latest report comes a week after the tech giant, along with Lumen Technologies Black Lotus Labs, revealed Turla’s hijacking of 33 command-and-control (C2) servers of a Pakistan-based hacking group named Storm-0156 to carry out its own operations.
The attacks targeting Ukrainian entities entail commandeering Amadey bots to deploy a backdoor known as Tavdig, which is then used to install an updated version of Kazuar, which was documented by Palo Alto Networks Unit 42 in November 2023.