Cybercrime


NEWS 
  • MyCert: Malaysia data breaches up 29% in Q1 2025

    June 11, 2025

    The Malaysia Computer Emergency Response Team (MyCert) reported an increase in data breach incidents in Malaysia in the first quarter of the year. “Data breach incidents are growing in Malaysia with a nearly 29% increase this quarter, underscoring the need for better security measures to ensure national security and public trust,” said MyCert. According to its ...

  • US government’s vaccine website defaced with AI-generated content

    June 11, 2025

    A U.S. government website designed to inform the public about vaccines has been defaced and now hosts apparently AI-generated spam. The domain, which belongs to the U.S. Department of Health and Human Services (HHS), appears to have been hosting the same kind of content — mostly gay-themed and LGBTQ+ posts — since at least May 12, ...

  • Toxic trend: Another malware threat targets DeepSeek

    June 11, 2025

    DeepSeek-R1 is one of the most popular LLMs right now. Users of all experience levels look for chatbot websites on search engines, and threat actors have started abusing the popularity of LLMs. kaspersky previously reported attacks with malware being spread under the guise of DeepSeek to attract victims. The malicious domains spread through X posts and ...

  • BlackSuit Continues Social Engineering Attacks in Wake of Black Basta’s Internal Conflict

    June 10, 2025

    There has been a significant decrease in social engineering attacks linked to the Black Basta ransomware group since late December 2024. This lapse also included the leaked Black Basta chat logs in February 2025, indicating internal conflict within the group. Despite this, Rapid7 has observed sustained social engineering attacks. Evidence now suggests that BlackSuit affiliates have ...

  • UK: Police Federation pays £15m to officers hit by cyber attack

    June 10, 2025

    The Police Federation has paid out £15 million to 19,000 current and former officers who had their personal details compromised and stolen by cyber criminals. Two huge attacks exposed the home addresses of some officers to hackers six years ago, and in March 2022 the federation admitted liability for unlawfully processing officers’ personal details by not ...

  • Major US grocery distributor warns of disruption after cyberattack

    June 9, 2025

    United Natural Foods (UNFI), a major distributor of groceries to Whole Foods and other retailers, said on Monday that it was hit by a cyberattack, warning of disruptions to its ability to fulfill and distribute customer orders. UNFI said in a Monday filing with the U.S. Securities and Exchange Commission that it became aware of unauthorized ...

  • Sleep with one eye open: how Librarian Ghouls steal data by night

    June 9, 2025

    Librarian Ghouls, also known as “Rare Werewolf” and “Rezet”, is an APT group that targets entities in Russia and the CIS. The group has remained active through May 2025, consistently targeting Russian companies. A distinctive feature of this threat is that the attackers favor using legitimate third-party software over developing their own malicious binaries. The malicious ...

  • Fortinet Flaws Exploited by Qilin Ransomware

    June 8, 2025

    Fortinet was recently found to have certain vulnerabilities that hackers like the Qilin group exploited. Here’s how they manipulated these weaknesses: Misconfigurations in security appliances provided a direct entry point for Qilin.Outdated Software: Failure to update Fortinet software allowed the ransomware to exploit known vulnerabilities. Qilin also employs social engineering tactics to gain unauthorized access: Phishing Attacks: Targeting employees ...

  • GoldenEye Dog(APT-Q-27) gang’s recent use of “Silver Fox” Trojan stealing activities

    June 6, 2025

    GoldenEyeDog (tracked internally as APT-Q-27 by Qi’anxin) is a hacking group targeting people involved in gaming and dog-pushing in Southeast Asia, as well as the overseas Chinese community, with a range of business activities including remote control, mining, DDoS attacks, etc. It is related to a larger attack group tracked by Qi’anxin, the Miuuti Group. The ...

  • Analysis of the latest Mirai wave exploiting TBK DVR devices with CVE-2024-3721

    June 6, 2025

    The abuse of known security flaws to deploy bots on vulnerable systems is a widely recognized problem. Many automated bots constantly search the web for known vulnerabilities in servers and devices connected to the internet, especially those running popular services. These bots often carry Remote Code Execution (RCE) exploits targeting HTTP services, allowing attackers to embed ...