Cybercrime


NEWS 
  • Disqus Hacked: More than 17.5 Million Users’ Details Stolen in 2012 Breach

    October 6, 2017

    Another day, Another data breach disclosure. This time the popular commenting system has fallen victim to a massive security breach. Disqus, the company which provides a web-based comment plugin for websites and blogs, has admitted that it was breached 5 years ago in July 2012 and hackers stole details of more than 17.5 million users. The stolen data ...

  • Spy vs spy vs hacker vs… who is THAT? Everyone’s hacking each other

    October 5, 2017

    VB2017 Intel agencies and top-tier hackers are actively hacking other hackers in order to steal victim data, borrow tools and techniques, and reuse each other’s infrastructure, attendees at Virus Bulletin Con, Madrid, were told yesterday. The increasing amount of spy-vs-spy type activity is making accurate threat intel increasingly difficult for security researchers, according to Kaspersky Lab. Threat intelligence ...

  • Inside the CCleaner Backdoor Attack

    October 5, 2017

    As the investigation continues into the backdoor planted inside CCleaner, two members of parent company Avast’s threat intelligence team said today the desktop and cloud versions of the popular software contained different payloads. The revelation was made during a talk at Virus Bulletin 2017 during which Jakub Kroustek and Jiri Bracek shared technical details on the ...

  • FormBook—Cheap Password Stealing Malware Used In Targeted Attacks

    October 5, 2017

    It seems sophisticated hackers have changed the way they conduct targeted cyber operations—instead of investing in zero-days and developing their malware; some hacking groups have now started using ready-made malware just like script kiddies. Possibly, this could be a smart move for state-sponsored hackers to avoid being attributed easily. Security researchers from multiple security firms, including Arbor Networks and FireEye, ...

  • Equifax Says 145.5M Affected by Breach, Ex-CEO Testifies

    October 3, 2017

    Equifax, the credit agency behind this summer’s breach of 143 million Americans, said this week the number of victims implicated in the breach has increased. Paulino do Rego Barros, Jr., the company’s interim CEO, announced Monday that 2.5 million additional Americans were also impacted, bringing the grand total to 145.5 million affected individuals. Equifax initially called its investigation around ...

  • National Lottery website brought down by cyber hack attack leaving thousands unable to buy tickets

    September 30, 2017

    A cyber attack brought down the the National Lottery website last night, Camelot has admitted. The website was down for more than an hour-and-a-half yesterday evening, due to a distributed denial of service (DDOS) attack – when hackers flooded the website with online traffic. A Camelot spokesperson said: “Unfortunately, as experienced by many companies, The National Lottery website was subject to ...

  • Two Danish ministries taken offline by cyber attack

    September 28, 2017

    A Turkish hacker group has claimed responsibility for a cyber attack that has rendered the Danish Ministry of Immigration website inaccessible. The Ministry of Immigration, as well as the Ministry of Foreign Affairs of Denmark, were hit Wednesday by a cyber attack thought to have come from a Turkish hacker group, reports broadcaster DR. The former ministry’s website ...

  • Researchers promise demo of ‘God-mode’ pwnage of Intel mobos

    September 26, 2017

    Security researchers say they’ve found a way to exploit Intel’s accident-prone Management Engine, and will reveal the problem at Black Hat Europe in December. Positive Technologies researchers say the exploit “allows an attacker of the machine to run unsigned code in the Platform Controller Hub on any motherboard via Skylake+”. Intel Management Engine (ME), a microcontroller that ...

  • EternalBlue Exploit Used in Retefe Banking Trojan Campaign

    September 22, 2017

    Criminals behind the Retefe banking Trojan have added a new component to their malware that uses the NSA exploit EternalBlue. The update makes Retefe the latest malware family to adopt the SMBv1 attack against a patched Windows vulnerability, and could signal an emerging trend, said researchers at Proofpoint. Earlier this year, researchers at Flashpoint observed the TrickBot ...

  • More data lost or stolen in first half of 2017 than the whole of last year

    September 20, 2017

    More data records have been lost or stolen during the first half of 2017 (1.9 billion) than all of 2016 (1.37 billion). Digital security company Gemalto’s Breach Level Index (PDF), published Wednesday, found that an average of 10.4 million records are lost or stolen every day. During the first half of 2017 there were 918 reported data ...

  • Banker helped gang launder £16m for cybercriminals

    September 20, 2017

    A gang of five men, including a corrupt banker, have pleaded guilty to their part in laundering more than £16m for international cybercriminals. Using their man on the inside at Barclays, the gang set up around 400 bank accounts over a three-year period, according to the UK’s National Crime Agency. They shuffled stolen funds through these accounts ...

  • Vevo Music Video Service Hacked — 3.12TB of Internal Data Leaked

    September 15, 2017

    OurMine is in headlines once again—this time for breaching the popular video streaming service Vevo. After hunting down social media accounts of HBO and defacing WikiLeaks website, the infamous self-proclaimed group of white hat hackers OurMine have hacked Vevo and leaked about 3.12 TB worth of internal files. Vevo is a joint venture between Sony Music Entertainment, Universal Music Group, Abu ...

  • Equifax hack: Britons among 143 million people to have their details compromised

    September 8, 2017

    Credit agency Equifax has admitted that data from 143 million customers may have been compromised in a security breach earlier this year. US, UK and Canadian residents are among those to have their details accessed through a website application vulnerability. The attack was discovered to have run from mid-May until 29 July, but the US company has ...

  • Dragonfly 2.0: Hacking Group Infiltrated European and US Power Facilities

    September 7, 2017

    The notorious hacking group that has been in operation since at least 2011 has re-emerged and is still interested in targeting the United States and European companies in the energy sector. Yes, I am talking about the ‘Dragonfly,’ a well-resourced, Eastern European hacking group responsible for sophisticated cyber-espionage campaigns against the critical infrastructure of energy companies in different ...

  • Hackers Can Silently Control Siri, Alexa & Other Voice Assistants Using Ultrasound

    September 6, 2017

    What if your smartphone starts making calls, sending text messages, and browsing malicious websites on the Internet itself without even asking you? This is no imaginations, as hackers can make this possible using your smartphone’s personal assistant like Siri or Google Now. A team of security researchers from China’s Zhejiang University have discovered a clever way of ...

  • Backdoor Found in Popular Server Management Software used by Hundreds of Companies

    August 15, 2017

    Cyber criminals are becoming more adept, innovative, and stealthy with each passing day. They are now adopting more clandestine techniques that come with limitless attack vectors and are harder to detect. Recently, cyber crooks managed to infiltrate the update mechanism for a popular server management software package and altered it to include an advanced backdoor, which ...

  • WannaCrypt victims paid out over $140k in Bitcoin to get files unscrambled

    August 3, 2017

    More than $140,000 (£105,000) in Bitcoin has been paid out by victims of the global WannaCrypt ransomware outbreak from May. The money was removed from the online wallets at 4am UTC on Thursday. The Bitcoin activity was noticed by a Twitter bot set up by Quartzjournalist Keith Collins. The attack swept across at least 74 countries, and the UK’s ...

  • Hackers Hijacked Chrome Extension for Web Developers With Over 1 Million Users

    August 2, 2017

    From past few years, spammers and cyber criminals were buying web extensions from their developers and then updating them without informing their users to inject bulk advertisements into every website user visits in order to generate large revenue. But now they have shifted their business model—instead of investing, spammers have started a new wave of phishing ...

  • $39 million cyber heist crooks caught by Omani agency

    August 2, 2017

    Omani forensic specialists helped track down online crooks who stole $39 million from a government bank, the director of the Internet Technology Agency has revealed. A cyber attack on an Oman bank in 2013 sparked a global manhunt across 24 nations that led to the arrests of seven people in the USA, according to Dr Badr ...

  • Virgin America Hacked, Employee Passwords and Personal Information Compromised

    July 28, 2017

    Virgin America has confirmed in a letter sent to employees that its network was compromised by hackers, with data belonging to thousands of workers compromised and possibly stolen by the attackers. While an investigation is already under way, the airline did not provide any specifics about the hackers, saying instead that it’s working with law enforcement ...