Cybercrime

December 17, 2024

The Texas Tech University Health Sciences Center (TTUHSC) confirmed hackers accessed the personal and sensitive health data of over 1.4 million individuals during a September cyberattack. The cyberattack, which also affected TTUHSC’s El Paso campus, saw attackers steal information including Social Security numbers, financial account information, government-issued ID details, and health information — including medical records ...

December 17, 2024

In late October 2024, a new scheme for distributing a certain Android banking Trojan called “Mamont” was uncovered. The victim would receive an instant message from an unknown sender asking to identify a person in a photo. The attackers would then send what appeared to be the photo itself but was actually a malware installer. Shortly ...

December 16, 2024

An unfamiliar type of scam has surged against everyday people, with a year-over-year increase of some 400%, putting job seekers at risk of losing their time and money. The emerging threat is delivered in “task scams” or “gamified job scams.” While these scams were virtually non-existent in 2020, the FTC reported 5,000 cases in 2023 and ...

December 16, 2024

The Federal Bureau of Investigation (FBI) is releasing this Private Industry Notification (PIN) to highlight HiatusRAT1 scanning campaigns against Chinese-branded web cameras and DVRs. Private sector partners are encouraged to implement the recommendations listed in the “Mitigation” column of the table below to reduce the likelihood and impact of these attack campaigns. Threat HiatusRAT is a ...

December 16, 2024

In this blog, the global experts across our Rapid7 Labs and Managed Services teams share real-time vulnerability insights and threat intelligence so that our customers can anticipate and prevent breaches, pinpoint critical threats, and confidently take command of their attack surface. The Rapid7 Labs team has rounded up statistics and trends that caught their eye throughout ...

December 15, 2024

The recent discovery of macOS.NotLockBit suggests a shift in the landscape, as this newly identified malware, named after the notorious LockBit variant, could mark the beginning of more serious ransomware campaigns against Mac users. Ransomware targeting Mac devices tends to lack the necessary tools to truly lock files or exfiltrate data. The general perception has been ...

December 13, 2024

Police apprehended six people suspected of being involved in call centre scams and the illegal trade of firearms. The Cyber Crime Investigation Bureau (CCIB) announced the arrest on Tuesday, December 10, indicating possible connections between the suspects and insurgency financing in Thailand’s southern regions. The arrests took place on December 10 in Songkhla and Yala provinces ...

December 11, 2024

Doughnut chain Krispy Kreme says it has been hit by a cyberattack which has disrupted its online systems. Some customers in the US have been unable to make online orders as a result of the hack, which occurred in late November but has only just been disclosed. Krispy Kreme revealed the attack in a regulatory filing ...

December 11, 2024

Law enforcement agencies worldwide have disrupted a holiday tradition for cybercriminals: launching Distributed Denial-of-Service (DDoS) attacks to take websites offline. As part of an ongoing international crackdown known as PowerOFF, authorities have seized 27 of the most popular platforms used to carry out these attacks. Known as ‘booter’ and ‘stresser’ websites, these platforms enabled cybercriminals and hacktivists ...

December 11, 2024

Russia’s Federal Security Service (FSB), in collaboration with the Russian Interior Ministry, has exposed three Moscow-based illegal call centers that affected hundreds of citizens from more than 20 European and Asian countries, the FSB reported. “The unlawful activities of an organized crime syndicate that controlled the operation of three call centers in Moscow have been disrupted,” ...