Data leak site BreachForums is back, boasting Live Nation/Ticketmaster user data. But is it a trap?


Notorious data leak site BreachForums appears to be back online after it was seized by law enforcement a few weeks ago. At least one of BreachForums domains and its dark web site are live again.

However, questions have been raised over whether it is a genuine attempt to revive the forums once again or set up as a lure by law enforcement to entrap more data dealers and cybercriminals.

Read more…
Source: Malwarebytes labs


Sign up for our Newsletter


Related:

  • New “Prestige” ransomware impacts organizations in Ukraine and Poland

    October 14, 2022

    The Microsoft Threat Intelligence Center (MSTIC) has identified evidence of a novel ransomware campaign targeting organizations in the transportation and related logistics industries in Ukraine and Poland utilizing a previously unidentified ransomware payload. MSTIC researchers observed this new ransomware, which labels itself in its ransom note as “Prestige ranusomeware”, being deployed on October 11 in ...

  • Ransom Cartel Ransomware: A Possible Connection With REvil

    October 14, 2022

    Ransom Cartel is ransomware as a service (RaaS) that surfaced in mid-December 2021. This ransomware performs double extortion attacks and exhibits several similarities and technical overlaps with REvil ransomware. REvil ransomware disappeared just a couple of months before Ransom Cartel surfaced and just one month after 14 of its alleged members were arrested in Russia. ...

  • Oil and Gas Cybersecurity: Trends & Response to Survey

    October 13, 2022

    Trend Micro conducted a study on the state of industrial cybersecurity in the oil and gas, manufacturing, and electricity/energy industries in 2022. Based on the results of a survey of over 900 ICS business and security leaders in the United States, Germany, and Japan, they discuss the characteristics of each industry, the motivations and environmental ...

  • Alchimist: A new attack framework in Chinese for Mac, Linux and Windows

    October 13, 2022

    Cisco Talos has discovered a new single-file command and control (C2) framework the authors call “Alchimist .” Talos researchers found this C2 on a server that had a file listing active on the root directory along with a set of post-exploitation tools. Cisco Talos assesses with moderate-high confidence that this framework is being used in the ...

  • Ongoing exploitation of CVE-2022-41352 (Zimbra 0-day)

    October 13, 2022

    On September 10, 2022, a user reported on Zimbra’s official forums that their team detected a security incident originating from a fully patched instance of Zimbra. The details they provided allowed Zimbra to confirm that an unknown vulnerability allowed attackers to upload arbitrary files to up-to-date servers. At the moment, Zimbra has released a patch ...

  • Private health insurance company Medibank affected by cyber attack less than a month after telco Optus was targeted

    October 13, 2022

    Health insurance giant Medibank Group is the latest Australian company to become the target of a cyber attack. Last month telecommuncations company Optus was hit by a wide-scale breach which saw more than two million customers affected. Telstra was also rocked by a data breach which saw the personal details of 30,000 current and former staff leaked. Read ...