- RolandSkimmer: Silent Credit Card Thief Uncovered
April 2, 2025
Web-based credit card skimming remains a widespread and persistent threat, known for its ability to adapt and evolve over time. FortiGuard Labs recently observed a sophisticated campaign dubbed “RolandSkimmer,” named after the unique string “Rol@and4You” found embedded in its payload. This threat actor targets users in Bulgaria and represents a new wave of credit card skimming ...
- A Rebirth of a Cursed Existence? Examining ‘Babuk Locker 2.0’ Ransomware
April 2, 2025
Ransomware remains a major threat, causing significant disruption and financial losses to organizations across various sectors. Cybercriminal groups behind these attacks constantly adapt their methods to maximize damage and profit. In early 2025, Rapid7 researchers came across a channel promoting itself as Babuk Locker. Since the original group had shut down in 2021, they decided to ...
- Criminal Actors Steal US Taxpayer Identity to File False Tax Returns and Claim Refunds
April 2, 2025
The FBI is warning the public about criminal actors stealing US taxpayer identities to file false tax returns and fraudulently claim refunds. The FBI’s Internet Crime Complaint Center (IC3) has received over 1,000 complaints about identity theft in connection with tax returns within the past year representing a 26% increase from the previous year. Stolen ...
- Palo Alto Networks gateways facing huge number of possible security attacks
April 2, 2025
Someone may be getting ready to attack Palo Alto Network devices, security researchers are warning after spotting a rise in activity. Analysts from GreyNoise said they observed a “significant surge” in login scanning activity against the company’s PAN-OS GlobalProtect portals, with almost 24,000 unique IP addresses attempting to access these portals in March 2025. “The pattern ...
- TookPS: DeepSeek isn’t the only game in town
April 2, 2025
In early March, we published a study detailing several malicious campaigns that exploited the popular DeepSeek LLM as a lure. Subsequent telemetry analysis indicated that the TookPS downloader, a malware strain detailed in the article, was not limited to mimicking neural networks. Kaspersky researchers identified fraudulent websites mimic official sources for remote desktop and 3D modeling ...
- Security firm Check Point confirms data breach, but says users have nothing to worry about
April 1, 2025
A hacker is claiming to have stolen a “highly sensitive” dataset from Check Point – but the company is looking to play down any concerns users might have. The cybercriminal, going by the name of CoreInjection, posted about the dataset of compromised Check Point files on a cybercrime forum – and alleges that the information contains ...
- UK threatens £100K-a-day fines under new cyber bill
April 1, 2025
The UK’s technology secretary revealed the full breadth of the government’s Cyber Security and Resilience (CSR) Bill for the first time this morning, pledging £100,000 ($129,000) daily fines for failing to act against specific threats under consideration. Slated to enter Parliament later this year, the CSR bill was teased in the King’s Speech in July, shortly ...
- Someone is trying to recruit security researchers in bizarre hacking campaign
April 1, 2025
Are you willing to hack and take control of Chinese websites for a random person for up to $100,000 a month? Someone is making precisely that tantalizing, bizarre, and clearly sketchy job offer. The person is using what looks like a series of fake accounts with avatars displaying photos of attractive women and sliding into the ...
- UK: Man charged after cyber attack saw terror messages displayed at train stations
April 1, 2025
A man has been charged after a cyber attack saw terror messages displayed across screens at Scotland’s busiest train stations. British Transport Police received multiple reports of a cyber security incident affecting Network Rail Wi-Fi services, provided by a third party, that displayed imagery “intended to incite religious hatred” on September 25, 2024. Network Rail said ...
- GCHQ worker admits taking top secret data home
March 31, 2025
A former GCHQ intern has admitted risking national security by taking top secret data home with him on his mobile phone. Hasaan Arshad, 25, pleaded guilty to an offence under the Computer Misuse Act on what would have been the first day of his trial at the Old Bailey in London. The charge related to committing ...
- The Espionage Toolkit of Earth Alux: A Closer Look at its Advanced Techniques
March 31, 2025
The Earth Alux APT group’s schemes and tactics have been uncloaked through our relentless monitoring and investigation efforts. The China-linked intrusion set is actively launching cyberespionage attacks against the government, technology, logistics, manufacturing, telecommunications, IT services, and retail sectors. The first sighting of its activity was in the second quarter of 2023; back then, it was ...