Cybercriminals are using OneNote attachments in phishing emails to infect victims with remote access malware, allowing them to steal passwords and cryptocurrency wallets. Since attackers have been spreading malware via infected Word and Excel attachments…

A database storing hundreds of thousands of unencrypted credit card numbers and cardholder information was found exposed on the Internet. The database had around 330,000 credit card numbers, cardholder names, and complete billing addresses when it was…

In recent weeks, SentinelOne has observed an increase in malicious search engine advertisements. SentinelOne researchers note that attackers using Search Engine Optimization (SEO) poisoning are typically more successful when they SEO poison the results…

According to a new report from the GuidePoint Research and Intelligence Team (GRIT), ransomware activity increased from Q3 2022 to Q4 2022, with rebranded ransomware gangs significantly increasing the number of publicly claimed victims. No quarter of…

Ticketmaster has recently claimed they were hit by a cyberattack in November 2022 that led to extensive issues with ticket sales for Taylor Swift's US tour.  The company noted that they were hit with three times the amount of bot traffic than they…

A Dutch hacker allegedly stole data on 9 million Austrian citizens via a misconfigured cloud database, thus leading to their recent arrest. The attack was first detected in May 2020 and involved the Fees Info Service (GIS), which is responsible for…

The Hive ransomware operation appears to have been shut down as part of a major law enforcement operation involving agencies in 10 countries.  A message in Russian and English on the Hive ransomware operation's Tor-based website reads: "The Federal…

The UK has issued a warning about the threat posed by targeted spear-phishing attacks against organizations and individuals conducted by malicious threat actors in Russia and Iran. In an advisory, the National Cyber Security Centre (NCSC) detailed the…

Security researchers at Cybersixgill found that there was a double-digit increase in deep and dark web ads and sellers promoting counterfeit currency last year, hinting at rising demand from the criminal community.  The researchers observed a 91%…

A leading UK bank has recently warned consumers about the rise of scams in which victims are asked to pay an upfront fee for a product or service that doesn’t materialize.  According to Lloyds Bank, so-called “advance fee” fraud surged by 82% year-…

DEV-0569 is a threat actor observed using Google Ads in ongoing advertising campaigns aimed at distributing malware, stealing credentials, and ultimately compromising networks for ransomware attacks. In recent weeks, cybersecurity researchers have…

According to the Identity Theft Resource Center (ITRC), there were fewer compromises reported in the first half of 2022 due in part to Russia-based cybercriminals being distracted by the war in Ukraine and the volatility in the cryptocurrency markets.…