"APT28," a Russian GRU-backed threat actor, has been targeting networks across Europe with "HeadLace" malware and credential harvesting websites. The Advanced Persistent Threat (APT) group uses Legitimate Internet Services (LIS) and Living Off-the-Land Binaries (LOLBins) to hide their operations in network traffic. This article continues to discuss APT28's targeting of Europe with HeadLace malware and credential harvesting.

Security researchers at Proton have recently discovered email addresses and other information of hundreds of British, French, and European Parliament politicians on dark web marketplaces.

​A threat actor known as ShinyHunters recently announced that it is selling what it claims is the personal and financial information of 560 million Ticketmaster customers on the recently revived BreachForums hacking forum for $500,000.  The allegedly stolen databases, which were first put up for sale on the Russian hacking forum Exploit, supposedly contain 1.3TB of data and the customers' full details (i.e., names, home and email addresses, and phone numbers), as well as ticket sales, order, and event information.

Europol and German law enforcement have recently revealed the identities of eight cybercriminals linked to the various malware droppers and loaders disrupted as part of the Operation Endgame law enforcement operation.  Europol said that Operation Endgame led to the seizure of 100 servers used in multiple malware operations, including IcedID, Pikabot, Trickbot, Bumblebee, Smokeloader, and SystemBC.  The law enforcement crackdown also involved four arrests, one in Armenia and three in Ukraine.

According to security researchers at Lumen Technologies, more than 600,000 small office/home office (SOHO) routers belonging to the same ISP were rendered inoperable in a single destructive event.  The researchers noted that the impacted router models, from ActionTec and Sagemcom, were confined to the ISP’s autonomous system number (ASN), and were likely infected with Chalubo, a remote access trojan (RAT) that ensnares devices into a botnet.

The US Department of Justice (DoJ) dismantled what is considered the world's largest botnet ever. It included 19 million infected devices leased to other threat actors for committing various malicious activities. The "911 S5 botnet" served as a residential proxy service, with a global footprint spanning over 190 countries. According to the DoJ, the botnet was used for cyberattacks, financial fraud, identity theft, and more. This article continues to discuss the dismantlement of the 911 S5 botnet. 

The National Security Agency (NSA) has released a Cybersecurity Information Sheet (CSI) titled "Advancing Zero Trust Maturity Throughout the Visibility and Analytics Pillar," which describes the infrastructure, tools, data, and methods of this Zero Trust (ZT) framework pillar. Organizations are encouraged to follow the report's advice to mitigate risks and quickly identify, detect, and respond to cyber threats. Recommended actions include logging all relevant activity, centralizing security information and event management, regularly using security and risk analytics, and more.

A piano-themed email campaign targeting students and faculty at North American colleges and universities commits Advance Fee Fraud (AFF). According to Proofpoint, over 125,000 emails have been observed in this scam cluster this year. Fraudsters offer free pianos in deceptive emails and then direct respondents to a fake shipping company that demands payment before delivering the piano. The scammers accept Zelle, Cash App, PayPal, Apple Pay, and cryptocurrency. They also try to get victims' names, addresses, and phone numbers. This article continues to discuss the AFF email campaign.

Computer hardware manufacturer Cooler Master has recently suffered a data breach after a threat actor breached the company's website and claimed to steal the Fanzone member information of 500,000 customers.  Yesterday, a threat actor by the alias "Ghostr" contacted BleepingComputer and claimed to have stolen 103 GB of data from Cooler Master on May 18th, 2024.