"German Police Takes Down Kingdom Market Cybercrime Marketplace"

"German Police Takes Down Kingdom Market Cybercrime Marketplace"

The Federal Criminal Police Office in Germany and the Internet crime-combating unit of Frankfurt have announced the shutdown of a dark web marketplace called Kingdom Market that distributed cybercrime tools, fake government IDs, and more. Authorities from the US, Switzerland, Moldova, and Ukraine were also involved in the law enforcement operation against the marketplace. Kingdom Market was an English-speaking dark web marketplace that had been operating since March 2021.

Submitted by Gregory Rigby on

"Cyber-Incident Costs Surge 11% as Budgets Remain Muted"

"Cyber-Incident Costs Surge 11% as Budgets Remain Muted"

According to security researchers at S-RM, the average direct cost of a serious cybersecurity incident increased by 11% year-on-year to reach $1.7m in 2023. The researchers polled 600 C-suite and IT budget holders from US and UK organizations with revenues over $500m to produce their 2023 Cybersecurity Insights Report. The researchers found that the most common incident types were fraud, third-party compromise, and data exfiltration, although these varied by sector.

Submitted by Adam Ekwall on

"3,500 Arrested, $300 Million Seized in International Crackdown on Online Fraud"

"3,500 Arrested, $300 Million Seized in International Crackdown on Online Fraud"

Interpol recently announced that as part of an international effort to tackle online financial fraud, authorities in 34 countries have arrested approximately 3,500 suspects and seized roughly $300 million worth of assets.  The six-month operation, named HAECHI IV, targeted business email compromise (BEC), e-commerce fraud, investment fraud, voice phishing, and money laundering associated with illegal online gambling, romance scams, and online sextortion schemes.

Submitted by Adam Ekwall on

"A Study From IMDEA Software Researchers Reveals Hidden Fortunes and Surprising Overestimations in Cybercrime Revenue"

"A Study From IMDEA Software Researchers Reveals Hidden Fortunes and Surprising Overestimations in Cybercrime Revenue"

It was unclear how methodological limitations and incomplete data affected revenue estimates of cybercriminal groups using the Bitcoin blockchain. A new study by IMDEA Software Institute researchers calls into question existing estimates of cybercriminals' Bitcoin earnings. The study, titled "Cybercrime Bitcoin Revenue Estimations: Quantifying the Impact of Methodology and Coverage," delves into the full scale of the financial impact of cybercriminal activity.

Submitted by Gregory Rigby on

"Web Injections Are Back on the Rise: 40+ Banks Affected by New Malware Campaign"

"Web Injections Are Back on the Rise: 40+ Banks Affected by New Malware Campaign"

Web injections, a popular technique used by various banking trojans, remain a threat. Malicious injections allow cybercriminals to manipulate data exchanges between users and web browsers, potentially compromising sensitive data. IBM Security Trusteer researchers discovered a new malware campaign involving JavaScript web injections in March 2023. The campaign is widespread and evasive, with historical Indicators of Compromise (IOCs) suggesting a possible link to DanaBot.

Submitted by Gregory Rigby on

"Generative AI Making It Harder to Spot Fraudulent Emails"

"Generative AI Making It Harder to Spot Fraudulent Emails"

Cybercriminals are using generative Artificial Intelligence (AI) to evade email security solutions and deceive employees. According to Mike Britton, CISO of Abnormal Security, generative AI makes detecting email attacks more difficult. Prior to the AI's breakthrough, cybercriminals relied on formats or templates to create malicious campaigns. Many attacks shared common Indicators of Compromise (IOCs), making them detectable by traditional security software.

Submitted by Gregory Rigby on

"2023 Sees Surge in Mobile Banking Heists Targeting Global Financial Apps"

"2023 Sees Surge in Mobile Banking Heists Targeting Global Financial Apps"

According to a new report from the mobile security platform provider Zimperium, mobile banking heists increased in 2023, with researchers discovering 29 malware families that targeted 1,800 banking apps across 61 countries. The "2023 Mobile Banking Heists Report" explains how banking trojans have continued to grow and succeed due to their ability to persist, circumvent security, and evade detection on mobile devices. US banking institutions remain a favorite target of financially motivated threat actors, with 109 US banks targeted by banking malware in 2023.

Submitted by Gregory Rigby on

"Telecom Organizations in Africa Targeted by Iran-Linked Hackers"

"Telecom Organizations in Africa Targeted by Iran-Linked Hackers"

According to researchers, MuddyWater, a cyber espionage group linked to Iran's intelligence service has been targeting telecommunications companies in Egypt, Sudan, and Tanzania. Marc Elias, a threat intelligence analyst at Symantec, says this is likely the first time the MuddyWater group has targeted organizations in Africa. In previously reported attacks, the hackers were mainly interested in entities in the Middle East.

Submitted by Gregory Rigby on

"Smishing Triad Targets UAE Residents in Identity Theft Campaign"

"Smishing Triad Targets UAE Residents in Identity Theft Campaign"

Security researchers at Resecurity have recently observed a new fraudulent campaign orchestrated by the Smishing Triad gang and, impersonating the United Arab Emirates Federal Authority for Identity and Citizenship.  The researchers noted that the group is operating through malicious SMS messages that claim to be from the General Directorate of Residency and Foreign Affairs.  The campaign specifically targets UAE residents and foreigners in the country.

Submitted by Adam Ekwall on

"NSA Publishes 2023 Cybersecurity Year in Review"

"NSA Publishes 2023 Cybersecurity Year in Review"

The National Security Agency (NSA) has released its 2023 Cybersecurity Year in Review, covering its recent cybersecurity successes as well as how it is collaborating with partners to deliver on cybersecurity advances aimed at improving national security. This year's report delves into NSA's collaboration with US government partners, foreign partners, and the Defense Industrial Base (DIB).

Submitted by Gregory Rigby on
Subscribe to