Cyber Crime

Pierluigi Paganini January 22, 2024
Threat actors exploit Apache ActiveMQ flaw to deliver the Godzilla Web Shell

Researchers warn of a spike in attacks exploiting a now-patched flaw in Apache ActiveMQ to deliver the Godzilla web shell. Trustwave researchers observed a surge in attacks exploiting a now-patched flaw in Apache ActiveMQ, in many cases aimed at delivering a malicious code that borrows the code from the open-source web shell Godzilla. Threat actors conceal […]

Pierluigi Paganini January 22, 2024
Cybercriminals leaked massive volumes of stolen PII data from Thailand in Dark Web

Resecurity researchers warn of massive leak of stolen Thai personally identifiable information (PII) on the dark web by cybercriminals. Resecurity has detected a noticeable increase in data leaks from consumer-focused platforms in Thailand, confirming that threat actors are actively targeting the personal data of citizens now at the beginning of 2024. Thailand is swiftly becoming […]

Pierluigi Paganini January 21, 2024
LockBit ransomware gang claims the attack on the sandwich chain Subway

The LockBit ransomware gang claimed to have hacked Subway, the American multinational fast food restaurant franchise.  Subway IP LLC is an American multinational fast-food restaurant franchise that specializes in submarine sandwiches (subs), wraps, salads, and drinks. The Lockbit ransomware group added Subway to the list of victims on its Tor data leak site and threatened to leak […]

Pierluigi Paganini January 20, 2024
Admin of the BreachForums hacking forum sentenced to 20 years supervised release

Conor Brian Fitzpatrick, the admin of the BreachForums hacking forum, has been sentenced to 20 years supervised release. Conor Brian Fitzpatrick, the admin of the BreachForums hacking forum, was sentenced to 20 years of supervised release. In July, Conor Brian Fitzpatrick agreed to plead guilty to a three-count criminal information charging the defendant with conspiracy to […]

Pierluigi Paganini January 19, 2024
VF Corp December data breach impacts 35 million customers

American global apparel and footwear company VF Corp revealed that the December data breach impacted 35.5 million customers. VF Corporation is an American global apparel and footwear company that owns 13 brands. In 2015, the company controlled 55% of the U.S. backpack market with the JanSport, Dickies, Eastpak, Timberland, Smartwool, Vans, and The North Face brands. In December 2023, VF […]

Pierluigi Paganini January 19, 2024
Ransomware attacks break records in 2023: the number of victims rose by 128%

Ransomware groups claimed that they successfully targeted 4191 victims in 2023, Cybernews researchers report. According to the Ransomlooker tool, the number of ransomware attack victims increased by 128.17% compared to the previous year (2022), with 1837 additional incidents. Based on Ransomlooker, a free Cybernews tool for monitoring the dark web and other hidden areas of […]

Pierluigi Paganini January 17, 2024
FBI, CISA warn of AndroxGh0st botnet for victim identification and exploitation

U.S. CISA and the FBI warned of AndroxGh0st malware used to create a botnet for victim identification and exploitation in target networks. US CISA and the Federal Bureau of Investigation (FBI) released a joint Cybersecurity Advisory (CSA) to warn of AndroxGh0st malware. The malware is spreading to create a botnet for victim identification and exploitation in target networks. […]

Pierluigi Paganini January 15, 2024
Balada Injector continues to infect thousands of WordPress sites

Balada Injector malware infected more than 7100 WordPress sites using a vulnerable version of the Popup Builder plugin. In September, Sucuri researchers reported that more than 17,000 WordPress websites had been compromised in September with the Balada Injector. The researchers noticed that the number of Balada Injector infections has doubled compared with August 2023. The Balada […]

Pierluigi Paganini January 14, 2024
Mastermind behind 1.8 million cryptojacking scheme arrested in Ukraine

The National Police of Ukraine, with the support of Europol, arrested the alleged mastermind behind a sophisticated cryptojacking scheme. The National Police of Ukraine, with the support of Europol, arrested an individual in Mykolaiv, Ukraine, on 9 January. The man is suspected to be the mastermind behind a sophisticated cryptojacking scheme that generated over USD […]

Pierluigi Paganini January 13, 2024
Akira ransomware targets Finnish organizations

The Finish National Cybersecurity Center (NCSC-FI) warns of increased Akira ransomware attacks targeting NAS and tape backup devices of organizations in the country. The Finish National Cybersecurity Center (NCSC-FI) reported an increase in Akira ransomware attacks, targeting organizations in the country. Threat actors are wiping NAS and backup devices. Akira ransomware infections were first reported in Finland […]