The Scattered Lapsus$ Hunters gang, which says it has stolen data from the Salesforce instances of dozens of international companies in recent months, upped its extortion game today by listing their names on a new data leak site. The list of alleged victims includes Salesforce itself, from which the gang claims it has captured about 1 billion records. Others included Toyota Motor Corp., FedEx, Disney/Hulu, UPS, Home Depot, hotel chain owner Marriott, car manufacturer Stellantis, US retailer...| Cl0p nutzt Schwachstelle bei Oracle aus | CSO Online
How attackers abuse Milesight cellular router APIs to run smishing at scale via unauthenticated SMS endpoints—targeting Belgium (CSAM/eBox).| Sekoia.io Blog
Shiny Hunters/Scattered spider have published a leaked download site (DLS)/extortion site etc.| PwnDefend
INTERPOL has announced the arrest of 260 suspects and the seizure of 1,235 electronic devices in a coordinated international operation... Source| CIO Africa
The open-source software company said exposure is limited to consulting engagements, adding that it hasn’t found evidence of personal or sensitive data theft. The post Red Hat confirms breach of GitLab instance, which stored company’s consulting data appeared first on CyberScoop.| CyberScoop
The emails, which are littered with broken English, aim to instill fear, apply pressure, threaten public exposure and seek negotiation for a ransom payment. The post Here is the email Clop attackers sent to Oracle customers appeared first on CyberScoop.| CyberScoop
Researchers tell CyberScoop that notorious ransomware group Clop may be behind the email barrage. The post Oracle customers being bombarded with emails claiming widespread data theft appeared first on CyberScoop.| CyberScoop
Japanese brewing giant Asahi Group Holdings announced that its operations in the country have been disrupted by a cyberattack.| SecurityWeek
On the Radar: US Designates Barrio 18 a Terrorist Group This week, we analyze whether the new US terrorist designation for the Barrio 18 gang is political or practical, another prison riot in Ecuador, and how AI is helping organized crime in Mexico. The post On the Radar: US Designates Barrio 18 a Terrorist Group appeared first on InSight Crime.| InSight Crime
Ghost Riders and Deepfake Doctors: Inside Brazil’s AI-Driven Crime Surge Brazil’s criminal groups are weaponizing artificial intelligence (AI) to drive high-tech financial fraud, exploiting gaps in a fast-growing digital ecosystem as banks, legislators, and police scramble to keep up. InSight Crime highlights three recent cases that show how Brazil’s widespread connectivity and AI tools enable cybercriminals to run increasingly sophisticated and lucrative operations. The post Ghost Rid...| InSight Crime
The market leading smartphone operating systems, Android and iOS, allow users to install apps through official pre-installed markets. Android also supports app installation from third-party sources, known as sideloading. Sideloading fosters competition and enables open source app markets. However, it also enables the proliferation of markets distributing pirated and modded apps: apps whose features and functionality have been altered by a third-party. Modded apps typically claim to offer user...| Light Blue Touchpaper
Cybersecurity professionals horrified as threat actors publish pictures of innocent children and families' "sensitive" data.| Machine
AI improves phishing defense by spotting unusual behaviors and subtle threats early, helping security teams respond faster.| Help Net Security
Children have been told for decades not to trust everything they see on a screen; adults today, farmers included, should remember that lesson in their newly online worlds. The post Guarding against misinformation: Do you believe in house hippos? appeared first on Manitoba Co-operator.| Manitoba Co-operatorOp/Ed & Farming Articles - Manitoba Co-operator
75% of external relationships that enabled third-party breaches involved software or other technology products and services.| Help Net Security
Fraudsters behind €460 million crypto scam arrested in Spain| Help Net Security
Disaster was averted after widely used open-source packages were compromised via social engineering.| CyberScoop
In December 2022, we first blogged about a law enforcement takedown of DDoS-for-hire services (often known as “booters”), sharing details about their changing landscape shortly after the initial seizures. Now that we have more data covering a longer period post-takedown, we can form a clearer picture of the impact.| Light Blue Touchpaper
"There is no evidence any customer data has been stolen but our retail and production activities have been severely disrupted."| Machine
–Arnav Kaman & Gauri Sidana Introduction Before the start of the Paris AI summit, President Macron shared a video with deepfake AI generated versions of himself in popular movies and TV shows. An ill attempt at humour by the president wanting to bring attention back on to himself. One cannot help but feel the video … Continue reading Criminalising Deepfake NCII: A Swift and Just Sword| The Criminal Law Blog
– Adeeba Hasan, Asad Naushad Khan ABSTRACT The intersection of warfare and legislation poses significant challenges in balancing national security with legal and ethical standards. Section 125 of the Indian Penal Code (IPC), which criminalizes waging war against an Asiatic power allied with or at peace with India, epitomizes this complexity. Rooted in colonial-era concerns, … Continue reading WARFARE AND LEGISLATION: IPC SECTION 125’S STANCE ON ASIATIC POWER CONFLICTS| The Criminal Law Blog
~By Parth Kantak INTRODUCTION This piece deals with the issue of bail in the cases of the cyber-crimes given in the Information Technology (IT) Act, 2000. It has been a relatively muted issue however a really pertinent one due to the impact that it has on the investigation of cyber-crimes, which is an extremely crucial stage … Continue reading Bail in Cases of Cyber-Crimes under the Information Technology Act, 2000: A Critical Re-Evaluation of the Penal Framework.| The Criminal Law Blog
The Dutch Data Protection Authority (Autoriteit Persoonsgegevens) (Dutch DPA) recently published a report on personal data breaches, which provides valuable insights into the Dutch DPA’s views on incident response. It also contains some helpful statistics. Increase in follow-up action by the Dutch DPA It is clear from the report that the Dutch DPA is still... Continue Reading| Data Protection Report
A woman who defrauded Eskom in 2020 has been handed a serious, if not confusing sentence by a criminal court in Middelburg.| Hypertext
ScamAgent study reveals how AI agents simulate scam calls, bypass safety guardrails, adapt across conversations, exploit text-to-speech.| Help Net Security
85% of phishing emails utilized malicious links in the content of the email, and spam emails increased by 30% from Q1 to Q2 2023.| Help Net Security
In its latest security alert, the team behind Drupal reported finding a set of severe vulnerabilities in a third-party library.... The post <strong>High-Risk Vulnerability in Third-Party Service Allows Take Control of Drupal Websites</strong> appeared first on IICS.| IICS
An investigation uncovers India’s black market for bank accounts, exposing systemic lapses exploited by cybercriminals for scams.| CySecurity News - Latest Information Security and Hacking Incidents
Investigators find that crooks offer consumer-style hack'n'mix bundles that package access with privilege or other treats.| Machine
A report indicates that more than 8% of borrowers will be using these financing structures by 2025.| CySecurity News - Latest Information Security and Hacking Incidents
CyberheistNews Vol 15 #32 How Hackers Exploit Microsoft Teams in Social Engineering Attacks| blog.knowbe4.com
Cybersecurity incidents nearly tripled in the first half of 2025, jumping from 6% in the second half of 2024 to 17% in 2025, according to a new report....| blog.knowbe4.com
ClickFix attacks have been around for decades; only the name is new.| blog.knowbe4.com
Researchers have witnessed an increase in ransomware attacks occurring when criminals know IT staff won’t be around, mostly night time.| Help Net Security
Major regional and global events – such as military exercises, political or economic summits, and elections – drove cyber threat activities.| Help Net Security
In 2023, malicious email threats bypassing secure email gateways (SEGs) increased by more than 100%, according to Cofense.| Help Net Security
There has been a 44% increase in organized ID fraud in North America. This upsurge is believed to be driven by the ongoing economic recovery.| Help Net Security
AI advancements give malicious groups access to tools that will allow them to create more elaborate social engineering attacks in the future.| Help Net Security
Infostealer malware remains widely available to buy through underground forums, while Russian Market remains the top seller.| Help Net Security
Across all BEC attacks seen over the past year, 57% relied on language as the main attack vector to get BEC attacks in front of employees.| Help Net Security
With growing AI app usage, employees are more likely to expose sensitive data like credentials or personal information.| Help Net Security
In this article, you will find excerpts from various reports that offer statistics and insights about the current phishing landscape.| Help Net Security
Businesses reported a growth in synthetic identity fraud, while biometric spoofs and counterfeit ID fraud attempts also increased.| Help Net Security
There has been an increase in the volume of DDoS attacks over the last two years, and in H1 of 2023, we see a capacity of about 800 Gbps.| Help Net Security
The ransomware activity in Q1 of 2024 continues the substantial growth pattern that we saw develop over the course of 2023.| Help Net Security
Russian Dmitry Khoroshev is "LockBitSupp", the creator, developer and administator of the infamous LockBit ransomware group.| Help Net Security
The increase in reported ransomware victims across Q1 2023 reflects the continued prevalence of ransomware as a worldwide threat.| Help Net Security
Companies using Google Workspace experienced a 25% risk reduction for FTF or BEC claims and a 10% risk reduction for ransomware claims.| Help Net Security
Lawbreaking language models lower the barrier of entry for unskilled crooks and make it frighteningly easy to launch crime campaigns.| Machine
Safepay gang says 3.5TB of oh, dearstolen data will be released if Ingram doesn't capitulate.| CSO Online
Avast has released a free decryptor for the AI-powered FunkSec ransomware, allowing victims to recover files after the notorious group was declared defunct.| WinBuzzer
A total of 17,954 open source malware packages identified in Q1 2025, according to Sonatype's Open Source Malware Index.| Help Net Security
49% of security professionals say their company leaders possess a high level of understanding for exposure management.| Help Net Security
Ransomware attacks are disrupting and undermining business operations and draining revenue streams, according to Illumio.| Help Net Security
US charges Rostislav Panev, 51, a dual Russian and Israeli national, for being a developer for the LockBit ransomware group.| Help Net Security
From defending against phishing to safeguarding personal apps and managing GenAI, data security is no longer just a perimeter defense.| Help Net Security
The incoming government hands over the Federal Ministry of the Interior to the Conservatives. The coalition agreement proclaims a ‘turning point’ in internal security. Stricter surveillance measures and laws are planned. With the new coalition agreement published on Wednesday, the German Social Democrats will lose the Federal Ministry of the Interior – it will once […] Der Beitrag Grand control coalition: German conservatives and social democrats call for ‘zero tolerance’ on inter...| Matthias Monroy
Russians and North Koreans contributed to the scheme to provide illegal remote IT workers to US companies to fund the North Korean regime.| CSO Online
An improved version of the Darcula PhaaS platform will allow malicious users to create customized phishing kits to target any brand.| Help Net Security
The UK Parliament’s Intelligence & Security Committee found “Russia has sought to employ organised crime groups to supplement its cyber skills” This is pivotal, as it makes attribution much, much harder. Using crime groups, or just co-opting their tools and software, makes it easier for states such as Russia to hide their cyber activities. It’s…| Geoff White
It could well be coronavirus is hurting cybercrime as much as it's helping it.| Geoff White
The Cambridge Cybercrime Centre‘s eight one day conference on cybercrime was held on Monday, 23rd June 2025, which marked 10 years of the Centre.| Light Blue Touchpaper
TL;DR In 2025, UK cyber attacks have intensified dramatically and we have seen a wave of high-profile cyber attacks in the UK. From M&S and Co-op to platforms like Mailchimp and HubSpot, major businesses have been hit by phishing, supply chain compromise, and social engineering. This article outlines the top incidents so far, how attackers ... The post Major Cyber Attacks on UK Businesses in 2025 (So Far) appeared first on Dial A Geek.| Dial A Geek
Three insurance companies have publicly disclosed cyberattacks in the past week. Scattered Spider, an amorphous band of cybercriminals, has been actively targeting the sector.| CyberScoop
A pair of AI tools advertised on hacking forums were developed using commercial AI models from xAI and Mistral, according to Cato Networks.| CyberScoop
Multiple U.S.-based companies in the insurance sector have already been hit over the past week and a half, according to Mandiant.| CyberScoop
Cryptocurrency theme is a Klondike for various scammers. Here is how to stay away from the possibility of being robbed.| Gridinsoft Blogs
Device identification protects your enterprise platform’s revenue and ensures a great user experience for legitimate customers. Learn how!| Arkose Labs
This report explores current trends in the AitM phishing landscape and the prevalence of leading kits. La publication suivante Global analysis of Adversary-in-the-Middle phishing threats est un article de Sekoia.io Blog.| Sekoia.io Blog
© 2025 Peter N. M. Hansteen| That grumpy BSD guy
© 2025 Peter N. M. Hansteen| That grumpy BSD guy
If you are are a victim of unauthorised mailbox access and/or attempted fraud via mailbox compromise (BEC) then you know … Continue reading Business Email Compromise: Impact Assessment| PwnDefend
Chinese hackers used the CoGUI phishing kit to send over 580 million scam emails to Japanese users in early 2025, impersonating brands like Amazon and PayPal.| eSecurity Planet
Ok with my AI companion GROK I’ve gone exploring on the differences between Japan’s new cyber laws and the UK! … Continue reading Japan goes on the Cyber Offensive| PwnDefend
Ransomware remains a concerning cybersecurity threat, with attacks becoming more frequent, severe, and costly.| Help Net Security
Consumers are concerned about the risks associated with GenAI and deepfakes, including the potential for online fraud or identity theft.| Help Net Security
As the political landscape heats up during a polarizing election year, so do concerns about deepfake technology.| Help Net Security
While employees have long been trained to avoid clicking on suspicious links, QR codes are an emerging and lesser-known malicious tactic.| Help Net Security
Consumers ranked identity theft (84%) and stolen credit cardinformation (80%) as their top online security concerns.| Help Net Security
2023 saw a surge in the duration of DDoS attacks, and in the first half of 2024, it’s clear that surge has become the new normal.| Help Net Security
A cyberpunk-styled visualization of the Scattered Spider attack flow, defensive countermeasures, and an interactive checklist with activity log, designed for WordPress compatibility.| PwnDefend
Currently there appears to be a relatively significant cyber security incident at Marks and Spencer. So I thought I would give a demo of using AI (LLM, GROK) to create a timeline:| PwnDefend
When a suspected email mailbox compromise is reported, initiating an investigation promptly is critical. However, to ensure the investigation is effective, certain minimum intelligence requirements must be met. This blog outlines the bare minimum data needed to start investigating a suspected email mailbox compromise, whether the intelligence comes from an internal team or a third-party source.| PwnDefend
Lampion malware distributors are now using the social engineering method ClickFix. Read our analysis of a recent campaign. Lampion malware distributors are now using the social engineering method ClickFix. Read our analysis of a recent campaign.| Unit 42
Cybercrime is on the rise in Georgia and around the country.| The Georgia Sun
During our daily tracking and analysis routine at Sekoia TDR team (Threat Detection & Research), we have been monitoring an attacker infrastructure internally called “Cloudflare tunnel infrastructure to deliver multiple RATs”. This infrastructure is used by several actors to host malicious files and deliver remote access trojans (RAT). Several security vendors (Forcepoint, Fortinet, Orange, Proofpoint) […] La publication suivante Detecting Multi-Stage Infection Chains Madness est un...| Sekoia.io Blog
ClearFake spreads malware via compromised websites, using fake CAPTCHAs, JavaScript injections, and drive-by downloads.| Sekoia.io Blog
Сybercrime has been growing, and hackers are invading your systems and networks to steal data, install malware, and more. So why do these individuals commit attacks in cyberspace? The way to gain a better understanding of the mindset of different types of hackers is to be able to better protect your| Retail Technology Innovation Hub
Matthijs van Amelsfort is directeur van het NCSC. Ruimte geven aan vakmensen kenmerkt zijn leiderschapsstijl. “Houd het oog op de bal en vooral op het team.”| Digitale Overheid
Delve into Finance-related cyber threats in 2024. Our report highlights major actors and tactics impacting the financial sector.| Sekoia.io Blog
© 2025 Peter N. M. Hansteen| That grumpy BSD guy
A commendable attack data dump, lightly analyzed.| That grumpy BSD guy
Natalia here speaks to our imaginary friend 185.150.184.92| That grumpy BSD guy
Discover the challenges of ClickFix12 and the newly identified I2PRAT. Uncover the advanced techniques employed by this multi-stage RAT.| Sekoia.io Blog
Threat actors continue to probe the payments ecosystem for vulnerabilities and were successful in conducting fraud schemes.| Help Net Security
The threat of deepfakes lies not in the technology itself, but in people's natural tendency to trust what they see.| Help Net Security
As the cost of cybercrime rises and threats become more complex and widespread, they impact organizations of all sizes.| Help Net Security
Vade has released a report on a recently discovered phishing attack that involves the spoofing of the Microsoft 365 authentication system.| Hackread - Latest Cybersecurity, Hacking News, Tech, AI & Crypto
In this blog post, learn about the supply chain attack targeting Chrome browser extensions and the associated targeted phishing campaign.| Sekoia.io Blog