A new malware loader has been discovered by security researchers that is being used as part of the infection chain for the Aurora information stealer. The loader is successful at avoiding detection by security solutions due to its anti-virtual-machine (VM) and unusual compilation techniques. The Aurora infostealer is a modular malware-as-a-service platform that can be used as a downloader to deploy additional payloads as well as...
Read More
An international law enforcement operation has taken down Genesis Market, a notorious illegal online marketplace that traded in stolen credentials such as email, bank account, and social media platform information. The operation, codenamed Operation Cookie Monster, involved 17 countries and resulted in 119 arrests and 208 property searches across 13 nations. Since its inception in March 2018, Genesis Market has become a major hub for criminal...
Read More
Conor Brian Fitzpatrick, a 20-year-old man and founder of the now-defunct BreachForums, has been charged with conspiracy to commit access device fraud in the United States. Fitzpatrick, who went by the online name "pompompurin," may face up to five years in prison if found guilty. He was arrested on March 15, 2023. The charges come after an investigation by the Department of Justice (DoJ) led to...
Read More
Cybercriminals are increasingly turning to stolen credentials as a valuable commodity on the underground market. According to a report by cybersecurity firm Flashpoint, last year saw 4,518 data breaches reported, with attackers stealing or exposing 22.62 billion credentials and personal records. Over 60% of these were stolen from organizations in the information sector. Flashpoint's database of threat intelligence includes 575 million posts on illegal forums, 3.6...
Read More
Cybersecurity is a major concern for businesses around the globe, with the projected cost of cybercrime in 2023 set to reach $8 Trillion. As a result, organizations are investing more and more on cybersecurity each year, with global spending on security and risk management expected to increase by 11% in 2023 to $188 Billion. Despite this, cyber attacks have become increasingly common and more severe. This...
Read More
Piracy in the media and entertainment industry has been around well before we saw it comically featured on Seinfeld in 1996. But with the introduction of streaming video, piracy is now a multi-layered problem. The latest wrinkle? Fragmentation of the video streaming industry. Fed up with subscribing to multiple streaming services and still not being able to view what they want, viewers are more willing...
Read More
Threat actors exhibited "ceaseless creativity" last year when attacking the Achilles heel of every organization—its human capital—according to Proofpoint's annual The Human Factor 2022 report. The report, released June 2, draws on a multi-trillion datapoint graph created from the company's deployments to identify the latest attack trends by malicious players. "Last year, attackers demonstrated just how unscrupulous they really are, making protecting people from cyber threats...
Read More
A gang of cybercriminals known for breaking into computer systems and selling access to them has been discovered exploiting an Apache Log4j vulnerability, Log4Shell, in unpatched VMware Horizon to plant cryptominers and backdoors on targeted systems. In a blog published Wednesday, Blackberry' researchers Ryan Gibson, Codi Starks and Will Ikard revealed that Prophet Spider was behind the attacks, which could be reliably detected by monitoring ws_TomcatService.exe,...
Read More