cybercrime
Python packages with malicious code expose secret AWS credentials
Sonatype researchers have discovered Python packages that contain malicious code that peek into and expose secret AWS credentials, network interface information, and …
How phishing attacks are becoming more sophisticated
The latest APWG’s Phishing Activity Trends Report reveals that in the first quarter of 2022 there were 1,025,968 total phishing attacks—the worst quarter for phishing observed …
Cybercriminals use Azure Front Door in phishing attacks
Resecurity, Inc. (USA) has identified a spike in phishing content delivered via Azure Front Door (AFD), a cloud CDN service provided by Microsoft. The identified resources in …
What stolen info can be bought off the dark web, and for how much?
Privacy Affairs researchers concluded criminals using the dark web can get a complete set of a person’s account details, enabling them to create fake IDs and forge private …
Conti effectively created an extortion-oriented IT company, says Group-IB
In slightly more than a month, the Conti ransomware collective compromised more than 40 companies worldwide, and the fastest attack took only three days, Group-IB’s noted in …
Automotive hose manufacturer hit by ransomware, shuts down production control system
A US subsidiary of Nichirin Co., a Japan-based company manufacturing and selling automotive hoses and hose parts, has been hit with ransomware, which resulted in the shut down …
Inside a large-scale phishing campaign targeting millions of Facebook users
In this video for Help Net Security, Nick Ascoli, VP of Threat Research, PIXM, discusses a massive phishing campaign has successfully stolen an estimated five million Facebook …
Attack methods using hybrid bots enable criminals to open mule accounts at scale
During the first half of 2022, BioCatch data reveals that money mule accounts represent up to 0.3 percent of accounts held by financial institutions, and an estimated $3 …
The price of stolen info: Everything on sale on the dark web
What is the price for personal information, including credit cards and bank accounts, on the dark web? Privacy Affairs researchers concluded criminals using the dark web need …
After being breached once, many companies are likely to be hit again
Cymulate announced the results of a survey, revealing that two-thirds of companies who have been hit by cybercrime in the past year have been hit more than once, with almost …
Intruder dwell time jumps 36%
Sophos released the Active Adversary Playbook 2022, detailing attacker behaviors that Sophos’ Rapid Response team saw in the wild in 2021. The findings show a 36% increase in …
Scams account for most of all financially motivated cybercrime
The scam industry is becoming more structured and involves more and more parties divided into hierarchical groups, according to Group-IB. The number of such groups jumped to a …
Featured news
Resources
Don't miss
- Quantifying cyber risk strategies to resonate with CFOs and boards
- Top 5 threats keeping CISOs up at night in 2025
- CISOs, are your medical devices secure? Attackers are watching closely
- Cybersecurity classics: 10 books that shaped the industry
- NIST selects HQC as backup algorithm for post-quantum encryption