Kinsing Cyberattackers Debut 'Looney Tunables' Cloud Exploits
Admins need to patch immediately, as the prolific cybercrime group pivots from cryptomining to going after cloud secrets and credentials.
Cybercrime includes illegal digital activity such as hacking, fraud, and extortion, posing risks to data, systems, finances, and public safety.
Search across headline titles and summaries.
Background for this topic.
Cybercrime involves illegal activities conducted using computers or networks, such as hacking, identity theft, financial fraud, and distribution of malware. These crimes exploit vulnerabilities in software, hardware, or human behavior to gain unauthorized access, steal data, or disrupt services. Understanding the methods and motives behind cybercrime is essential for identifying relevant threats and attack vectors.
For security practitioners, cybercrime highlights the importance of protecting critical systems against exploitation through strong access controls, timely patching of vulnerabilities, and user awareness training to prevent social engineering attacks. Monitoring for indicators of compromise and analyzing threat intelligence related to cybercriminal tactics can improve detection and mitigation efforts. Effective defense requires a focus on both technical safeguards and operational readiness to respond to evolving criminal techniques.
Admins need to patch immediately, as the prolific cybercrime group pivots from cryptomining to going after cloud secrets and credentials.
Last week, KrebsOnSecurity broke the news that one of the largest cybercrime services for laundering stolen merchandise was hacked recently, exposing its internal operations, finances and organizational structure. In today's Part II, we'll examine clues about the real-life identity left behind by "Fearless," the nickname chosen by the proprietor of the SWAT USA Drops service.
A new dropper-as-a-service (DaaS) named 'SecuriDropper' has emerged, using a method that bypasses Android 13's 'Restricted Settings' to install malware on devices and grant them access to the Accessibility Services. [...]
The U.S. Department of the Treasury imposed sanctions against a Russian woman for taking part in the laundering of virtual currency for the country's elites and cybercriminal crews, including the Ryuk ransomware group