Breached shutdown sparks migration to ARES data leak forums
A threat group called ARES is gaining notoriety on the cybercrime scene by selling and leaking databases stolen from corporations and public authorities. [...]
Theft in cybersecurity covers stolen data, credentials, devices, and funds, often creating risks of unauthorized access, fraud, and privacy loss.
Search across headline titles and summaries.
Background for this topic.
Unauthorized taking or copying of information, credentials, intellectual property, or digital assets is cyber theft. News under this tag may involve stolen passwords, payment data, personal information, source code, cloud tokens, cryptocurrency, or sensitive business files. Theft can result from phishing, malware, compromised accounts, insider access, exposed storage, or the loss of an unencrypted device; the relevant issue is the unauthorized acquisition or control of an asset, whether or not the attacker also alters systems.
Security teams should identify where valuable data and credentials are stored, restrict access by role, require strong authentication, encrypt data at rest and in transit, and monitor unusual downloads or transfers. Vulnerability management matters when flaws expose databases, endpoints, or cloud services to unauthorized retrieval. After suspected theft, preserving logs, revoking tokens and credentials, determining what was accessed or copied, and assessing privacy or notification obligations are central to containing the incident and measuring its impact.
A threat group called ARES is gaining notoriety on the cybercrime scene by selling and leaking databases stolen from corporations and public authorities. [...]
1.5TB of databases, source code, BIOS tools said to be stolen Owners of MSI-brand motherboards, GPUs, notebooks, PCs, and other equipment should exercise caution when updating their device's firmware or BIOS after the manufacturer revealed it has recently suffered a cyberattack.…
Your family's SUV could be gone in the night thanks to a headlight crack and hack attack.
A new malware strain called Rilide has been targeting Chromium-based web browsers like Google Chrome, Brave, Opera, and Microsoft Edge, to monitor user browsing history, snap screenshots, and inject scripts that can steal cryptocurrency. [...]
Taiwanese PC parts maker MSI (Micro-Star International) has been listed on the extortion portal of a new ransomware gang known as "Money Message," which claims to have stolen source code from the company's network. [...]
It starts with a headlamp and fake smart speaker, and ends in an injection attack and a vanished motor Automotive security experts say they have uncovered a method of car theft relying on direct access to the vehicle's system bus via a smart headlamp's wiring.…
A coordinated international law enforcement operation has dismantled Genesis Market, an illegal online marketplace that specialized in the sale of stolen credentials associated with email, bank accounts, and social media platforms
Luxury cars and designer duds don't seem very prince of thieves Spanish cops have arrested a 19-year-old suspected of stealing records belonging to half a million taxpayers and developing a database to sell stolen information to other cyber criminals.…
Feds managed to image entire backend server with full details The FBI today released additional information about its takedown of the Genesis Market, a major online shop for stolen account access credentials, revealing that they'd pwned the marketplace for at least two years.…
A new dark web marketplace called STYX launched earlier this year and appears to be on its way to becoming a thriving hub for buying and selling illegal services or stolen data. [...]
The developers of the Typhon info-stealer announced on a dark web forum that they have updated the malware to a major version they advertise as 'Typhon Reborn V2' [...]
The homepage of a widely used Dark Web forum for stolen cookies and other compromised data has been replaced by a seizure notice by the US federal law enforcement agency.
Portuguese users are being targeted by a new malware codenamed CryptoClippy that's capable of stealing cryptocurrency as part of a malvertising campaign
Biometric authentication is often thought of as nearly impossible to steal or fake. Not only are there ways around biometric authentication, but not all biometric methods are created equal. [...]
Cybercrime marketplace facilitated trade in stolen credentials
The threat actor behind the information-stealing malware known as Typhon Reborn has resurfaced with an updated version (V2) that packs in improved capabilities to evade detection and resist analysis
Operation Cookie Monster crumbles stolen data-as-a-service vendor A notorious source of stolen credentials, genesis.market, has had its web site seized by the United States Federal Bureau of Investigations.…
But nothing a keen beginner couldn't do, anyway A Forcepoint staffer has blogged about how he used ChatGPT to craft some code that exfiltrates data from an infected machine. At first, it sounds bad, but in reality, it's nothing an intermediate or keen beginner programmer couldn't whack together themselves anyway.…
Several domain names tied to Genesis Market, a bustling cybercrime store that sold access to passwords and other data stolen from millions of computers infected with malicious software, were seized by the Federal Bureau of Investigation (FBI) today. Sources tell KrebsOnsecurity the domain seizures coincided with "dozens" of arrests in the United States and abroad targeting those who allegedly operated the service, as well as suppliers who continuously fed Genesis Market with freshly-stolen data.
The domains for Genesis Market, one of the most popular marketplaces for stolen credentials of all types, were seized by law enforcement earlier this week as part of Operation Cookie Monster. [...]