November 30, 2025

Dark Light

Search

AI cybercrime deepfake News

0

27

Cybercriminals ramp up AI-driven deepfake scams

Cyber toolkits for threat actors are now harnessing the latest deepfake technology and artificial intelligence (AI) for targeted email attacks, known as ‘spear-phishing.’ According to cloud cybersecurity firm Egress, a staggering 82 percent of phishing toolkits mentioned deepfakes, and 75 percent referenced AI.

The growing threat presented by the use of deepfakes by cybercriminals was highlighted earlier this year at InfoSecurity Europe in London. Widely available toolkits now enable even relatively unskilled hackers to create highly convincing video and audio clips of chief executives (CEOs) and other senior staff members in any specific organization. All the threat actor needs is a short video clip of the person they wish to impersonate. This can easily be copied from a corporate seminar or from a video podcast.

cybercrime News Supply Chain

0

17

Cybercrime gets physical

Cyber-physical systems (CPS), such as operational technology (OT), the Internet of Things (IoT), building management systems (BMS) and connected media devices have now become a prime target for ransomware attacks.

According to security firm, Claroty, cyber-physical attacks are now placing significant financial strain across organizations in several key sectors. Almost half of the respondents, 45 percent, to an independent survey commissioned by Claroty report financial losses of $500,000 or more over the last 12 months from cyber-attacks affecting CPS. Over a quarter, 27 percent, report losses of $1 million or more.

“The most financially impacted sectors are chemical manufacturing, power and energy, and mining and materials, with 54-55 percent of respondents in each sector reporting more than $500,000 in losses from incidents in the last 12 months,” says the report, The Global State of CPS Security 2024.

Cyber Budget News Workforce Cyber

0

11

Companies worldwide continue to sideline CISOs

Organizations worldwide are continuing to put cybersecurity on the back burner, with only two percent having implemented cyber-resilience in all areas surveyed, says business consulting giant PwC.

According to the latest PwC report, Bridging the gaps to cyber resilience: The C-suite playbook: “Fewer than half of the executives say their CISOs are involved to a large extent in strategic planning, board reporting, and overseeing tech deployments.”

C-suite executives and their CEOs are currently paying growing lip-service to cybersecurity in an effort ensure their compliance with the growing body of cyber legislation on both sides of the Atlantic. But, according to PwC, only 15 percent are actually measuring the potential financial impact of cyber risks to a significant extent.

Aerospace Cybersecurity Executives Expert Opinions

0

22

Security threat from the skies

Martin Broomhead AFC MRAeS, UK managing director of multinational drone security company D-Fend Solutions, gave an exclusive interview to Cyber Intelligence from the showground floor in London’s Olympia conference centre. He outlines the increasingly blurred line between physical security and cybersecurity, the main theme of this year’s International Cyber Expo, which combined with this year’s International Security Expo on the Olympia showground.

Cybersecurity Executives Expert Opinions Israel Conflict

0

12

Israel’s cyber sector weathers the war

In an exclusive interview with Cyber Intelligence, Irina Tsukerman outlines the ongoing impact that the ongoing Israel/Hamas conflict is having not only on cybersecurity in the region, but on the global sector as a whole.

Irina Tsukerman is a US national security lawyer with a background in cybersecurity policy, a member of the American Bar Association’s Science and Technology Section, a geopolitical analyst, and President of Scarab Rising, Inc., and a security and geopolitical risk strategic advisor.

Breaking News Geopolitics News

0

14

German Intelligence warns of Russian cyber-attacks

The cyber cold war just became a little warmer, with German Intelligence now publicly crying foul on Monday at Russia for online attacks stretching back to 2020.

Germany’s Bundesverfassungsschutz has issued a strong warning against a cyber group belonging to Russian military intelligence (GRU) Unit 29155, which was linked to the 2018 poisonings of a former Russian double agent and his daughter in the UK, claiming that the unit has also been active in carrying out cyberattacks against NATO and EU countries.

Breaking News News Surveillance

0

16

Brussels backs down on mass surveillance

The European Union (EU) Council has made a last-minute withdrawal of the EU’s highly controversial planned “Chat Control” legislation, which was due to vote yesterday. This would have effectively introduced mass digital surveillance by means of fully automated real-time monitoring of all messaging and chats.

The EU would appear to finally have heeded the harsh warnings that have been coming from the cybersecurity and communication sectors since the controversial ruling was first proposed in 2022. For the six months prior to Thursday’s decision, the EU Belgian Council presidency has been sitting on a deadlock between EU countries. Germany and Poland have heeded privacy experts’ warnings of a potential police state. But Ireland and Spain are pressing for draconian new online laws to fight a rise in online child sexual abuse material that has grown since the start of Europe’s widespread lockdowns two and a half years ago.

Cyber Espionage cybercrime News

0

14

“Voldemort” impersonates tax authorities worldwide

A threat actor named “Voldemort” is impersonating tax authorities from governments in Europe, Asia, and the US – targeting dozens of organizations worldwide. Cybersecurity company Proofpoint believes “with moderate confidence” that Voldemort’s ultimate goal is cyber-espionage.

Since August 5 this year, Voldemort, named after the main villain in J. K. Rowling’s Harry Potter children’s books, has sent over 20,000 messages purported to be from various tax authorities to over 70 organizations around the world. The threat actor poses as the US Internal Revenue Services, the UK’s HM Revenue & Customs, France’s Direction Générale des Finances Publiques, Germany’s Bundeszentralamt für Steuern, Italy’s Agenzia delle Entrate, India‘s Income Tax Department and Japan’s National Tax Agency.

Arrest Cyber Espionage News

0

12

Ex-IT worker arrested for ransomware attack

The US New Jersey District Court has arrested a man accused of conducting a ransomware attack on a former employer, highlighting the growing “insider threat” organizations increasingly face from disgruntled or former employees.

It is alleged that Daniel Rhyne, 57, described in court documents as “a core infrastructure engineer,” is alleged to have conducted a $750, 000 ransomware attack on a New Jersey-based industrial company. The as-yet-unidentified organization provides services to various industries, including aquaculture, biopharmaceuticals, chemistry, electronics, food and beverage, healthcare, hydrogen mobility, manufacturing and industrial processing, metals, oil and gas, and pulp and paper companies.

Arrest Breaking News News

0

23

Telegram chief’s arrest ignites global cyber-war

In the wake of Telegram owner and founder Pavel Durov’s shock arrest in Paris on Saturday, the French state is being hit by a growing wave of cyber-attacks designed to cause maximum embarrassment to beleaguered French president Emmanuel Macron. Durov was released from police custody in France on Wednesday and has been transferred to court for questioning ahead of a possible indictment that could result in a long prison sentence.

A post on X by SaxX, reportedly the nom de Twitter of cybersecurity consultant Clément Domingo, listed 10 websites in France that bore the brunt of the first wave of cyber-attacks orchestrated by a new online hacktivist group, #opDurov.

Breaking News Government News

0

18

The EU bares its teeth – again

The EU has bared its cyber teeth for the second time in a week. Hard on the heels of the arrest of Telegram founder and owner, Pavel Kurov, Uber has been slapped with a $290 million fine for allegedly violating the European Union (EU)’s General Data Protection Regulation (GDPR) by failing to protect personal data of European taxi drivers held on servers located in the US.

The Dutch Data Protection Authority (DPA) enforced the regulation by imposing a fine on Uber, which transmitted European drivers’ personal data to the US, including drivers’ account details, taxi licenses, location data, photos, payment details, identity documents and, in some cases, even criminal records and medical data.

Banking Threats Cybersecurity Executives Expert Opinions

0

13

Banks swamped by fake account scams

In an exclusive interview with Cyber Intelligence, Andy Sheldon, North American VP of US-based ID fraud specialist Deduce reveals how banks are now struggling to combat armies of fake account holders currently being generated by artificial intelligence (AI).

Geopolitics Government News

0

15

America’s enemies strive to sway the US presidential election

Nations hostile to America, primarily Russia and China, are currently doubling down on their efforts to influence the outcome of the upcoming US elections. So far, their efforts appear to be directed at preventing Donald Trump from winning a second term as president, possibly fearing a Republican victory could herald the US taking a tougher stance on international affairs.

According to an extensive nine-page Microsoft threat intelligence report: “Foreign malign influence concerning the 2024 US election started off slowly but has steadily picked up pace over the last six months due initially to Russian operations, but more recently from Iranian activity.”

Geopolitics News Russia

0

22

The West braces for massive Russian cyber offensive

Russia is believed to be planning widespread cyber-attacks on the West in part retaliation for Ukraine’s cyber-attack, which recently crippled Russia’s financial services.

“In retaliation to NATO support for Ukraine, cyberwarfare coinciding with the ongoing Russia-Ukraine conflict will likely include focused state-level attacks against Western critical and military sectors launched by Moscow’s hacker groups,” says Craig Watt, a consultant specializing in strategic and geopolitical intelligence at cybersecurity firm Quorum Cyber.

cybercrime News Vulnerability

0

21

Sharp rise in blindside cyber-attacks

More than one in five cybersecurity professionals report having had a cyber hit requiring immediate attention despite having threat-based detection and response security measures in place. According to a survey conducted by cybersecurity firm Criticalstart, 2024 Cyber Risk Landscape Peer Report, 2023’s figure of 83 percent represents a 21 percent increase from 2023.

Criticalstart also reports a sharp rise in the cost of data breaches. The average cost of a data breach reached an all-time high of $4.45 million in 2023 – a 15 percent increase over the past three years. Organizations with under 500 employees reported an average breach-impact increase from $2.92 million to $3.31 million—a rise of 13.4%.

Breaking News Geopolitics News

0

21

Ukraine takes down Russia’s financial services

Hackers from Ukraine’s Main Intelligence Directorate claim to have effected one of the largest Distributed Denial-of-Service (DDoS) attacks in history, derailing Russia’s financial services.

According to the Kyiv Post, the attack compromised the online services of all major Russian banks, including the Central Bank, telecommunications service providers, national payment systems, social networks and messengers, government resources, and dozens of other services.

The affected Russian financial institutions are reported to include VTB Bank, Alfa Bank, SberBank, Raiffeisen Bank, RSHB Bank, Ak Bars Bank, Rosbank, Gazprombank, Tinkoff Bank, iBank, Dom.RF Bank, and the Bank of Russia. On the last day of the attack, the resources of the Russian Ministry of Defense, the Ministry of Internal Affairs. The Federal Tax Service was also reported to have been affected.

Big Tech News Vulnerability

0

15

Latest Microsoft outage ‘triggered’ by a cyber-attack

A second outage of several Microsoft services in two weeks, this one attributed to a cyber-attack, is fuelling further questions about the underlying security of the Windows operating system.

According to Microsoft: “While the initial trigger event was a Distributed Denial-of-Service (DDoS) attack… initial investigations suggest that an error in the implementation of our defenses amplified the impact of the attack rather than mitigating it.”

Services affected included Outlook, Azure, and Microsoft 365, with some people complaining on social media that they were unable to work. Starbucks customers also reported issues with the Starbucks app in Boston, New York, Washington DC, Dallas, Chicago, Los Angeles, Tampa and other cities. The disruption caused by this latest outage is, however, minor compared with the Windows outage caused by a mishandled CrowdStrike security upgrade, which resulted in canceled flights and marooned passengers in major international airports around the world last week.

Big Tech News Vulnerability

0

18

Cybercriminals capitalize on CrowdStrike outage

Organized cybercriminal gangs have lost little time in attempting to cash in on the ongoing CrowdStrike/Windows outage currently affecting banks, airlines and businesses.

According to the UK’s National Security Cyber Centre: “An increase in phishing referencing this outage has already been observed, as opportunistic malicious actors seek to take advantage of the situation. This may be aimed at both organizations and individuals.”

cybercrime News Vulnerability

0

15

‘Shadow IT’ poses a rapidly growing risk

The use of ‘shadow IT’, where staff purchase software without the approval of their IT department, is still on the rise. Despite being acutely aware of the cyber risks involved, three-quarters of security professionals admit to using off-the-shelf software-as-a-service (SaaS) applications in the last year.

According to a survey of over 250 global security professionals carried out by cybersecurity firm Next DLP, 73 percent admitted to using SaaS applications, with over half of the respondents naming data loss (65 percent), lack of visibility and control (62 percent) and data breaches (52 percent) as the chief risks inherent in using unauthorized tools. One in ten also admitted they were certain their organization had suffered a data breach or data loss as a result.

cybercrime Government News

0

19

Russian gang shuts down two Indiana counties

Clay County, Indiana, in the US, is sounding a Local Disaster Declaration in the wake of a “criminal ransomware attack” that occurred last week, following reports of increasing cyber-attacks on local governments across America.

“Clay County local government suffered a significant ransomware attack in the early morning hours of July 9, 2024. This has resulted in an inability to provide critical services required for the daily operation of all offices of the Clay County Courthouse, Community Corrections, and Clay County Probation,” said the county in an official statement.

Cyber Espionage News Phishing

0

13

Public sector phishing attacks increase fourfold

With national elections coming up later this year, US public-sector organizations are experiencing unprecedented levels of phishing attacks designed to dupe government staff into opening weaponized links in fake emails.

According to email security firm Abnormal Security: “Between May 2023 and May 2024, public sector organizations experienced an astounding 360 percent growth in phishing attacks. While phishing tends to consistently increase each year and regularly accounts for the majority of advanced threats, this level of growth is extraordinary.”

cybercrime News Retail

0

13

Levi’s breach exposes 72k customer details

Over 72,000 US consumers may have had their account details compromised following a cyber-attack on denim clothing giant Levi Strauss & Co. Almost two weeks ago, on June 13, Levi’s spotted an unusual spike in activity on its consumer-facing website and immediately realized its users were under threat.

“Our investigation showed characteristics associated with a “credential stuffing” attack where bad actor(s) who have obtained compromised account credentials from another source (such as a third-party data breach) then use a bot attack to test these credentials against another website – in this case www.levis.com,” said Levi’s in a published notice detailing the data breach.

China Chip Technology News

0

17

US to block use of Chinese semiconductor equipment

The US Congress has introduced a new act to prevent the Chinese and “other foreign entities of concern” from infiltrating the US’s domestic chipmaking industry.

The bill, the Chip Equipment Quality, Usefulness, and Integrity Protection Act of 2024 (Chip EQUIP Act), follows on from the CHIPS and Science Act, enacted in 2022, which earmarked roughly $280 billion in new funding to boost US domestic research and manufacturing of semiconductors. It included $39 billion in subsidies plus tax breaks for US chipmakers. However, China has recently matched this with a new $40 billion investment in its own semiconductor industry, which will heavily focus on chip manufacturing equipment. In April, Chinese tech giant Huawei announced investing in new R&D capabilities to rival US, Japanese, and Dutch firms.

AI Business Email Compromise News

0

15

AI-engineered email attacks are on the rise

Email scams aimed at business users are becoming increasingly sophisticated and increasingly tough to detect. Threat actors are now using artificial intelligence to research their targets in advance of an attack, a process known as ‘social engineering.’

Phishing attacks and email scams that appear to come from a trusted source make up 35.5% of all socially engineered threats, according to a report from cybersecurity firm Barracuda: Top Email Threats and Trends. Although these types of attacks have been around for some time, cybercriminals have recently devised ingenious new methods to avoid detection and being blocked by email-scanning technologies.

cybercrime Healthcare News

0

10

Healthcare attack exposes 200,000 Los Angeles patient records

The Los Angeles County Department of Public Health has been breached by a cyber-attack that has compromised the personal information of over 200,000 private individuals. This is the latest breach in a series of major cyber-attacks on the healthcare sector.

As with so many breaches, the Los Angeles County breach was the result of a phishing attack aimed at unsuspecting staff. The attack enabled a hacker to gain the log-in credentials of 53 public health employees and subsequently compromised the personal information of 200,000 patients.

According to the LA County Department of Public Health: “The information identified in the potentially compromised e-mail accounts may have included DPH clients/employees/other individuals’ first and last name, date of birth, diagnosis, prescription, medical record number/patient ID, Medicare/Med-Cal number, health insurance information, Social Security Number, and other financial information.”

cybercrime Geopolitics News

0

16

Cyber Tsunami Set to Overwhelm Paris Olympics

The Olympic games, which kick off in Paris towards the end of next month, are expected to attract over 15 million visitors to the French capital and generate around €11 billion. But there are also growing fears that the four-yearly global event will be the target of a tsunami of cybercrime and terrorism.

“The Tokyo Games in 2021 suffered 450 million computer attacks. Paris expects eight times more!” says the networking giant Cisco, an official partner for Paris 2024.

Big Tech News Vulnerability

0

19

Microsoft accused of major security gaps

Microsoft is accused of failing to implement some basic security controls on its hugely popular Visual Studio Code (VSCode) extensions marketplace. An open letter from independent researchers published on Medium reports “an incredible number of security design flaws implemented by Microsoft that provide amazing ways for threat actors to gain credibility and access.”

The researchers say the biggest security design flaw with VSCode extensions is the lack of any permission model. For example, a theme extension that should only change the colors of the user’s integrated development environment (IDE) may execute code and read or write files without any visibility or explicit authorization from the user. The researchers have also published research evidencing the security flaws highlighted in the open letter.

0

14

Musk deems “Apple Intelligence” offering insecure

Bereft of fresh ideas or new products, Apple’s main offering at its long-awaited annual Worldwide Developer’s Conference in Cupertino, California, is a cobbled-together artificial intelligence (AI) offering.

While AI may be Silicon Valley’s latest buzzword and marketing tool, “Apple Intelligence,” as Apple AI is branded, is already attracting heavy criticism – even from other tech giants. By pairing Microsoft-backed OpenAI’s ChatGPT with Apple’s voice-activated assistant, Siri, Apple hopes to make AI mainstream. But its critics say that all Apple has done is create a cybersecurity nightmare for corporations while sounding a death knell for the personal privacy of Apple users.

“It’s patently absurd that Apple isn’t smart enough to make their own AI, yet is somehow capable of ensuring that OpenAI will protect your security & privacy!… Apple has no clue what’s actually going on once they hand your data over to OpenAI. They’re selling you down the river,” says Elon Musk, Tesla and SpaceX founder and the owner of X Corp, formerly Twitter.

Breaking News cybercrime News

0

13

Game over for European criminal botnet networks

An international operation coordinated by Europol has resulted in several arrests and the takedown of numerous cybercriminal networks. The operation focused on tackling the growing problem of the weaponization of botnets, which are strings of connected computers. Cybercriminal gangs use botnets to install droppers, a type of malicious software designed to install other malware, such as ransomware, onto a targeted system.

Between 27 and 29 May of this year, Europol’s “Operation Endgame” targeted droppers, including IcedID, SystemBC, Pikabot, Smokeloader, Bumblebee, and Trickbot. The actions focused on disrupting criminal services, making arrests, taking down criminal infrastructures, and freezing illegal proceeds.

Cyber Espionage News North Korea

0

17

New cyber threat from North Korea

Microsoft has identified a new North Korean threat actor, Moonstone Sleet. Also known as Storm-1789, Moonstone Sleet has set up fake companies and job opportunities to engage with potential targets and has even created a fully functioning computer game designed to trap the unwary.

The potentially hostile nation-state of North Korea has long been suspected of resorting to cybercrime, targeting the West to fund its military build-up and commit ongoing cyber espionage against countries such as the US and the UK. But Moonstone Sleet is taking cyber-attacks on the West to new levels of sophistication, posing a threat to all organizations.

Microsoft says Moonstone Sleet “uses both a combination of many tried-and-true techniques used by other North Korean threat actors and unique attack methodologies to target companies for its financial and cyberespionage objectives.”

cybercrime Malware News

0

15

TeaBot banking malware infects 70k smartphones

TeaBot, a highly sophisticated type of malware, is increasingly infecting Android smartphones. Cybersecurity firm Zscaler’s ThreatLabz reported a sharp rise in malicious activity leveraging TeaBot this week.

TeaBot, also known as “Anatsa,” is designed to impersonate seemingly harmless applications such as PDF and WR code readers. Once installed on an Android smartphone, it acts as a Trojan horse containing numerous financial scams.

“[TeaBot] is a known Android banking malware that targets applications from over 650 financial institutions, primarily in Europe. We observed Anatsa actively targeting banking applications in the US and UK. However, recent observations indicate that threat actors have expanded their targets to include banking applications in Germany, Spain, Finland, South Korea, and Singapore,” explains Zscaler ThreatLabz.

Geopolitics Government News

0

22

Indian elections targeted by cyber-attacks

India’s current elections have become a prime target for malicious cyber activity on the part of foreign threat actors and independent hacktivist groups. With the results expected to be counted on June 4, the spike in cyber-attacks is a stark warning for other countries such as the US, the UK and the European Union (EU), which are also holding national elections later this year.

Cybersecurity company Resecurity reports that the early stages of cyber-attacks have been observed since the launch of an #OpIndia campaign last year. Escalating geopolitical tensions across the globe are now heightening the threat to India at this crucial time, with the number of attacks increasing by nearly 300% following the launch of #OpIsrael, which coincided with heightened online protests in the context of the ongoing Israel-Gaza crisis.

AI Human Error News

0

17

‘Shadow AI’ is putting companies at risk

The increasing use of artificial intelligence (AI) tools by staff ahead of IT departments involvement has resulted in the growing problem of ‘shadow AI’.

“Similar to the early days of cloud adoption, workers are using AI tools before IT departments formally buy them. The result is “shadow AI,” employee usage of AI tools through personal accounts that are not sanctioned by – or even known to – the company,” says Silicon Valley-based data protection company Cyberhaven’s report: How Employees are Leading the Charge in AI Adoption and Putting Company Data at Risk.

Cyber Budget Cyber M&A News

0

12

ID security acquisition to spark M&A growth

Identity security company CyberArk has announced that it is acquiring machine identity management specialist Venafi for US $1.54 billion from software-focused investor Thoma Bravo, which already manages US$138 billion in assets.

The acquisition is being seen by some market sources as the start of more highly-focused acquisition-driven growth in the increasingly sharply defined and specialized cybersecurity sector. The logic behind the Venafi acquisition is clear. According to CyberArk, the number of machines is rapidly outpacing the growth of their human counterparts, with more than 40 machine identities for every human identity. By adding Venafi’s machine identity management to its dominant identity security position, CyberArk expects to expand its total addressable market by almost US$10 billion to around US$60 billion.

cybercrime Human Error News

0

12

Organizations’ staff are their biggest security risk

Careless employees are the main root cause of data loss in organizations. According to the cybersecurity and compliance company Proofpoint, almost three-quarters (74 percent) of CISOs believe human error is their biggest cyber vulnerability. This is up from 60 percent in 2023 and 56 percent in 2022. Even more (80 percent) believe human risk and employee negligence will be the key cybersecurity concerns for the next two years.

“Our research shows that CISOs generally believe their people are aware of their critical role in defending the business from cyber threats. That CISOs still see their people as the primary risk factor suggests a disconnect between employees’ understanding of cyber threats and their ability to keep them at bay,” says Proofpoint.

0

12

Feds bust $100m online drugs market ‘Pharoah’

On Saturday, US authorities arrested a 23-year-old Taiwanese man alleged to have operated and owned the infamous ‘Incognito’ dark web drug-dealing website.

“Drug traffickers who think they can operate outside the law on the dark web are wrong,” said Attorney General Merrick B. Garland. “As alleged, Rui-Siang Lin was the architect of Incognito, a $100 million dark web scheme to traffic deadly drugs to the United States and around the world. The long arm of the law extends to the dark web, and we will bring to justice those who try to hide their crimes there,” commented Attorney General Merrick B. Garland yesterday.

cybercrime deepfake News

0

14

UK engineering giant hit by $25m deepfake scam

The firm that lost $25 million to deepfake video scammers in Hong Kong earlier this year has been revealed to be UK-based engineering firm Ove Arup. Ove Arup is known for world landmarks, including the Sydney Opera House. The company employs roughly 18,000 people worldwide and has annual revenues of over £2 billion.

In early February of this year, Cyber Intelligence reported that an as-yet-unidentified firm in Hong Kong had been defrauded of roughly US$25 million by criminals using deepfake video technology to pose as the company’s corporate finance officer (CFO) and other trusted colleagues. Not knowing how sophisticated even off-the-shelf deepfake video has become, the staff member who had been targeted was totally duped by what he logically assumed must be his CFO asking him to make the $25 million transfer during the course of an entirely fake but highly convincing video conference. When the attack was originally reported, the Hong Kong police gave a stark warning:

Big Tech Geopolitics News

0

20

US and UK call time on Silicon Valley

A clarion call has gone out on both sides of the Atlantic for digital technologies to be made secure by design rather than by default.

At San Francisco’s RSA cyber conference earlier this month, Jen Easterly, the director of CISA, the US Cyber Defense Agency, called for software to be made far more secure. This week, Ollie Whitehouse, the CTO of the NCSC, the UK’s National Cyber Security Centre, also echoed her thoughts, demanding that the technology industry make its products more cyber-secure from the start.

Business Email Compromise cybercrime News

0

11

Millions of emails distributing LockBit ransomware

Affiliates of the infamous ransomware group LockBit have launched a potentially devastating new weaponized email tactic designed to cause maximum disruption to millions of companies in the US and around the world.

At the end of April this year, researchers at cybersecurity firm Proofpoint began to observe high-volume ransomware campaigns sending out millions of fraudulent emails over a one-week period, facilitated by the Phorpiex botnet. In all cases, email messages purported to come from “Jenny Green” with the email address Jenny@gsd[.]com. These contained an attached ZIP file capable of downloading the LockBit Black ransomware payload from Phorpiex botnet infrastructure.

1
2
3
4
5
6