A notorious British hacker was arraigned on Wednesday by the U.S. Department of Justice for allegedly running the now defunct 'The Real Deal" dark web marketplace. The 34-year-old defendant Daniel Kaye (aka Bestbuy, Spdrman, Popopret, UserL0ser) allegedly ran the illicit services market between early 2015 and November 2016 when The Real Deal shut down. Threat actors used this platform to sell anything from stolen credentials for U.S. government agencies' systems and hacking tools to drugs, weapons, and government data. READ MORE...
Industrial organizations continue to be a top target for ransomware attacks, and reports published by cybersecurity companies this week reveal some recent trends. Industrial cybersecurity firm Dragos reported that 25 of the 48 threat groups known to target industrial organizations and infrastructure were active in the third quarter of 2022. The list includes several new ransomware groups, such as Sparta Blog, Bianlian, Donuts, Onyx and Yanluowang. READ MORE...
Ticketing services agency See Tickets is informing users that their payment card data was likely exposed after hackers injected skimmer code on its website. Owned by Vivendi SA, See Tickets provides ticketing services for comedy, festival, lifestyle, music, sport, and other types of events and operates several websites targeting both international and regional audiences in North America and Europe. The skimmer attack was initially identified in April 2021 and was fully shut down in January 2022. READ MORE...
In the 19 months between February 2021 and September 2022, two point-of-sale (POS) malware operators have stolen more than 167,000 payment records, mainly from the US, according to researchers at Group-IB. The researchers were able to retrieve information about infected machines and compromised credit cards by analyzing a command and control (C2) server used by the malware. POS malware is designed to steal debit and credit card data from POS machines in retail stores. READ MORE...
LinkedIn has introduced three new features to fight fake profiles and malicious use of the platform, including a new method to confirm whether a profile is authentic by showing whether it has a verified work email or phone number. Over the past couple of years, LinkedIn has become heavily abused by threat actors to initiate communication with targets to distribute malware, perform cyberespionage, steal credentials, or conduct financial fraud. READ MORE...
When we think about cybercrime and retail it is natural to focus on websites being targeted with attacks. Indeed, there has been a shocking rise in the number of cyberattacks perpetrated against online retailers in the past year. Dakota Murphey explains why store owners and security managers need to also protect their physical locations from the cyber threat, too, however. Figures from SonicWall's Biannual Report revealed that e-commerce and online retail businesses saw a 264% surge in the past 12 months in ransomware attacks alone. READ MORE...