Highly Autonomous Cyber-Capable Agents: Anticipating Capabilities, Tactics, and Strategic Implications

This report introduces the concept of "Highly Autonomous Cyber-Capable Agents" HACCAs, AI systems capable of autonomously conducting multi-stage cyber campaigns at a level comparable to today's top criminal hacking groups or state-affiliated threat actors, and analyzes the security implications o...

Revolut Faces $20 Million Loss as Attackers Exploit Payment System Weakness

Malicious actors exploited an unknown flaw in Revolut's payment systems to steal more than $20 million of the company's funds in early 2022. The development was reported by the Financial Times, citing multiple unnamed sources with knowledge of the incident. The breach has not been disclosed...

Five Eyes Nations Warn of Russian Cyber Attacks Against Critical Infrastructure

The Five Eyes nations have released a joint cybersecurity advisory warning of increased malicious attacks from Russian state-sponsored actors and criminal groups targeting critical infrastructure organizations amidst the ongoing military siege on Ukraine. "Evolving intelligence indicates that the...

Haskers Gang Gives Away ZingoStealer Malware to Other Cybercriminals for Free

A crimeware-related threat actor known as Haskers Gang has released an information-stealing malware called ZingoStealer for free on, allowing other criminal groups to leverage the tool for nefarious purposes. "It features the ability to steal sensitive information from victims and can download...

Tech support scam campaign targets Japanese visitors to PornHub

The Malwarebytes Threat Intelligence team has identified a malvertising campaign targeting Japanese users. The campaign they discovered was found to be using a cloaking technique to lure visitors of popular adult site PornHub to a decoy site at the domain mixhd.club. Cloaking Cloaking is a method...

Military’s RFID Tracking of Guns May Endanger Troops

Reports that the military has started outfitting firearms with RFID tags for tracking have raised security alarms. The concern: What if the enemy uses the tags to track soldiers on the battlefield? The Department of Defense, the Marines and the Navy have already rejected the RFID tagging tech for...

New Ransomware Gangs — Haron and BlackMatter — Emerge on Cybercrime Forums

Two new ransomware-as-service RaaS programs have appeared on the threat radar this month, with one group professing to be a successor to DarkSide and REvil, the two infamous ransomware syndicates that went off the grid following major attacks on Colonial Pipeline and Kaseya over the past few...

Ransomware Is Getting Ugly

Modern ransomware has two dimensions: pay to get your data back, and pay not to have your data dumped on the Internet. The DC police are the victims of this ransomware, and the criminals have just posted personnel records -- "including the results of psychological assessments and polygraph tests;...

Spotlight on Cybercriminal Supply Chains

An examination of cybercrime ecosystems reveals it mirrors legitimate financial organization and market systems. “Cybercriminals need to move money and pay employees in their organization just like any other company,” said Derek Manky Chief Security Insights & Global Threat Alliances at Fortinet’...

Accellion Supply Chain Hack

A vulnerability in the Accellion file-transfer program is being used by criminal groups to hack networks worldwide. Theres much in the article about when Accellion knew about the vulnerability, when it alerted its customers, and when it patched its software. The governor of New Zealands central...

It’s Open Season for Microsoft Exchange Server Hacks

A patch for the vulnerabilities China exploited has been released. Now, criminal groups are going to reverse engineer it—if they haven’t already...

The Edge of a Storm?

The SolarWinds element of this breach is likely just the tip of the iceberg as many more businesses leveraging their management tools are exposed to this compromise. Not necessarily from the nation state actor believed to have triggered it, but from the potential sell off of those points of acces...

Emotet is back: botnet springs back to life with new spam campaign

After a fairly long hiatus that lasted nearly four months, Emotet is back with an active spam distribution campaign. For a few weeks, there were signs that the botnet was setting its gears in motion again, as we observed command and control C2 server activity. But this morning, the Trojan started...

MIPT/PhysTech guest lecture: Vulnerabilities, Money and People

On December 1, I gave a lecture at the Moscow Institute of Physics and Technology informally known as PhysTech. This is a very famous and prestigious university in Russia. In Soviet times, it trained personnel for Research Institutes and Experimental Design Bureaus, in particular for the Soviet...

Nuclear, Angler Exploit Kit Activity Has Disappeared

Criminal hackers are fickle about their attack vectors. You need to look no further for evidence of this than their constant migration from one exploit kit to another. And while there is an expansive menu of exploit kits, attackers do seem to congregate around a precious few. Researchers who stud...

Globalization Fuels Cybercrime: A Threat to Australian Credit Card Holders

Globalization benefits consumers and businesses but also provides opportunities for organized crime. Many internet criminals join or form organized crime groups, motivated by economic, cultural, or technical reasons. Globally, individuals and mafia groups engage in illegal online activities, ofte...