Lucene search
K

17 matches found

Microsoft Secure
Microsoft Secure
added 2026/06/24 12:30 p.m.26 views

StealC and Amadey: Breaking down infostealers and the cybercrime services that deliver them

In this article 1. The role of infostealers: From credential theft to intrusion 2. StealC: Infostealer for rent 3. Amadey: Malware-as-a-service for delivery of infostealers 4. Defending against StealC and Amadey intrusions 5. Microsoft Defender detections 6. Indicators of compromise Infostealers...

6.2AI score
Exploits0
The Hacker News
The Hacker News
added 2026/05/29 11:31 a.m.22 views

New Russia-Linked GREYVIBE Targets Ukraine with AI-Powered Cyberattacks

A previously undocumented threat actor dubbed GREYVIBE has been attributed to ongoing and persistent attacks targeting Ukraine and Ukraine-related entities since at least August 2025. GREYVIBE, per WithSecure, is assessed to be a Russian-speaking group operating broadly in the Russian time zone,...

5.9AI score
Exploits0
Packet Storm News
Packet Storm News
added 2026/05/14 12:0 a.m.13 views

Topical Shifts in the Dark Web: A Longitudinal Analysis of Content from the Cybercrime Ecosystem

The dark web hosts a dynamic ecosystem of cybercrime forums and marketplaces that adapt to law enforcement pressure, technological change, and economic incentives. Prior research has extracted cyber threat intelligence from these platforms using static snapshots, with limited attention to how...

5.8AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/24 11:27 a.m.24 views

Darcula Adds GenAI to Phishing Toolkit, Lowering the Barrier for Cybercriminals

The threat actors behind the Darcula phishing-as-a-service PhaaS platform have released new updates to their cybercrime suite with generative artificial intelligence GenAI capabilities. "This addition lowers the technical barrier for creating phishing pages, enabling less tech-savvy criminals to...

6.5AI score
Exploits0
The Hacker News
The Hacker News
added 2025/04/11 10:30 a.m.15 views

Initial Access Brokers Shift Tactics, Selling More for Less

What are IABs? Initial Access Brokers IABs specialize in gaining unauthorized entry into computer systems and networks, then selling that access to other cybercriminals. This division of labor allows IABs to concentrate on their core expertise: exploiting vulnerabilities through methods like soci...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2024/04/10 1:10 p.m.41 views

Raspberry Robin Returns: New Malware Campaign Spreading Through WSF Files

Cybersecurity researchers have discovered a new Raspberry Robin campaign wave that has been propagating the malware through malicious Windows Script Files WSFs since March 2024. "Historically, Raspberry Robin was known to spread through removable media like USB drives, but over time its...

7.3AI score
Exploits0
The Hacker News
The Hacker News
added 2023/11/03 12:12 p.m.56 views

NodeStealer Malware Hijacking Facebook Business Accounts for Malicious Ads

Compromised Facebook business accounts are being used to run bogus ads that employ "revealing photos of young women" as lures to trick victims into downloading an updated version of a malware called NodeStealer. "Clicking on ads immediately downloads an archive containing a malicious .exe 'Photo...

7AI score
Exploits0
The Hacker News
The Hacker News
added 2023/06/01 9:19 a.m.40 views

Improved BlackCat Ransomware Strikes with Lightning Speed and Stealthy Tactics

The threat actors behind BlackCat ransomware have come up with an improved variant that prioritizes speed and stealth in an attempt to bypass security guardrails and achieve their goals. The new version, dubbed Sphynx and announced in February 2023, packs a "number of updated capabilities that...

6.7AI score
Exploits0
Rapid7 Blog
Rapid7 Blog
added 2023/02/28 2:0 p.m.21 views

A Shifting Attack Landscape: Rapid7’s 2022 Vulnerability Intelligence Report

Each year, the research team at Rapid7 analyzes thousands of vulnerabilities in order to identify their root causes, broaden understanding of attacker behavior, and provide actionable intelligence that guides security professionals at critical moments. Our annual Vulnerability Intelligence Report...

0.3AI score
Exploits0
Talos Blog
Talos Blog
added 2023/02/09 7:0 p.m.13 views

Threat Source newsletter (Feb. 9, 2023): Don't let criminals exploit your empathy

Welcome to this weeks edition of the Threat Source newsletter. Our hearts are with the people of Turkey and Syria and all those impacted by the tragic earthquake. The Cisco Foundation has launched a matching campaign to support local disaster relief organizations. As a person its always difficult...

7.2AI score
Exploits0
The Hacker News
The Hacker News
added 2022/04/26 10:17 a.m.26 views

Gold Ulrick Hackers Still in Action Despite Massive Conti Ransomware Leak

The infamous ransomware group known as Conti has continued its onslaught against entities despite suffering a massive data leak of its own earlier this year, according to new research. Conti, attributed to a Russia-based threat actor known as Gold Ulrick, is the second most prevalent malware stra...

1AI score
Exploits0
ThreatPost
ThreatPost
added 2020/12/21 5:7 p.m.38 views

Dark Web Pricing Skyrockets for Microsoft RDP Servers, Payment-Card Data

Cybercriminals are vying for Remote Desktop Protocol RDP access, stolen payment cards and DDoS-for-Hire services, based on a recent analysis of underground marketplace pricing. During the COVID-19 pandemic, cybercriminals have profited with “increasingly advantageous positions to benefit from the...

Exploits0References12
Securelist
Securelist
added 2019/11/21 10:0 a.m.47 views

The cybercrime ecosystem: attacking blogs

Executive summary The Cybercrime Ecosystem is a series of articles explaining how cybercriminals operate, what drives them, what techniques they use and how we, regular Internet users, are part of that ecosystem. The articles will also cover technical details and up-to-date research on the threat...

8.4AI score
Exploits0
ThreatPost
ThreatPost
added 2016/06/16 10:0 a.m.27 views

Inside the xDedic Hacked Server Marketplace

An underground market peddling hacked servers was a unique find, even for a seasoned researcher such as Juan Andres Guerrero-Saade of Kaspersky Lab. But there it was, xDedic.biz selling access to tens of thousands of servers for pennies on the dollar. A Russian-speaking hacker group was...

0.4AI score
Exploits0References2
ThreatPost
ThreatPost
added 2016/04/21 3:31 p.m.9 views

PoS Attack Net Crooks 20 Million Bank Cards, Up to $400 Million

In a storyline that rivals an episode of The Sopranos, researchers at FireEye documented the heist of bank card data from 20 million individuals that involved a complex web of crooks that may have netted hackers more than $100 million since 2014. In conjunction with recently acquired Isight...

7.5AI score
Exploits0References2
ThreatPost
ThreatPost
added 2015/09/25 8:44 a.m.18 views

Google Report Outlines Dependencies in the For-Profit Cybercrime Food Chain

Security specialists need to change the game and shift gears, researchers argue – instead of focusing on protecting their users and systems, they should narrow their sights on trying to shake up cybercrime’s seedy underbelly. At least that’s how Kurt Thomas and Elie Bursztein, researchers at...

Exploits0References4
ThreatPost
ThreatPost
added 2011/07/15 10:51 a.m.6 views

Outdated Assumptions

The term “targeted attack” gets thrown around an awful lot nowadays. In fact I’m guessing you’ll be hard pressed to find many public breach disclosures that make it to the news that aren’t labeled as having been “targeted”. It reminds me of an important quote from the character Inigo Montoya in T...

0.9AI score
Exploits0References2
Rows per page
Query Builder