7 matches found
2026: The Year of AI-Assisted Attacks
On December 4, 2025, a 17-year-old was arrested in Osaka under Japan’s Unauthorized Access Prohibition Act. The young man had run malicious code to extract the personal data of over 7 million users of Kaikatsu Club, Japan's largest internet cafe chain. When asked, the young man shared his...
Mandiant Finds ShinyHunters-Style Vishing Attacks Stealing MFA to Breach SaaS Platforms
Google-owned Mandiant on Friday said it identified an "expansion in threat activity" that uses tradecraft consistent with extortion-themed attacks orchestrated by a financially motivated hacking group known as ShinyHunters. The attacks leverage advanced voice phishing aka vishing and bogus...
Dogged Persistence -- The Name of the Game for One DDoS Attacker
With DDoS, we typically observe a moderate degree of attacker persistence. DDoS attacks are relatively easy to launch from a number of online booter services, and the availability of cryptocurrencies for payment has made it easy to remain anonymous. Attackers can try their hand at DDoS for little...
Phorpiex morphs: How a longstanding botnet persists and thrives in the current threat environment
Phorpiex, an enduring botnet known for extortion campaigns and for using old-fashioned worms that spread via removable USB drives and instant messaging apps, began diversifying its infrastructure in recent years to become more resilient and to deliver more dangerous payloads. Today, the Phorphiex...
Collection 1 data breach: what you need to know
Yesterday, news broke that the largest data dump in history had been discovered, with more than 770 million people's Personally Identifiable Information PII decrypted, catalogued, and up for grabs on the Internet. The files, which are being dubbed Collection 1, were originally found on cloud...
WannaCry and the Executive Order
Last week, The White House released its long awaited Executive Order EO, Strengthening the Cybersecurity of Federal Networks and Critical Infrastructure, ironically enough during the same week we experienced the largest single ransomware attack that, by some estimates, has affected more than...
IC3 Issues Alert on DDoS Extortion Campaigns
The Internet Crime Complaint Center IC3 has issued an alert to U.S. businesses about a rise in extortion campaigns. In a typical incident, a business receives an e-mail threatening a Distributed Denial of Service DDoS attack to its website unless it pays a ransom. Businesses are warned against...