Hacker Leaks Data of 390 Million Users from VK, a Russian Social Network

Hacker HikkI-Chan leaks personal data of over 390 million VK users on Breach Forums, including city, country, full…...

Man certifies his own (fake) death after hacking into registry system using stolen identity

A 39-year-old man has been sentenced to 81 months in jail after hacking governments systems to fake his own death to dodge paying child support. Yes, you read that right. The press release by the US Attorneys Office, Eastern District of Kentucky, paints a detailed picture of what went down. In...

Selling Ransomware Breaches: 4 Trends Spotted on the RAMP Forum

The sale and purchase of unauthorized access to compromised enterprise networks has become a linchpin for cybercriminal operations, particularly in facilitating ransomware attacks. Underground forums are sharing guidelines on breaching networks and selling the access they obtain, leaving the...

Data theft forum admins busted after flashing their cash in a life of luxury

Two men without a clear source of income landed cyberfraud charges after being so flash with their ill-gotten cash that it gained the attention of the authorities. In 2022, Russian national Pavel Kublitskii and Kazakhstan national Alexandr Khodyrev arrived in Florida and requested asylum, which w...

Cyber Threat Intelligence: Illuminating the Deep, Dark Cybercriminal Underground

Learn about critical threats that can impact your organization and the bad actors behind them from Cybersixgill's threat experts. Each story shines a light on underground activities, the threat actors involved, and why you should care, along with what you can do to mitigate risk. The deep and dar...

Oracle WebCenter Portal (July 2024 CPU)

The 12.2.1.4.0 versions of WebCenter Portal installed on the remote host are affected by a vulnerability as referenced in the July 2024 CPU advisory. - Vulnerability in the Oracle WebCenter Portal product of Oracle Fusion Middleware component: Portal Core Apache SOAP. The supported version that i...

Disney “breached,” data dumped online

A group of cybercriminals going by the handle NullBulge claims to have downloaded the Slack channels used by Disney’s developers. “DisneySlackLeak Disney has had their entire dev slack dumped. 1.1TiB of files and chat messages. Anything we could get our hands on, we downloaded and packaged up. Wa...

Hacker Claims TEG Ticket Vendor Breach: 30M User Records for Sale

Hacker "Sp1d3r" claims breaching TEG, an Australian ticketing giant, exposing 30 million users' data for sale on Breach Forums for USD 30,000...

AMD Data Breach: IntelBroker Claims Theft of Employee and Product Info

Advanced Micro Devices, Inc. AMD has apparently been breached by IntelBroker, a notorious hacker from the Breach Forums --- AMD has not yet confirmed the breach...

Update: CVE-2024-4577 quickly weaponized to distribute “TellYouThePass” Ransomware

Introduction Recently, Imperva Threat Research reported on attacker activity leveraging the new PHP vulnerability, CVE-2024-4577. From as early as June 8th, we have detected attacker activity leveraging this vulnerability to deliver malware, which we have now identified to be a part of the...

SASE Threat Report: 8 Key Findings for Enterprise Security

Threat actors are evolving, yet Cyber Threat Intelligence CTI remains confined to each isolated point solution. Organizations require a holistic analysis across external data, inbound and outbound threats and network activity. This will enable evaluating the true state of cybersecurity in the...

U.S. Sentences 31-Year-Old to 10 Years for Laundering $4.5M in Email Scams

The U.S. Department of Justice DoJ has sentenced a 31-year-old man to 10 years in prison for laundering more than $4.5 million through business email compromise BEC schemes and romance scams. Malachi Mullings, 31, of Sandy Springs, Georgia pleaded guilty to the money laundering offenses in Januar...

Breach Forums Return to Clearnet and Dark Web Despite FBI Seizure

By Waqas A tale of emerging cybercrime and embarrassment for the world's premier law enforcement agency. This is a post from HackRead.com Read the original post: Breach Forums Return to Clearnet and Dark Web Despite FBI Seizure...

Breach Forums Return to Clearnet and Dark Web Despite FBI Seizure

By Waqas A tale of emerging cybercrime and embarrassment for the world's premier law enforcement agency. This is a post from HackRead.com Read the original post: Breach Forums Return to Clearnet and Dark Web Despite FBI Seizure...

Silverstripe Forum Module CSRF Vulnerability

A number of form actions in the Forum module are directly accessible. A malicious user e.g. spammer can use GET requests to create Members and post to forums, bypassing CSRF and anti-spam measures. Additionally, a forum moderator could be tricked into clicking a specially crafted URL, resulting i...

Breach Forums Plans Dark Web Return This Week Despite FBI Crackdown

By Waqas The strange and tricky world of cybercrime and the dark web is getting stranger and trickier! This is a post from HackRead.com Read the original post: Breach Forums Plans Dark Web Return This Week Despite FBI Crackdown...

Breach Forums Admin ShinyHunters Claims Domain Reclaimed from FBI

By Waqas Breach Forums, a notorious cybercrime hub, could be back online with the same domain even after the FBI seizure. Hackers claim to have regained access to the clear web domain, while the dark web version remains in a tug-of-war. This is a post from HackRead.com Read the original post:...

Popular Cyber Crime Forum Breach Forums Seized by Police

By Waqas In a major blow to cybercrime, Breach Forums, a notorious online marketplace for stolen data, has been seized by the FBI and Department of Justice DoJ. This unprecedented takedown includes not just the clear web domain, but also the dark web, escrow sections and Telegram accounts. This i...

BIT-DISCOURSE-2021-43850 Denial of Service in discourse

Discourse is an open source platform for community discussion. In affected versions admins users can trigger a Denial of Service attack via the /message-bus/diagnostics path. The impact of this vulnerability is greater on multisite Discourse instances where multiple forums are served from a singl...

BIT-MYBB-2023-45556

Cross Site Scripting vulnerability in Mybb Mybb Forums v.1.8.33 allows a local attacker to execute arbitrary code via the theme Name parameter in the theme management component...