The 2024 Ransomware Landscape: Looking back on another painful year

The ransomware landscape in 2024 continued to evolve at a rapid pace, outgrowing many of the trends we saw in 2023. Threat actors remained relentless and innovative, targeting organizations of all sizes and sectors. In this post, we’ll examine the latest data points, discuss notable groups, and...

Scammer robs homebuyers of life savings in $20 million theft spree

A 33-year-old Nigerian man living in the UK and his co-conspirators defrauded over 400 would-be home buyers in the US. In the initial phase, Babatunde Francis Ayeni and his criminal gang targeted US title companies, real estate agents, and real estate attorneys. Employees of these companies were...

FBI warns of multiple ransomware attacks on same victim

The Federal Bureau of Investigation FBI has released a notification that highlights two trends emerging across the ransomware environment. The trends the FBI says it's noticed since July 2023 are: Multiple ransomware attacks on the same victim in close date proximity. New data destruction tactics...

First depositor for the Vault can be front-run and have part of their deposit stolen

Lines of code Vulnerability details Description The first deposit with a totalSupply of zero shares will mint shares equal to the deposited amount. File: src/vault/Vault.sol 298: supply == 0 299: ? assets 300: : assets.mulDivsupply, totalAssets, Math.Rounding.Down; Link to Code File:...

Two Russians Charged in $17M Cryptocurrency Phishing Spree

U.S. authorities today announced criminal charges and financial sanctions against two Russian men accused of stealing nearly $17 million worth of virtual currencies in a series of phishing attacks throughout 2017 and 2018 that spoofed websites for some of the most popular cryptocurrency exchanges...

X (Formerly Twitter): Opportunity to post hidden comments

Twitter allows to comment on anyone's tweet. While testing this feature, observed that one can post comment on tweet which will be invisible to the victim whom the reply was posted and would be visible to any other twitter user. This can allow an Attacker to abuse victim on a tweet. The catch her...

Skimmers Hit Patrons of Wrigley Field, Chicago Restaurants

Six individuals were charged late last week with “skimming” more than $200,000 from victims who used their credit or debit cards at Wrigley Field and other Chicago restaurants. A press release from Illinois’ Attorney General Lisa Madigan on Friday alleged that Joseph Woods, 32, was the scheme’s...