A U.S. federal judge sentenced a Russian national to five years and four months in prison for his role in developing TrickBot malware, which is used to target businesses, schools and hospitals across the country. Vladimir Dunaev in the U.S. District Court for the District of Northern Ohio in December pleaded guilty to one count…

For cybercriminals looking to attack businesses, email continues to be the preferred attack vector. Despite a rapidly changing technology landscape with new innovations such as ChatGPT, cybercriminals are opting to adapt their email-based techniques to improve old tactics rather than create new methods altogether. This is largely because email provides cybercriminals with a direct line…

The vulnerability of subdomain takeover in Microsoft Azure continues to pose a threat, with researchers at Keytos discovering approximately 15,000 vulnerable subdomains each month using cryptographic certificates. This relatively common exploit allows cybercriminals to impersonate organizations, launch attacks, and display spam content through legitimate sites. Despite continuous attempts to contact and notify over 1,000 organizations…

On Feb. 28, multiple police forces carried out a coordinated action against two suspected members of the cybercrime gang behind the DoppelPaymer ransomware. These latest raids, revealed on March 6 by Europol, follow a series of other law enforcement campaigns against prominent ransomware groups in recent years. “We’ve seen an increase in the velocity of…

The post-exploitation tools market has chalked up a newcomer with the emergence of Exfiltrator-22. An upstart alternative to Cobalt Strike, the Exfiltrator-22 framework-as-a-service (FaaS) tool set, first seen in December, was “likely” developed by ex-affiliates of the notorious LockBit ransomware gang, according to researchers. According to a Cyfirma report on Feb. 28, Ex-22 possesses advanced…

Cybercriminals have lost little time in converting the artificial intelligence capabilities of ChatGPT to malicious purposes by using it to generate malware scripts. Security researchers at Check Point found members of the low-level hacking community Breach Forums posting over the past few weeks the results of interactions with the OpenAI-developed tool. They include a machine-learning…

Australia has been the victim of damaging cyberattacks in the latter half of this year, with high-profile incidents impacting businesses across critical sectors such as telecoms, healthcare, and government. The impacts of some of these attacks have been rolling on for months, with new details and further information about data breached from the incidents suffered…

The two, Eric Meiggs, 24, of Brockton, and Declan Harrington, 22, of Beverly, employed SIM swapping, computer hacking, and other techniques as part of their nefarious activities, the US Department of Justice says. According to documents presented in court, the two targeted executives of cryptocurrency companies and individuals who had large amounts of cryptocurrency or…