Dutch Counter-Ransomware Initiative Led to Global Takedowns

Project Mellissa Contributed Toward Disruptive ActionsA Dutch public and private sector anti-ransomware initiative has contributed to ransomware disruptions globally, found an assessment from the University of Leiden. “Project Melissa” was launched in 2023 by Cybersafe Netherlands, the Dutch National Cyber Security Center and security companies.

Trump’s AI, Crypto Czar David Sacks Faces Conflict Scrutiny

David Sacks Appointed as Trump’s AI and Crypto Czar Amid Growing Industry ConcernsPresident-elect Donald Trump’s appointment of former PayPal executive David Sacks to serve as the inaugural White House czar for artificial intelligence and cryptocurrency is already raising significant concerns about potential conflicts of interest and market favoritism.

Spyware Campaign Targets Sino Minority Groups via WeChat

Possible Chinese-state sponsored Exploit Kit Using Browser Flaws to Deploy SpywareA possible Chinese-state threat group is targeting vulnerabilities in messaging apps to deliver spyware in cross-platform devices used by members of ethnic minorities targeted for repression by Beijing. Trend Micro dubs the group “Earth Minotaur.”

U.S. Offered $10M for Hacker Just Arrested by Russia

In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “Wazawaka,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The U.S. government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest. Last week, the Russian government […]

Why Phishers Love New TLDs Like .shop, .top and .xyz

Phishing attacks increased nearly 40 percent in the year ending August 2024, with much of that growth concentrated at a small number of new generic top-level domains (gTLDs) — such as .shop, .top, .xyz — that attract scammers with rock-bottom prices and no meaningful registration requirements, new research finds. Meanwhile, the nonprofit entity that oversees […]

Hacker in Snowflake Extortions May Be a U.S. Soldier

Two men have been arrested for allegedly stealing data from and extorting dozens of companies that used the cloud data storage company Snowflake, but a third suspect — a prolific hacker known as Kiberphant0m — remains at large and continues to publicly extort victims. However, this person’s identity may not remain a secret for long: […]

Scratching the Surface of Rhysida Ransomware

A few days ago, I was scrolling through Twitter and came across a post by the MalwareHunterTeam briefly discussing a new Ransomware group – Rhysida. A lack of results from a Google search shows this is a newer group prepping to start operations. I grabbed a sample and downloaded it, and the executable confirmed that this group is indeed in its early stages based on the breadth of print debugging and the lack of a victim target in the ransom note. This appeared to be a pre-finished test file. Here’s what I found. Original File Name: fury_ctm1042.bin MD5: 0c8e88877383ccd23a755f429006b437 SHA1

Cybersecurity News: A Trio of Vulnerabilities, BreachForums Admin Arrested, Hundreds of Ransomware Victims, and The Rise of AI

This post arrives later than usual, but as they say, “Better late than never.” Researchers and the media have highlighted various unique, interesting, or destructive vulnerabilities in the last few weeks. We decided to pick three of these vulnerabilities and talk about them. One was patched with Microsoft’s Patch Tuesday in March; another affects the privacy of almost everyone, and the CL0P ransomware group leveraged the third vulnerability to infect well over 100 victims. We wanted to highlight another vulnerability – BingBang – that allowed Cloud Security Researcher, Hillai Ben-Sasson, to