Spanish authorities arrested three senior executives of the now-defunct cryptocurrency exchange platform Bitzlato, Europol announced. The crime coordination agency says about 46% of the assets exchanged through Bitzlato, worth roughly 1 billion euros, were linked to criminal activities.
Cybersecurity researchers say a Chinese for-profit threat group tracked as 8220 Gang is targeting cloud providers and poorly secured applications with a custom-built crypto miner and IRC bot. The malware can slow system performance, drive up costs and expose systems to security risks.
Competition between rival Russian-language darknet markets remains fierce since police shuttered Hydra last year. The latest to fall dark is Solaris, which controlled an estimated 25% of the darknet drug trade. It got hacked by newcomer rival Kraken. But that wasn't Solaris' only problem.
RiskRecon recently studied the impact of destructive ransomware incidents and the unique tie between ransomware susceptibility and an organization's cybersecurity posture. Kelly White of RiskRecon discusses the findings and how to use them to help secure the digital supply chain.
The total amount of ransom payments being sent by victims to ransomware groups appears to have taken a big dip, declining by 40% from $766 million in 2021 to $457 million in 2022 due to victims simply being unwilling to pay, blockchain intelligence firm Chainalysis reports.
The former head of the U.K.'s National Cyber Security Centre warns that destructive ransomware targeting large enterprises is likely to surge in 2023, adding that recent attacks on Royal Mail and The Guardian newspaper are examples of these early-stage attacks.
An international sting operation on Tuesday shut down the operations of cryptocurrency exchange Bitzlato Ltd. as FBI agents hauled co-founder Anatoly Legkodymov into a Miami jail to face U.S. federal charges of conducting an unlicensed money-transmitting business.
The notorious LockBit 3.0 ransomware group runs just like a business, focusing on recruiting top talent and maintaining an advanced product - which has led to the group's longevity. But the operators' insecurities could be key to the group's undoing, says security researcher Jon DiMaggio.
Authorized payment scams are growing, and regulators, lawmakers and banks are taking note. As some banks look at ways to reimburse customers for Zelle scams in 2023, experts expect technology vendors to focus on creating new solutions to detect scams and prevent such payments from being made.
Sift has landed top Ping Identity lieutenant Kris Nagel as its new CEO and tasked him with driving more account takeover and bot detection engagements. The San Francisco-based digital trust and safety vendor has directed Nagel to build out more technology partnerships in the fraud community.
In the latest weekly update, ISMG editors discuss how online markets selling illegal substances are moving to Android apps to evade authorities, how check fraud, first-party and AI-related fraud will increase in 2023, and how Chinese state-sponsored actors may benefit from Russia's war in Ukraine.
As regulators push healthcare entities and vendors to make it easier for patients to access their electronic health information, organizations must balance compliance with the prevention of potential security breaches, says attorney David Holtzman of HITprivacy LLC.
Hackers are going downstream in their attacks on healthcare sector entities and their third-party business associates because in many cases, these cybercriminals have already hit up the larger players, says Michael Hamilton, CISO of security firm Critical Insight.
Darknet markets offering illegal drugs and fraudster tools and services are thriving, despite the constant threat of law enforcement infiltration, disruption, takedown and arrests. In response, multiple drug markets have launched customized Android apps to handle buying, selling and fulfillment.
Researchers have found that Kinsing malware gained access to Kubernetes servers by exploiting misconfigured and exposed PostgreSQL servers. The threat actors gained access by exploiting weakly configured PostgreSQL containers and vulnerable container images.