Cybercrime Archives

Identity lapses ensnared organizations at scale in 2024

Cisco Talos observed identity-based attacks in 60% of the incidents it responded to last year.

10 hours ago By Matt Kapko

The money earned by remote North Korean IT workers is funding the North Korean weapons programs. (Getty Images)

The North Korea worker problem is bigger than you think

The yearslong scheme goes much deeper than contract work, extending to roles beyond traditional IT and sometimes granting the insider threat “keys to the kingdom,” DTEX President…

1 day ago By Matt Kapko

Traffic streaks past the Department of Justice (DOJ) headquarters building late in the evening on May 18, 2024 in Washington, DC. (Photo by J. David Ake/Getty Images)

Canadian citizen allegedly involved in Snowflake attacks consents to extradition to US

Connor Moucka, a 26-year-old arrested at the behest of U.S. authorities in October in Kitchener, Ontario, faces 20 federal charges.

Mar 24, 2025 By Matt Kapko

Safe Mode

Allie Bohan on how to handle the non-technical side of a ransomware attack

FTI Consulting’s Allie Bohan

Mar 20, 2025 By CyberScoop Staff

Nation-state groups hit hundreds of organizations with Microsoft Windows zero-day

Trend Micro researchers discovered and reported the eight-year-old defect to Microsoft six months ago. The company hasn’t made any commitments to patch or remediate the issue.

Mar 20, 2025 By Matt Kapko

Infostealers fueled cyberattacks and snagged 2.1B credentials last year

Inexpensive information-stealing malware surged in 2024, infecting 23 million hosts, according to Flashpoint.

Mar 18, 2025 By Matt Kapko

A picture of a toll booth in New Jersey. Scammers have been sending text messages about unpaid toll violations. (Getty Images)

Who is sending those scammy text messages about unpaid tolls?

The latest smishing scam follows a familiar process as ones the industry has seen over the past decade.

Mar 17, 2025 By Matt Kapko

In this picture taken near the truce village of Panmunjom inside the demilitarized zone (DMZ) separating the two Koreas, a bird flies near a North Korean flag fluttering in the wind at the propaganda village of Gijungdong in North Korea on October 4, 2022. (Photo by ANTHONY WALLACE/AFP via Getty Images)

Lazarus Group deceives developers with 6 new malicious npm packages

Socket researchers said the malware-ridden packages were collectively downloaded over 330 times. GitHub removed all of the malicious packages Wednesday.

Mar 12, 2025 By Matt Kapko

The Stop CSAM Act, first introduced in 2023 by Sens. Josh Hawley, R-Mo., (above) and Dick Durbin, D-Ill., would impose several new requirements on companies to prevent the hosting and distribution of child sexual abuse material on their platforms.

Legislative push for child online safety runs afoul of encryption advocates (again)

The Stop CSAM Act would compel companies to curb online child sexual abuse material, but critics argue it would also weaken encrypted services for all users.

Mar 12, 2025 By Derek B. Johnson

External researchers can’t determine the originating IP addresses for the flood of malicious traffic that hit X’s servers without direct access to X’s systems. (Photo by KIRILL KUDRYAVTSEV/AFP via Getty Images)

X suffered a DDoS attack. Its CEO and security researchers can’t agree on who did it.

X’s wave of outages resembled a DDoS attack and Dark Storm Team, a prolific threat group specializing in such attacks, claimed responsibility.

Mar 11, 2025 By Matt Kapko