cybercrime – SSL and internet security news

Cloudflare Reports that Almost 7% of All Internet Traffic Is Malicious

July 17, 2024 infossl

cybercrime, denial of service, internet, Security technology, Uncategorized

6.8%, to be precise. From ZDNet: However, Distributed Denial of Service (DDoS) attacks continue to be cybercriminals’ weapon of choice, making up over 37% of all mitigated traffic. The scale of these attacks is staggering. In the first quarter of 2024 alone, Cloudflare blocked 4.5 million unique DDoS attacks. That total is nearly a third … Read More “Cloudflare Reports that Almost 7% of All Internet Traffic Is Malicious” »

The Justice Department Took Down the 911 S5 Botnet

June 7, 2024 infossl

botnets, courts, COVID-19, crime, cybercrime, malware, Security technology, Uncategorized

The US Justice Department has dismantled an enormous botnet: According to an indictment unsealed on May 24, from 2014 through July 2022, Wang and others are alleged to have created and disseminated malware to compromise and amass a network of millions of residential Windows computers worldwide. These devices were associated with more than 19 million … Read More “The Justice Department Took Down the 911 S5 Botnet” »

How Criminals Are Using Generative AI

May 9, 2024 infossl

artificial intelligence, cybercrime, LLM, Security technology, Uncategorized

There’s a new report on how criminals are using generative AI tools: Key Takeaways: Adoption rates of AI technologies among criminals lag behind the rates of their industry counterparts because of the evolving nature of cybercrime. Compared to last year, criminals seem to have abandoned any attempt at training real criminal large language models (LLMs). … Read More “How Criminals Are Using Generative AI” »

The Hacker Tool to Get Personal Data from Credit Bureaus

September 7, 2023 infossl

cybercrime, data collection, doxing, finance, law enforcement, Security technology, Uncategorized

The new site 404 Media has a good article on how hackers are cheaply getting personal information from credit bureaus: This is the result of a secret weapon criminals are selling access to online that appears to tap into an especially powerful set of data: the target’s credit header. This is personal information that the … Read More “The Hacker Tool to Get Personal Data from Credit Bureaus” »

UPS Data Harvested for SMS Phishing Attacks

June 23, 2023 infossl

cybercrime, phishing, phones, Security technology, sms, spam, Uncategorized

I get UPS phishing spam on my phone all the time. I never click on it, because it’s so obviously spam. Turns out that hackers have been harvesting actual UPS delivery data from a Canadian tracking tool for its phishing SMSs. Powered by WPeMatico

EFF on the UN Cybercrime Treaty

April 19, 2023 infossl

cybercrime, laws, Security technology, treaties, un, Uncategorized

EFF has a good explainer on the problems with the new UN Cybercrime Treaty, currently being negotiated in Vienna. The draft treaty has the potential to rewrite criminal laws around the world, possibly adding over 30 criminal offenses and new expansive police powers for both domestic and international criminal investigations. […] While we don’t think … Read More “EFF on the UN Cybercrime Treaty” »

FBI (and Others) Shut Down Genesis Market

April 5, 2023 infossl

botnets, credentials, cybercrime, fbi, law enforcement, Security technology, Uncategorized

Genesis Market is shut down: Active since 2018, Genesis Market’s slogan was, “Our store sells bots with logs, cookies, and their real fingerprints.” Customers could search for infected systems with a variety of options, including by Internet address or by specific domain names associated with stolen credentials. But earlier today, multiple domains associated with Genesis … Read More “FBI (and Others) Shut Down Genesis Market” »

UK Runs Fake DDoS-for-Hire Sites

April 3, 2023 infossl

cybercrime, denial of service, Security technology, uk, Uncategorized

Brian Krebs is reporting that the UK’s National Crime Agency is setting up fake DDoS-for-hire sites as part of a sting operation: The NCA says all of its fake so-called “booter” or “stresser” sites - which have so far been accessed by several thousand people—have been created to look like they offer the tools and … Read More “UK Runs Fake DDoS-for-Hire Sites” »

Malware Delivered through Google Search

February 7, 2023 infossl

cybercrime, google, malware, Security technology, Uncategorized

Criminals using Google search ads to deliver malware isn’t new, but Ars Technica declared that the problem has become much worse recently. The surge is coming from numerous malware families, including AuroraStealer, IcedID, Meta Stealer, RedLine Stealer, Vidar, Formbook, and XLoader. In the past, these families typically relied on phishing and malicious spam that attached … Read More “Malware Delivered through Google Search” »

Ransomware Payments Are Down

January 31, 2023 infossl

crime, cryptocurrency, cybercrime, extortion, ransomware, Security technology, Uncategorized

Chainalysis reports that worldwide ransomware payments were down in 2022. Ransomware attackers extorted at least $456.8 million from victims in 2022, down from $765.6 million the year before. As always, we have to caveat these findings by noting that the true totals are much higher, as there are cryptocurrency addresses controlled by ransomware attackers that … Read More “Ransomware Payments Are Down” »