Rise of RansomHub: A Resurgent Threat in Cybercrime The RansomHub ransomware-as-a-service (RaaS) group has emerged as a significant player in the cybercrime landscape, capitalizing on previously patched vulnerabilities in Microsoft Active Directory and the Netlogon protocol to facilitate unauthorized access to victim networks. Recent analyses highlight the group’s ability to…
A US-based fintech company, FinWise, has alerted its customers about a potential data breach stemming from an insider threat. The organization, which facilitates loans on behalf of various American financial institutions, disclosed that a former employee accessed sensitive customer information after their departure from the company. According to filings made…
Serious Security Flaw Discovered in AMI’s MegaRAC BMC Software A significant security vulnerability has been identified within AMI’s MegaRAC Baseboard Management Controller (BMC) software, which allows malicious actors to bypass authentication processes and execute unauthorized actions on affected systems. This vulnerability is classified as CVE-2024-54085, and it has been assigned…
The rise of the InterPlanetary Filesystem (IPFS) has been both beneficial and problematic, particularly as it has surfaced as a platform leveraged by cybercriminals for various malicious activities. According to a recent analysis from Cisco Talos researcher Edmund Brumaghin, numerous phishing campaigns are exploiting IPFS to host malware, phishing kits,…
Cybercrime, Fraud Management & Cybercrime Prosecutors Seek 188-Month Sentence for Conor ‘Pompompurin’ Fitzpatrick David Perera (@daveperera) • September 16, 2025 The U.S. District Court for the Eastern District of Virginia. (Image: DCStockPhotography/Shutterstock) Conor Brian Fitzpatrick, the founder of the first iteration of the BreachForums cybercrime forum, received a three-year prison…
Sure! Here’s a rewritten version of the provided content, tailored for a US-based, tech-savvy professional audience: Evaluating Additional VPN Providers Recent assessments have revealed significant insights into various VPN providers, underscoring contrasting capabilities in speed, privacy, and overall user experience. Private Internet Access (PIA) has established itself as a longstanding…
Advancements in social engineering are rapidly evolving alongside generative AI technology, providing cybercriminals with sophisticated tools to infiltrate organizations. Recent statements from the FBI have underscored the need for heightened vigilance, noting that as technology evolves, so too do the tactics employed by cyber adversaries. This article delves into the…
Property Business Australia Targeted in Kairos Ransomware Breach The Sydney-based real estate agency, The Property Business Australia, has reportedly fallen victim to a breach attributed to the Kairos ransomware group, which claims to have stolen sensitive data belonging to both agents and tenants. This incident highlights the increasing threats faced…
On March 18, 2025, the U.S. Cybersecurity and Infrastructure Security Agency (CISA) announced the inclusion of a high-severity vulnerability in its Known Exploited Vulnerabilities (KEV) catalog. This vulnerability is associated with a supply chain compromise affecting the GitHub Action known as tj-actions The vulnerability, identified as CVE-2025-30066, has been assigned…
