In recent years, cybercrime has transformed into a sophisticated and structured enterprise. A particularly concerning trend is the rise of “Fraud-As-A-Service” (FaaS), a term used by criminal syndicates to describe their illicit offerings. This model allows cybercriminals to provide a service-based framework, equipping other malefactors with tools and resources necessary…
Anti-Phishing, DMARC, Cybercrime, Fraud Management & Cybercrime Astaroth Kit Available for $2,000 on Telegram, Capable of Real-Time Authentication Interception Prajeet Nair (@prajeetspeaks) • February 13, 2025 Researchers have identified a phishing kit named Astaroth that employs session hijacking to circumvent two-factor authentication. (Image: Shutterstock) A recently emerged phishing kit, Astaroth,…
Zero-Day Vulnerability Discovered in 7-Zip Amid Ongoing Conflict in Ukraine In recent developments, security researchers have identified a zero-day vulnerability in the widely used 7-Zip archiving application, which has reportedly been exploited in connection with Russia’s military operations in Ukraine. The vulnerability poses a significant security risk, as it allows…
This report covers topics such as Data Breach Notification, Data Security, and Fraud Management & Cybercrime. LockBit and BlackCat/ALPHV Decline Linked with Diminishing Big-Game Hunting Mathew J. Schwartz (euroinfosec) • February 6, 2025 While ransomware remains a lucrative avenue for operators, 2024 has seen a significant downturn in the financial…
Fraud Management & Cybercrime, Healthcare, Incident & Breach Response Attack Costs UnitedHealth Group a Staggering $3.1 Billion Mathew J. Schwartz (euroinfosec) • January 27, 2025 Change Healthcare has reported a drastic increase in the number of breach victims, now estimated at 190 million, marking one of the most significant data…
Title: Addressing the Surge in Investment Scams: Insights from Fraud Specialist Ken Westbrook The FBI has reported a stunning 38% increase in losses attributed to investment scams in the past year, highlighting a troubling trend in cybercrime. Ken Westbrook, founder and CEO of Stop Scams Alliance, identified that scammers are…
The British government is currently contemplating new legislation aimed at addressing the persistent issue of ransomware attacks. This proposed regulation would mandate that organizations report all payments made to ransomware groups and additionally prohibit public sector entities from paying such extortion demands altogether. Targeting critical national infrastructure and public sector…
Fraud Management & Cybercrime, Ransomware, Regulation Also: Integrating AML and Fraud Initiatives; the Global AI Arms Race Anna Delaney (annamadeline) • January 17, 2025 Clockwise, from top left: Anna Delaney, Mathew Schwartz, Suparna Goswami, and Tony Morbin This week, editors at ISMG convened to analyze a proposal in the U.K.…
Cyberwarfare / Nation-State Attacks, Fraud Management & Cybercrime, Standards, Regulations & Compliance U.S. Treasury Implements Sanctions Amid Cybersecurity Breaches David Perera (@daveperera) • January 17, 2025 Image: Shutterstock On January 17, 2025, the U.S. federal government announced that it has successfully traced intrusions by Chinese hackers targeting telecommunications networks back…
