Cybersecurity

Feds accuse founders of cryptocurrency mixer of ‘large-scale money laundering’

The two founders of a cryptocurrency mixing service that allegedly obfuscated the origins of at least $100 million in criminal proceeds have been arrested, the Department of Justice announced Wednesday.  Since 2015, Samourai Wallet has been used to launder illicit funds under the guise of being a legal privacy-minded service, the DOJ said. Its founders, […]

Cybersecurity

Global Police Operation Disrupts ‘LabHost’ Phishing Service, Over 30 Arrested Worldwide

As many as 37 individuals have been arrested as part of an international crackdown on a cybercrime service called LabHost that has been used by criminal actors to steal personal credentials from victims around the world. Described as one of the largest Phishing-as-a-Service (PhaaS) providers, LabHost offered phishing pages targeting banks, high-profile organizations, and other […]

Cybersecurity

Fake Lawsuit Threat Exposes Privnote Phishing Sites – Krebs on Security

A cybercrook who has been setting up websites that mimic the self-destructing message service privnote.com accidentally exposed the breadth of their operations recently when they threatened to sue a software company. The disclosure revealed a profitable network of phishing sites that behave and look like the real Privnote, except that any messages containing cryptocurrency addresses […]

Cybersecurity

Tycoon and Storm-1575 Linked to Phishing Attacks on US Schools

Tycoon and Storm-1575 groups are identified as key players, with Tycoon offering MFA bypass as a service and Storm-1575 targeting Microsoft 365 credentials. Public schools across the United States are facing a surge in sophisticated phishing campaigns, according to a new report by PIXM, a cybersecurity firm specializing in artificial intelligence solutions. Threat actors launch […]

Cybersecurity

CISA adds Microsoft Streaming Service bug to its Known Exploited Vulnerabilities catalog

CISA adds Microsoft Streaming Service bug to its Known Exploited Vulnerabilities catalog Pierluigi Paganini March 01, 2024 U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft Streaming Service vulnerability to its Known Exploited Vulnerabilities catalog. The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2023-29360 (CVSS Score 8.4) Microsoft Streaming Service Untrusted pointer dereference vulnerability […]