securityskeptic :donor: :verified:<p>Our latest quarterly phishing activity reports are available at the Cybercrime Information Center.</p><p>For the TL;DR; folks... Phishers were busy during the holidays.</p><p>Phishing Activity: November 2024 - 31 January 2025<br><a href="https://interisle.substack.com/p/phishing-activity-november-2024-31" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">interisle.substack.com/p/phish</span><span class="invisible">ing-activity-november-2024-31</span></a></p><p><a href="https://infosec.exchange/tags/dnsabuse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dnsabuse</span></a> <a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>phishing</span></a> <a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybercrime</span></a></p>
Recent searches
No recent searches
Search options
Only available when logged in.
okla.social is one of the many independent Mastodon servers you can use to participate in the fediverse.
Oklahoma... we're trying ya'll
Administered by:
Server stats:
33active users
okla.social: About · Status · Profiles directory · Privacy policy
Mastodon: About · Get the app · Keyboard shortcuts · View source code · v4.3.6
#cybercrime
12 posts · 11 participants · 0 posts today
Cybernews<p>Babuk ransomware, a cybercrime ring that targets major enterprises, has posted unverified claims about a massive data breach at Orange.</p><p><a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ransomware</span></a> <a href="https://infosec.exchange/tags/Orange" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Orange</span></a> <a href="https://infosec.exchange/tags/databreach" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>databreach</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybercrime</span></a> </p><p><a href="https://cnews.link/hackers-threaten-release-of-orange-clients-data-3/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cnews.link/hackers-threaten-re</span><span class="invisible">lease-of-orange-clients-data-3/</span></a></p>
Andrew 🌻 Brandt 🐇<p>I am proud to announce that I have been invited to join the board of World Cyber Health, the parent organization of the <a href="https://infosec.exchange/tags/MalwareVillage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MalwareVillage</span></a> (proposed at <a href="https://infosec.exchange/tags/DEFCON" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DEFCON</span></a> 33, coming soon to a <a href="https://infosec.exchange/tags/BSides" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BSides</span></a> or other conferences near you). Malware Village will host talks, contests, and workshops to educate and encourage more people to join the malware analysis field.</p><p>I continue to work to support those inside and outside the cybersecurity community with a spinoff WCH project called NO HAVOC (<a href="https://no-havoc.org/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">no-havoc.org/</span><span class="invisible"></span></a>), a cybersecurity "911" service where cybercrime victims can be directed to support services in their region of the world. </p><p>We are here to rescue us. Nobody else is going to save us.</p><p><a href="https://infosec.exchange/tags/MutualAid" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MutualAid</span></a> <a href="https://infosec.exchange/tags/WorldCyberHealth" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WorldCyberHealth</span></a> <a href="https://infosec.exchange/tags/WCH" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>WCH</span></a> <a href="https://infosec.exchange/tags/MalwareVillage" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>MalwareVillage</span></a> <a href="https://infosec.exchange/tags/DEFCON" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DEFCON</span></a> <a href="https://infosec.exchange/tags/DEFCON33" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>DEFCON33</span></a> <a href="https://infosec.exchange/tags/BSides" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>BSides</span></a> <a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a> <a href="https://infosec.exchange/tags/training" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>training</span></a> <a href="https://infosec.exchange/tags/education" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>education</span></a> <a href="https://infosec.exchange/tags/CyberCrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberCrime</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a></p>
The DefendOps Diaries<p>The Evolving Threat of Phishing Scams: A Case Study on Coinbase Users</p><p><a href="https://thedefendopsdiaries.com/the-evolving-threat-of-phishing-scams-a-case-study-on-coinbase-users/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thedefendopsdiaries.com/the-ev</span><span class="invisible">olving-threat-of-phishing-scams-a-case-study-on-coinbase-users/</span></a></p><p><a href="https://infosec.exchange/tags/phishingscams" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>phishingscams</span></a><br><a href="https://infosec.exchange/tags/coinbase" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>coinbase</span></a><br><a href="https://infosec.exchange/tags/cryptosecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cryptosecurity</span></a><br><a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybercrime</span></a><br><a href="https://infosec.exchange/tags/socialengineering" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>socialengineering</span></a></p>
Kevin Karhan :verified:<p><em>Yikes</em> the <a href="https://infosec.space/tags/NCA" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NCA</span></a> is really <a href="https://infosec.space/tags/cringe" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cringe</span></a> af!</p><p><a href="https://www.youtube.com/watch?v=Bi11B4xtHSY&t=211s" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">youtube.com/watch?v=Bi11B4xtHS</span><span class="invisible">Y&t=211s</span></a></p><p><a href="https://infosec.space/tags/Police" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Police</span></a> <a href="https://infosec.space/tags/UK" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>UK</span></a> <a href="https://infosec.space/tags/Copaganda" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Copaganda</span></a> <a href="https://infosec.space/tags/CyberCrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>CyberCrime</span></a></p>
securityskeptic :donor: :verified:<p>Interisle posts quarterly phishing, spam, and malware activity reports at the Cybercrime Information Center (<a href="https://cybercrimeinfocenter.org/phishing-activity" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cybercrimeinfocenter.org/phish</span><span class="invisible">ing-activity</span></a>).</p><p>Monthly activity briefs for these cybercrimes will now be shared via Interisle.substack.com. </p><p>Cybercrime Report: January 2025<br><a href="https://interisle.substack.com/p/cybercrime-report-january-2025" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">interisle.substack.com/p/cyber</span><span class="invisible">crime-report-january-2025</span></a></p><p><a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>phishing</span></a> <a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybercrime</span></a> <a href="https://infosec.exchange/tags/dnsabuse" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dnsabuse</span></a> <a href="https://infosec.exchange/tags/dns" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dns</span></a></p>
The DefendOps Diaries<p>International Cooperation in Combating Cybercrime: The Extradition of Rostislav Panev</p><p><a href="https://thedefendopsdiaries.com/international-cooperation-in-combating-cybercrime-the-extradition-of-rostislav-panev/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thedefendopsdiaries.com/intern</span><span class="invisible">ational-cooperation-in-combating-cybercrime-the-extradition-of-rostislav-panev/</span></a></p><p><a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybercrime</span></a><br><a href="https://infosec.exchange/tags/internationalcooperation" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>internationalcooperation</span></a><br><a href="https://infosec.exchange/tags/lockbitransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>lockbitransomware</span></a><br><a href="https://infosec.exchange/tags/extradition" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>extradition</span></a><br><a href="https://infosec.exchange/tags/cybersecuritynews" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecuritynews</span></a></p>
0x40k<p>Ugh, that dreaded download button is back! 😈 Cracked software can seem tempting at first, right? But honestly, more often than not, it brings a whole lot more trouble than it's worth. This MassJacker thing is just outrageous. It snatches your crypto address straight from your clipboard – poof, money gone! 💸</p><p>Being a pentester, I gotta say: be super careful about where you're getting your software (or *not* getting it, if you catch my drift 😉). It's definitely better to go the legal and secure route, rather than ending up broke and on the wrong side of the law. Make sure you check your hashes, scan those downloads, and keep your antivirus software updated. And most importantly, don't forget to use your common sense! 🤔</p><p>What are some of your craziest download fail stories? Spill the beans! 👇 <a href="https://infosec.exchange/tags/SecurityAwareness" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>SecurityAwareness</span></a> <a href="https://infosec.exchange/tags/Pentesting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Pentesting</span></a> <a href="https://infosec.exchange/tags/Cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybercrime</span></a></p>
Infoblox Threat Intel<p>Threat actors often have their favorite TLDs. This month we've found the following TLDs to have the highest risk. The top 5 retain their spot from last month, with the TLD .bond topping the chart with a risk score of 10. This is rare and only happens when the percentage of risky domains is at least 4.5 standard deviations above the mean. Congratulations, I guess?</p><p>An explanation and minimum-working-example of our reputation algorithm can be found here: <a href="https://blogs.infoblox.com/threat-intelligence/reliable-reputation-scoring/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">blogs.infoblox.com/threat-inte</span><span class="invisible">lligence/reliable-reputation-scoring/</span></a></p><p><a href="https://infosec.exchange/tags/dns" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dns</span></a> <a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>threatintel</span></a> <a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybercrime</span></a> <a href="https://infosec.exchange/tags/threatintelligence" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>threatintelligence</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infoblox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infoblox</span></a> <a href="https://infosec.exchange/tags/infobloxthreatintel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infobloxthreatintel</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a></p>
securityskeptic :donor: :verified:<p>In anticipation of the completion of ICANN policy activity for the New gTLD Program: Next Round, the Interisle team looked again at our 2024 Cybercrime Supply Chain study. Using the same data, we offer additional measurements, metrics and observations here to further inform ICANN and other policy makers as they consider policy for Round 2.</p><p><a href="https://interisle.substack.com/p/icann-consider-cybercrime-data-before" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">interisle.substack.com/p/icann</span><span class="invisible">-consider-cybercrime-data-before</span></a></p><p><a href="https://infosec.exchange/tags/icann" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>icann</span></a> <a href="https://infosec.exchange/tags/dns" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dns</span></a> <a href="https://infosec.exchange/tags/domainnames" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>domainnames</span></a> <a href="https://infosec.exchange/tags/TLD" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>TLD</span></a> <a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybercrime</span></a></p>
Erik van Straten<p><span class="h-card" translate="no"><a href="https://mastodon.nl/@ErikSchouten73" class="u-url mention" rel="nofollow noopener noreferrer" target="_blank">@<span>ErikSchouten73</span></a></span> : zie ook <a href="https://www.security.nl/posting/879497/Logius+waarschuwt+voor+malafide+brieven+over+activeren+van+DigiD" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">security.nl/posting/879497/Log</span><span class="invisible">ius+waarschuwt+voor+malafide+brieven+over+activeren+van+DigiD</span></a>.</p><p>Daaronder (in <a href="https://security.nl/posting/879531" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="">security.nl/posting/879531</span><span class="invisible"></span></a>) geef ik voorbeelden van websitenamen (ook bekend als domeinnamen) van criminele websites die op slechts één Russische server draaien. Een screenshot van de tabel met die namen ziet u hieronder.</p><p>Het is een schandaal dat niemand hier iets tegen onderneemt, en dat criminelen probleemloos websites met dit soort (duidelijk misleidende) domeinnamen kunnen registreren. Erger is dat zij hier, bij herhaling en voor een duidelijk criminele server, website-certificaten voor kunnen verkrijgen.</p><p>Een grof schandaal daarbij is het dat de makers van (vooral mobiele) browsers u de mogelijkheid hebben ontnomen om certificaten überhaupt in hun geheel te bekijken (*), zodat u kunt zien of het om een anoniem (Domain Validated) certificaat gaat, of om eentje waarbij de identiteit van de verantwoordelijke voor de website is vastgesteld (dat hoeft niets te zeggen over de betrouwbaarheid van de website, maar u weet dan wel bij wie u verhaal kunt halen als u bedonderd wordt, en *dát* is voor veel website-verantwoordelijken een drijfveer om wél eerlijk te zijn).</p><p>(*) Dat is om de winsten van Big Tech te maximaliseren. Als mensen verschillen tussen authentieke (echte) en grotendeels anonieme (low cost) flutwebsites zouden zien, zouden flutwebsites veel minder worden bezocht, en dan zou Big Tech minder verdienen aan goedkope hosting en het verhuren van domeinnamen. Helaas: als je anonieme flutwebsites toestaat, maken cybercriminelen daar handig misbruik van.</p><p>In de tabel hieronder, per regel, van links naar rechts:<br>• Datum waarop de domeinnaam naar 193.143.1.14 verwees (notatie: jjmmdd);</p><p>• Aantal (van 94) virus/malwarescanners dat op 11 maart kwaad in de domeinnaam (per nepsite wijzigt dit aantal soms per dag; het duurt vaak dagen en soms weken voordat het maximale aantal virusscanners kwaad ziet in een website, en om hun lijst met foute sites niet eindeloos te laten groeien worden wat oudere foute sites snel geschrapt);</p><p>• De domeinnaam zelf (ik heb steeds ".com" vervangen door "·com", met een hoger liggende punt, om onbedoeld openen te voorkómen).</p><p><a href="https://infosec.exchange/tags/Phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Phishing</span></a> <a href="https://infosec.exchange/tags/Identiteitsfraude" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Identiteitsfraude</span></a> <a href="https://infosec.exchange/tags/Cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Cybercrime</span></a> <a href="https://infosec.exchange/tags/Impersonatie" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Impersonatie</span></a> <a href="https://infosec.exchange/tags/OnlineOplichting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>OnlineOplichting</span></a> <a href="https://infosec.exchange/tags/Oplichting" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Oplichting</span></a> <a href="https://infosec.exchange/tags/NepNietVanEchtKunnenOnderscheiden" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>NepNietVanEchtKunnenOnderscheiden</span></a> <a href="https://infosec.exchange/tags/EchtNietVanNepKunnenOnderscheiden" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>EchtNietVanNepKunnenOnderscheiden</span></a></p>
Cybernews<p>A Chinese cyberespionage group is targeting Juniper routers with custom backdoors for outdated hardware.</p><p><a href="https://infosec.exchange/tags/China" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>China</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/cyberattack" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cyberattack</span></a> <a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybercrime</span></a> <a href="https://infosec.exchange/tags/hardware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>hardware</span></a> </p><p><a href="https://cnews.link/juniper-routers-attacked-with-tinyshell-malware-1/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cnews.link/juniper-routers-att</span><span class="invisible">acked-with-tinyshell-malware-1/</span></a></p>
Scott Wilson<p>Wow, just got a super-shady Smishing message on my phone supposedly from "NC Quick Pass". Disclosure - I'm an NC Quick Pass customer, but this wasn't them. </p><p>Apparently, someone is registering malicious Domains for this campaign like crazy just today! See screenshots for more details.</p><p>If you receive a text or email like this, report it to Internet Crime Complaint Center (<a href="https://www.ic3.gov/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="">ic3.gov/</span><span class="invisible"></span></a>). </p><p>IoCs:<br>ncquickpass.com-rziu.xin<br>43.130.29.103<br>04d05978fdb111358073ab0524e5c1fafc0826615c206987618416b8bd8a4747<br>7808605ddd1f0eaa454aa444293d2f0260943e51e53838fca46506e6a69fe521<br>e4222715b556e7d99622c83e620d2f8e090047e56adb07923047f95828d561f2</p><p><a href="https://infosec.exchange/tags/smishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>smishing</span></a> <a href="https://infosec.exchange/tags/scams" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scams</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/spam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>spam</span></a> <a href="https://infosec.exchange/tags/ic3" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ic3</span></a> <a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybercrime</span></a></p>
Cybernews<p>Cl0p ransomware claims to have leaked Rackspace Technology files Monday.</p><p><a href="https://infosec.exchange/tags/ransomware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ransomware</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/US" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>US</span></a> <a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybercrime</span></a> </p><p><a href="https://cnews.link/rackspace-files-published-cl0p-ransomware-cleo-attacks-1/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cnews.link/rackspace-files-pub</span><span class="invisible">lished-cl0p-ransomware-cleo-attacks-1/</span></a></p>
The DefendOps Diaries<p>The Impact of AI on Cybercrime: Navigating the Dark Web</p><p><a href="https://thedefendopsdiaries.com/the-impact-of-ai-on-cybercrime-navigating-the-dark-web/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">thedefendopsdiaries.com/the-im</span><span class="invisible">pact-of-ai-on-cybercrime-navigating-the-dark-web/</span></a></p><p><a href="https://infosec.exchange/tags/ai" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>ai</span></a><br><a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybercrime</span></a><br><a href="https://infosec.exchange/tags/darkweb" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>darkweb</span></a><br><a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>phishing</span></a><br><a href="https://infosec.exchange/tags/malware" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>malware</span></a></p>
securityskeptic :donor: :verified:<p>Have you received an email or text about unpaid tolls? Interisle's Colin Strutt digs through our cybercrime data to see how domains used in these attacks are composed and who's behind them. </p><p><a href="https://interisle.substack.com/p/unpaid-toll-scams-continue-in-2025?r=59cehk" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">interisle.substack.com/p/unpai</span><span class="invisible">d-toll-scams-continue-in-2025?r=59cehk</span></a></p><p><a href="https://infosec.exchange/tags/phishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>phishing</span></a> <a href="https://infosec.exchange/tags/scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scam</span></a> <a href="https://infosec.exchange/tags/unpaidtollscam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>unpaidtollscam</span></a> <a href="https://infosec.exchange/tags/smishing" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>smishing</span></a> <a href="https://infosec.exchange/tags/spam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>spam</span></a> <a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybercrime</span></a></p>
Cyber Jobs<p><a href="https://www.cybersecurityjobsguide.com/booking-com-security-lapses/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://www.</span><span class="ellipsis">cybersecurityjobsguide.com/boo</span><span class="invisible">king-com-security-lapses/</span></a> <a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybercrime</span></a> <a href="https://infosec.exchange/tags/travel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>travel</span></a> scams</p>
Infoblox Threat Intel<p>We're currently tracking crypto, recruitment, and task scams that all share the same site structure, keeping their template designers busy 24/7, and appearing on thousands of fresh domains daily.<br> <br>While you may be familiar with their modus operandi, please take a moment to inform your less security-savvy friends and family with the warning signs:<br> <br>- Distributed via unsolicited job offers (more on this topic soon) and 'make money online' social media groups—sometimes even shared by other victims, including people you know, in the hope of increasing their earnings via referral bonuses.<br>- Promise high returns with seemingly little to no effort or risk, almost certainly too good to be true.<br>- Often abuse well-known brands to appear legitimate, with recent campaigns mimicking Adidas, Lidl and Macy's, among others.<br>- Start with requests for small payments that increase as the perceived earnings grow, with most transactions using the cryptocurrency Tether (USDT), a stablecoin linked to the US dollar.<br>- Scam domains are sometimes lookalikes, mimicking the legitimate brand, combined with numbers or generic terms like 'invest' or 'vip'.<br> <br>Scammers typically create a sense of urgency and pressure victims into acting quickly without thinking. Many will fall into the sunk cost fallacy, being made to feel that investing one more time will allow them to get their promised reward.<br> <br>The outcome can be devastating, with victims often reported as losing their life savings, racking up debts, and even unwittingly convincing other family members to participate in the scam.<br> <br>Recently observed examples of these shared structure investment scams have used lookalike domains registered through Alibaba and protected by Cloudflare:<br> <br>- `adidaso[.]top`<br>- `macys[.]name`<br>- `lidl02-vip[.]com`</p><p><a href="https://infosec.exchange/tags/scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scam</span></a> <a href="https://infosec.exchange/tags/investment" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>investment</span></a> <a href="https://infosec.exchange/tags/dns" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dns</span></a> <a href="https://infosec.exchange/tags/threatintel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>threatintel</span></a> <a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybercrime</span></a> <a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/infosec" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infosec</span></a> <a href="https://infosec.exchange/tags/infoblox" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infoblox</span></a> <a href="https://infosec.exchange/tags/infobloxthreatintel" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>infobloxthreatintel</span></a></p>
Cybernews<p>Cybercriminals started to exploit Trump's cryptocurrency to take over user devices in just two minutes.</p><p><a href="https://infosec.exchange/tags/cybersecurity" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybersecurity</span></a> <a href="https://infosec.exchange/tags/Trump" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>Trump</span></a> <a href="https://infosec.exchange/tags/crypto" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>crypto</span></a> <a href="https://infosec.exchange/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybercrime</span></a> </p><p><a href="https://cnews.link/trump-coin-scam-malware-1/" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">cnews.link/trump-coin-scam-mal</span><span class="invisible">ware-1/</span></a></p>
Peter N. M. Hansteen<p>The .cn domain name scams are *stilll* live and well - the article <a href="https://nxdomain.no/~peter/domain_name_scams_are_alive_and_well_thank_you.html" rel="nofollow noopener noreferrer" translate="no" target="_blank"><span class="invisible">https://</span><span class="ellipsis">nxdomain.no/~peter/domain_name</span><span class="invisible">_scams_are_alive_and_well_thank_you.html</span></a> updated with the latest scammer email data. <a href="https://mastodon.social/tags/dns" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>dns</span></a> <a href="https://mastodon.social/tags/scam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>scam</span></a> <a href="https://mastodon.social/tags/domainnamescam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>domainnamescam</span></a> <a href="https://mastodon.social/tags/cndomains" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cndomains</span></a> <a href="https://mastodon.social/tags/netprovider" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>netprovider</span></a>.com.cn <a href="https://mastodon.social/tags/spam" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>spam</span></a> <a href="https://mastodon.social/tags/cybercrime" class="mention hashtag" rel="nofollow noopener noreferrer" target="_blank">#<span>cybercrime</span></a></p>
ExploreLive feeds
Mastodon is the best way to keep up with what's happening.
Follow anyone across the fediverse and see it all in chronological order. No algorithms, ads, or clickbait in sight.
Create accountLoginDrag & drop to upload