A criminal complaint was unsealed today in federal court in Brooklyn charging Sagar Steven Singh and Nicholas Ceraolo with wire fraud and conspiracy to commit computer intrusions.  The charges stem from Singh’s and Ceraolo’s efforts to extort victims by threatening to release their personal information online. The post COURT DOC: ... Read More

The Justice Department announced today a coordinated international takedown of ChipMixer, a darknet cryptocurrency 'mixing' service responsible for laundering more than $3 billion worth of cryptocurrency, between 2017 and the present, in furtherance of, among other activities, ransomware, darknet market, fraud, cryptocurrency heists and other hacking schemes. The post COURT ... Read More

Managed attribution has become a powerful technique for organizations to gather intelligence and protect themselves from cyber threats. By using a variety of tools and techniques to conceal their activities, organizations can gather information without exposing their identity or intentions. The post Protecting Your Organization’s Digital Identity: A Guide to ... Read More

A clear riff on the growing presence of private military companies in Russia (primarily the Wagner Group), Killmilk’s so-called 'Private Military Hacking Company' is an apparent overture to Russia to leverage its services The post ‘Black Skills’ Is Killnet’s Attempt to Form a ‘Private Military Hacking Company’ appeared first on Flashpoint ... Read More

Flashpoint has observed two major discrepancies with CVE-2022-35914 and CVE-2022-33891. Security teams need to be aware that despite following vendor instructions, certain organizations may still be at risk due to the root causes of each vulnerability. The post Recent CISA KEV Additions Include Silent Fixes and Unpatched Vulnerabilities appeared first ... Read More

As part of an international law enforcement effort, federal authorities in Los Angeles this week seized an internet domain that was used to sell computer malware used by cybercriminals to take control of infected computers and steal a wide array of information. The post COURT DOC: Federal Authorities Seize Internet ... Read More

While evaluating the behavior of Bitwarden, a popular password manager browser extension, Flashpoint’s Vulnerability Research team noticed that embedded iframes in a web page were handled in an atypical manner. The post Bitwarden: The Curious (Use-)Case of Password Pilfering appeared first on Flashpoint ... Read More

In December 2022, a private loader named "AresLoader" was advertised for sale on the top-tier Russian-language hacking forum XSS by a threat actor going by the name "DarkBLUP". The post Private Malware for Sale: A Closer Look at AresLoader appeared first on Flashpoint ... Read More

What we know about the most recent BidenCash dump, and what it means in the context of the greater card shop threat landscape. The post Card Shop Threat Landscape: BidenCash Dumps 2.1M Stolen Credit Cards appeared first on Flashpoint ... Read More

As the volume of data continues to grow, it's important to have tools that can help derive meaningful insights from this data. Natural language processing (NLP) is one such tool that's becoming increasingly valuable for intelligence tasks. The post Why Natural Language Processing Is Crucial for Open-Source Intelligence Analysts appeared ... Read More