X-Industry

The  Fortinet team recently investigated a cluster of virtual private servers (VPS) used for Monero mining.  The identified samples are associated with prior H2miner campaigns that researchers documented in 2020 and have since been updated with new configurations.  H2Miner is a Crypto mining botnet that has been active since late 2019.

Analysts also identified a new variant of the Lcryx ransomware, called Lcrypt0rx. Lcryx is a relatively new VBScript-based ransomware strain first observed in Nov

The Cybersecurity Team at SafetyDetectives has uncovered a post on a clear web forum where a threat actor claimed to be selling a database containing 61 million records allegedly belonging to Verizon customers.  The data, packaged in a 3.1 GB CSV/JSON file and dated as “2025,” was offered for purchase on a platform known for hosting discussions on database leaks, cracks, and downloads.  Clear web forums, accessible to anyone with an internet connection, are popular among hackers for sharing and

The month of July could barely have started any worse for some financial institutions in Brazil.  On 30 June 2025, C&M Software, a Brazilian company that provides a "bridge" helping the country's central bank connect to local banks, revealed that it had been hacked.  810,306,000 Brazilian reals (approximately US$140 million) were stolen from the reserve accounts of six financial institutions because of the security breach.

In the wake of the attack, which made news headlines in Brazil, the count

In April 2025, Huntabil.IT observed a targeted attack on a Web3 startup, attributing the incident to a DPRK threat actor group.  Several reports on social media at the time described similar incidents at other Web3 and Crypto organizations.  Analysis revealed an attack chain consisting of an eclectic mix of scripts and binaries written in AppleScript, C++, and Nim.  Although the early stages of the attack follow a familiar DPRK pattern using social engineering, lure scripts, and fake updates, th

Cybersecurity researchers have observed a surge in identity-driven cyberattacks targeting employee login credentials.   According to a new report by eSentire’s Threat Response Unit (TRU), between 2024 and the first quarter of 2025, 19,000 identity-related cyber investigations revealed a 156% increase in such threats compared to 2023.  These incidents now account for 59% of all confirmed threats across eSentire’s customer base of over 2000 organizations.[1]

One of the biggest enablers of this tre

I should not be writing this article in 2022, but sometimes the apparent need to be restated.  Reality has a way of asserting itself, irrespective of any personal or commercial choices we make, good or bad.  For example, recently, the city services of Antwerp in Belgium were the victim of a highly disruptive cyberattack.  See: https://www.bleepingcomputer.com/news/security/play-ransomware-claims-attack-on-belgium-city-of-antwerp/

As usual, all parties cried "foul play" and suggested that proper