Spanish National Police says they have dismantled an international criminal
organization believed to have used sophisticated cyber scams to steal over 5
million euros from consumers.

In a joint operation, Spanish and US law enforcement agents say they arrested
nine people suspected of participating in the fraud, seizing high-end watches
worth 200,000 euros and blocking more than half a million euros in assets.

According to a press release, the cybercriminal network, based in Madrid,
operated o

Mining crypto might look like an easy way to make money because so many people
are doing it around the world. But installing such software on any PC running a
dedicated security solution would immediately trigger the protection software,
preventing users from proceeding with the installation unless they know what
they’re doing.

Most anyone can carry out crypto mining; install a crypto mining app, set up an
account and wallet, and simply start mining away. The mining process is not
difficult to

More than 500 hosts have been newly compromised en masse by the ESXiArgs ransomware strain, most of which are located in France, Germany, the Netherlands, the U.K., and Ukraine.
The findings come from attack surface management firm Censys, which discovered “two hosts with strikingly similar ransom notes dating back to mid-October 2022, just after ESXi versions 6.5 and 6.7 reached end of life.”

Telecommunication service providers in the Middle East are being targeted by a previously undocumented threat actor as part of a suspected intelligence gathering mission.
Cybersecurity firms SentinelOne and QGroup are tracking the activity cluster under the former’s work-in-progress moniker WIP26.
“WIP26 relies heavily on public cloud infrastructure in an attempt to evade detection by making

Security teams typically have great visibility over most areas, for example, the corporate network, endpoints, servers, and cloud infrastructure. They use this visibility to enforce the necessary security and compliance requirements. However, this is not the case when it comes to sensitive data sitting in production or analytic databases, data warehouses or data lakes.
Security teams have to

Security researchers have disclosed two new vulnerabilities affecting Schneider Electric Modicon programmable logic controllers (PLCs) that could allow for authentication bypass and remote code execution.
The flaws, tracked as CVE-2022-45788 (CVSS score: 7.5) and CVE-2022-45789 (CVSS score: 8.1), are part of a broader collection of security defects tracked by Forescout as OT:ICEFALL.
Successful

Chinese-speaking individuals in Southeast and East Asia are the targets of a new rogue Google Ads campaign that delivers remote access trojans such as FatalRAT to compromised machines.
The attacks involve purchasing ad slots to appear in Google search results that direct users searching for popular applications to rogue websites hosting trojanized installers, ESET said in a report published

The prolific SideWinder group has been attributed as the nation-state actor behind attempted attacks against 61 entities in Afghanistan, Bhutan, Myanmar, Nepal, and Sri Lanka between June and November 2021.
Targets included government, military, law enforcement, banks, and other organizations, according to an exhaustive report published by Group-IB, which also found links between the adversary

A popular npm package with more than 3.5 million weekly downloads has been found vulnerable to an account takeover attack.
“The package can be taken over by recovering an expired domain name for one of its maintainers and resetting the password,” software supply chain security company Illustria said in a report.
While npm’s security protections limit users to have only one active email address