One of the most popular Dark Web hosting services – Daniel’s Hosting – was slaughtered last week when attackers hosed it clean of about 6,500 hidden services. The admin says they’re gone for good: he hasn’t even figured out where the vulnerability is yet. The administrator at Daniel’s Hosting is a German software developer named Daniel Winzen, who acknowledged the attack on the hosting provider’s portal. Winzen said that it happened on Thursday night, a day after a PHP zero-day exploit was leaked.

A Utah-based hacker who targeted several of the big gaming networks, including PlayStation Network and Xbox Live, temporarily knocking them offline and boasting about it, is facing a 10-year jail sentence. The U.S. Attorney's Office for the Southern District of California announced earlier this week that Austin Thompson, 23, had entered a guilty plea for one count of damage to a protected computer following an investigation by the FBI's San Diego field office.

Out of fourteen separate exchange breaches, five have been attributed to the group, among them the industry record-breaking $532 million NEM hack of Japan’s Coincheck this January. The report, dedicated to hacks in 2017 and 2018, identifies the allegedly state-sponsored hacker group Lazarus as responsible for $571 million of the $882 million total in crypto that was stolen from online exchanges during the studied time period; almost 65 percent of the total sum.

The US-CERT has released a joint technical alert from the DHS, the FBI, and Treasury warning about a new ATM scheme being used by the prolific North Korean APT hacking group known as Hidden Cobra. Hidden Cobra, also known as Lazarus Group and Guardians of Peace, is believed to be backed by the North Korean government and has previously launched attacks against a number of media organizations, aerospace, financial and critical infrastructure sectors across the world.

Western nations accused Russia’s secretive military intelligence unit of new cybercrimes on Thursday, with Dutch and British officials labeling the GRU “brazen” for allegedly targeting the international chemical weapons watchdog and the investigation into the 2014 downing of a Malaysian Airlines flight over eastern Ukraine. Dutch Defense Minister Ank Bijleveld said that the GRU’s alleged hacking attempts on the Organization for the Prohibition of Chemical Weapons...

More needs to be done to stop small social media websites being exploited by extremists, experts have said. The likes of Facebook and Twitter have responded to calls to remove extremist content over the last 18 months. And some smaller social media sites have joined a scheme where information is shared to enable blocking content.

I spent three weeks studying FreeHacks, one of the dark web’s biggest platform for hackers. From passports to credit cards, nothing is safe.

Ticketmaster has admitted that 40,000 of its customers’ credit card details and personal information has been leaked in a data breach. According to the ticket sales website, it was hit by malicious software on Saturday via one of its third-party suppliers. Anyone who has attempted to buy tickets off the website between February and June this year could be affected by the breach.

Operation Dark Gold targeted dark-web drug dealers, offering cash in exchange for tainted cryptocurrency

It’s like something out of a movie.

Hackers are increasingly hijacking computers to secretly mine crypto assets. Such exploits surged last year, according a survey by IBM Managed Security Services. One recently discovered malware program is hiding itself on Amazon’s cloud to steal processing power from a fleet of ordinary computers. So far, the “Xbooster” malware has infected enough machines using Windows operating systems to harvest approximately $100,000 worth of monero, according to Krishna Narayanaswamy, founder and chief scientist of Netskope.

Customers who visited certain Chili's Grill & Bar restaurants between March and April may have had their payment information stolen by hackers according to a notice released by Chili's parent company Brinker International last week. According to the notice originally issued on May 12, the company learned of the data breach the day before. Additional information released by Brinker suggests that malware was used to gather guest payment information, including credit and debit card numbers, cardholder names, and potentially expiration dates and CVV codes.

Hackers possibly working for an advanced nation have infected more than 500,000 home and small-office routers around the world with malware that can be used to collect communications, launch attacks on others, and permanently destroy the devices with a single command, researchers at Cisco warned Wednesday.

Securus, a prison technology company used by law enforcement agencies across the country, has allegedly had its data breached by a hacker, reports Motherboard. The 10-year-old company came into the spotlight last week, when the New York Times reported that Cory Hutcheson, a former Missouri sheriff, was accused of allegedly using Securus services to track the whereabouts of people's cellphones, including a judge and members of the highway patrol, without warrants. Hutcheson pled not guilty.

Thieves siphoned hundreds of millions of pesos out of Mexican banks, including No. 2 Banorte, by creating phantom orders that wired funds to bogus accounts and promptly withdrew the money, two sources close to the government's investigation said. Hackers sent hundreds of false orders to move amounts ranging from tens of thousands to hundreds of thousands of pesos from banks including Banorte, to fake accounts in other banks, the sources said, and accomplices then emptied the accounts in cash withdrawals in dozens of branch offices.

Equifax has published yet more details on the personal records and sensitive information stolen by miscreants after they hacked its databases in 2017. The good news: the number of individuals affected by the network intrusion hasn't increased from the 146.6 million Equifax previously announced, but extra types of records accessed by the hackers have turned up in Mandiant's ongoing audit of the security breach. In February, in response to questions from US Senator Elizabeth Warren (D-MA), Equifax agreed that card expiry dates and tax IDs could have been among the siphoned data, but it hadn't yet worked out how many people were affected.

Army wife Angela Ricketts was soaking in a bubble bath in her Colorado home, leafing through a memoir, when a message appeared on her iPhone: “Dear Angela!” it said. “Bloody Valentine’s Day!” “We know everything about you, your husband and your children,” the Facebook message continued, claiming that the hackers operating under the flag of Islamic State militants had penetrated her computer and her phone. “We’re much closer than you can even imagine.”

The massive Equifax data breach exposed another growing menace in cyberworld and the need to keep an eagle eye on your finances-- identity theft. Fraudsters purporting to be Equifax employees would place fake calls, social media posts, texts and email to unwitting customers in a bid to steal their personal details including addresses, birth dates, Social Security numbers and driver’s license numbers.

The deadline to file your taxes is rapidly approaching, but cyber criminals have already been hard at work trying to cash in with fraudulent tax returns. This tax season, experts say instead of targeting individual tax payers, scam artists are targeting tax professionals. "One of the challenges that we're seeing this year is that as tax professionals and the I.R.S. have become more and more sophisticated, so too have the adversaries," said Caleb Barlow, IBM Security's vice president of threat intelligence.

"Ransomware" is malicious software that works basically like a computer virus, except that instead of destroying your data, it locks it down until you pay whatever ransom the creators decide to extort. The WCry ransomware unleashed last year, for instance, spread quickly and caused particular grief amongst hospitals in the UK, leading to wards being closed and patients turned away. Not all such attacks are quite so malicious, however.