Lifeboat Foundation: Safeguarding Humanity
Toggle light / dark theme

Blog

Category: cybercrime/malcode – Page 3

Law enforcement authorities in seven African countries have arrested 306 suspects and confiscated 1,842 devices as part of an international operation codenamed Red Card that took place between November 2024 and February 2025.

The coordinated effort “aims to disrupt and dismantle cross-border criminal networks which cause significant harm to individuals and businesses,” INTERPOL said, adding it focused on targeted mobile banking, investment, and messaging app scams.

The cyber-enabled scams involved more than 5,000 victims. The countries that participated in the operation include Benin, Côte d’Ivoire, Nigeria, Rwanda, South Africa, Togo, and Zambia.

Read more | >

African law enforcement authorities have arrested 306 suspects as part of ‘Operation Red Card,’ an INTERPOL-led international crackdown targeting cross-border cybercriminal networks.

Between November 2024 and February 2025, authorities seized 1,842 devices allegedly used in mobile banking, investment, and messaging app scams linked to over 5,000 victims.

“Ahead of the operation, countries exchanged criminal intelligence on key targets. This intelligence was enriched by INTERPOL with insights into criminal modus operandi using data from its private sector partners—Group-IB, Kaspersky and Trend Micro,” the international police organization said.

Read more | >

A new phishing campaign targets Counter-Strike 2 players utilizing (BitB) attacks that display a realistic window that mimics Steam’s login page.

The attackers impersonate the Ukrainian e-sports team Navi to bait devoted fans and add legitimacy to the phishing page by using a recognizable brand.

The campaign uses the <a href=“https://www.bleepingcomputer.com/news/security/new-phishing-toolkit-lets-anyone-create-fake-chrome-browser-windows/” target=“_blank” rel=“nofollow (BitB) phishing technique created by cybersecurity researcher mr. dox in March 2022. This phishing framework allows threat actors to create realistic-looking popup windows with custom address URLs and titles within another browser window.

Read more | >

A new multi-platform ransomware-as-a-service (RaaS) operation named VanHelsing has emerged, targeting Windows, Linux, BSD, ARM, and ESXi systems.

VanHelsing was first promoted on underground cybercrime platforms on March 7, offering experienced affiliates a free pass to join while mandating a deposit of $5,000 from less experienced threat actors.

The new ransomware operation was first documented by CYFIRMA late last week, while Check Point Research performed a more in-depth analysis published yesterday.

Read more | >

Veeam has patched a critical remote code execution vulnerability tracked as CVE-2025–23120 in its Backup & Replication software that impacts domain-joined installations.

The flaw was disclosed yesterday and affects Veeam Backup & Replication version 12.3.0.310 and all earlier version 12 builds. The company fixed it in version 12.3.1 (build 12.3.1.1139), which was released yesterday.

According to a technical writeup by watchTowr Labs, who discovered the bug, CVE-2025–23120 is a deserialization vulnerability in the Veeam. Backup. EsxManager.xmlFrameworkDs and Veeam.Backup.Core. BackupSummary. NET classes.

Read more | >

Two malicious VSCode Marketplace extensions were found deploying in-development ransomware, exposing critical gaps in Microsoft’s review process.

The extensions, named “ahban.shiba” and “ahban.cychelloworld,” were downloaded seven and eight times, respectively, before they were eventually removed from the store.

It is notable that the extensions were uploaded onto the VSCode Marketplace on October 27, 2024 (ahban.cychelloworld) and February 17, 2025 (ahban.shiba), bypassing safety review processes and remaining on Microsoft’s store for an extensive period of time.

Read more | >

This research note deploys data from a simulation experiment to illustrate the very real effects of monolithic views of technology potential on decision-making within the Homeland Security and Emergency Management field. Specifically, a population of national security decision-makers from across the United States participated in an experimental study that sought to examine their response to encounter different kinds of AI agency in a crisis situation. The results illustrate wariness of overstep and unwillingness to be assertive when AI tools are observed shaping key situational developments, something not apparent when AI is either absent or used as a limited aide to human analysis. These effects are mediated by levels of respondent training. Of great concern, however, these restraining effects disappear and the impact of education on driving professionals towards prudent outcomes is minimized for those individuals that profess to see AI as a full viable replacement of their professional practice. These findings constitute proof of a “Great Machine” problem within professional HSEM practice. Willingness to accept grand, singular assumptions about emerging technologies into operational decision-making clearly encourages ignorance of technological nuance. The result is a serious challenge for HSEM practice that requires more sophisticated solutions than simply raising awareness of AI.

Keywords: artificial intelligence; cybersecurity; experiments; decision-making.

Read more | >