Cybercrime

August 2025

August 2025


Vol. 8, Iss. 35
Robin’s Newsletter #376
Vol. 8, Iss. 35

Salt Typhoon comp'd over 200 organisations. Anthropic says cybercrims run ransomware ops using Claude. SK Telecom lacked pretty much any security.

February 2025

February 2025


Vol. 8, Iss. 7
Robin’s Newsletter #348
Vol. 8, Iss. 7

DOGE and the 'most consequential' breach in history. Salt Typhoon seen in five more telcos. AI Summaries are mostly inaccurate.

October 2024

October 2024


Vol. 7, Iss. 42
Robin’s Newsletter #331
Vol. 7, Iss. 42

Chinese accusations of Intel backdoors. Microsoft loses customer security logs. Hong Kong arrests in multi-milloin deepfake video scams.


Vol. 7, Iss. 40
Robin’s Newsletter #329
Vol. 7, Iss. 40

LockBit arrests. Evil Corp linked to Russian intelligence. Meta Ray Bans used in creepy facial recognition concept.

September 2024

September 2024


Vol. 7, Iss. 35
Robin’s Newsletter #324
Vol. 7, Iss. 35

Telegram CEO charged in France for illegal activity on the platform. Ukraine launches cyber range. Chinese attackers compromise four ISPs.

March 2024

March 2024


Vol. 7, Iss. 10
Robin’s Newsletter #299
Vol. 7, Iss. 10

ALPHV pulls an exit scam after Change Healthcare seems to make ransom payment.

February 2024

February 2024


Vol. 7, Iss. 8
Robin’s Newsletter #297
Vol. 7, Iss. 8

LockBit comprehensively pwned by UK, US and EU law enforcement. Leak at Chiense security copmany gives insight into outsourcing of government attacks.

September 2023

September 2023


Vol. 6, Iss. 38
Robin’s Newsletter #274
Vol. 6, Iss. 38

Ransomware groups target Save the Children, and Las Vegas casinos, and the Sri Lankan government.


Vol. 6, Iss. 36
Robin’s Newsletter #272
Vol. 6, Iss. 36

FBI takes down Qakbot. Two arrested for Polish train disruption. Met Police supplier loses personal data of 47,000 officers.

August 2023

August 2023


Vol. 6, Iss. 35
Robin’s Newsletter #271
Vol. 6, Iss. 35

Lapsus$ group pair court verdict. Ransomware dwell times are down. Cloud providers looses all their customers data in ransomware incident.

May 2023

May 2023


Vol. 6, Iss. 21
Robin’s Newsletter #257
Vol. 6, Iss. 21

Montana bans TikTok. Ransomware as activitsm. Fallout from Capita breaches escalate.

April 2023

April 2023


Vol. 6, Iss. 15
Robin’s Newsletter #251
Vol. 6, Iss. 15

Genesis Market seizure leads to 119 arrests. The UK on being a responsible cyber power. Security and privacy risks of AI chatbots.

March 2023

March 2023


Vol. 6, Iss. 12
Robin’s Newsletter #248
Vol. 6, Iss. 12

Critical vulnerabilities in Microsoft Outlook, Samsung chips in Android phones. ALPHV claims ransomware attack against Ring.

February 2023

February 2023


Vol. 6, Iss. 6
Robin’s Newsletter #242
Vol. 6, Iss. 6

JD Sports expose PII of 10 million. Redcar council told to 'keep quiet' over ransomware attack. Zero-tolerance policy wipes over 2,000 devices.

January 2023

January 2023


Vol. 6, Iss. 5
Robin’s Newsletter #241
Vol. 6, Iss. 5

Hive ransomware infrastructure seized by FBI. The concentration of the illicit crypto-currency market. GoTo confirms customer data stolen during November breach.


Vol. 6, Iss. 4
Robin’s Newsletter #240
Vol. 6, Iss. 4

Ransomware payments fell 40% in 2022. T-Mobile suffers *another* breach; 37 million accounts affected. Credential stuffing attacks against Norton Password Manager, PayPal.

December 2022

December 2022


Vol. 5, Iss. 50
Robin’s Newsletter #234
Vol. 5, Iss. 50

Apple offers encrypted iCloud backups. Medibank takes ysstems offline for security improvements. Attack on NZ MSP affects Justice and health bodies.

November 2022

November 2022


Vol. 5, Iss. 48
Robin’s Newsletter #232
Vol. 5, Iss. 48

Massive UK fraud crackdown. Russia designated state sponsor of terrorism by EU Parliament. Cyber Partisans claim compromise of Roskomnadzor agency.


Vol. 5, Iss. 46
Robin’s Newsletter #230
Vol. 5, Iss. 46

How Qatar hacked the World Cup. Calls for a law on 'failing to prevent fraud'. Australia's new offensive cybercrime team. Mistrust at a root CA.

October 2022

October 2022


Vol. 5, Iss. 43
Robin’s Newsletter #227
Vol. 5, Iss. 43

Microsoft leaves 2.4TB of 'business transaction data' in public Azure bucket. Head of Germany's cyber agency suspended for links to Russian intelligence. Optus unilaterally blocks data breach victim's passports.

September 2022

September 2022


Vol. 5, Iss. 38
Robin’s Newsletter #222
Vol. 5, Iss. 38

Welcome to 2022: Uber comprehensively owned via hardcoded PAM credentials, IHG password vault alleged secured using 'Qwerty1234'.

April 2022

April 2022


Vol. 5, Iss. 17
Robin’s Newsletter #201
Vol. 5, Iss. 17

Okta breach affected two customers. Russian invasion leaves it 'fair game' for cyberattacks. Java’s ‘psychic signatures’ and conceptualising cybercrimes.

March 2022

March 2022


Vol. 5, Iss. 13
Robin’s Newsletter #197
Vol. 5, Iss. 13

The rise, and fall?, of Lapsus$ as Okta confirm breach. US CNI cyberattack warning. Build capabilities, not plans for resilience.

June 2021

June 2021


Vol. 4, Iss. 25
Robin’s Newsletter #157 — 3rd Birthday Edition 🥳
Vol. 4, Iss. 25

Suspected Cl0p members arrested. Ransomware is an 'urgent' threat to U.K. Balancing cyber supply and demand. And, Dear Intern...

May 2021

May 2021


Vol. 4, Iss. 18
Robin’s Newsletter #150
Vol. 4, Iss. 18

Babuk ransomware operators demand $50M from DC police. BoJo's phone number available online. Emotet deactivated. And, burrowing beavers.

November 2020

November 2020


Vol. 3, Iss. 45
Robin’s Newsletter #125
Vol. 3, Iss. 45

Nothing cyber happened in the US election. Corporate VOIP systems being targeted. Don't pay ransomware gangs to not leak your data.

May 2020

May 2020


Vol. 3, Iss. 22
Robins Newsletter #102
Vol. 3, Iss. 22

Cybercrime is boring; Capital One IR report isn't legally privileged; and easyJet target of £18Bn legal action.

April 2020

April 2020


Vol. 3, Iss. 3
Robin’s Newsletter #83
Vol. 3, Iss. 3

Changing the economics of cybercrime; Windows crypto vulnerability; and rival groups exploiting Citrix.