menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Cyber Crime News

Cyber Crime News

source image

Medium

3d

read

224

img
dot

Image Credit: Medium

What To Do If You Become a Victim of Cyberbullying

  • If you become a victim of cyberbullying, reach out to a trusted adult such as parents, family member, teacher, or school counselor for support.
  • Keep evidence of cyberbullying conversations as it may be helpful in taking legal actions against the bully.
  • Do not respond to cyberbullying messages, as this could encourage the bully. Report the bully to social media moderators and block the account if being harassed.
  • To prevent cyberbullying in the future, consider making your social media accounts private, and adults can help in creating a bullying prevention strategy.

Read Full Article

like

13 Likes

share

3 Shares

source image

Securityaffairs

3d

read

88

img
dot

Image Credit: Securityaffairs

Victoria’s Secret ‘s website offline following a cyberattack

  • Victoria's Secret took its website offline after a cyberattack that impacted customer care and distribution center operations.
  • The company's CEO mentioned that recovery from the cyberattack will take some time as the incident affected email access for some staff.
  • After the security incident, Victoria's Secret shares dropped by 6.9%, and the company did not disclose technical details about the attack.
  • Recent data breaches in major brands like Dior and Adidas, along with UK retailers facing cyberattacks, indicate a rising threat against retailers globally.

Read Full Article

like

5 Likes

share

1 Share

source image

TechDigest

4d

read

370

img
dot

Image Credit: TechDigest

NHS trusts hit by cyber attack, patient data feared stolen

  • NHS trusts in the UK have experienced a cyberattack leading to concerns about patient data being stolen.
  • University College London Hospitals NHS Foundation Trust and University Hospital Southampton NHS Foundation Trust were affected by a software vulnerability.
  • The cyberattack exploited a vulnerability in Ivanti Endpoint Manager Mobile software, potentially exposing patient records and sensitive information.
  • Hackers with an IP address based in China were identified. NHS England and cybersecurity partners are investigating the incident.

Read Full Article

like

22 Likes

share

5 Shares

source image

Siliconangle

5d

read

48

img
dot

Image Credit: Siliconangle

Cisco introduces Duo Identity and Access Management to enhance identity protection in the AI era

  • Cisco introduces Duo Identity and Access Management as a new security solution to combat identity-based attacks in the artificial intelligence era.
  • Duo IAM offers a security-first approach with multifactor authentication and a new user directory to manage user identities and access to resources securely.
  • The solution integrates with existing third-party identity systems, introduces advanced phishing protection features like Complete Passwordless authentication, and enhances security with Proximity Verification.
  • Duo IAM also integrates with Cisco Identity Intelligence to monitor identity risks in real time, automate response actions, and neutralize emerging threats swiftly.

Read Full Article

like

2 Likes

share

Share

source image

Silicon

5h

read

34

img
dot

Image Credit: Silicon

Victoria’s Secret, Adidas Hit By Cyber-Attacks

  • Victoria's Secret and Adidas were hit by cyber-attacks, affecting their online and in-store services.
  • Victoria's Secret paused online orders and some in-store services after a security incident, while Adidas reported stolen customer contact information from a third-party provider.
  • Recent incidents of cyber-attacks also impacted British retailers like Marks & Spencer and the Co-op Group in late April.
  • UK authorities are investigating potential connections to a hacking group called Scattered Spider, which has a history of targeting companies in various sectors using social engineering techniques.

Read Full Article

like

2 Likes

share

Share

source image

Securityaffairs

1d

read

233

img
dot

Image Credit: Securityaffairs

Security Affairs newsletter Round 526 by Pierluigi Paganini – INTERNATIONAL EDITION

  • Two Linux flaws found can expose sensitive data. Meta stopped covert operations from Iran, China, and Romania spreading propaganda.
  • US Treasury sanctions Funnull Technology for cyber scam facilitation. ConnectWise faces cyberattack from a sophisticated nation-state actor.
  • Victoria’s Secret website offline due to a cyberattack. APT41 uses Google Calendar for malware control.
  • New AyySSHush botnet compromises 9,000 ASUS routers. Czech Republic accuses China’s APT31 for a cyberattack.

Read Full Article

like

14 Likes

share

3 Shares

source image

Guardian

2d

read

269

img
dot

Image Credit: Guardian

UK banks urged to beef up anti-fraud systems for international payments

  • UK banks and payment firms are urged to strengthen their anti-fraud systems for international payments due to an increase in scammers tricking people into sending money abroad.
  • Cases of authorised push payment (APP) scams decreased by 20% last year, but the total amount lost to APP fraud only decreased by 2% to £450m.
  • A notable increase in APP scams involving international payments has been observed, with victims unlikely to get their money back as these transactions are not covered by the new reimbursement rules.
  • Fraud tactics in the UK and Europe include fake sales websites, malicious app scams, 'ghost taps' using card details, and AI-driven identity fraud.

Read Full Article

like

16 Likes

share

3 Shares

source image

TechCrunch

2d

read

11

img
dot

Image Credit: TechCrunch

White House investigating how Trump’s chief of staff’s phone was hacked

  • The White House is investigating the hacking of chief of staff Susie Wiles' phone, where attackers accessed contacts and impersonated her.
  • Hackers used AI to imitate Wiles' voice in phone calls and sent text messages from a different number.
  • Authorities are determining if the cloud account associated with Wiles' device was compromised or if a more advanced cyberattack was involved.
  • This is the second time Wiles has been targeted by hackers, with a previous incident involving Iranian hackers obtaining Vice President JD Vance's dossier.

Read Full Article

like

Like

share

Share

source image

Schneier

3d

read

270

img
dot

Why Take9 Won’t Improve Cybersecurity

  • The "Take9" cybersecurity awareness campaign suggests pausing for nine seconds before clicking on links or downloading files, but it is not practical or effective in improving cybersecurity.
  • A similar campaign called "Stop. Think. Connect." from 2016 also failed to make a significant impact in cybersecurity awareness.
  • The concept of pausing for nine seconds lacks scientific basis and does not address the root causes of cybersecurity vulnerabilities.
  • Pausing may help break habits but does not help individuals differentiate between legitimate actions and potential attacks.
  • A successful awareness campaign should guide users through a process of suspicion and evaluation, offering specific guidance on how to make better decisions.
  • Current phishing attacks have evolved to be more sophisticated, making it challenging for users to detect scams even with pauses or awareness training.
  • Blaming users for falling victim to cyberattacks is not productive, as it ignores the role of system design in creating insecure environments.
  • Security awareness campaigns should not solely rely on user behavior change but also require improved system designs and comprehensive cognitive support.
  • Meaningful cybersecurity improvements demand more than a pause and necessitate a holistic approach to address the complex interactions influencing decision-making.
  • Relying on awareness campaigns alone without addressing system vulnerabilities perpetuates a flawed blame-the-user mentality that undermines overall cybersecurity efforts.

Read Full Article

like

16 Likes

share

3 Shares

source image

Securityaffairs

3d

read

155

img
dot

Image Credit: Securityaffairs

US Treasury sanctioned the firm Funnull Technology as major cyber scam facilitator

  • The U.S. Treasury sanctioned Funnull Technology and Liu Lizhi for facilitating romance scams leading to significant losses in cryptocurrency fraud.
  • Funnull Technology Inc. aided in cyber scams by providing infrastructure for fake platforms, resulting in over $200 million in losses for U.S. victims.
  • Romance scams involve scammers building fake romantic relationships to exploit victims for financial gain by manipulating them into sending money or sensitive information.
  • The FBI issued a FLASH alert highlighting indicators of compromise associated with Funnull's malicious cyber activities, including patterns of IP address activity and domain migrations.

Read Full Article

like

9 Likes

share

2 Shares

source image

Securityaffairs

3d

read

195

img
dot

Image Credit: Securityaffairs

ConnectWise suffered a cyberattack carried out by a sophisticated nation state actor

  • ConnectWise detected suspicious activity linked to a nation-state actor, impacting a small number of its ScreenConnect customers.
  • ConnectWise confirmed the cyberattack and launched an investigation with cybersecurity firm Mandiant, patching the flaw in ScreenConnect and implementing enhanced security measures.
  • The breach possibly occurred in August 2024 and went unnoticed until May 2025. The ScreenConnect flaw (CVE-2025-3935) may have allowed remote code execution via stolen machine keys.
  • Threat actors exploited ScreenConnect vulnerabilities (CVE-2024-1709 and CVE-2024-1708) in early 2024, with Black Basta and Bl00dy ransomware groups actively exploiting the flaws.

Read Full Article

like

11 Likes

share

2 Shares

source image

Hackernoon

3d

read

212

img
dot

Image Credit: Hackernoon

Fullscreen BitM Attack Discovered By SquareX Exploits Browser Fullscreen APIs To Steal Credentials

  • SquareX discovered a Fullscreen BitM attack targeting Safari users, exploiting Fullscreen API vulnerabilities to steal credentials.
  • BitM attacks involve tricking victims by displaying genuine login pages in a pop-up window to steal sensitive information.
  • SquareX's research exposed a major Safari-specific flaw in the Fullscreen API, allowing for more convincing attacks.
  • Safari users are at higher risk due to no clear visual indication when entering fullscreen mode.
  • The use of Fullscreen API in combination with BitM enables attackers to create convincing fake login pages.
  • Other browsers like Firefox and Chrome have subtle notifications for fullscreen mode, while Safari lacks this feature.
  • Existing security solutions struggle to detect Fullscreen BitM attacks due to architectural limitations.
  • Security researchers advise enterprises to update defense strategies against advanced browser attacks.
  • SquareX's Browser Detection and Response tool helps organizations detect and mitigate web-based threats effectively.
  • The Fullscreen BitM Attack disclosure is part of a series focusing on browser security by SquareX's research team.

Read Full Article

like

12 Likes

share

2 Shares

source image

Securityaffairs

4d

read

60

img
dot

Image Credit: Securityaffairs

New AyySSHush botnet compromised over 9,000 ASUS routers, adding a persistent SSH backdoor.

  • GreyNoise researchers discovered the AyySSHush botnet compromising over 9,000 ASUS routers by adding a persistent SSH backdoor.
  • The attackers used stealthy tactics like auth bypasses and abusing legit settings to avoid detection, gaining durable control over the routers.
  • GreyNoise identified an ongoing exploitation campaign targeting specific ASUS router models, ensuring persistent backdoor access through firmware updates.
  • Nearly 9,000 ASUS routers have been compromised, with only 30 related requests observed over three months, indicating the stealthiness of the campaign.

Read Full Article

like

3 Likes

share

Share

source image

TechCrunch

4d

read

228

img
dot

Image Credit: TechCrunch

Data broker giant LexisNexis says breach exposed personal information of over 364,000 people

  • LexisNexis Risk Solutions, a data broker, disclosed a breach affecting over 364,000 people, dating back to December 25, 2024.
  • The hacker obtained consumers' sensitive personal data, such as names, dates of birth, phone numbers, addresses, Social Security numbers, and driver's license numbers.
  • Data brokers like LexisNexis profit from collecting and selling access to large amounts of Americans' personal and financial data for various purposes.
  • The Trump administration recently scrapped a plan that aimed to restrict data brokers from selling Americans' personal information, despite calls by privacy advocates.

Read Full Article

like

13 Likes

share

3 Shares

source image

Medium

5d

read

158

img
dot

Image Credit: Medium

AI-Enhanced Phishing Emails: The New Frontier in Cybersecurity Threats

  • Phishing emails are evolving with the use of AI, making them highly convincing and personalized.
  • AI-generated spear-phishing emails have a success rate of 54%, surpassing generic phishing campaigns.
  • AI-powered phishing simulations demonstrate how cybercriminals can automate interactions and create context-aware responses, lowering the barrier for attacks.
  • Awareness and vigilance are critical to combatting AI-driven phishing threats in cybersecurity.

Read Full Article

like

9 Likes

share

2 Shares

Prev

1
2
3
4
5
6
7
8
9
10

Next

For uninterrupted reading, download the app