A naukri.com initiative
Cyber Crime News
Hackernoon
11h
57
Image Credit: Hackernoon
Android Users Can Now Simulate Phishing Attacks with PyPhisher on Termux—Here's How
- PyPhisher is a tool that helps ethical hackers create fake login pages for popular sites on Android phones using Termux.
- Users can simulate phishing attacks by following a step-by-step guide to install and run PyPhisher on Termux.
- Installing PyPhisher involves updating Termux packages, installing required dependencies like Git, Python3, Pip, PHP, and OpenSSH, cloning the PyPhisher repository, and running the tool.
- Once PyPhisher is set up, users can select a phishing template, generate phishing links, open them in a browser, and capture login credentials for ethical hacking purposes.
Read Full Article
3 Likes
Securityaffairs
2d
208
Image Credit: Securityaffairs
Ascension reveals personal data of 437,329 patients exposed in cyberattack
- A data breach at Ascension, caused by a former partner's compromise, exposed the health information of over 430,000 patients.
- The breach disclosed personal and clinical data, including names, contact info, SSNs, and medical visit details, with specific information varying by individual.
- Ascension initiated an investigation after learning of the security incident, discovering that patient information was accidentally disclosed to a former business partner, likely leading to data theft.
- The healthcare organization is offering two years of free identity monitoring to those affected by the breach and has reported the incident to the U.S. Department of Health & Human Services.
Read Full Article
12 Likes
Securityaffairs
3d
363
Image Credit: Securityaffairs
A cyber attack briefly disrupted South African Airways operations
- A cyberattack briefly disrupted South African Airways’ website, app, and systems, but core flight operations remained unaffected.
- SAA activated disaster and continuity protocols immediately, enabling the resumption of impacted systems on the same day.
- Investigation into the cyberattack is ongoing with the assistance of independent digital forensic experts to determine the root cause and full scope of the security breach.
- The incident was reported to national authorities for criminal investigation, and steps are being taken to enhance security measures and mitigate potential risks.
Read Full Article
21 Likes
TechCrunch
3d
191
Image Credit: TechCrunch
FBI and Dutch police seize and shut down botnet of hacked routers
- FBI and Dutch police have seized and shut down botnet services involving hacked internet-connected devices, including routers.
- U.S. prosecutors indicted four individuals, including three Russians and one Kazakhstan national, for hacking into routers and running the botnet under the guise of legitimate proxy services.
- The accused individuals targeted vulnerable internet-connected devices to build a botnet, offering access through services like Anyproxy and 5Socks and making over $46 million from selling botnet access.
- Black Lotus Labs assisted in tracking the proxy networks used for malicious activities, with the botnet offering anonymity for cybercriminals and having about 1,000 weekly active proxies in over 80 countries.
Read Full Article
11 Likes
Securityaffairs
3d
340
Image Credit: Securityaffairs
Cybercriminal services target end-of-life routers, FBI warns
- The FBI warns that cybercriminal services are targeting end-of-life routers to deploy malware and sell them as proxies on 5Socks and Anyproxy networks.
- End-of-life routers are vulnerable to cyber attacks due to the lack of security updates, making them easy targets for threat actors who exploit known vulnerabilities.
- Infected routers are used to form botnets for coordinated attacks or sold as proxies, allowing threat actors persistent access and control over the compromised devices.
- The FBI recommends replacing vulnerable routers with newer models or disabling remote administration and rebooting the devices to prevent further infections, as per the published indicators of compromise (IoCs) and mitigation strategies.
Read Full Article
20 Likes
Securityaffairs
4d
44
Image Credit: Securityaffairs
Polish authorities arrested 4 people behind DDoS-for-hire platforms
- Polish authorities arrested 4 people linked to 6 DDoS-for-hire platforms used in global attacks, offering takedowns for as little as €10.
- The platforms facilitated thousands of cyberattacks on schools, government services, businesses, and gaming platforms between 2022 and 2025.
- International collaboration helped in the arrests, with Europol, U.S., Germany, and the Netherlands supporting the operation.
- The arrests are part of Operation PowerOFF, an ongoing international initiative to combat booter platforms for DDoS attacks.
Read Full Article
2 Likes
Securityaffairs
14h
58
Image Credit: Securityaffairs
Threat actors use fake AI tools to deliver the information stealer Noodlophile
- Threat actors are using fake AI tools to distribute the information stealer Noodlophile, as warned by Morphisec researchers.
- Attackers exploit the AI hype through viral posts and Facebook groups to trick users into downloading Noodlophile Stealer, a new malware that steals browser credentials and crypto wallets.
- Noodlophile Stealer, a previously undisclosed malware, is being sold on cybercrime forums as part of malware-as-a-service schemes and is often bundled with tools for credential theft.
- Fake AI tools like 'Dream Machine' or 'CapCut' spread through social media, attracting users seeking free video/image editors, but instead delivering malware like Noodlophile or XWorm.
Read Full Article
3 Likes
TechDigest
17h
84
Image Credit: TechDigest
Inside hacking meltdown at M&S, iOS19 to let you sync Public WiFi across devices
- Marks & Spencer faced a hacking meltdown after a promising financial year, impacting its reputation and future prospects.
- Apple is set to introduce a new feature in iOS 19 that will automatically sync public Wi-Fi networks across all Apple devices, simplifying the connection process.
- Virgin Media O2 and Daisy Group are merging their business communications and IT operations to create a £3bn telecoms powerhouse.
- Rockstar Games released the second trailer for Grand Theft Auto 6, showcasing advanced graphics and gameplay elements, setting high expectations for the upcoming game.
Read Full Article
5 Likes
Securityaffairs
21h
40
Image Credit: Securityaffairs
German police seized eXch crypto exchange
- Germany's Federal Criminal Police (BKA) shut down the eXch crypto exchange (eXch.cx), seizing its infrastructure over money laundering and illegal trading allegations.
- The German law enforcement seized €34M in crypto and 8TB of data from the platform, marking its third-largest crypto asset seizure ever.
- eXch crypto exchange had been active since 2014, enabling anonymous crypto swaps via clearnet and darknet, avoiding Anti Money Laundering rules. Authorities suspect the platform allowed laundering $1.9B.
- eXch announced it would shut down on May 1, 2025, amid suspicions of money laundering and illegal trading. Despite the shutdown announcement, authorities swiftly seized data and crypto assets from the platform.
Read Full Article
2 Likes
Securityaffairs
1d
217
Image Credit: Securityaffairs
Security Affairs newsletter Round 523 by Pierluigi Paganini – INTERNATIONAL EDITION
- 437,329 patients' personal data exposed in Ascension cyberattack.
- Operation Moonlander dismantles cybercriminal services Anyproxy and 5socks.
- SonicWall fixes critical flaws in SMA 100.
- NSO Group ordered to pay over $167M to WhatsApp for spyware campaign.
Read Full Article
13 Likes
Securityaffairs
2d
78
Image Credit: Securityaffairs
Operation Moonlander dismantled the botnet behind Anyproxy and 5socks cybercriminals services
- Operation Moonlander dismantled a 20-year botnet behind Anyproxy and 5socks cybercriminals services and arrested four suspects.
- U.S. Justice Department charged Russian and Kazakhstani nationals for maintaining, operating, and profiting from Anyproxy and 5socks services.
- The botnet operators enabled cryptocurrency payments and targeted IOT and SOHO devices for malicious activities like ad fraud, DDoS attacks, and brute force attacks.
- FBI released a FLASH alert warning about 5Socks and Anyproxy malicious services targeting end-of-life routers and urged replacing compromised routers or preventing infection by disabling remote admin and rebooting.
Read Full Article
4 Likes
Cybersecurity-Insiders
3d
56
Image Credit: Cybersecurity-Insiders
The Rising Sophistication of Social Media Spoofing
- Social media platforms like LinkedIn, Instagram, and Facebook are prime targets for cybercriminals due to their widespread use in both personal and professional settings.
- Cyber threats are evolving, with threat actors using social media spoofing to steal credentials, compromise accounts, and deliver malware, bypassing security measures.
- Phishing campaigns create urgency through social engineering tactics, such as sending fake urgent alerts to target users on platforms like Meta (formerly Facebook) and LinkedIn.
- Attackers in these campaigns mimic official communications and use urgency to prompt impulsive responses from victims, leading them to divulge sensitive information.
- Threat actors exploit the trust users have in social platforms, like Instagram and LinkedIn, to deceive them into sharing personal or business information.
- Employees can protect against such attacks by verifying senders, scrutinizing URLs, and establishing clear communication channels within organizations for verification purposes.
- By incorporating elements like chatbots and fake support channels, cybercriminals are increasing the sophistication of social media phishing tactics, necessitating heightened user awareness and caution.
- Security awareness training is crucial to empower employees to identify and thwart phishing attempts, reinforcing the importance of cybersecurity practices in today's digital landscape.
- Constant vigilance and proactive measures are essential as cyber threats continue to advance, emphasizing the critical role of human intervention in cybersecurity defense strategies.
- Organizations must adapt by enhancing security protocols and fostering a culture of cybersecurity awareness to mitigate the risks posed by social media spoofing and other evolving threats.
Read Full Article
3 Likes
TechCrunch
4d
117
Image Credit: TechCrunch
A timeline of South Korean telco giant SKT’s data breach
- In April, SK Telecom in South Korea experienced a cyberattack resulting in the theft of data of approximately 23 million customers.
- SKT's CEO mentioned that around 250,000 users switched providers post-breach, a number expected to rise to 2.5 million if cancellation fees are waived.
- The potential financial impact could reach $5 billion over three years if cancellation fees are not enforced.
- SKT is actively investigating and considering this incident as its most severe security breach.
- Investigations by public and private entities are ongoing to determine the cause of the breach.
- Sensitive personal data like phone numbers and unique identifiers were compromised, presenting risks of SIM swapping and surveillance.
- SKT offered SIM card protection and replacements to prevent further damage following the breach.
- No secondary damage has been reported, and there are no verified cases of customer data misuse on the dark web.
- SKT detected abnormal activities on April 18, identified a breach on April 19, and reported it to authorities on April 20.
- A cybersecurity notice instructed SKT to replace Ivanti VPN equipment suspected to be linked to the breach, possibly related to China-backed hackers.
Read Full Article
7 Likes
Securityaffairs
4d
348
Image Credit: Securityaffairs
The LockBit ransomware site was breached, database dump was leaked online
- The LockBit ransomware group's dark web site was compromised, leading to the leak of data from the backend infrastructure.
- Hackers defaced the dark web site and posted a message along with a link to a dump of the MySQL database containing various data, including victim chat logs and user data.
- BleepingComputer analyzed the leaked database, revealing 20 tables with information such as BTC addresses, victim chat logs, and user data with plaintext passwords.
- Italian cybersecurity expert Emanuele De Lucia extracted over 60k addresses from the dump, indicating the potential presence of critical data for developing decryption tools. The chat logs showed ransom amounts ranging from $50,000 to $1,500,000.
Read Full Article
20 Likes
TechCrunch
4d
301
Image Credit: TechCrunch
VC firm Insight Partners confirms personal data stolen during January hack
- Venture capital firm Insight Partners confirmed that personal data was stolen in a cyberattack during January.
- The stolen data includes personal information of current and former employees, limited partners, certain funds, and portfolio companies.
- Insight Partners has not provided evidence for its claim that the hack was due to 'sophisticated' social engineering.
- The firm, with over $90 billion in regulated assets under management, has funded cybersecurity giants like Wiz and Armis.
Read Full Article
18 Likes
For uninterrupted reading, download the app