menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Cyber Crime News

Cyber Crime News

source image

Securityaffairs

4w

read

111

img
dot

Image Credit: Securityaffairs

Threat actor sells data of over 750,000 patients from a French hospital

  • A threat actor had access to the electronic patient record system of an unnamed French hospital, compromising the health data of 750,000 patients.
  • The stolen data includes personal information such as names, dates of birth, addresses, phone numbers, and medical information like prescriptions and attending physicians.
  • The breach seems to be a supply chain attack, with the hacker compromising the MediBoard platform provided by Softway Medical Group.
  • The exposure of medical data puts patients at risk of identity theft, fraud, and can lead to misdiagnoses or medical errors.

Read Full Article

like

6 Likes

source image

Securityaffairs

4w

read

201

img
dot

Image Credit: Securityaffairs

Ford data breach involved a third-party supplier

  • Ford investigates a data breach linked to a third-party supplier.
  • Threat actors claim to have stolen 44,000 Ford customer records.
  • Ford confirms no breach of its systems or customer data.
  • Compromised data includes customer names, addresses, and purchase info.

Read Full Article

like

12 Likes

source image

Salesforce

1M

read

4

img
dot

Image Credit: Salesforce

8 Tips to Keep Your Identity Safe This Holiday Season

  • Cyber Week sales are expected to reach $311 billion worldwide leading into the holiday season, which is also a time of increased cyber crime, with hackers buying and selling personally identifiable information (PII) on the dark web.
  • To protect your sensitive data, consider freezing your credit, checking credit reports regularly, safeguarding your Social Security number, and being cautious of phishing, vishing, and smishing attempts.
  • Using strong passwords and multi-factor authentication, shredding documents with PII, and using a digital wallet for payment transactions are other important ways to protect yourself from identity theft during the holiday season.
  • Multi-factor authentication, which asks for two or more pieces of evidence to verify a user's identity, should be enabled on important online accounts like email, finance, and social media.
  • Stronger forms of authentication, like an authentication app, are preferable, but email and text can be used as a second factor if necessary.
  • While trying to protect yourself from identity theft is important during the holiday season, taking these precautions can be useful year-round.
  • If you suspect your identity has been stolen, it's important to act quickly and create a recovery plan. Start by visiting the FTC's Identity Theft website to report the theft.
  • If you ever receive a suspicious email or suspect your Salesforce credentials have been compromised, report (and forward) this immediately to [email protected].

Read Full Article

like

Like

source image

Cybersecurity-Insiders

1M

read

49

img
dot

Image Credit: Cybersecurity-Insiders

Equinox and France Auchan face data breach concerns

  • Equinox, a prominent healthcare service provider based in New York, has confirmed a significant data breach that could potentially affect around 21,000 customers and staff members.
  • The breach involved the exposure of highly sensitive personal information, including health records, financial details, Social Security numbers, passport numbers, dates of birth, and insurance information.
  • The breach was caused by the LockBit ransomware group, who initially demanded a ransom from Equinox but released stolen data on the dark web when the demand was not met.
  • In a separate incident, Auchan, a well-known supermarket chain based in France, has also fallen victim to a cyberattack that may have compromised the personal information of over 500,000 customers.

Read Full Article

like

2 Likes

source image

Mcafee

1M

read

116

img
dot

Image Credit: Mcafee

How to Recognize a Phishing Email

  • Phishing is a cybercrime that aims to steal your sensitive info.
  • Phishing scammers often undo their own plans by making simple mistakes that are easy to spot.
  • Check for the following signs of phishing when you open an email or check a text.
  • Phishing scammers often steal the logos of the businesses they impersonate. However, they don’t always use them correctly.
  • Phishing always centers around links that you’re supposed to click or tap.
  • You can also spot a phishing attack when you know what some of the most popular scams are:
  • You can do several things to keep yourself from falling for phishing attacks.
  • Some phishing attacks can look rather convincing, so seriously pause and think about the message for a minute.
  • Do not download attachments. And most certainly do not open them.
  • Using online protection software can protect you in several ways.

Read Full Article

like

7 Likes

source image

TechCrunch

1M

read

362

img
dot

Image Credit: TechCrunch

Fintech giant Finastra confirms it’s investigating a data breach

  • Finastra, a London-based financial software company, is investigating a data breach.
  • The breach was discovered on November 7 and involved suspicious activity on the company's internal file-transfer platform.
  • A hacker claimed to have stolen 400 gigabytes of data, including client files and internal documents.
  • Finastra is analyzing the affected data and working to determine which customers and products were impacted.

Read Full Article

like

21 Likes

source image

Cryptoslate

1M

read

282

img
dot

Image Credit: Cryptoslate

Crypto phishing scam nets $129 million in USDT then funds mysteriously return

  • A crypto whale narrowly avoided a $129 million USDT loss after falling victim to a phishing scam on the TRON blockchain.
  • The scammer used a fake wallet address that closely resembled the intended recipient's address.
  • The fraudster returned 90% of the stolen funds within an hour, and the remaining balance after four hours.
  • This incident highlights the rising threat of address-poisoning attacks and reinforces the importance of double-checking wallet addresses.

Read Full Article

like

16 Likes

source image

Securityaffairs

1M

read

250

img
dot

Image Credit: Securityaffairs

Unsecured JupyterLab and Jupyter Notebooks servers abused for illegal streaming of Sports events

  • Threat actors are exploiting misconfigured JupyterLab and Jupyter Notebooks servers to illegally stream sports events.
  • Researchers from Aqua observed threat actors using misconfigured servers to hijack environments and duplicate live sports broadcasts.
  • The attackers exploit unauthenticated access to JupyterLab and Jupyter Notebooks to establish initial access.
  • The consequences of such attacks can include denial of service, data manipulation, and reputational damage.

Read Full Article

like

15 Likes

source image

Cybersecurity-Insiders

1M

read

401

img
dot

Image Credit: Cybersecurity-Insiders

Phishing Simulation Training: From Strategy To Execution

  • Phishing simulation training offers a direct learning experience to engage employees with real-life phishing schemes.
  • Phishing simulation helps identify weaknesses and provides personalized coaching to boost human defenses.
  • It helps measure human risk and exposure, track training effectiveness, and establish measurable goals.
  • Executing an effective phishing simulation program involves identifying current state, setting measurable goals, segmenting the audience, developing authentic scenarios, deploying simulations in a phased manner, sharing results with employees, and refining the program over time.

Read Full Article

like

23 Likes

source image

Securityaffairs

1M

read

13

img
dot

Image Credit: Securityaffairs

Russian Phobos ransomware operator faces cybercrime charges

  • Russian Phobos ransomware operator Evgenii Ptitsyn extradited from South Korea to the US to face cybercrime charges.
  • Ptitsyn allegedly managed the sale, distribution, and operation of the Phobos ransomware.
  • The Phobos ransomware operation targeted over 1,000 entities worldwide, extorting more than $16 million in ransom payments.
  • Ptitsyn faces multiple charges including wire fraud, computer fraud and abuse, and extortion.

Read Full Article

like

Like

source image

Securityintelligence

1M

read

237

img
dot

Image Credit: Securityintelligence

Communication platforms play a major role in data breach risks

  • Companies with more than seven different communication tools are at a significantly higher risk of data breach, with only 9% of organizations overall reporting more than 10 data breaches, but 32% of companies with more than seven communications tools experiencing this high number of breaches.
  • Organizations with more than seven tools reported paying 3.25 times more in data breach litigation costs.
  • Companies with a high number of data breaches typically see numerous negative impacts on their organization, including lost customers, reputation damage and operational downtime.
  • The average cost of a data breach jumped to $4.88 million from $4.45 million in 2023, a 10% spike and the highest increase since the pandemic.
  • Key reasons for the correlation between the number of tools and the risk of a data breach include the increased attack area, more opportunities for exchanging sensitive data, more resources are required to govern and monitor and increased risk of human error.
  • By starting with communication tools, organizations can take proactive steps toward reducing their risk such as taking stock of tools in use, eliminating multiple tools used for the same purpose, providing employees with the tools that they need, and using tools that perform multiple tasks.
  • Using platforms that perform multiple functions, such as file sharing, video conferencing and messaging, organizations can significantly decrease the number of communication tools.
  • Inappropriate use or inadequate configuration of communication tools can lead to serious privacy violations.
  • Reducing risk starts with understanding why each new tool increases the odds of a breach given that communication and data transfer are central to all industries and most processes.
  • Many employees often let their guard down when using casual communication tools such as messenger and email, which creates instances of sharing sensitive data and increasing data breach risks.

Read Full Article

like

14 Likes

source image

Silicon

1M

read

1.2k

img
dot

Image Credit: Silicon

German Facebook Users Eligible For Compensation Over Data Breach

  • Millions of German Facebook users are eligible for compensation over a data leak that occurred in 2018-2019.
  • Germany's highest civil court, the Federal Court of Justice (BGH), ruled that users' loss of control over their data warrants damages, without the need to prove specific financial losses or misuse of the data.
  • The ruling acts as a precedent for similar cases currently being processed in German courts.
  • Approximately six million people in Germany were affected by the data leak.

Read Full Article

like

6 Likes

source image

Securelist

1M

read

327

img
dot

Image Credit: Securelist

Scammer Black Friday offers: Online shopping threats and dark web

  • Each year, cybercriminals and fraudsters gear up to exploit the demand, attempting to steal personal data, funds, and spread malware through deceptive shopping lures.
  • Kaspersky’s automated technologies are designed to detect and prevent various forms of financial phishing and scams that fraudsters run during the Black Friday season.
  • Kaspersky identified more than 38 million phishing attacks targeting users of online stores, payment systems, and banks in the first ten months of 2024.
  • As many as 44.41% of these attacks targeted banking service users.
  • Kaspersky detected and blocked 3,807,116 phishing attempts in 2024, primarily those distributing Amazon-related scam and phishing pages.
  • This year, we have also discovered some malicious campaigns targeting users by spreading fake mobile shopping apps.
  • These malicious programs are designed to steal sensitive data from online banking and payment systems.
  • Despite the high number, the overall activity of PC banking trojans continues to decline.
  • After a phishing attack, scammers who steal shopping accounts or credit card data may use it for their own profit or sell it on dark web forums or marketplaces.
  • Consumers must remain vigilant, especially during peak shopping periods, and adopt stronger security measures like two-factor authentication, secure payment options, and cautious browsing habits.

Read Full Article

like

19 Likes

source image

Securityaffairs

1M

read

398

img
dot

Image Credit: Securityaffairs

Great Plains Regional Medical Center ransomware attack impacted 133,000 individuals

  • A ransomware attack on Great Plains Regional Medical Center compromised personal data of 133,000 individuals, exposing sensitive information.
  • The attack occurred on September 8, 2024, and an investigation was launched with the help of a cybersecurity firm.
  • Files were accessed, encrypted, and copied by the threat actor between September 5 and September 8, 2024.
  • The exposed patient information includes names, demographic and health insurance information, clinical treatment details, and in some cases, Social Security and driver's license numbers.

Read Full Article

like

24 Likes

source image

Cybersecurity-Insiders

1M

read

399

img
dot

Image Credit: Cybersecurity-Insiders

How Data Breaches Erode Trust and What Companies Can Do

  • Data breaches can have a huge financial cost and cause reputational damage to companies.
  • The reputational damage may lead to a decrease in customer trust and perception of the brand.
  • Finance, healthcare, and retail industries are more susceptible to data breaches as attackers target them for monetary gain.
  • The loss of sensitive patient and personal data in healthcare can impact individuals and healthcare institutions.
  • The retail industry needs to have contingency plans in place to avoid system downtime during the peak sales season.
  • Organizations must implement cybersecurity measures according to the vulnerabilities of their industry.
  • CTEM can prioritize potential countermeasures and enhance the security posture of organizations on an ongoing basis.
  • The reduction in the time required to identify and address incidents is achieved by integrating valuable insights with the Security Operations Center (SOC).
  • Verizon has improved hospital cybersecurity by unifying its network and centralizing access controls to boost operational efficiency and protect patient information.
  • Data Loss Prevention (DLP) tools can safeguard data in the healthcare sector by monitoring sensitive information in outgoing emails.

Read Full Article

like

24 Likes

For uninterrupted reading, download the app