A naukri.com initiative
Cyber Crime News
Securityaffairs
1M
328
Image Credit: Securityaffairs
A botnet exploits e GeoVision zero-day to compromise EoL devices
- A botnet is exploiting a zero-day in end-of-life GeoVision devices to compromise devices in the wild.
- The zero-day, tracked as CVE-2024-11120, is a pre-auth command injection vulnerability.
- The botnet is used for DDoS or cryptomining attacks.
- Approximately 17,000 Internet-facing GeoVision devices are vulnerable to the zero-day.
Read Full Article
19 Likes
TechCrunch
1M
144
Image Credit: TechCrunch
T-Mobile hack linked to Chinese breaches of telecom networks
- U.S. phone giant T-Mobile was hacked as part of a broad cyberattack on U.S. and international phone and internet companies
- T-Mobile is closely monitoring the attack, but their systems and data have not been significantly impacted
- The cyberattack is linked to a series of breaches targeting telecom companies, including AT&T, Verizon, and Lumen
- The FBI and CISA have warned about the cyber espionage campaign, accusing China of involvement
Read Full Article
8 Likes
TechCrunch
1M
157
Image Credit: TechCrunch
What a second Trump term means for the future of ransomware
- The US government has been making big strides in the fight against ransomware over the last four years.
- The Biden administration declared ransomware as a national security threat and successfully targeted ransomware operators.
- Despite the government’s efforts, cyberattacks targeting US organizations continue to rise.
- President-elect Donald Trump is expected to inherit the major ransomware problem in January.
- It is hard to predict what the next four years of cybersecurity policy could look like.
- Trump’s first term was a mixed bag, but cybersecurity didn’t feature heavily in his messaging since.
- However, the Republican National Committee said during the 2024 election cycle that an incoming Republican administration would 'raise the security standards for our critical systems and networks.'
- Trump’s push to slash federal budgets raised concerns that agencies may have fewer resources available for cybersecurity, which could make US networks more vulnerable to cyberattacks.
- With a scaled back focus on regulation, a second Trump term could pick up where it left off with offensive cyberattacks.
- A second Trump term is expected to pursue initiatives that would deter enemies to US sovereign security such as the use of offensive cyber capabilities and ramping up of the ‘hack-back’ activities.
Read Full Article
9 Likes
Bitcoinist
1M
418
Image Credit: Bitcoinist
Singaporean Accused Of $230M Crypto Scam Seeks ‘Speedy Trial’ In US—Details
- A 20-year-old Singaporean, Malone Lam, has requested a 'speedy trial' in a US court for charges of stealing $230 million in cryptocurrency.
- Lam and his alleged accomplice, Jeandiel Serrano, are accused of using social engineering tactics to deceive a crypto investor and gain unauthorized access to over 4,100 Bitcoin.
- The alleged scheme involved impersonating Google support representatives and the Gemini exchange's security team to steal cryptocurrency assets from the victim.
- Lam faces up to 20 years in prison for each charge, along with substantial fines or forfeiture of illicit gains, and is currently held at Northern Neck Regional Jail in Virginia.
Read Full Article
25 Likes
Securityaffairs
1M
337
Image Credit: Securityaffairs
Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies
- The Glove Stealer malware exploits a new technique to bypass Chrome’s App-Bound encryption and steal browser cookies.
- Glove Stealer is a .NET-based information stealer that targets browser extensions and locally installed software to steal sensitive data.
- The malware bypasses Chrome’s App-Bound Encryption by utilizing the IElevator service.
- The campaign observed by researchers used a phishing message with an HTML file attachment to trick users into executing malicious scripts.
Read Full Article
20 Likes
Securityaffairs
1M
364
Image Credit: Securityaffairs
Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison
- Bitfinex hacker Ilya Lichtenstein has been sentenced to five years in prison for his involvement in a money laundering conspiracy arising from the hack and theft of approximately 120,000 bitcoin from Bitfinex.
- Over 96% of the stolen funds have been recovered, with most remaining unspent, according to defense attorney Samson Enzer and with assistance from Lichtenstein.
- In February 2022, Lichtenstein and his wife were arrested for alleged conspiracy to launder $4.5 billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex.
- Lichtenstein used advanced hacking tools and techniques to breach Bitfinex’s network and laundered the stolen funds with the help of his wife.
Read Full Article
21 Likes
Socprime
1M
13
Image Credit: Socprime
New Remcos RAT Activity Detection: Phishing Campaign Spreading a Novel Fileless Malware Variant
- A new phishing campaign has been identified that spreads a fileless version of the Remcos RAT malware.
- The campaign exploits a known vulnerability in Microsoft Office and uses a malicious Excel file as a lure.
- The fileless Remcos RAT variant allows attackers to gain full remote control of compromised systems.
- Security teams can utilize detection algorithms and AI-powered solutions to defend against this threat.
Read Full Article
Like
TechJuice
1M
94
Image Credit: TechJuice
Illegal SIM Card Trade Exposed in PTA and FIA Raids Across Islamabad and KPK
- Pakistan Telecommunication Authority (PTA) and Federal Investigation Agency (FIA) Cyber Crime Wing conducted raids in Islamabad and KPK to expose illegal SIM card trade.
- Telecom franchisees in Barakahu, Islamabad, and Shinkiari, District Mansehra were found involved in issuing SIM cards fraudulently.
- Several biometric verification systems, activated and unconfirmed SIM cards, computers, and CNICs were seized during the raids.
- Arrests were made, FIRs were filed, and PTA highlighted the ongoing efforts to combat illegal SIM card distribution.
Read Full Article
5 Likes
Securityaffairs
1M
4
Image Credit: Securityaffairs
U.S. CISA adds Palo Alto Networks Expedition bugs to its Known Exploited Vulnerabilities catalog
- The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added Palo Alto Networks Expedition vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.
- The vulnerabilities in the Palo Alto Networks Expedition solution could allow an attacker to access sensitive data and potentially take over firewall administrator accounts.
- The identified vulnerabilities include command injection, SQL injection, and cross-site scripting (XSS) flaws.
- Palo Alto Networks provided workarounds and advised organizations to review and address the vulnerabilities in their infrastructure.
Read Full Article
Like
Dataprivacyandsecurityinsider
1M
342
Image Credit: Dataprivacyandsecurityinsider
Oak Valley Hospital Reaches Settlement in Class Action over Data Breach
- Oak Valley Hospital reached a settlement in a class action over a 2023 data breach.
- The breach occurred from April 21 to July 18, 2023, and affected 268,267 patients.
- The settlement offers eligible class members a $100 payment and reimbursement for out-of-pocket expenses.
- Oak Valley agreed to enhance its cybersecurity practices and safeguards as part of the settlement.
Read Full Article
20 Likes
Infoblox
1M
54
Image Credit: Infoblox
DNS Predators Hijack Domains to Supply their Attack Infrastructure
- A report by Infoblox Threat Intel estimates that over 1 million registered domains could be vulnerable to Sitting Ducks attack, an underreported domain hijacking attack that uses misconfigured Domain Name System (DNS) settings to take over a website and use it to establish an attack infrastructure.
- The most common victims of the Sitting Ducks attack are well-known brands, non-profits and government entities with well-reputed domain names.
- The attack vector is relatively easy to execute and is often exploited by cybercriminals to evade existing detections and strengthen their malicious campaigns.
- Researchers have seen cases of rotational hijacking, where a domain is hijacked by multiple actors over time.
- Infoblox Threat Intel has identified two groups, Vextrio Viper and Vacant Viper, who have used this vector to strengthen their cyber-attacks, including malicious spam operations, porn delivery, establishing remote access trojan (RAT) control channels, and dropping malware.
- Horrid Hawk and Hasty Hawk are the latest groups using Sitting Ducks attack. Horrid Hawk has been hijacking domains and using them for investment fraud schemes, while Hasty Hawk has hijacked over 200 domains to operate widespread phishing campaigns.
- Organizations or businesses that own the vulnerable domains, as well as individuals who inadvertently access the malicious content or infrastructure, are the main victims of Sitting Ducks attack.
- Sitting Ducks attacks are relatively easy to perform and difficult to detect. DNS misconfigurations are an oversight arising from many factors. However, this attack vector is entirely preventable with correct configurations at the domain registrar and DNS providers.
- Infoblox Threat Intel experts created an extensive report that explains the details behind how Sitting Ducks attacks work and how to identify a compromised domain.
- The report also explores how Vipers and Hawks execute Sitting Ducks attacks to create an infrastructure resistant to security vendor detection.
Read Full Article
3 Likes
Bitcoinist
1M
437
Image Credit: Bitcoinist
$73M Crypto Laundering Scheme Uncovered as Suspect Pleads Guilty—Key Details
- Daren Li, a dual citizen of China and St. Kitts and Nevis, has pleaded guilty to money laundering in a crypto scheme.
- Li and his co-conspirators allegedly laundered over $73 million through shell companies and bank accounts.
- They used encrypted communication channels and US-based bank accounts to disguise the movement of funds.
- Li facilitated the conversion of funds to cryptocurrencies and oversaw their distribution across wallets under his control.
Read Full Article
26 Likes
TechCrunch
1M
284
Image Credit: TechCrunch
Hot Topic data breach exposed personal data of 57 million customers
- Hot Topic, an American retailer, has suffered a data breach in October, exposing personal data of 57 million customers.
- The stolen data includes email addresses, physical addresses, phone numbers, purchases, genders, and dates of birth.
- Partial credit card data was also compromised, including credit card type, expiry dates, and the last four digits of the card number.
- The breach was claimed by a threat actor operating under the alias 'Satanic', who initially attempted to sell the stolen database.
Read Full Article
17 Likes
TechJuice
1M
374
Image Credit: TechJuice
NADRA Officials Dismissed After Data Breach Affects 2.7 Million Citizens
- Several NADRA officials have been dismissed following a data breach affecting 2.7 million Pakistani citizens.
- A Grade-19 officer and five other staff members were terminated, but concerns were raised over the lack of action against key figures involved.
- NADRA is facing challenges in expanding operations due to insufficient funding, especially in Khyber Pakhtunkhwa and Balochistan.
- The committee also discussed the need for additional NADRA facilitation centers and ongoing investigations into smuggling offenses.
Read Full Article
22 Likes
TechJuice
1M
392
Image Credit: TechJuice
FIA Breaks Up Major Online Fraud Network Across Provinces, Arrests Ringleader
- The Federal Investigation Agency’s (FIA) cybercrime department has apprehended Muhammad Shariq, the ringleader of an inter-provincial group involved in online financial fraud.
- The group utilized advanced spoofing technology and stolen bank account-linked phone numbers to scam people and collect fraudulent payments.
- Shariq managed hundreds of fake microfinance accounts through cloned apps, resulting in the theft of over Rs40 million over three years.
- Authorities are actively investigating the network and seeking to apprehend other individuals connected to the online fraud operation.
Read Full Article
23 Likes
For uninterrupted reading, download the app