Cyber Crime News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Crime News

Siliconangle

Image Credit: Siliconangle

New phishing campaign exploits immigration arrival card process to steal personal data

A new phishing campaign is exploiting immigration arrival card processes to steal personal data.
The campaign targets travelers to Singapore, Malaysia, and the U.K.
Phishing emails warn travelers about incomplete immigration documents and lead them to a fraudulent website.
Victims provide login credentials and payment details, which are immediately exfiltrated.

Read Full Article

5 Likes

Socprime

236

Image Credit: Socprime

XE Group Activity Detection: From Credit Card Skimming to Exploiting CVE-2024-57968 and CVE-2025-25181 VeraCore Zero-Day Vulnerabilities

XE Group, a Vietnam-linked hacking collective, has been identified as the perpetrator behind the exploitation of VeraCore zero-day vulnerabilities.
The group utilized VeraCore flaws (CVE-2024-57968 and CVE-2025-25181) to deploy reverse shells and web shells, gaining remote access.
SOC Prime Platform offers a set of Sigma rules to detect XE Group attacks and enhance threat detection and hunting capabilities.
XE Group's evolution in offensive operations demonstrates their sophistication, adaptability, and demand for proactive defense strategies.

Read Full Article

14 Likes

Securityaffairs

432

Image Credit: Securityaffairs

Crooks use Google Tag Manager skimmer to steal credit card data from a Magento-based e-stores

Threat actors are using Google Tag Manager (GTM) to install e-skimmer software on Magento-based e-stores.
GTM is a free tool that simplifies analytics and ad tracking for website owners.
The e-skimmer malware is hidden in a website's database and disguised as GTM and Google Analytics scripts to evade detection.
The malware collects credit card data filled in during the checkout process and sends it to attackers' control server.

Read Full Article

26 Likes

Wordpress

204

Image Credit: Wordpress

UPI (Unified payment Interface) – Combating Tax Fraud and ensuring Cybersecurity Compliance.

Unified Payment Interface (UPI) has transformed the way transactions are carried out in India, however, it opens doors for tax frauds and cybersecurity threats. In India, tax fraud is a recurring problem, with people hiding their income to evade taxes.
UPI is equipped with measures that help reduce tax fraud and tax avoidance as every transaction carried out through UPI is traceable. This helps to monitor suspicious payments, identify tax fraud and deception, and track the actual source of income.
Businesses getting payments via UPI are susceptible to scrutiny to ensure compliance with GST (Goods and Services Tax). UPI is taking people away from using cash and taking them towards digital payments.
Although UPI has a strong regulatory framework, cybersecurity threats still exist. Cybercriminals have replaced QR codes in shops and stores and diverted payments to themselves, generated false UPI links and impersonated UPI platforms to steal individuals’ credentials and empty their bank accounts.
UPI has taken essential steps and measures to protect users and maintain the reputation of the system, including end-to-end encryption of data transmitted, frequent and regular audits, and the two-factor authentication feature.
The relevant legal framework to counter tax fraud and cybercrime includes statutes such as Income Tax Act, Goods and Services Tax (GST) Act, Indian Computer Emergency Response Team (CERT-In) and Cyber Crime Cells.
UPI's rise has made these frauds traceable and detectable for the authorities. The Government's initiative of mandatory KYC and linking Aadhar card and PAN Card makes tracking high-value transactions and complying with regulations easier.
Although effective laws have been put in place, timely changes and amendments are required to keep up with the ever-changing ambit of digitalization and technology.
In conclusion, UPI has helped leverage scrutiny, maintaining checks and balances to avert tax fraud while maintaining the need for additional measures to keep up with new threats.
Author: Astha Sathe, for any queries, please contact/write back to us via email to [email protected] or at IIPRD

Read Full Article

12 Likes

Discover more

Gizchina

Image Credit: Gizchina

Apple Patches Zero-Day Exploit Used in Sophisticated Attacks

Apple has released an emergency update to fix a zero-day security flaw.
Attackers have used this flaw in highly sophisticated attacks.
Apple introduced USB Restricted Mode to prevent data extraction tools from accessing locked iPhones.
Apple urges users to install the update immediately.

Read Full Article

Securityaffairs

423

Image Credit: Securityaffairs

Operation Phobos Aetor: Police dismantled 8Base ransomware gang

Authorities dismantled the 8Base ransomware gang, shutting down its dark web data leak and negotiation sites.
The police arrested four European citizens in Phuket, Thailand, who are suspected to have stolen over $16 million through ransomware attacks affecting over 1,000 victims worldwide.
The gang compromised at least 17 Swiss companies using the Phobos ransomware between April 2023 and October 2024.
The 8Base ransomware group has been active since March 2022, targeting small and medium-size businesses in various industries.

Read Full Article

25 Likes

Cybersecurity-Insiders

132

Image Credit: Cybersecurity-Insiders

How Fast Recovery from Cyber Attacks Can Be Achieved

Organizations looking to recover quickly from a cyberattack must have proactive measures and well-practiced incident response procedures in place.
Preparation is key and consists of developing a comprehensive cybersecurity strategy that includes preventive measures, continuous monitoring, and a response plan.
Having a comprehensive cybersecurity framework in place can significantly reduce the likelihood of an attack and minimize its potential impact, thereby leading to a quick recovery if one occurs.
Incident Response Plans (IRP) are crucial for minimizing damage and recovering as soon as possible. The faster the company can move through each phase of the IRP, the quicker it will recover from the attack.
Automated tools such as Security Information and Event Management (SIEM) systems enable real-time monitoring and rapid response.
Cloud backup solutions help in quick data restoration without relying on physical hardware, which can be compromised. It also provides remote recovery during an attack, providing more flexibility.
Communication and transparency with stakeholders during and after an attack are crucial to the organization's reputation and help prevent misinformation.
Insurers that provide cyber insurance cover can offer critical financial support to reduce recovery costs and access expert services in areas such as incident response and forensics.
Post-attack analysis and improvement in the incident response process with updated security measures are crucial to reduce the risk of future successful attacks.
To recover quickly from the cyber attacks, a multi-faceted process is required, and it needs a combination of preparedness, well-coordinated response efforts, technology, and effective communication.

Read Full Article

7 Likes

Gritdaily

346

Image Credit: Gritdaily

Securing Education: Buzz Cybersecurity’s Expertise in Compliance and Cyber Defense for Charter Schools

Buzz Cybersecurity specializes in protecting charter schools and small businesses from online threats through expert solutions, compliance, and hands-off IT management.
Buzz Cybersecurity offers scalable and thorough cyber defense services, including detection and response, cloud solutions, disaster recovery plans, and advanced email security.
In the past year, Buzz Cybersecurity has blocked 1.56 million threats, preventing potential lost revenue of $23.1 million for their clients.
Buzz Cybersecurity ensures compliance with federal regulations, such as FERPA and COPPA, to safeguard student records and protect online privacy.

Read Full Article

20 Likes

Securityaffairs

259

Image Credit: Securityaffairs

HPE is notifying individuals affected by a December 2023 attack

HPE is notifying individuals affected by a December 2023 attack carried out by Russia-linked threat actors.
The Midnight Blizzard (aka APT29, SVR group, Cozy Bear, Nobelium, BlueBravo, and The Dukes) group along with APT28 cyber espionage group was involved in the Democratic National Committee hack and the wave of attacks aimed at the 2016 US Presidential Elections.
HPE investigation revealed that the attackers gained access to the company environment and exfiltrated data since May 2023.
The IT giant determined that the intrusion is likely linked to another attack conducted by the same APT group, of which they were notified in June 2023.
HPE emphasized that, as of the filing date, the incident has not significantly affected its operations.
Microsoft warned that some of its corporate email accounts were compromised by the same Russia-linked group Midnight Blizzard.
HPE recently confirmed that the incident was contained and remediated, but confirmed that threat actors gained access data from compromised mailboxes.
With the assistance of e-discovery specialists, HPE conducted a thorough review of the data at issue to identify the types of information that may have been subject to unauthorized access and determine to whom this information relates.
On February 5, 2025, HPE also notified the Massachusetts Office of Consumer Affairs and Business Regulation (OCABR) that Social Security numbers, driver’s license information, and credit or debit card numbers belonging to ten MA Residents were breached.
At the time of this writing, the company has yet to reveal how many individuals are affected in total.

Read Full Article

15 Likes

TechJuice

100

Image Credit: TechJuice

Ignite National Technology Fund’s Website Restored After Cyberattack

The official website of Ignite National Technology Fund, a government-backed initiative supporting innovation and startups in Pakistan, was hacked on Monday evening.
The cyberattack caused website accessibility problems and the homepage was vandalized with hacked animated cartoons, raising concerns about the security of government-run digital platforms.
The IT team of Ignite, along with cybersecurity experts, swiftly responded and restored the website within a few hours.
Investigations are ongoing to determine the origin of the attack and measures are being taken to strengthen cybersecurity defenses.

Read Full Article

6 Likes

Securityaffairs

359

Image Credit: Securityaffairs

XE Group shifts from credit card skimming to exploiting zero-days

The cybercrime group XE Group has transitioned from credit card skimming to targeted information theft.
XE Group has shifted its focus to exploiting zero-day vulnerabilities in supply chain attacks.
The group used a VeraCore zero-day to deploy reverse shells and web shells in recent attacks.
XE Group employs advanced tactics, including supply chain attacks and obfuscated executables disguised as PNG files.

Read Full Article

21 Likes

TechCrunch

441

Image Credit: TechCrunch

Media giant Lee Enterprises confirms cyberattack as news outlets report ongoing disruption

Lee Enterprises, a media giant that owns dozens of newspapers across the United States, has confirmed a cyberattack on its systems is behind ongoing disruption at dozens of newspapers and media outlets across the United States.
Lee CEO Kevin Mowbray said the company was working to fully restore its systems following a cyberattack earlier in the week.
Lee is one of the largest newspaper publishers in the U.S. and provides publishing technology and website services to 72 publications.
This is the second known cyberattack on Lee in the past five years.

Read Full Article

26 Likes

Silicon

268

Image Credit: Silicon

DeepSeek Warns Of Scam Websites, Social Media Accounts

Chinese AI start-up DeepSeek has warned about the presence of scam websites and fake social media accounts.
DeepSeek clarified that it only has three authentic social media accounts on WeChat, RedNote, and X.
The company emphasized that its smartphone app is free to download and any social media accounts charging fees are fraudulent.
DeepSeek also confirmed that it has not issued any cryptocurrencies, dismissing fraudulent websites promoting scam crypto tokens.

Read Full Article

16 Likes

Cybersafe

Image Credit: Cybersafe

Brute Force Attack hits VPN devices with 2.8M IPs

A large-scale brute force attack is targeting networking devices from Palo Alto Networks, Ivanti, SonicWall, and others.
The attack has been active since last month, with 1.1 million attacking IPs originating from Brazil.
The attackers are leveraging compromised routers and IoT devices to mask their activity.
To defend against these attacks, organizations should change default admin credentials, enforce multi-factor authentication, and update firmware regularly.

Read Full Article

2 Likes

Cybersecurity-Insiders

423

Image Credit: Cybersecurity-Insiders

What is a Seed Phrase Cyber Attack?

Seed phrase is a series of 12 to 24 words that act as the key to a cryptocurrency wallet.
Seed phrase Cyber Attack refers to a situation where cybercriminals attempt to obtain a victim's seed phrase to take over their cryptocurrency wallet.
Phishing Emails and Fake Websites, Malware and Spyware, Social Engineering, and Fake Mobile Apps and Wallets are common methods used by cybercriminals in seed phrase attacks.
When an attacker successfully obtains a victim's seed phrase, they can fully control the wallet associated with it.
Never share your seed phrase with anyone, under any circumstances.
Storing cryptocurrency on a hardware wallet is one of the most secure ways to protect your assets.
Always double-check the URL of any website you're visiting.
It's vital to store your seed phrase offline in a secure location. Do not store it in digital form (e.g., screenshots, text files).
Seed phrase cyber attacks are a significant and growing threat in the world of cryptocurrency.
In the world of digital finance, securing your seed phrase is the first line of defense against losing control of your assets.

Read Full Article

25 Likes

For uninterrupted reading, download the app