menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Cyber Crime News

Cyber Crime News

source image

Pymnts

1M

read

15

img
dot

Image Credit: Pymnts

Report: OCC Hack Prompts Information Sharing Limits From Big Banks

  • JPMorgan Chase and Bank of New York Mellon have scaled back electronic information sharing with the Office of the Comptroller of the Currency (OCC) following a significant breach of the regulator’s email system.
  • The breach, detected in mid-February, impacted over 100 accounts for more than a year and is considered a 'major incident.'
  • Banks' concerns about potential security risks to their own computer networks led to the decision to limit information sharing.
  • The breach has raised questions about the OCC's initial response and security measures, drawing scrutiny from U.S. congressional committees.

Read Full Article

like

Like

share

Share

source image

Medium

1M

read

35

img
dot

Juice Jacking Is Real: How to Charge Your Phone in Public Without Giving Away Your Data

  • Juice jacking is a cyberattack where a public USB port or a malicious charging cable steals data from your device or installs malware while you charge.
  • Juice jacking could lead to the theft of personal data, installation of malware, or compromise of device security.
  • To charge your device safely in public, consider using a data-blocking adapter (USB condom), bringing your own wall charger, using a power bank, and avoiding borrowing cables.
  • Locking your device before charging can also help reduce the risk of data access through a USB connection.

Read Full Article

like

2 Likes

share

Share

source image

Securityaffairs

1M

read

265

img
dot

Image Credit: Securityaffairs

New malware ‘ResolverRAT’ targets healthcare, pharmaceutical firms

  • New malware ‘ResolverRAT’ is targeting healthcare and pharmaceutical firms, using advanced capabilities to steal sensitive data.
  • ResolverRAT spreads via phishing emails using localized languages and legal lures. Victims download a malicious file triggering the malware.
  • ResolverRAT is a newly identified remote access trojan that combines advanced in-memory execution, API and resource resolution at runtime, and layered evasion techniques.
  • The threat actor targets users in multiple countries with phishing emails in native languages, often referencing legal investigations or copyright violations to increase credibility.

Read Full Article

like

15 Likes

share

3 Shares

source image

TechCrunch

1M

read

89

img
dot

Image Credit: TechCrunch

Hertz says customers’ personal data and driver’s licenses stolen in data breach

  • Hertz is notifying customers of a data breach that resulted in the theft of personal data and driver's licenses.
  • The breach occurred from October to December 2024 in a cyberattack on one of Hertz's vendors, Cleo Software.
  • Stolen data includes customer names, contact information, driver's licenses, payment card info, and workers' compensation claims.
  • A smaller number of customers had their Social Security numbers and other government-issued identification numbers stolen.

Read Full Article

like

5 Likes

share

1 Share

source image

Securityaffairs

1M

read

346

img
dot

Image Credit: Securityaffairs

Malicious NPM packages target PayPal users

  • Threat actors deploy malicious NPM packages to steal PayPal credentials and hijack cryptocurrency transfers.
  • "Using PayPal-related names helps these malicious packages avoid detection, making it easier for attackers to steal sensitive information.
  • Malicious NPM packages use a preinstall hook to run hidden scripts, steal system info, obfuscate data, and exfiltrate it to attacker-controlled servers for future attacks.
  • Fortinet researchers recommend watching for fake PayPal-related packages, checking network logs for odd connections, removing threats, updating credentials, and staying cautious when installing packages.

Read Full Article

like

20 Likes

share

4 Shares

source image

Securityaffairs

1M

read

395

img
dot

Image Credit: Securityaffairs

Tycoon2FA phishing kit rolled out significant updates

  • The operators of the Phishing-as-a-Service platform Tycoon2FA have updated their kit to enhance evasion capabilities.
  • The updates include advanced evasion tactics such as a custom CAPTCHA via HTML5 canvas, invisible Unicode in obfuscated JavaScript, and anti-debugging scripts.
  • Tycoon2FA now uses invisible Unicode characters and JavaScript Proxy objects to complicate analysis and delay script execution.
  • The phishing kit also implemented a custom HTML5 canvas-based solution to evade detection and hinder automated analysis.

Read Full Article

like

23 Likes

share

5 Shares

source image

Securityaffairs

1M

read

373

img
dot

Image Credit: Securityaffairs

South African telecom provider Cell C disclosed a data breach following a cyberattack

  • South African telecom provider Cell C confirms a data breach after a cyberattack.
  • RansomHouse cyberattack group claims responsibility and leaks stolen data.
  • Compromised data includes personal information, financial details, and identification documents.
  • Cell C has taken immediate action, engaged cybersecurity experts, and provided guidance to affected stakeholders.

Read Full Article

like

22 Likes

share

5 Shares

source image

Cybersecurity-Insiders

1M

read

8

img
dot

Image Credit: Cybersecurity-Insiders

Cyber Attack Targets Military Aid Relief Aircraft in Historic GPS Spoofing Incident

  • A military aid relief aircraft was targeted in a historic GPS spoofing attack during a critical mission in Myanmar.
  • The attack aimed to mislead the aircraft's navigation system and alter its flight path.
  • The Indian Air Force crew successfully thwarted the attack and safely guided the aircraft to its intended destination.
  • This incident highlights the vulnerabilities in global navigation systems and the need for proactive measures to safeguard against such cyber threats.

Read Full Article

like

Like

share

Share

source image

Securityaffairs

1M

read

157

img
dot

Image Credit: Securityaffairs

Security Affairs newsletter Round 519 by Pierluigi Paganini – INTERNATIONAL EDITION

  • Symbolic Link trick lets attackers bypass FortiGate patches, Fortinet warns
  • Laboratory Services Cooperative data breach impacts 1.6 Million People
  • Palo Alto warns of brute-force login attempts on PAN-OS GlobalProtect gateways indicating possible upcoming attacks
  • Gamaredon targeted the military mission of a Western country based in Ukraine

Read Full Article

like

9 Likes

share

2 Shares

source image

Cybersecurity-Insiders

1M

read

0

img
dot

Image Credit: Cybersecurity-Insiders

Critical Patient Data Exposed: 1.6 Million Affected in Widespread Healthcare Cyber Attack

  • A major data breach has affected 1.6 million individuals, compromising their personal and medical data including Social Security numbers, diagnoses, lab results, and insurance details.
  • The breach is considered one of the most severe healthcare breaches of the year. Laboratory Services Cooperative (LSC), a lab testing provider serving organizations like Planned Parenthood, has become a target for cyber criminals.
  • The gravity of the breach is emphasized by experts who point out the potential consequences, including identity theft, medical fraud, and social engineering attacks. The healthcare sector continues to be a prime target for threat actors.
  • As a result, experts emphasize the urgent need for healthcare organizations to adopt a threat-informed, zero-trust security model and for affected individuals to remain vigilant for potential phishing attempts and fraudulent activities.

Read Full Article

like

Like

share

Share

source image

Cybersecurity-Insiders

1M

read

204

img
dot

Image Credit: Cybersecurity-Insiders

The Oracle Breach Is Bigger Than You Think—5 Urgent Steps to Take Now

  • Federal authorities are investigating a major data breach involving Oracle, one of the leading cloud infrastructure providers.
  • Hackers gained unauthorized access to Oracle systems, stealing sensitive client login credentials.
  • Immediate actions recommended include: forcing password resets, implementing multi-factor authentication, auditing access logs, reviewing and restricting third-party integrations, and implementing enhanced monitoring and threat detection.
  • Long-term vigilance and strong security strategies are essential to prevent and respond to such breaches.

Read Full Article

like

12 Likes

share

2 Shares

source image

Securityaffairs

1M

read

284

img
dot

Image Credit: Securityaffairs

Attackers are exploiting recently disclosed OttoKit WordPress plugin flaw

  • Threat actors are exploiting a vulnerability in the OttoKit WordPress plugin, a few hours after public disclosure.
  • The vulnerability, known as CVE-2025-3102, has a CVSS score of 8.1.
  • The flaw allows attackers to create malicious administrator users on unconfigured WordPress sites using the plugin.
  • Immediate updates are strongly advised, as over 100,000 sites are potentially affected.

Read Full Article

like

17 Likes

share

3 Shares

source image

Securityaffairs

1M

read

374

img
dot

Image Credit: Securityaffairs

Laboratory Services Cooperative data breach impacts 1.6 Million People

  • Laboratory Services Cooperative disclosed a data breach that impacted the personal and medical information of 1.6 million people.
  • The incident took place in October 2024, with unauthorized access and removal of files.
  • Stolen data may include personal information, medical details, health insurance information, and billing/payment data.
  • The Laboratory Services Cooperative is providing impacted individuals with credit monitoring and identity protection services.

Read Full Article

like

22 Likes

share

5 Shares

source image

Hackernoon

1M

read

442

img
dot

Image Credit: Hackernoon

Hands-On Labs: The Key To Accelerating CMMC 2.0 Compliance

  • Hands-On Labs play a key role in accelerating CMMC 2.0 compliance for defense contractors.
  • INE Security highlights the importance of practical, immersive training environments.
  • Hands-on labs bridge the gap between theoretical knowledge and practical implementation of complex cybersecurity controls.
  • INE Security's hands-on lab capabilities help achieve CMMC readiness and accelerate compliance timelines.

Read Full Article

like

26 Likes

share

6 Shares

source image

Kaspersky

1M

read

36

img
dot

Image Credit: Kaspersky

12 tips on how to use WhatsApp, Telegram, Signal, Viber, WeChat, and other messaging apps safely | Kaspersky official blog

  • Enable two-factor authentication to prevent hacking or hijacking of your account through SIM swapping or other techniques.
  • Avoid sharing one-time passwords with anyone to prevent scammers from stealing your account.
  • Do not scan QR codes outside of the messaging app to avoid linking your account to scammers.
  • Carefully check new contact requests to verify the authenticity of the sender and avoid falling for scams.
  • Utilize the block feature to get rid of unwanted contacts like stalkers, scammers, and exes.
  • Think twice before opening links, even if they're from friends, to avoid falling victim to account compromise.
  • Restrict access to your smartphone and messaging app with screen lock and app lock features.
  • Turn off message previews on the lock screen to prevent sensitive data from being displayed.
  • Use disappearing messages or one-time-view options for sharing sensitive information to avoid leaving a trail.
  • Avoid sending sensitive content like nudes to prevent potential embarrassment or blackmail.

Read Full Article

like

2 Likes

share

Share

Prev

10
11
12
13
14
15
16
17
18
19
20

Next

For uninterrupted reading, download the app