A naukri.com initiative
Cyber Crime News
Socprime
1M
242
Image Credit: Socprime
UAC-0001 aka APT28 Attack Detection: Leveraging PowerShell Command in Clipboard as Initial Entry Point
- The notorious Russian state-sponsored hacking group known as APT28 or UAC-0001 has resurfaced with a new cyber attack campaign.
- In this campaign, attackers are using a PowerShell command embedded in the clipboard as an initial entry point.
- The attack involves phishing emails, fake reCAPTCHA prompts, and the execution of PowerShell commands to download and launch malware.
- Organizations are advised to strengthen their cybersecurity defenses and stay vigilant against these emerging threats.
Read Full Article
14 Likes
TechCrunch
1M
196
Image Credit: TechCrunch
MoneyGram replaces CEO weeks after massive customer data breach
- MoneyGram has replaced its CEO, Alex Holmes, following a recent data breach.
- Anthony Soohoo has been appointed as the new CEO of MoneyGram.
- Alex Holmes will remain as an advisor to the company's board of directors.
- The data breach resulted in the theft of customers' personal information and transaction records.
Read Full Article
11 Likes
Securityintelligence
1M
50
Image Credit: Securityintelligence
Why safeguarding sensitive data is so crucial
- A recent data breach at virtual medical provider Confidant Health highlights the importance of comprehensively safeguarding sensitive data. The breach exposed 5.3 terabytes of data, including audio and video recordings of therapy sessions, detailed psychiatric intake notes and medical histories, far surpassing the usual risks associated with personally identifiable information (PII) breaches.
- The unique threat of sensitive data exposure has seen a significant increase in cost. IBM’s Cost of a Data Breach report noted the cost per record for intellectual property data jumped from $156 to $173.
- Cyber attackers value sensitive data, including medical data, because of its social engineering potential, targeted blackmail and selling value, making robust data protection a critical need, especially in healthcare settings.
- Corporate espionage, targeted phishing, identity theft and blackmail are potential vectors for attacks exploiting the vulnerabilities of key employees where their personal vulnerabilities are revealed during therapy sessions.
- Comprehensive data protection measures require authentication, encryption, network, endpoint, and data loss prevention security, third-party risk management, data governance, and physical security measures.
- Robust access controls, building role-based access controls, and implementing multi-factor authentication limit data access.
- Encryption is necessary to safeguard sensitive data. End-to-end encryption for data transfers, device encryption and next-generation firewalls, network segmentation will all help isolate sensitive data.
- Data loss prevention solutions, including data masking and tokenization, are essential in preventing data movement. Regular data backups and tested restoration procedures ensure data availability in the event of incidents.
- Organizations need third-party risk management regulations, compliance with healthcare regulations such as HIPAA, and formal data classification protocols.
- A formal incident response plan, a dedicated incident response team and automated threat detection and response capabilities help minimize the impact of security breaches. Physical security measures should not be overlooked, securing physical access to data centers, proper disposal of physical media and using surveillance in sensitive areas.
- Organizations need to adopt a holistic approach that recognizes the unique vulnerability of sensitive personal information, because safeguarding PII is no longer enough.
Read Full Article
3 Likes
Securityaffairs
1M
178
Image Credit: Securityaffairs
Fog and Akira ransomware attacks exploit SonicWall VPN flaw CVE-2024-40766
- Fog and Akira ransomware operators are exploiting SonicWall VPN flaw CVE-2024-40766 to breach enterprise networks.
- CVE-2024-40766 is an Improper Access Control Vulnerability impacting SonicWall SonicOS, the company addressed it in August 2024.
- Threat actors can exploit the vulnerability to gain unauthorized resource access and crash the impacted firewalls.
- Arctic Wolf researchers detected over 30 Akira and Fog ransomware intrusions since August, all leveraging unpatched SonicWall SSL VPNs (CVE-2024-40766).
Read Full Article
10 Likes
Silicon
1M
439
Image Credit: Silicon
QR Codes Enable New Enterprise Phishing Threat
- Enterprises are increasingly targeted by scam QR codes embedded in PDF documents attached to emails.
- Attackers use this technique to bypass security systems and introduce malicious links into organizations.
- Recipients are instructed to scan the code with a mobile device and are then taken to a phishing website designed to capture their login credentials.
- The use of QR codes in phishing attacks has risen with the increased usage during the COVID-19 pandemic.
Read Full Article
26 Likes
Hackernoon
1M
265
Image Credit: Hackernoon
INE's Initiative To Optimize Year-End Training Budgets With Enhanced Cybersecurity And Networking
- INE Security is launching an initiative to guide organizations in investing in technical training before the year end.
- Using surplus training budgets can help organizations make strategic decisions, improve security protocols, and foster a knowledgeable workforce.
- Organizations can utilize available training budgets to upgrade skills, boost employee retention, future-proof teams, and ensure compliance with industry standards.
- INE Security is offering significant discounts for team training on two-year deals to help organizations optimize their unspent training funds and boost long-term security strategies.
Read Full Article
15 Likes
Dev
1M
270
Image Credit: Dev
How to Safeguard Your Crypto: Expert Tips for Avoiding Scams and Phishing Attacks
- The importance of strong security measures has never been greater, especially as hackers and scammers continue to evolve their tactics.
- Recent data from bug bounty and security platform, Immunefi, highlights that over $1.3 billion has already been lost to hacking incidents since early 2024 and nearly $424 million of the losses occurred in the third quarter alone, reflecting the sophisticated nature of cyber threats.
- This article not only guides you through some of the most common types of crypto scams but also offers practical advice to help you navigate the risks and enhance the security of your investments.
- Some of the most prevalent scams in the cryptocurrency space are Phishing attacks, Investment scams, Fake giveaways, Pump-and-dump schemes, Man-in-the-Middle (MITM) attacks, Fake Crypto Exchanges and Wallets, Employment Scams, Unregistered platforms, and Guaranteed High Returns (Ponzi and Pyramid Schemes).
- Cryptocurrency exchanges such as Coinbase, Crypto.com, Bitget, WhiteBIT, and Kraken implement various advanced methods and technologies to protect users from fraud, hacking, and other risks.
- Blockchain Developer James Bachini recommends multi-signature wallets, hardware wallets, using phishing detection tools, avoiding clicking on unsolicited links from emails, skepticism towards unrealistic returns, and immediate action for suspected scams.
- By implementing robust security measures, staying informed about the latest threats, and following expert advice, investors and traders can significantly reduce their vulnerability to scams and phishing attacks.
- Remember, in the rapidly evolving crypto space, vigilance is your best defense.
- Stay cautious, continue learning, and always prioritize the security of your digital assets to navigate the crypto waters safely and confidently.
- With a proactive approach to security, you can maximize the potential of this innovative financial frontier.
Read Full Article
16 Likes
Securityaffairs
1M
352
Image Credit: Securityaffairs
France’s second-largest telecoms provider Free suffered a cyber attack
- French telecoms provider Free discloses a cyber attack where threat actors had access to customer personal information.
- The attack targeted a management tool, leading to unauthorized access to some subscriber accounts.
- No passwords, bank cards, or communication content were compromised in the attack.
- Free has taken immediate measures to mitigate the security breach and has filed a criminal complaint.
Read Full Article
21 Likes
Cybersecurity-Insiders
1M
306
Image Credit: Cybersecurity-Insiders
Educated people becoming prime targets to Cyber Frauds
- A significant proportion of cyber fraud victims are educated individuals, well-versed in technology.
- Majority of cyber fraud victims are younger and middle-aged adults between 14 and 50 years old.
- Educated individuals can be vulnerable to cyber fraud due to overconfidence and lack of awareness.
- To mitigate the risks, individuals and organizations should stay vigilant, exercise caution, and adhere to cyber hygiene.
Read Full Article
18 Likes
Securityaffairs
1M
32
Image Credit: Securityaffairs
A crime ring compromised Italian state databases reselling stolen info
- Italian police have arrested four individuals and are investigating dozens, including Leonardo Maria Del Vecchio, for unauthorized access to state databases.
- Charges include criminal conspiracy, illegal interception, falsification of electronic communications, disclosure of confidential information, aiding and abetting, and extortion.
- The criminal ring allegedly collected a large amount of sensitive data and offered it to customers for various purposes, potentially including spying and blackmail.
- Investigators suspect that foreign intelligence agencies may have also accessed the stolen data.
Read Full Article
1 Like
Socprime
1M
242
Image Credit: Socprime
CVE-2024-47575 Detection: FortiManager API Vulnerability Exploited in Zero-Day Attacks
- Cybersecurity researchers have disclosed a critical FortiManager API vulnerability, CVE-2024-47575, that has been exploited in zero-day attacks.
- The vulnerability allows attackers to execute arbitrary code or commands and steal sensitive files containing configurations, IP addresses, and credentials.
- A new threat actor, UNC5820, has been linked to the exploitation of this vulnerability.
- To detect exploitation attempts, organizations can use the SOC Prime Platform or the dedicated Sigma rule.
Read Full Article
14 Likes
Securityaffairs
1M
9
Image Credit: Securityaffairs
Third-Party Identities: The Weakest Link in Your Cybersecurity Supply Chain
- Third party supply chain is the weakest link which adds third-party risk affecting each partner's security, making identity and access management more challenging
- The lack of visibility in identities logging in daily coupled with unsafe credentials of nearly two to one non-employees could add detrimental risk to the organization
- Identity and Access Management (IAM) is a solution to solve this problem, which can manage upstream vendors and third-party risks securely without additional technical difficulties
- Companies engaging in B2B or B2B2X activities require IAM solutions to cover compliance and to maintain the trust of their clients
- With Zero Trust guiding cybersecurity, IAM is a foundational pillar in dealing with third-party risk, eliminating stolen credentials as the prime point of compromise, especially when nearly 9 out of 10 breaches originate from stolen credentials
- IAM solution can be the perfect solution to not only safeguard against inherent third-party risks but also help organizations scale, integrate with other systems, and overcome challenges in digitization by providing policy configuration, Multi-factor authentication (MFA), Single sign-on (SSO), orchestrate user journey flows and more
- Implementing IAM sooner rather than later is a big win - it streamlines processes such as onboarding and login, establishing a curated trust and delineate who has access to valuable information
- Security of our digital presence is more critical than ever. Protect your organization by Implementing Identity and Access Management
Read Full Article
Like
Securityaffairs
1M
384
Image Credit: Securityaffairs
Black Basta affiliates used Microsoft Teams in recent attacks
- ReliaQuest researchers observed Black Basta affiliates relying on Microsoft Teams to gain initial access to target networks.
- Black Basta ransomware affiliates switched to Microsoft Teams, posing as IT support to deceive employees into granting access.
- Threat actors flood employee inboxes with emails, then impersonate IT support on Microsoft Teams to offer help.
- Attackers send QR codes in chats as part of Quishing attempts.
Read Full Article
23 Likes
Pymnts
1M
265
Image Credit: Pymnts
QR Code-Based Cyberattacks Increasingly Target Consumers
- Banks and regulators are warning against the rise of phishing scam involving QR codes.
- In a quishing scam, criminals send QR codes in PDFs attached to emails to bypass cybersecurity defenses.
- Victims often don't know where they are being directed until it's too late due to the visual difficulty of interpreting QR codes.
- The rise of quishing attacks adds to the increasing costs of cyberattacks, with phishing attacks costing businesses $4.9 million on average.
Read Full Article
15 Likes
Securityaffairs
1M
449
Image Credit: Securityaffairs
Security Affairs newsletter Round 495 by Pierluigi Paganini – INTERNATIONAL EDITION
- Chinese cyber spies targeted phones used by Trump and Vance
- Irish Data Protection Commission fined LinkedIn €310M for GDPR infringement
- Change Healthcare data breach impacted over 100 million people
- OnePoint Patient Care data breach impacted 795916 individuals
Read Full Article
27 Likes
For uninterrupted reading, download the app