menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Cyber Crime News

Cyber Crime News

source image

Cybersecurity-Insiders

1M

read

412

img
dot

Image Credit: Cybersecurity-Insiders

Cyber Attacks make UK SMEs loose £3.4 billion a year

  • Small and medium-sized enterprises (SMEs) in the UK are losing nearly £3.4 billion annually due to cyberattacks.
  • The average cost per SME is £3,398, which includes expenses related to data breaches, business interruptions, and reputational damage.
  • Lack of financial resources and in-house expertise in cybersecurity contribute to the vulnerability of SMEs.
  • SMEs need to prioritize cybersecurity, invest in employee training, and consider professional cybersecurity services to mitigate risks.

Read Full Article

like

24 Likes

share

5 Shares

source image

VoIP

1M

read

54

img
dot

Image Credit: VoIP

UK SMEs Lose Billions to Cybercrime Amid Rising Threats

  • UK SMEs are losing £3.4 billion annually due to cybercrime.
  • 32% of SMEs have no cybersecurity measures.
  • 35% of SMEs reported cyber incidents in 2024.
  • Vodafone offers a free one-month trial of CybSafe to aid SMEs.

Read Full Article

like

3 Likes

share

Share

source image

Securityaffairs

1M

read

385

img
dot

Image Credit: Securityaffairs

A member of the Scattered Spider cybercrime group pleads guilty

  • A 20-year-old man linked to the Scattered Spider cybercrime group has pleaded guilty to charges filed in Florida and California.
  • Noah Urban, known as 'Sosa' and 'King Bob' online, admitted to conspiracy, wire fraud, and identity theft in two federal cases.
  • The cybercrime group, Scattered Spider, is suspected of hacking into hundreds of organizations, including Twilio, LastPass, DoorDash, and Mailchimp.
  • Urban will pay approximately $13 million in restitution to victims and faces a long prison term with an additional sentence for aggravated identity theft.

Read Full Article

like

23 Likes

share

5 Shares

source image

Securityaffairs

1M

read

290

img
dot

Image Credit: Securityaffairs

The controversial case of the threat actor EncryptHub

  • Microsoft credited the likely lone actor behind the EncryptHub alias for reporting two Windows security flaws.
  • EncryptHub, a controversial figure with ties to cybercrime, pursued both legitimate security research and engaged in cybercriminal activity.
  • He reported two vulnerabilities to Microsoft, addressing a security feature bypass issue and a file explorer spoofing vulnerability.
  • Despite his considerable hacking skills, EncryptHub made OPSEC mistakes that exposed his cybercrime operations.

Read Full Article

like

17 Likes

share

4 Shares

source image

Socprime

1M

read

176

img
dot

Image Credit: Socprime

UAC-0226 Attack Detection: New Cyber-Espionage Campaign Targeting Ukrainian Innovation Hubs and Government Entities with GIFTEDCROOK Stealer

  • UAC-0226 hacking group is involved in a cyber-espionage campaign targeting critical sectors in Ukraine.
  • The group is using GIFTEDCROOK stealer to gather intelligence from military innovation hubs, armed forces, law enforcement entities, and government institutions.
  • The cyber-espionage activities have been observed since February 2025, with an increase in attacks against Ukraine.
  • Phishing emails with macro-enabled Excel files are used as the initial attack vector, and GIFTEDCROOK steals browser data and exfiltrates it via Telegram.

Read Full Article

like

10 Likes

share

2 Shares

source image

Siliconangle

1M

read

131

img
dot

Image Credit: Siliconangle

Xanthorox AI emerges as a new malicious threat in cybercrime communities

  • A new report reveals the emergence of Xanthorox AI, a next-generation malicious artificial intelligence platform in cybercrime communities.
  • Unlike existing models, Xanthorox AI uses a self-hosted, multi-model architecture designed for offline use in automated hacking operations.
  • The modular design of Xanthorox AI allows attackers to mix and match capabilities for various cyber tasks, such as generating malware, analyzing images, scraping data, and mimicking human reasoning.
  • Phishing protection company SlashNext is using AI-powered behavioral and language analysis to detect and prevent threats from platforms like Xanthorox AI.

Read Full Article

like

7 Likes

share

1 Share

source image

TechCrunch

1M

read

21

img
dot

Image Credit: TechCrunch

Someone hacked ransomware gang Everest’s leak site

  • The leak site used by the Everest ransomware gang was hacked and defaced.
  • The site was replaced with a note stating 'Don't do crime CRIME IS BAD xoxo from Prague.'
  • It is unclear if the gang also experienced a data breach as a result of the hack.
  • Everest is a Russia-linked ransomware gang that has claimed credit for various hacks and breaches.

Read Full Article

like

1 Like

share

Share

source image

Securityaffairs

1M

read

185

img
dot

Image Credit: Securityaffairs

PoisonSeed Campaign uses stolen email credentials to spread crypto seed scams and and empty wallets

  • A campaign named PoisonSeed uses stolen CRM and bulk email credentials to send crypto seed scams, aiming to empty victims’ digital wallets.
  • The PoisonSeed campaign targets both crypto and non-crypto entities, exploiting compromised CRM and bulk email accounts.
  • PoisonSeed attackers automate list exports and send spam urging victims to create crypto wallets using fake seed phrases.
  • The campaign is distinct from groups like Scattered Spider and CryptoChameleon but reflects growing threats in the broader cybercrime ecosystem.

Read Full Article

like

11 Likes

share

2 Shares

source image

Cybersecurity-Insiders

1M

read

317

img
dot

Image Credit: Cybersecurity-Insiders

Hackers launch cyber attacks on British Army, Royal Navy and Office for Nuclear Security

  • Hackers launch cyber attacks on British Army, Royal Navy, and Office for Nuclear Security.
  • The attacks are attributed to the 'Holy League Coalition' hacking group, known for its collaboration between Russian cyber operatives and Pro-Palestinian hackers.
  • The cyber attacks primarily involved Distributed Denial of Service (DDoS) tactics and aimed to overwhelm the targets' systems and distribute malicious software.
  • The attacks may be related to the UK's support of Ukraine, and they raise concerns about the rise of 'lone wolf' hackers affiliating themselves with larger nations or causes.

Read Full Article

like

19 Likes

share

4 Shares

source image

Cybersafe

1M

read

294

img
dot

Image Credit: Cybersafe

PoisonSeed exploits CRM tools to steal Cryptocurrency Wallets

  • A cyber campaign called PoisonSeed is targeting cryptocurrency users by exploiting customer relationship management (CRM) platforms and email marketing tools.
  • Attackers use stolen login credentials to send spam emails with fake cryptocurrency recovery phrases, tricking victims into giving them access to their funds.
  • The campaign targets both individuals and enterprises, including well-known crypto firms like Coinbase and Ledger.
  • The phishing kits used in PoisonSeed differ from those of other threat actors, suggesting it may be a new actor using similar methods.

Read Full Article

like

17 Likes

share

4 Shares

source image

Securityaffairs

1M

read

262

img
dot

Image Credit: Securityaffairs

EDR-as-a-Service makes the headlines in the cybercrime landscape

  • Cybercriminals are utilizing compromised accounts for EDR-as-a-Service (Emergency Data Requests), targeting major platforms.
  • A detailed analysis by Meridian Group reveals the rise of 'EDR-as-a-Service' in the cybersecurity landscape.
  • Criminal groups exploit stolen credentials to forward false Emergency Data Requests, obtaining sensitive information.
  • The model has evolved to cover every aspect of the process, making it easier for non-technical individuals to access confidential data for a fee in cryptocurrencies.
  • Payment dynamics involve transactions in Bitcoin or Monero on underground forums with escrow services for secure exchanges.
  • Operational manuals and deception strategies guide the use of EDR services, facilitating social engineering and doxxing campaigns.
  • The illicit sector's professionalization poses risks to cybersecurity and privacy, potentially affecting governmental infrastructures and citizens' privacy.
  • Ransomware groups are showing interest in EDR techniques, hinting at a future blend of ransomware attacks with specific data obtained through fraudulent EDRs.
  • Recommendations include strengthening validation procedures and authentication systems to mitigate risks and safeguard digital security and privacy.
  • Urgent collaboration and process enhancement are crucial to prevent the proliferation of this threat and protect institutional channels and citizens' privacy.

Read Full Article

like

15 Likes

share

3 Shares

source image

Securityaffairs

1M

read

314

img
dot

Image Credit: Securityaffairs

Oracle privately notifies Cloud data breach to customers

  • Oracle confirms a cloud data breach, quietly informing customers while downplaying the impact of the security breach.
  • A threat actor claims to possess millions of data lines tied to over 140,000 Oracle Cloud tenants.
  • The hacker has published 10,000 customer records as proof of the hack.
  • Oracle privately notifies customers of the breach, denying that any customer data was compromised.

Read Full Article

like

18 Likes

share

4 Shares

source image

Securityaffairs

1M

read

181

img
dot

Image Credit: Securityaffairs

Security Affairs newsletter Round 518 by Pierluigi Paganini – INTERNATIONAL EDITION

  • A flaw in Verizon’s iOS Call Filter app exposed call records of millions
  • Port of Seattle’s August data breach impacted 90,000 people
  • President Trump fired the head of U.S. Cyber Command and NSA
  • CERT-UA reports attacks in March 2025 targeting Ukrainian agencies with WRECKSTEEL Malware39M secrets exposed: GitHub rolls out new security tools

Read Full Article

like

10 Likes

share

2 Shares

source image

Securityaffairs

1M

read

54

img
dot

Image Credit: Securityaffairs

Port of Seattle ‘s August data breach impacted 90,000 people

  • Port of Seattle is notifying 90,000 people of a data breach after personal data was stolen in a ransomware attack in August 2024.
  • The cyber attack in August 2024 disrupted travel plans and impacted websites and phone systems of the Port of Seattle, which also operates the Seattle-Tacoma International Airport.
  • The Rhysida ransomware group was identified as behind the attack, and the Port confirmed that unauthorized actors accessed and encrypted parts of their computer systems.
  • Approximately 90,000 people were impacted by the data breach, with personal information compromised, including names, dates of birth, Social Security numbers, and driver's license numbers.

Read Full Article

like

3 Likes

share

Share

source image

Infoblox

1M

read

27

img
dot

Image Credit: Infoblox

Disrupting Fast Flux with Predictive Intelligence

  • A recent cybersecurity advisory from the Cybersecurity and Infrastructure Security Agency (CISA) highlighted the threat posed by fast flux-enabled malicious activities and the inadequate defenses of many networks.
  • Infoblox Threat Intel indicates that fast flux attacks are no longer as common and actors have moved on to more lucrative techniques.
  • Protective DNS solutions, like Infoblox, provide comprehensive protections with low rates of false positives and can identify bad domain behavior in many ways.
  • Security teams should focus on leveraging predictive intelligence and DNS-based intelligence to effectively protect against a broad spectrum of attack techniques.

Read Full Article

like

1 Like

share

Share

Prev

10
11
12
13
14
15
16
17
18
19
20

Next

For uninterrupted reading, download the app