menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Cyber Crime News

Cyber Crime News

source image

Securityaffairs

4d

read

81

img
dot

Image Credit: Securityaffairs

Raccoon Infostealer operator sentenced to 60 months in prison

  • Mark Sokolovsky, operator of Raccoon Infostealer, has been sentenced to 60 months in US prison.
  • He has been ordered to pay over $910,000 in restitution.
  • Raccoon Infostealer is a malware that steals credit card data, email credentials, and cryptocurrency wallets.
  • The malware infected over 100,000 users worldwide and resulted in the theft of millions of credentials and forms of identification.

Read Full Article

like

4 Likes

source image

Cybersecurity-Insiders

5d

read

183

img
dot

Image Credit: Cybersecurity-Insiders

Rising wave of cyber-attacks targeting YouTube content creators

  • A rising wave of cyber-attacks is targeting YouTube content creators.
  • Cybercriminals are using phishing attacks disguised as business collaboration opportunities.
  • Attackers distribute malware through email attachments or links.
  • Creators are advised to exercise caution and verify collaboration offers before responding.

Read Full Article

like

11 Likes

source image

TechJuice

5d

read

256

img
dot

Image Credit: TechJuice

Meezan Bank Releases Cybersecurity Advisory Following Unauthorized Transaction Claims

  • Meezan Bank responds to unauthorized transaction claims on debit and credit cards.
  • Bank denies data breach, attributes incidents to customers sharing information on insecure e-commerce sites.
  • Affected customers reimbursed through chargeback mechanisms of international payment networks.
  • Bank provides security tips and reassures customers of commitment to data security.

Read Full Article

like

15 Likes

source image

Securityaffairs

5d

read

364

img
dot

Image Credit: Securityaffairs

Mirai botnet targets SSR devices, Juniper Networks warns

  • Juniper Networks warns that a Mirai botnet is targeting SSR devices with default passwords after unusual activity was reported on December 11, 2024.
  • Multiple customers reported anomalous activity on their Session Smart Network (SSN) platforms on December 11, 2024. Threat actors initially compromised the devices and then employed them in DDoS attacks.
  • Mirai bot exploits devices using default credentials, enabling remote command execution through SSH attacks to facilitate various malicious activities, including DDoS attacks.
  • To mitigate the exposure to these threats, users are recommended to change default credentials, use strong passwords, review access logs, employ firewalls and IDS/IPS, and keep firmware up-to-date.

Read Full Article

like

21 Likes

source image

Securityintelligence

5d

read

393

img
dot

Image Credit: Securityintelligence

2024 roundup: Top data breach stories and industry trends

  • One of the largest personal data breaches took place on April 8, 2024, leading to nearly 3 billion US citizens having their information leaked on the dark web.
  • 90% of the world’s top energy companies experienced data breaches that stemmed from third-party breaches.
  • According to the IBM Cost of a Data Breach 2024 report, the financial sector has seen a surge in data breach costs since the pandemic, reaching an average of $6.08 million per incident.
  • The global average cost of data breaches jumped 10% year-over-year between 2023 and 2024, with the latest figure reaching an alarming $4.88 million.
  • 50% of organizations experiencing data breaches reported that they stemmed from staffing shortages.
  • Organizations should prioritize a proactive approach to cybersecurity planning, optimize their access restriction policies and address critical staffing shortages.

Read Full Article

like

23 Likes

source image

TechJuice

6d

read

395

img
dot

Image Credit: TechJuice

Meezan Bank Refuses Data Breach, Links Unauthorized Transactions to Third-Party Platforms

  • Meezan Bank clarifies that unauthorized debit card transactions were not a result of a data breach but customers sharing sensitive information on third-party platforms.
  • Affected customers have been compensated, and the bank assures the security of its systems.
  • The incident highlights concerns over cybercrime in Pakistan, leading to proposed changes to legislation.
  • Meezan Bank emphasizes the need for stronger cybersecurity measures to protect consumer data.

Read Full Article

like

23 Likes

source image

Cybersafe

6d

read

827

img
dot

Image Credit: Cybersafe

Hacker leak exposes 2.9GB from Cisco DevHub

  • A hacker known as IntelBroker has leaked 2.9GB of data allegedly stolen from Cisco's DevHub environment.
  • The breach originated from Cisco's public-facing DevHub portal due to inadequate security measures.
  • The compromised data includes source code, credentials, confidential documents, and cloud storage data.
  • Cisco has disabled public access to DevHub and engaged law enforcement and cybersecurity experts.

Read Full Article

like

20 Likes

source image

Siliconangle

6d

read

218

img
dot

Image Credit: Siliconangle

Zimperium warns of growing threat of sophisticated mobile phishing attacks targeting executives

  • Zimperium warns of growing threat of sophisticated mobile phishing attacks targeting executives
  • Spear phishing campaigns targeting corporate executives are becoming more sophisticated, particularly through mobile devices.
  • Threat actors impersonate trusted business platforms and internal communications to improve the effectiveness of their attacks.
  • Companies are advised to educate employees, prioritize mobile device security, and keep security policies and detection tools updated.

Read Full Article

like

13 Likes

source image

TechCrunch

6d

read

363

img
dot

Image Credit: TechCrunch

Tracker firm Hapn spilling names of thousands of GPS tracking customers

  • GPS tracking firm Hapn is exposing names of thousands of customers due to a website bug.
  • The bug allows anyone to log in to view exposed data using developer tools in their web browser.
  • Exposed data includes names and business affiliations of customers but not location data.
  • Hapn has not responded to multiple emails and does not have a system for reporting vulnerabilities.

Read Full Article

like

21 Likes

source image

Adamlevin

6d

read

346

img
dot

Image Credit: Adamlevin

Scams, Hacks, and AI: What to Expect in 2025

  • Companies and cybercriminals are incorporating AI into their software offerings and services, leading to sophisticated phishing attacks, automated credential stuffing, target profiling, and deepfakes. Expect an escalation between AI-based offense and defense in cybersecurity.
  • Security measures such as firewalls, VPNs, and password managers might protect customer data, but any weaknesses in their defenses could result in wide-scale attacks on the level of the SolarWinds breach.
  • Cryptocurrency wallets will face increased attacks due to the rising value of cryptocurrencies and their transferability and anonymity. Expect more sophisticated crypto schemes to escalate.
  • Children will be targeted on social media platforms, leading to theft, extortion, catfishing, and other potential dangers. Increased attention is needed to protect children online.

Read Full Article

like

20 Likes

source image

TechCrunch

6d

read

272

img
dot

Image Credit: TechCrunch

How the ransomware attack at Change Healthcare went down: A timeline

  • A ransomware attack in February on US health tech company Change Healthcare affected at least 100m people, making it one of the largest data breaches of US health and medical data in history.
  • The company processes billing and insurance for hundreds of thousands of medical practices, pharmacies, and hospitals in the US healthcare sector, handling between one-third and one-half of all US health transactions.
  • The hackers broke into the company's system on or around February 12, with Change Healthcare only confirming that a cyber attack was the cause of the outage eight days later.
  • UnitedHealth later confirmed that a Russian-speaking ransomware gang, ALPHV/BlackCat, was behind the attack, with the gang itself also publishing evidence on the dark web.
  • In early March, the gang vanished after a $22m ransom payment, leaving the data behind to form a new extortion racket called RansomHub in April.
  • As of October 24, UnitedHealth confirmed the breach affected over 100m people, while a lawsuit by Nebraska revealed new details of the hack, suggesting the number could rise further.
  • CEO Andrew Witty later admitted that a user account was hacked with a single password that was not protected by multi-factor authentication.
  • Change Healthcare started notifying affected individuals in late June through a law requiring mandatory notice, while the US government upped its bounty to $10m for information on the gang’s location.
  • Affected healthcare providers can also request UnitedHealth notify their patients, while the incident remains one of the biggest data breaches of sensitive US health data.
  • UnitedHealth said the hackers stole sensitive information, including medical data, health information, diagnoses, payment information, test results, imaging, care plans, treatment plans and other personal information.

Read Full Article

like

16 Likes

source image

TechCrunch

6d

read

49

img
dot

Image Credit: TechCrunch

Nebraska sues Change Healthcare over security failings that led to medical data breach of over 100 million Americans

  • The state of Nebraska has sued Change Healthcare over alleged security failings that led to a data breach affecting over 100 million Americans.
  • Nebraska's attorney general claims that Change Healthcare failed to implement proper security measures, resulting in a historic and significant breach of sensitive health information.
  • The breach, linked to the ALPHV ransomware gang, exposed personal, health, and financial data of affected individuals.
  • Nebraska is seeking damages and accountability from Change Healthcare for the harm caused to residents, healthcare providers, and operational disruptions.

Read Full Article

like

2 Likes

source image

Cybersecurity-Insiders

6d

read

243

img
dot

Image Credit: Cybersecurity-Insiders

IntelBroker released data related to Cisco stolen from Cloud Instance

  • Notorious hacker group IntelBroker has released stolen data related to Cisco from their Cloud Instance.
  • The stolen data includes sensitive materials such as SASE certificates, source code, and confidential documents.
  • Initially, Cisco denied any theft but later acknowledged that some of the stolen data contained sensitive information.
  • IntelBroker is connected to an Iranian Persistent Threat Group and operates a cyber-leak forum called BreachForums.

Read Full Article

like

14 Likes

source image

Siliconangle

6d

read

119

img
dot

Image Credit: Siliconangle

SlashNext report warns of eightfold rise in credential phishing as AI drives sophistication

  • A new report by phishing protection company SlashNext Inc. highlights a significant increase in phishing attacks in the second half of 2024, with an eightfold rise.
  • The rise in credential phishing attacks is attributed to the availability of advanced phishing kits on the dark web, as well as the use of generative artificial intelligence.
  • Email-based attacks saw a threefold surge, driven by sophisticated techniques and AI-generated targeted messages.
  • The report emphasizes the need for organizations to implement real-time, adaptive security measures to combat the evolving nature of phishing campaigns.

Read Full Article

like

7 Likes

source image

Siliconangle

6d

read

392

img
dot

Image Credit: Siliconangle

Cofense report warns of credential-harvesting attacks that spoof Proofpoint, Mimecast and Virtru

  • A new report from Cofense warns of sophisticated phishing attacks that exploit trusted email security companies like Proofpoint, Mimecast, and Virtru.
  • The attacks use fake email attachments, phishing links, and credential-harvesting tactics to compromise sensitive data.
  • Threat actors mimic well-known brands to gain recipients' trust and trick them into divulging credentials, granting unauthorized access to sensitive accounts.
  • The report emphasizes the importance of heightened vigilance, proactive security measures, and employee training to mitigate the risks associated with phishing attacks.

Read Full Article

like

23 Likes

For uninterrupted reading, download the app