menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Cyber Crime News

Cyber Crime News

source image

Infoblox

1M

read

0

img
dot

Image Credit: Infoblox

Disrupting Fast Flux and Much More with Protective DNS

  • A recent cybersecurity alert from the Cybersecurity and Infrastructure Security Agency (CISA) highlights the use of a DNS technique called fast flux by threat actors.
  • Fast flux is the rapid changing of DNS records to avoid IP blocking and is difficult to detect, making it a challenge for network operators to mitigate the threat.
  • Infoblox, a protective DNS provider, incorporates multiple algorithms into its detectors to identify suspicious domains and protect customers from fast flux attacks.
  • Protective DNS solutions, such as Infoblox's, can effectively block suspicious and malicious domains, even in the face of evolving techniques used by threat actors.

Read Full Article

like

Like

share

Share

source image

VentureBeat

1M

read

308

img
dot

Image Credit: VentureBeat

Cisco: Fine-tuned LLMs are now threat multipliers—22x more likely to go rogue

  • Weaponized large language models (LLMs) fine-tuned with offensive tradecraft are reshaping cyberattacks, automating reconnaissance, social engineering, and more.
  • Models like FraudGPT, GhostGPT, and DarkGPT enable attack strategies like phishing and code obfuscation, available for as low as $75 monthly.
  • Cybercrime entities exploit revenue opportunities through leasing access to weaponized LLMs, resembling legitimate SaaS businesses.
  • The blurring lines between developer platforms and cybercrime kits indicate a rapid evolution in AI-driven threats.
  • Fine-tuned LLMs are increasingly vulnerable to producing harmful results, as reported by Cisco’s AI Security Report.
  • The process of fine-tuning LLMs creates potential security weaknesses, exposing them to attacks like data poisoning and model inversion.
  • Legitimate LLMs are now at risk of exploitation and integration into cybercriminal tool sets, increasing their susceptibility.
  • Fine-tuning destabilizes alignment, compromising safety controls especially in sensitive domains governed by strict compliance regulations.
  • The rise of black-market weaponized LLMs like GhostGPT and FraudGPT sold for $75/month poses significant threats to enterprises.
  • Cisco's research highlights the need for real-time visibility, adversarial testing, and fortified security measures to combat evolving cyber threats.

Read Full Article

like

18 Likes

share

4 Shares

source image

Silicon

1M

read

304

img
dot

Image Credit: Silicon

Pentagon Confirms Investigation Of Signal Use By Pete Hegseth

  • A watchdog within the US Department of Defense has publicly confirmed an investigation into the use of the Signal messaging app by top White House officials.
  • The investigation aims to determine the extent to which the Secretary of Defense and other DoD personnel complied with policies and procedures for the use of a commercial messaging app for official business.
  • The controversy began when plans for a strike against the Houthi group in Yemen were inadvertently discussed in a Signal group chat that included senior US officials.
  • Experts raised security concerns as the use of Signal's end-to-end encryption does not protect against a compromised smartphone.

Read Full Article

like

18 Likes

share

4 Shares

source image

Medium

1M

read

247

img
dot

Image Credit: Medium

Cybersecurity in the Age of AI: Protecting Against Emerging Threats

  • AI brings both opportunities and challenges to the field of cybersecurity.
  • Cybercriminals are using AI to automate and enhance their attacks, making detection and defense more difficult.
  • To protect against AI-facilitated threats, businesses should update their systems regularly and invest in AI-based cybersecurity solutions.
  • Employee training and cultivating a culture of cybersecurity awareness are essential in defending against evolving cyber threats.

Read Full Article

like

15 Likes

share

3 Shares

source image

Medium

1M

read

13

img
dot

Image Credit: Medium

When Your Fitness Tracker Tattles to Your Boss: The Wild World of Data Leaks

  • Fitness trackers and IoT devices have the potential to leak sensitive details.
  • Personal fitness data being shared with employers and insurers can pose career liabilities.
  • Hackers can exploit leaked fitness data, exposing personal information in online forums.
  • Users are advised to check privacy settings and take steps to protect their personal information.

Read Full Article

like

Like

share

Share

source image

Cybersecurity-Insiders

1M

read

277

img
dot

Image Credit: Cybersecurity-Insiders

Cyber Attack Hits Multiple Major Superannuation Providers in Australia, Resulting in Fund Theft and Account Lockdowns

  • A cyberattack targeting five major superannuation providers in Australia has led to significant fund theft and account lockdowns.
  • The attack resulted in one provider losing over $500,000 in funds and customers experiencing service disruptions.
  • Affected companies include Rest, Australian Retirement Trust, Hostplus, Insignia, and AustralianSuper.
  • Authorities assure that all affected accounts will be restored and are investigating the incident, speculating it may be the work of a hacking group linked to North Korean intelligence agencies.

Read Full Article

like

16 Likes

share

3 Shares

source image

TechJuice

1M

read

168

img
dot

Image Credit: TechJuice

Government Issues Cybersecurity Warning Following Alleged Oracle Cloud Data Breach

  • The National Computer Emergency Response Team (NCERT) has issued an urgent advisory regarding an alleged data breach in Oracle Cloud, raising concerns about data security and unauthorized access.
  • A hacker, known as 'rose87168,' claimed to have accessed Oracle Cloud servers, obtaining over six million records containing Single Sign-On (SSO) login credentials.
  • Experts believe that the breach likely exploited vulnerabilities in SSO authentication and LDAP setups, posing risks of credential-stuffing attacks and potential identity theft.
  • Oracle's response to the breach has drawn criticism, with concerns raised about transparency and prioritization of corporate reputation over customer security.

Read Full Article

like

10 Likes

share

2 Shares

source image

Socprime

1M

read

313

img
dot

Image Credit: Socprime

UAC-0219 Attack Detection: A New Cyber-Espionage Campaign Using a PowerShell Stealer WRECKSTEEL

  • UAC-0219 Attack Detection: A New Cyber-Espionage Campaign Using a PowerShell Stealer WRECKSTEEL
  • CERT-UA observed a surge in cyber-espionage operations targeting Ukraine using DarkCrystal RAT.
  • At least three cyber-espionage attacks were discovered using the WRECKSTEEL malware and spear-phishing emails containing malicious links or attachments.
  • SOC Prime Platform provides detection algorithms and Uncoder AI for threat hunting and defense against UAC-0219 threats.

Read Full Article

like

18 Likes

share

4 Shares

source image

Securityaffairs

1M

read

172

img
dot

Image Credit: Securityaffairs

Europol-led operation shuts down CSAM platform Kidflix, leading to 79 arrests

  • An international operation led by Europol has shut down Kidflix, a child sexual abuse material (CSAM) streaming platform.
  • The platform had 1.8 million users and was seized by German and Dutch authorities.
  • The operation identified 1,393 suspects, arrested 79, and protected 39 children.
  • Kidflix allowed users to stream CSAM videos and used cryptocurrency-based payments.

Read Full Article

like

10 Likes

share

2 Shares

source image

Pymnts

1M

read

327

img
dot

Image Credit: Pymnts

Report: Oracle Staff Tell Some Clients Hacker Stole Login Credentials

  • Oracle staff told some clients that a hacker stole some old client login credentials.
  • The hacker accessed usernames, passkeys, and encrypted passwords.
  • Oracle did not immediately reply to PYMNTS’ request for comment.
  • This incident is separate from one in which Oracle notified some users of its patient records management software that hackers stole patient data.

Read Full Article

like

19 Likes

share

4 Shares

source image

Medium

1M

read

423

img
dot

Image Credit: Medium

IoT23 Anomaly Sentinel: A Unified Platform for AI-Powered IoT Security

  • IoT23 Anomaly Sentinel is a unified threat detection and compliance platform for IoT security.
  • It combines machine learning, behavioral analysis, and regulatory alignment.
  • The system features modules for real-time traffic monitoring, threat intelligence, device inventory management, and risk and compliance management.
  • IoT23 Anomaly Sentinel aims to provide proactive, intelligent, and adaptive defense systems for IoT security.

Read Full Article

like

25 Likes

share

5 Shares

source image

TronWeekly

1M

read

387

img
dot

Image Credit: TronWeekly

Hacker Transfers $70 Million from UPCX in Major Security Breach

  • Hackers exploited a contract vulnerability, forcing UPCX to halt operations.
  • UPC tokens fell 7%, highlighting Web3 security flaws behind 80% of 2024 crypto thefts.
  • Experts urge stronger protections as UPCX tracks stolen funds.
  • The hacker stole $70 million by exploiting a contract vulnerability in UPCX, leading to a temporary halt in operations.

Read Full Article

like

23 Likes

share

5 Shares

source image

TechCrunch

1M

read

364

img
dot

Image Credit: TechCrunch

Someone is trying to recruit security researchers in bizarre hacking campaign 

  • An individual has been attempting to recruit security researchers in a bizarre hacking campaign.
  • The person is using fake accounts with avatars of attractive women to contact cybersecurity professionals and researchers via direct messages.
  • The recruited individuals are being offered up to $100,000 per month to hack and take control of Chinese websites.
  • The exact motive or purpose of this recruitment campaign remains unclear and raises suspicions about potential malicious intentions.

Read Full Article

like

21 Likes

share

5 Shares

source image

Cybersecurity-Insiders

1M

read

168

img
dot

Image Credit: Cybersecurity-Insiders

Russian Railways hit by DDoS Cyber Attack from Hacker Army

  • Russian Railways faced a large-scale DDoS cyber attack, impacting its website and mobile application.
  • Sale of tickets and rail operations remained unaffected, indicating limited scope of the attack.
  • Efforts to restore online services were underway, with expected return to full functionality.
  • Preliminary investigations point to a 'Hacker Army' allegedly funded by Ukraine's Military Intelligence as the orchestrators.

Read Full Article

like

10 Likes

share

2 Shares

source image

Medium

1M

read

423

img
dot

Image Credit: Medium

How These Top 3 Companies Were Cyberattacked and How You Can Prevent Yours from Losing Everything

  • Trivago and Telefonica were attacked by the Wannacry virus.
  • Uber successfully prevented a cyberattack due to their strong cybersecurity measures.
  • Glovo experienced a cyberattack due to their inadequate infrastructure and lack of cybersecurity training.
  • Implementing cybersecurity measures can help protect companies from cyberattacks.

Read Full Article

like

25 Likes

share

5 Shares

Prev

10
11
12
13
14
15
16
17
18
19
20

Next

For uninterrupted reading, download the app