A naukri.com initiative
Cyber Crime News
Securityaffairs
1w
196
Image Credit: Securityaffairs
Medusa ransomware uses malicious Windows driver ABYSSWORKER to disable security tools
- Medusa ransomware campaign tracked by Elastic Security Labs.
- Attackers use a malicious Windows driver named ABYSSWORKER to disable EDR tools.
- Driver masquerades as a CrowdStrike Falcon driver and is signed with a revoked Chinese certificate.
- ABYSSWORKER uses various techniques to obstruct static analysis and disable EDR systems.
Read Full Article
11 Likes
Securityaffairs
1w
1k
Image Credit: Securityaffairs
FBI warns of malicious free online document converters spreading malware
- The FBI warns of a significant increase in scams involving free online document converters to infect users with malware.
- Threat actors are using malicious online document converters to steal sensitive information and infect systems with malware.
- Fake file converters and download tools can provide resulting files containing hidden malware, giving criminals access to victims' devices.
- The FBI advises staying cautious online, keeping antivirus software updated, and reporting any incidents to IC3.gov.
Read Full Article
26 Likes
TechCrunch
1w
908
Image Credit: TechCrunch
DNA testing company 23andMe files for bankruptcy protection, CEO resigns
- Genetics testing company 23andMe has filed for Chapter 11 bankruptcy protection in the U.S.
- The CEO, Anne Wojcicki, has resigned and is now an independent bidder for the company.
- The company's market capitalization has plummeted over 99% since going public in 2021.
- 23andMe suffered a cyberattack in 2023, leading to a data breach and subsequent legal issues.
Read Full Article
12 Likes
Securityaffairs
1w
62
Image Credit: Securityaffairs
Cloak ransomware group hacked the Virginia Attorney General’s Office
- The Cloak ransomware group claims responsibility for a cyberattack on the Virginia Attorney General’s Office that occurred in February.
- A cyberattack on the Virginia Attorney General’s Office forced officials to shut down IT systems, including email and VPN, and revert to paper filings.
- The group said that the waiting period had expired and claimed the theft of 134GB of sensitive data.
- The Cloak ransomware group has been active since at least 2023 and breached more than one hundred organizations across the years.
Read Full Article
3 Likes
Securityaffairs
1w
281
Image Credit: Securityaffairs
Security Affairs newsletter Round 516 by Pierluigi Paganini – INTERNATIONAL EDITION
- U.S. Treasury removed sanctions against the crypto mixer service Tornado Cash
- Zero-day broker Operation Zero offers up to $4 million for Telegram exploits
- RansomHub affiliate uses custom backdoor Betruger
- Pennsylvania State Education Association data breach impacts 500,000 individuals
Read Full Article
16 Likes
Digitaltrends
1w
38
Image Credit: Digitaltrends
Mac users are being targeted by a vicious new phishing scam. Here’s how to stay safe
- Macs are not invulnerable to viruses and phishing attacks, as illustrated by a sophisticated new phishing scam targeting Mac users.
- The scam involves a popup window warning of a computer attack on typosquatted websites and freezing the browser to trick users into entering Apple Account credentials.
- Hackers have adapted the scam to specifically target Apple users after facing obstacles with Windows security updates.
- To stay safe, users should double-check website URLs, install antivirus software, not panic when faced with suspicious popups, and be cautious of entering login credentials or calling unknown support numbers.
- Mac users need to be vigilant online, as demonstrated by the need for precautions against phishing attempts despite the common belief that Macs are immune to such threats.
Read Full Article
2 Likes
Securityaffairs
1w
169
Image Credit: Securityaffairs
RansomHub affiliate uses custom backdoor Betruger
- Symantec researchers have identified a custom backdoor, named Betruger, linked to an affiliate of the RansomHub operation in recent ransomware attacks.
- Betruger is a multi-function backdoor used for ransomware attacks that combines several features to minimize detection, such as screenshot capture, credential theft, keystroke logging, network scanning, and privilege escalation.
- The backdoor is disguised as 'mailer.exe' or 'turbomailer.exe' to appear legitimate, but lacks mailing functions.
- RansomHub, run by the cybercrime group Greenbottle, has become the most prolific ransomware operation, attracting affiliates by offering better terms and a higher percentage of ransom payments.
Read Full Article
10 Likes
Securelist
1w
407
Image Credit: Securelist
Threat landscape for industrial automation systems in Q4 2024
- In Q4 2024, 21.9% of ICS computers had malicious objects blocked, a decrease of 0.1 pp from the previous quarter.
- Regionally, Africa had the highest percentage (31%), while Northern Europe had the lowest (10.6%).
- The biometrics sector had the highest percentage of blocked malicious objects among industries.
- Kaspersky's protection solutions blocked malware from 11,065 different families on ICS systems in Q4 2024.
- Primary threat sources include the internet, email clients, and removable storage devices.
- Malicious objects for initial infection included denylisted internet resources and phishing pages.
- The percentage of ICS computers with blocked malicious scripts and phishing pages rose to 7.11% in Q4.
- Spyware blocking increased to 4.30%, while ransomware blocking reached its highest value in two years at 0.21%.
- Next-stage malware such as spyware, ransomware, and miners were utilized after initial infections.
- Self-propagating malware (worms and viruses) saw increased block rates in Q4 2024.
Read Full Article
24 Likes
Cybersecurity-Insiders
1w
89
Image Credit: Cybersecurity-Insiders
Cyber Attack not the cause for electricity substation explosion at Heathrow Airport
- Heathrow Airport has experienced significant power outages due to an explosion at a nearby electricity substation in West London.
- The explosion resulted in widespread power outages, impacting thousands of homes.
- Firefighting teams are making progress in containing the flames at the substation.
- Speculations of a cyber-attack or state-sponsored attack causing the explosion are circulating, but no official statement has been issued regarding the cause.
Read Full Article
5 Likes
Securityaffairs
1w
340
Image Credit: Securityaffairs
Pennsylvania State Education Association data breach impacts 500,000 individuals
- A data breach at the Pennsylvania State Education Association exposed the personal information of over 500,000 individuals.
- The data breach occurred on or about July 6, 2024, and was confirmed in a investigation completed on February 18, 2025.
- Compromised personal information included names, dates of birth, driver's license numbers, social security numbers, account numbers, and health insurance information.
- The Pennsylvania State Education Association is providing affected individuals with one year of free credit monitoring and identity restoration services.
Read Full Article
20 Likes
Macdailynews
1w
191
Image Credit: Macdailynews
Mac users, don’t fall for this repurposed Windows phishing attack
- LayerX Labs has uncovered an advanced phishing campaign targeting Mac users.
- The phishing campaign previously targeted Windows users using fake Microsoft security alerts, but shifted its focus due to enhanced browser protections on Windows.
- The campaign uses compromised websites to display fake security warnings and tricks users into entering their Windows credentials.
- After browser developers implemented anti-scareware protections, the attackers shifted their focus to Mac users.
Read Full Article
11 Likes
TechCrunch
1w
378
Image Credit: TechCrunch
Federal judge blocks DOGE’s access to Social Security Administration’s banks of personal information
- A federal judge blocked Elon Musk's Department of Government Efficiency (DOGE) from accessing systems at the Social Security Administration (SSA).
- DOGE was accused of being engaged in a fishing expedition without a valid reason to access the personal information of millions of Americans.
- The access violated federal privacy laws and posed cybersecurity risks.
- Initially, DOGE was granted access to systems containing Social Security numbers, medical records, and other personal information.
Read Full Article
22 Likes
Dataprivacyandsecurityinsider
1w
34
Image Credit: Dataprivacyandsecurityinsider
Insider Threats: Potential Signs and Security Tips
- New York’s Stram Center for Integrative Medicine experienced an employee misusing patient’s payment card information.
- According to a report, insider attacks accounted for 83% of data breaches in 2024, with the cost averaging $4.99 million.
- Signs of a malicious insider threat include unusual timing of access, unexpected spikes in network traffic, and unusual access requests.
- To mitigate insider threats, organizations should implement endpoint monitoring, role-based access, and promote a culture of awareness.
Read Full Article
2 Likes
Cybersecurity-Insiders
1w
0
Image Credit: Cybersecurity-Insiders
Elon Musk Faces Backlash After Hackers Target Tesla Customers raising data security concerns
- A hacker group has launched a cyberattack targeting Tesla customers, resulting in a massive data breach.
- The website 'DOGEQUEST' displays personal information of Tesla owners, including names, addresses, and ownership records.
- Tesla owners' information will remain public unless they can prove they have sold their vehicles.
- Elon Musk condemned the hackers' actions as 'domestic terrorism', and the FBI is demanding a formal investigation.
Read Full Article
Like
TheNewsCrypto
1w
110
Image Credit: TheNewsCrypto
How Hackers Are Targeting Crypto Job Seekers: Top Scams and Protection Tips
- Cryptocurrency job scams have been on the rise, targeting job seekers with promises of high-paying remote jobs and tricking them into sharing personal information or making financial commitments.
- Scammers use tactics like phishing emails, fake job listings, and impersonating well-known companies to deceive individuals seeking crypto job opportunities.
- Common scams involve requests for personal information, downloading malicious applications, and upfront payments under the guise of employment requirements.
- Recent incidents have highlighted the severity of crypto job scams, including cases of human trafficking, text message recruitment scams, and pig butchering scams.
- Understanding the tactics employed by scammers, such as fake job postings, fake company profiles, and pressure tactics, can help job seekers identify and avoid potential threats.
- Protection tips for job seekers include verifying job offers, avoiding unsolicited offers, using secure platforms, and never paying upfront fees for employment.
- Hardware wallets, monitoring wallet activity, and never sharing private keys are recommended measures to protect against cryptocurrency job scams.
- In the event of being targeted by a scam, individuals should cease communication, report the incident to authorities, notify financial institutions, and seek support from fraud victim assistance groups.
- Real-world incidents of crypto job scams include arrests in Singapore, North Korean hacking groups targeting blockchain developers, and significant global financial losses reported.
- Awareness, caution, and verification are crucial in protecting oneself from crypto job scams, phishing attacks, and other fraudulent schemes prevalent in the cryptocurrency industry.
Read Full Article
6 Likes
For uninterrupted reading, download the app