menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Cyber Crime News

Cyber Crime News

source image

Cybersecurity-Insiders

1w

read

96

img
dot

Image Credit: Cybersecurity-Insiders

How Man-in-the-Middle Attacks Can Be Thwarted

  • Man-in-the-middle (MITM) attacks are a significant cybersecurity threat, where an attacker intercepts and potentially alters communication between two parties without their knowledge.
  • Using strong encryption (TLS/SSL) for communication between clients and servers is one of the best ways to protect against MITM attacks. Multi-factor authentication (MFA) adds an additional layer of security by requiring multiple forms of authentication.
  • Public Key Infrastructure (PKI) ensures that both server and client identities are verified before communication begins, preventing attackers from impersonating either party. DNS Security (DNSSEC) helps prevent DNS-related MITM attacks.
  • Avoiding public Wi-Fi networks for conducting sensitive transactions or using VPN for public Wi-Fi networks add additional security layers. Certificate pinning helps mitigate SSL/TLS interception attacks, and educating users about common attack vectors can help prevent MITM attacks.
  • Keeping software updated with latest patches and using strong passwords, including mixed letters, numbers, and symbols, will reduce the likelihood of MITM attacks. An effective multi-layered approach to security can effectively prevent and mitigate MITM attacks.
  • Man-in-the-middle attacks represent a serious threat to both individuals and organizations, but with sound security measures, both businesses and consumers can protect sensitive information from interception and manipulation.

Read Full Article

like

5 Likes

source image

Securityaffairs

1w

read

284

img
dot

Image Credit: Securityaffairs

German agency BSI sinkholed a botnet of 30,000 devices infected with BadBox

  • The German agency BSI has sinkholed a botnet composed of 30,000 devices infected with BadBox malware pre-installed.
  • The BSI blocked communication between the infected devices and the C2 server, isolating the malware.
  • BadBox malware conducts ad fraud, creates email accounts for spreading disinformation, and operates as a residential proxy.
  • At least 74,000 Android-based devices worldwide were shipped with the backdoored firmware.

Read Full Article

like

17 Likes

source image

Cybersecurity-Insiders

1w

read

328

img
dot

Image Credit: Cybersecurity-Insiders

Krispy Kreme Doughnut Cyber Attack might affect Christmas sales

  • Krispy Kreme, the American doughnut chain, experienced a cyber attack in November 2024 that disrupted its online ordering platform during the Christmas season.
  • There are concerns that the cyber attack may negatively impact Krispy Kreme's Christmas sales.
  • The company is actively addressing the situation and working on mitigating the risks.
  • The incident highlights the importance of robust cybersecurity measures in the face of rising cyber threats.

Read Full Article

like

19 Likes

source image

Securityaffairs

1w

read

246

img
dot

Image Credit: Securityaffairs

U.S. authorities seized cybercrime marketplace Rydox

  • The U.S. Department of Justice (DoJ) seized cybercrime marketplace Rydox, which facilitated over 7,600 sales of stolen personal data and cybercrime tools.
  • Three Kosovo nationals, Ardit Kutleshi, Jetmir Kutleshi, and Shpend Sokoli, were arrested in connection with Rydox.
  • Rydox operated since February 2016, generating $230,000 through the sale of over 321,000 products to 18,000 users.
  • The U.S. authorities coordinated with international partners to seize the Rydox domain and servers, along with $225,000 in cryptocurrency.

Read Full Article

like

14 Likes

source image

Cybersecurity-Insiders

1w

read

337

img
dot

Image Credit: Cybersecurity-Insiders

Operation Power Off: International Effort Targets DDoS-for-Hire Networks

  • Operation Power Off is a global crackdown that has successfully disrupted over 27 major platforms facilitating DDoS attacks for hire.
  • Authorities from multiple countries collaborated to take down botnet networks operating across 12 nations.
  • The operation aims to combat the increased demand for DDoS services during the holiday season.
  • Europol led the operation and arrested three administrators of illicit platforms providing DDoS attacks for a fee.

Read Full Article

like

20 Likes

source image

Bitcoinist

1w

read

46

img
dot

Image Credit: Bitcoinist

Crypto Conman Sentenced: Investors Duped in $350K Scam—Here’s How

  • Michael Joseph McElhiney sentenced to over three years in federal prison for operating a fraudulent crypto investment scheme.
  • The scheme defrauded multiple investors of more than $350,000.
  • McElhiney presented himself as an experienced operator of a successful crypto investment fund, but the promised investments were never made.
  • Investors were targeted through personal encounters, online interactions, and provided with fabricated data.

Read Full Article

like

2 Likes

source image

Securityaffairs

1w

read

98

img
dot

Image Credit: Securityaffairs

US Bitcoin ATM operator Byte Federal suffered a data breach

  • US Bitcoin ATM operator Byte Federal disclosed a data breach after attackers gained unauthorized access to a server via a GitLab vulnerability.
  • The breach affected 58,000 customers, and potentially compromised personal information such as name, birthdate, address, phone number, and social security number.
  • Byte Federal responded by shutting down its platform, securing the compromised server, and initiating enhanced security measures.
  • Customers are advised to reset login credentials, monitor accounts for fraudulent activity, and take necessary precautions to protect against identity theft.

Read Full Article

like

5 Likes

source image

Dataprivacyandsecurityinsider

1w

read

127

img
dot

Image Credit: Dataprivacyandsecurityinsider

OCR Active with Settlements and Enforcement Actions in November and Early December

  • The Office for Civil Rights of the Department of Health and Human Services (OCR) settled multiple cases of alleged HIPAA violations in November and early December.
  • One of the settlements focused on patients' rights to access their protected health information, resulting in a $100,000 penalty against Rio Hondo Community Mental Health Center.
  • Holy Redeemer Family Medicine settled for $325,581 for disclosing a patient's sensitive health information to her prospective employer without consent.
  • Gulf Coast Pain Consultants faced a $1.19 million penalty for unauthorized access to patients' data by a former contractor, which impacted 34,310 individuals.
  • Children's Hospital Colorado paid a penalty of $548,265 for two email account breaches caused by phishing attacks that compromised personal health information.
  • Health Care Clearinghouse and Inmediata Health Group settled for $250,000 after leaving 1.5 million individuals' PHI publicly available online.

Read Full Article

like

7 Likes

source image

Securityaffairs

1w

read

204

img
dot

Image Credit: Securityaffairs

Operation PowerOFF took down 27 DDoS platforms across 15 countries

  • Operation PowerOFF took down 27 DDoS stresser services globally, disrupting illegal platforms used for launching cyberattacks.
  • Law enforcement agencies from 15 countries participated in the operation, seizing popular platforms for DDoS attacks.
  • Booter and stresser services enable DDoS attacks and are misused for malicious purposes.
  • Authorities arrested three administrators of these platforms in France and Germany and identified over 300 users.

Read Full Article

like

12 Likes

source image

Cybersecurity-Insiders

1w

read

12

img
dot

Image Credit: Cybersecurity-Insiders

Apple iOS devices are more vulnerable to phishing than Android

  • According to the findings in their Mobile Threat Report, iOS devices are actually more susceptible to phishing attacks than Android devices.
  • State-sponsored actors, particularly from countries like Russia, North Korea, and China, are identified as the primary culprits behind these attacks.
  • Phishing attacks often serve as a gateway for more dangerous forms of malware, such as Trojans and spyware.
  • A significant disruption occurred on Wednesday afternoon when several online services, including WhatsApp, Facebook, and other Meta platforms, experienced a widespread outage.
  • The FBI issued a stark warning just a week ago advising iPhone and Android users to stop using traditional SMS or messaging services between the two platforms.
  • No system is entirely immune from vulnerabilities. Encryption can provide a strong layer of protection, but other vulnerabilities, such as user behavior and software flaws, can still expose sensitive information.
  • The growing sophistication of phishing attacks, the potential risks of using unencrypted messaging platforms, and the vulnerabilities that continue to emerge in widely used services like WhatsApp and Facebook all point to a pressing need for stronger, more transparent security measures.
  • Regularly updating devices, using encrypted messaging platforms, and exercising caution when interacting with unknown links or suspicious emails can all help mitigate the growing threat of cyberattacks.
  • As for the future, only time will reveal whether current security protocols are enough to protect us from the increasingly sophisticated threats that continue to emerge.
  • The post Apple iOS devices are more vulnerable to phishing than Android appeared first on Cybersecurity Insiders.

Read Full Article

like

Like

source image

TechCrunch

1w

read

46

img
dot

Image Credit: TechCrunch

Bitcoin ATM giant Byte Federal says 58,000 users’ personal data compromised in breach

  • Bitcoin ATM operator Byte Federal has reported a data breach affecting 58,000 customers.
  • The breach occurred on September 30 and was discovered on November 18.
  • The hacker gained access to customer data including names, addresses, phone numbers, IDs, and transaction activity.
  • Byte Federal has performed a hard reset on all customer accounts and updated internal passwords.

Read Full Article

like

2 Likes

source image

Arstechnica

1w

read

0

img
dot

Image Credit: Arstechnica

Russia takes unusual route to hack Starlink-connected devices in Ukraine

  • Russian hackers have used the infrastructure of other threat actors to gather intelligence in Ukraine.
  • The Russian group known as Turla, Waterbug, Snake, or Venomous Bear has targeted front-line Ukrainian military forces.
  • They have leveraged the infrastructure of cybercrime group Storm-1919 and Russian threat actor Storm-1837.
  • The hackers' usual means of access is spear phishing, but the use of other threat actors' infrastructure is unusual.

Read Full Article

like

Like

source image

Pymnts

1w

read

385

img
dot

Image Credit: Pymnts

Business Infrastructure Under Siege as Cybercriminals Target Data Transfer Points

  • Cybercriminals are targeting critical business infrastructure that handles sensitive data.
  • Exploiting a security flaw in Cleo's enterprise file transfer tools, cybercriminals gain control of affected systems.
  • Recent attacks on enterprise solutions highlight the shift in cybercriminals' focus on critical infrastructure.
  • Securing infrastructure that handles data should be a top priority, including regular audits, patching, monitoring, and incident response plans.

Read Full Article

like

23 Likes

source image

Insider

1w

read

316

img
dot

Image Credit: Insider

Krispy Kreme says hackers disrupted its online ordering, likely hurting its 'financial condition'

  • Krispy Kreme has disclosed a cybersecurity incident that is causing operational disruptions, particularly in online ordering in the US.
  • The company expects the incident to have a material impact on its financial condition, including loss of revenues from digital sales and costs associated with restoring impacted systems and engaging cybersecurity experts.
  • Krispy Kreme is actively investigating and addressing the incident with the assistance of cybersecurity experts and federal law enforcement.
  • In the meantime, customers can still place orders in person at Krispy Kreme shops.

Read Full Article

like

19 Likes

source image

Tech Story

1w

read

25

img
dot

Krispy Kreme Faces Cyber Incident, Digital Sales Take a Hit Cybersecurity Breach Disrupts Operations

  • Krispy Kreme Doughnuts faces a cyberattack, disrupting its digital operations.
  • In-store sales are unaffected, but online ordering system restoration has challenges.
  • 400 U.S. locations operate normally, deliveries to partners continue.
  • The company responds promptly, takes steps to mitigate impact, and expects short-term financial strain.

Read Full Article

like

1 Like

For uninterrupted reading, download the app