A naukri.com initiative
Cyber Crime News
Guardian
7d
249
Image Credit: Guardian
Largest US crypto exchange says cost of recent cyber-attack could reach $400m
- The largest cryptocurrency exchange in the US, Coinbase, estimates that a recent cyber-attack could cost between $180m and $400m, excluding the $20m ransom demanded by hackers.
- Hackers breached account data of a small subset of customers, stealing information like names, addresses, and emails, but not login credentials. Coinbase has announced plans to reimburse affected customers.
- The attackers paid contractors and employees outside the US to collect internal system information. Coinbase terminated the involved employees and declined to pay the $20m ransom, instead offering a $20m reward for information on the attackers.
- Security challenges persist in the crypto industry; recently, Bybit disclosed a $1.5bn token theft. A report by Chainalysis revealed that hacked funds from crypto platforms amounted to $2.2bn in 2024, marking the fourth consecutive year with over $1bn in hacks.
Read Full Article
15 Likes
Securelist
7d
299
Image Credit: Securelist
Threat landscape for industrial automation systems in Q1 2025
- The percentage of ICS computers on which malicious objects were blocked remained stable in Q1 2025, at 21.9%.
- Quarterly figures show a decreasing trend year over year, with a decrease of 2.5 pp compared to Q1 2024.
- Biometrics sector saw an increase in malicious object blocks, the only OT infrastructure type where this occurred.
- Threat levels vary regionally, with Northern Europe at 10.7% and Africa at 29.6% affected ICS computers.
- Denylisted internet resources blocked and email threats decreased in Q1 2025, hitting a low since 2022.
- Primary threats from the internet include denylisted resources, malicious scripts, and phishing pages.
- Malicious scripts, phishing pages, and documents showed an increase in blocks in Q1 2025.
- AutoCAD malware saw the lowest percentage of blocks among ICS computers and continued to decrease.
- Web miners and malicious documents blocks increased notably in Q1 2025.
- The percentage of ICS computers on which worms, viruses, and cad malware were blocked decreased in Q1 2025.
Read Full Article
18 Likes
TechJuice
7d
170
Valve Confirms No Steam Breach After 89M SMS Codes Leak
- Valve clarifies that its Steam platform was not compromised in the recent dark-web listing of 89 million user records, emphasizing that only expired one-time SMS codes and phone numbers were leaked.
- Users are advised to update passwords, use an authenticator app, and review recent login activity for enhanced safety measures despite the security of Steam systems.
- A hacker advertised 89 million Steam SMS authentication codes for sale on the dark web, but Valve's statement confirmed no passwords, Steam IDs, or payment records were compromised.
- The incident highlights the risks of third-party data exposures, although Valve's established two-factor authenticator system, Steam Guard, has been instrumental in maintaining security.
Read Full Article
10 Likes
TechCrunch
7d
366
Image Credit: TechCrunch
Coinbase says customers’ personal information stolen in data breach
- Crypto giant Coinbase confirms data breach where customer data, including personal information and government-issued ID documents, were stolen.
- Hacker obtained customer account information and demanded $20 million ransom, which Coinbase refuses to pay.
- The hacker accessed customer names, addresses, phone numbers, Social Security numbers, bank account details, and government IDs.
- Less than 1% of Coinbase's customers were affected by the breach, with estimated incident remediation and reimbursement costs between $180 million to $400 million.
Read Full Article
22 Likes
Kaspersky
7d
95
Image Credit: Kaspersky
How phishing emails are sent from [email protected] | Kaspersky official blog
- Scammers are using a phishing scheme that impersonates genuine Google services to deceive victims.
- Phishing emails mimic official Google notifications, using a legitimate Google address: [email protected].
- Victims receive an email claiming Google has been subpoenaed for their account data, with a link to a fake Google support page.
- The link appears genuine with an official Google domain but actually leads to a phishing site on sites.google.com.
- Attackers exploit trust in the Google domain, making it challenging to spot the scam without close inspection.
- Scammers registered a domain, set up a fake Google Workspace account, and used OAuth technology for this phishing scheme.
- Although Google OAuth doesn't share credentials, it can provide limited account access to scammers.
- Victims were directed to download potentially malicious 'legal documents' on the fake Google Support page.
- Users are advised to carefully examine email headers, avoid clicking suspicious links, and use robust security solutions to prevent falling for phishing scams.
- Google is working on fixing the OAuth vulnerability that scammers exploited in this phishing campaign.
Read Full Article
5 Likes
Securityaffairs
7d
371
Image Credit: Securityaffairs
Kosovo authorities extradited admin of the cybercrime marketplace BlackDB.cc
- Kosovo citizen Liridon Masurica (33) extradited to the US for running cybercrime marketplace BlackDB.cc and facing related charges.
- BlackDB.cc, an online criminal marketplace active since 2018, offered compromised credentials and PII for sale.
- Masurica charged in the US with six fraud-related counts, faces up to 55 years in prison for conspiracy and unauthorized access device usage.
- The US Department of Justice seized another cybercrime marketplace Rydox, arresting three Kosovo nationals, including administrators, for facilitating sales of stolen personal data and fraud tools.
Read Full Article
22 Likes
Cybersecurity-Insiders
1w
233
Image Credit: Cybersecurity-Insiders
Google warns of US retail cyber attacks and M & S insurance payout to cost £100m
- Google's Threat Intelligence team has issued a warning for U.S. retailers about potential cyberattacks by Scattered Spider, a sophisticated cybercriminal group.
- Scattered Spider, also known as UNC3944, is suspected of targeting major UK retailers with DragonForce ransomware and may expand its operations to the U.S.
- Mandiant, in partnership with Google, is offering a cybersecurity playbook to help businesses defend against advanced threats like Scattered Spider.
- Marks & Spencer is expected to file a £100 million insurance claim to cover recovery costs after a cyberattack linked to Scattered Spider.
- The cyberattack on Marks & Spencer led to operational disruptions, financial losses, and potential damage to the company's reputation and trust with consumers.
- The insurance claim payout for the cyberattack on Marks & Spencer is uncertain and depends on factors such as IT infrastructure preparedness.
- Cyber insurance considerations include premiums tied to cybersecurity preparedness, potential coverage exclusions for specific cyber risks, and future pricing adjustments.
- As cyber threats increase, organizations, especially in retail, must prioritize cybersecurity measures and insurance coverage to mitigate financial impacts.
- CIOs and CTOs need to reassess cyber insurance strategies as premiums rise and coverage options change due to evolving cyber threats.
- Vigilance in the retail sector is paramount to safeguard customer data and financial transactions from cybercriminals as cyber threats continue to evolve.
Read Full Article
14 Likes
Guardian
1w
100
Image Credit: Guardian
‘Aggressive’ hackers of UK retailers are now targeting US stores, says Google
- Hackers responsible for disrupting UK retailers are now targeting similar companies in the United States, according to Google.
- The hackers, linked with the group 'Scattered Spider', are known for their aggression and ability to circumvent security programs.
- M&S, a prominent UK retailer, faced a disruptive hack by the Scattered Spider group, affecting its online operations.
- Recently, M&S announced that some customer data was accessed, including names, addresses, and order histories, but not payment or card details.
Read Full Article
6 Likes
TechCrunch
1w
167
Image Credit: TechCrunch
White House scraps plan to block data brokers from selling Americans’ sensitive data
- A plan to block data brokers from selling Americans' sensitive data, including Social Security numbers, has been scrapped by a senior Trump administration official.
- The Consumer Financial Protection Bureau (CFPB) had aimed to close a loophole under the Fair Credit Reporting Act to regulate data brokers like other entities covered by the federal law.
- The rule was withdrawn, with the CFPB's acting director citing it as not aligned with their current interpretation of the law.
- Privacy advocates have long pushed for stricter regulations on data brokers who profit from selling personal data, despite inherent risks like recent data breaches involving sensitive information.
Read Full Article
10 Likes
Cryptopotato
1w
347
Image Credit: Cryptopotato
Important Warning Affecting All Binance Users: Details Here
- Scammers are pretending to be Binance support on platforms like Telegram to deceive users into clicking malicious links that steal their credentials or 2FA codes.
- Binance warns users to be cautious of phishing scams and always verify information before clicking on unknown links.
- Earlier this year, Binance users fell victim to SMS phishing scams where scammers claimed accounts were accessed from North Korea, leading users to transfer funds for a fake 'investigation.'
- Binance CEO emphasized the importance of individual vigilance as the first line of defense against such fraudulent activities, despite the exchange working around the clock to protect user assets.
Read Full Article
20 Likes
Massivelyop
1w
20
Account data of 89M Steam users is reportedly up for sale on the dark web
- Account data of 89 million Steam users is reportedly up for sale on the dark web, putting 70% of the platform's userbase at risk.
- The data breach was highlighted by a Twitter user referencing a LinkedIn post from cyber threat intelligence firm Underdark.ai.
- A user going by the name Machine1337 claimed to have the database of Steam account details and is selling it for $5,000 on a dark web forum, with included real-time 2FA SMS logs routed via Twilio.
- While Steam representative mentioned they do not use Twilio, users are advised to change passwords, enable Steam Guard 2FA, and stay vigilant against phishing attempts as a precautionary measure.
Read Full Article
1 Like
Cybersecurity-Insiders
1w
71
Image Credit: Cybersecurity-Insiders
The Evolving Nature of DDoS Attacks: A Smokescreen for More Dangerous Threats
- Distributed Denial of Service (DDoS) attacks have long been a common tactic used by cybercriminals to overwhelm websites by flooding them with fake or malicious traffic, disrupting services for legitimate users.
- Recent research indicates a new trend where DDoS attacks are used as smokescreens to divert attention while cybercriminals carry out more targeted and damaging operations like data exfiltration and social engineering.
- Hackers initiate DDoS attacks to draw attention, allowing them to exploit vulnerabilities in systems, steal sensitive data, and conduct stealthy activities while security teams are preoccupied with mitigating the DDoS attack.
- To defend against evolving cyber threats, IT security teams are advised to enhance monitoring, implement layered security measures, develop response plans for dual-stage attacks, conduct regular security audits, and provide employee training on recognizing suspicious activities.
Read Full Article
4 Likes
TechDigest
1w
199
Image Credit: TechDigest
Co-Op shelves to be restocked following cyber attack, M&S hackers may have ‘partial credit card’ details
- Co-Op is restocking shelves after a cyber-attack affected online ordering and impacted customer and staff data, hacker group DragonForce claimed responsibility.
- Marks & Spencer warns customers of potential scam calls and emails after hackers stole personal data, including partial credit card details.
- US tech firms secure deals in the Middle East as Saudi Arabia commits $600bn to American AI companies, Nvidia set to sell AI chips to the country.
- Airbnb introduces redesigned app to offer additional services like catering and personal training, plans to invest millions in expanding its business offerings.
Read Full Article
11 Likes
Guardian
1w
104
Image Credit: Guardian
Co-op cyber-attack: stock availability in stores ‘will not improve until weekend’
- Co-op stores continue to struggle with stock availability after a cyber-attack, recovery expected by the weekend.
- Shoppers facing empty shelves, especially in rural areas; Co-op working with suppliers to restock stores with essential items.
- Hackers accessed customer data from Co-op systems, no financial information compromised.
- M&S also affected by cyber-attack, facing possible significant fines and loss of sales; expected to claim up to £100m from cyber insurers.
Read Full Article
6 Likes
Securityaffairs
1w
403
Image Credit: Securityaffairs
How Interlock Ransomware Affects the Defense Industrial Base Supply Chain
- Interlock Ransomware attack on a defense contractor exposed global defense supply chain details, risking operations of top contractors and their clients.
- Interlock Ransomware uncovered supply chain details of top defense contractors globally, leading to potential exposure of classified information and interest from foreign intelligence agencies and espionage groups.
- Numerous documents related to global defense corporations were found in the leaked dataset released by Interlock Ransomware.
- Ransomware attacks on defense contractors can have profound implications for national security, operational efficiency, financial stability, trust, and brand reputation, highlighting the need for robust cybersecurity measures and CMMC implementation.
Read Full Article
24 Likes
For uninterrupted reading, download the app