menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Cyber Crime News

Cyber Crime News

source image

Securityaffairs

2w

read

56

img
dot

Image Credit: Securityaffairs

Security Affairs newsletter Round 515 by Pierluigi Paganini – INTERNATIONAL EDITION

  • New MassJacker clipper targets pirated software seekers
  • Cisco IOS XR flaw allows attackers to crash BGP process on routers
  • LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S.
  • SuperBlack Ransomware operators exploit Fortinet Firewall flaws in recent attacks

Read Full Article

like

3 Likes

share

Share

source image

Securityaffairs

2w

read

423

img
dot

Image Credit: Securityaffairs

A ransomware attack hit the Micronesian state of Yap, causing the health system network to go down.

  • A ransomware attack hit the Micronesian state of Yap, causing the health system network to go down.
  • Yap's Health Department detected the cyberattack and shut down the network and digital health systems to contain the threat.
  • The Department is working with government agencies and IT contractors to assess the extent of the breach and restore services.
  • No ransomware group has claimed responsibility for the attack.

Read Full Article

like

25 Likes

share

5 Shares

source image

Securityaffairs

2w

read

402

img
dot

Image Credit: Securityaffairs

New MassJacker clipper targets pirated software seekers

  • A new clipper malware named MassJacker is targeting users searching for pirated software.
  • MassJacker is a clipper malware that intercepts and manipulates clipboard data to redirect cryptocurrency funds.
  • The infection starts from a site distributing pirated software and involves multiple stages of execution.
  • MassJacker is a malware-as-a-service (MaaS), and the stolen funds are likely managed by a single entity.

Read Full Article

like

24 Likes

share

5 Shares

source image

Securityaffairs

2w

read

212

img
dot

Image Credit: Securityaffairs

LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S.

  • The US Justice Department announced that the LockBit ransomware developer Rostislav Panev was extradited from Israel to the U.S.
  • Rostislav Panev, a dual Russian-Israeli national, was arrested in Israel in 2024 and faces charges related to his involvement in the LockBit ransomware operation.
  • The LockBit ransomware group targeted over 2,500 victims worldwide, including 1,800 in the United States, and caused billions in damages by extracting $500 million in ransoms.
  • Panev admitted to coding, developing, and consulting for the LockBit group, including developing code to disable antivirus software, deploy malware, and print ransom notes to victim networks.

Read Full Article

like

12 Likes

share

2 Shares

source image

TechCrunch

2w

read

303

img
dot

Image Credit: TechCrunch

Accused LockBit ransomware developer extradited to the US

  • Rostislav Panev, a dual Russian and Israeli national, has been extradited from Israel to the US.
  • Panev is accused of being a key developer for the LockBit ransomware gang.
  • He was arrested in Israel in December 2024 and had been awaiting extradition.
  • Panev and other LockBit developers designed the gang's malware and maintained its infrastructure.

Read Full Article

like

18 Likes

share

4 Shares

source image

Securityaffairs

2w

read

82

img
dot

Image Credit: Securityaffairs

SuperBlack Ransomware operators exploit Fortinet Firewall flaws in recent attacks

  • Operators behind the SuperBlack ransomware exploited two vulnerabilities in Fortinet firewalls for recent attacks.
  • Threat actor named 'Mora_001' used Russian-language artifacts and exhibited unique operational signature.
  • SuperBlack ransomware is tracked as an independent entity capable of independent intrusions.
  • Exploited vulnerabilities include CVE-2024-55591 and CVE-2025-24472 in FortiOS and FortiProxy.

Read Full Article

like

4 Likes

share

1 Share

source image

Digitaltrends

2w

read

308

img
dot

Image Credit: Digitaltrends

Watch out for this phishing scam impersonating Booking.com

  • Microsoft has warned about an ongoing phishing scam impersonating Booking.com.
  • The phishing campaign sends fake emails from Booking.com with various contents such as guest complaints, account verifications, or requests for information.
  • The email includes a link or attaches a PDF leading users to a screen with a fake CAPTCHA overlay, instructing them to open Windows Run and download malware.
  • To protect against such phishing attempts, users are advised to check the sender's email address, be cautious of urgent threats, and hover over links to verify the full URL before clicking.

Read Full Article

like

18 Likes

share

4 Shares

source image

Cybersecurity-Insiders

2w

read

117

img
dot

Image Credit: Cybersecurity-Insiders

Guardz Reveals Details of an Ongoing Phishing Campaign Exploiting Microsoft 365 Infrastructure

  • Guardz uncovered an advanced phishing campaign exploiting Microsoft 365 infrastructure.
  • The cyberattack involved manipulating trusted Microsoft 365 services for credential harvesting.
  • Guardz disrupted the campaign targeting its customers, showcasing evolving cyber threats.
  • Adversaries exploited Microsoft 365 properties to embed phishing content within legitimate emails.
  • The attack involved acquiring multiple Microsoft 365 tenants and configuring deceptive tactics.
  • Phishing lures were disguised in billing emails from authentic Microsoft sources.
  • The attackers used official Microsoft channels to deceive recipients and evade detection.
  • Guardz recommended enhanced detection tools and user training to combat such threats.
  • The company's unified security platform effectively mitigated the phishing attack.
  • Guardz aims to provide AI-powered cybersecurity solutions for SMBs to combat cyber threats.

Read Full Article

like

7 Likes

share

1 Share

source image

Dataprivacyandsecurityinsider

2w

read

182

img
dot

Image Credit: Dataprivacyandsecurityinsider

AppLovin & Its AI: A Lesson in Accuracy

  • A class action securities lawsuit has been filed against AppLovin Corporation and its CEO and CFO.
  • The lawsuit alleges that the defendants misled investors about the capabilities of AppLovin's AI-powered ad platform, AXON.
  • Two research reports claimed that AppLovin was using manipulative practices and exploiting app permissions to inflate its installation and profit figures.
  • The company's stock prices declined due to the research report findings, leading to the lawsuit.

Read Full Article

like

10 Likes

share

2 Shares

source image

Mcafee

2w

read

187

img
dot

Image Credit: Mcafee

How to Protect Your Financial Data During Tax Season

  • Tax season is a target for cybercriminals using phishing scams to steal W-2s and sensitive data.
  • Recognizing red flags and understanding how W-2 phishing scams work is crucial for protection.
  • Phishing emails imitate official sources and urge recipients to reveal sensitive information.
  • Features of phishing emails include urgency, official logos, and deceptive links or attachments.
  • W-2 phishing scams have surged, leading to financial losses, identity theft, and data breaches.
  • The impact includes fraudulent tax filings, credit account misuse, and lengthy recovery processes.
  • To avoid W-2 phishing scams, improve digital literacy, update security software, and backup data.
  • Filing tax returns early, avoiding suspicious emails, and using VPNs and 2FA enhance security.
  • In case of falling victim to a W-2 scam, act swiftly by notifying relevant authorities and taking preventive steps.
  • Protecting financial data during tax season requires ongoing vigilance and prompt action when detecting threats.

Read Full Article

like

11 Likes

share

2 Shares

source image

TechBullion

2w

read

308

img
dot

Image Credit: TechBullion

How to Recognize and Avoid Phishing Scams

  • Phishing scams are deceptive traps designed to steal personal information by masquerading as trusted entities in various forms of communication such as emails, text messages, and fake websites.
  • These scams often use social engineering tactics, creating a sense of urgency to trick individuals into divulging sensitive data like login credentials, credit card numbers, and personal information.
  • Red flags of phishing scams include spelling errors, requests for personal information through unsecured channels, urgent language demanding immediate action, and generic greetings in messages.
  • Scammers use tactics like email spoofing, fake websites mimicking legit ones, emotional manipulation, and impersonation of reputable entities to deceive victims.
  • To avoid falling victim, verify sender's email address, be cautious with unsolicited requests for personal information, use two-factor authentication, keep software updated, and avoid clicking on suspicious links or downloading attachments.
  • In case of falling prey to a phishing scam, change passwords immediately, monitor accounts for unauthorized activity, report suspicious transactions, place fraud alerts on credit reports, and educate others to build awareness.
  • Staying informed about evolving phishing techniques is crucial. Subscribe to cybersecurity newsletters, follow reputable blogs, participate in webinars, and use educational apps to stay proactive in protecting yourself online.
  • By recognizing the signs of phishing scams, verifying requests, and staying vigilant, individuals can safeguard their personal information and prevent falling victim to these fraudulent attacks.
  • Never share sensitive information or click on suspicious links without verifying their legitimacy first. Trust your instincts and educate yourself about current phishing trends to stay one step ahead of cybercriminals.
  • Empowering oneself with knowledge and following best practices can help individuals navigate the online landscape safely and protect themselves from falling prey to phishing scams.
  • Awareness, vigilance, and proactive measures are key in combating phishing scams and ensuring that personal information remains secure in today's digital age.

Read Full Article

like

18 Likes

share

4 Shares

source image

Infoblox

2w

read

17

img
dot

Image Credit: Infoblox

Work Hard, Pay Harder! 

  • Recruitment scams targeting individuals globally offer work-from-home opportunities with minimal requirements and basic training.
  • Cybercriminals exploit the appeal of remote work by luring victims with fake job offers through messaging services.
  • Scammers build trust by using legitimate business websites and a friendly tone during interactions.
  • Victims are enticed with promises of easy tasks, generous salaries, and commissions paid in cryptocurrency.
  • Scammers establish elaborate infrastructure using DNS, hosting services, and CDN-like domains to host thousands of active scam sites.
  • The scam operations involve elements like redirections, cryptocurrency setups, maintaining multiple scam domains, and using technical jargon to appear legitimate.
  • Victims are led to believe in the legitimacy of the opportunity until asked to invest more money to access higher earnings.
  • Withdrawal restrictions and fees are imposed on victims as part of the final stage of the scam to extract more money from them.
  • The elaborate scam system and gradual escalation of investments could lead to significant financial losses for unsuspecting victims.
  • These fraudulent schemes result in large sums of money being transferred into unrecoverable cryptocurrency, benefiting the scammers involved.
  • The scalability and profitability of these recruitment scams highlight the need for awareness and caution while navigating work opportunities online.

Read Full Article

like

1 Like

share

Share

source image

Securityaffairs

2w

read

21

img
dot

Image Credit: Securityaffairs

Medusa ransomware hit over 300 critical infrastructure organizations until February 2025

  • The Medusa ransomware operation hit over 300 organizations in critical infrastructure sectors in the United States until February 2025.
  • The FBI, CISA, and MS-ISAC have issued a joint advisory on Medusa ransomware.
  • Medusa is a ransomware-as-a-service (RaaS) variant that has impacted various critical infrastructure sectors, including medical, education, legal, insurance, technology, and manufacturing.
  • Medusa operators employ various techniques and tools to gain unauthorized access, move laterally, perform reconnaissance, encrypt files, and conduct double extortion schemes.

Read Full Article

like

1 Like

share

Share

source image

Medium

2w

read

397

img
dot

Image Credit: Medium

AI Won’t Replace Coders — But It Will Create a Generation of Hackers

  • The rise of large language models (LLMs) like ChatGPT has created a paradox in cybersecurity.
  • While AI helps defenders patch vulnerabilities, it also empowers cybercriminals to create sophisticated attacks.
  • Hackers now rely on AI algorithms to automate tasks, ranging from drafting phishing emails to carrying out ransomware attacks.
  • This development has transformed hacking from a complex skill to a simple copy-and-paste process, posing a challenge for users to identify deceptive AI-generated messages.

Read Full Article

like

23 Likes

share

5 Shares

source image

TechCrunch

2w

read

0

img
dot

Image Credit: TechCrunch

Garantex administrator arrested in India under extradition law

  • Indian police arrest Aleksej Besciokov, co-founder of Garantex
  • Besciokov was arrested under India's extradition law
  • He is facing charges related to facilitating money laundering on the crypto exchange
  • Garantex's operations have been suspended, and they plan to compensate for blocked user assets after the rehabilitation procedure

Read Full Article

like

Like

share

Share

Prev

1
2
3
4
5
6
7
8
9
10

Next

For uninterrupted reading, download the app