menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Cyber Crime News

Cyber Crime News

source image

Pymnts

2w

read

349

img
dot

Image Credit: Pymnts

Banking Giants Warn AI Can Bolster Cybercrime and Lower Morale

  • Banking giants are warning investors about the risks associated with the use of artificial intelligence (AI).
  • The risks include AI 'hallucinations', cybercriminal use, and impact on employee morale.
  • Banks are struggling to maintain a balance between embracing AI technology to retain customers and dealing with the threat of cybercrime.
  • There is a concern that AI technologies may be built on outdated, biased or inaccurate financial data sets.

Read Full Article

like

20 Likes

share

4 Shares

source image

Securityaffairs

2w

read

414

img
dot

Image Credit: Securityaffairs

New Ballista Botnet spreads using TP-Link flaw. Is it an Italian job?

  • The Ballista botnet is exploiting an unpatched TP-Link vulnerability, targeting over 6,000 Archer routers.
  • The botnet spreads automatically using a remote code execution (RCE) flaw.
  • The Ballista botnet has been linked to an Italian-based threat actor.
  • The botnet has affected manufacturing, healthcare, services, and tech sectors in multiple countries.

Read Full Article

like

24 Likes

share

5 Shares

source image

VoIP

2w

read

196

img
dot

Image Credit: VoIP

NTT Data Breach Exposes 18,000 Corporate Customers’ Info

  • NTT Communications, a leading Japanese ICT provider and subsidiary of Nippon Telegraph and Telephone (NTT), has confirmed a significant data breach affecting 17,891 corporate clients.
  • The breach was detected in two phases, with the attacker accessing sensitive customer information such as contract and contact details.
  • The stolen data includes contract numbers, contact names, phone numbers, email addresses, and mailing addresses.
  • NTT Communications has pledged to notify all affected clients, implement enhanced security measures, and is committed to restoring trust.

Read Full Article

like

11 Likes

share

2 Shares

source image

Schneier

3w

read

65

img
dot

Silk Typhoon Hackers Indicted

  • The US Department of Justice has indicted 12 Chinese individuals for alleged hacker intrusions over more than a decade.
  • The indicted individuals include eight i-Soon contractors, two Ministry of Public Security officials, and two hackers from the group APT27, or Silk Typhoon.
  • The group targeted various US and foreign government agencies, Chinese dissidents, US-based media outlets, and breached the US Treasury in 2020.
  • The hackers operated with autonomy, selecting targets themselves and selling stolen information to Chinese government clients.

Read Full Article

like

3 Likes

share

Share

source image

Cybersecurity-Insiders

3w

read

406

img
dot

Image Credit: Cybersecurity-Insiders

Data Breach stories of Bank of America and Jaguar Land Rover

  • Jaguar Land Rover (JLR) facing a data breach after sensitive documents were leaked on BreachForums.
  • Leaked data includes future vehicle source codes, customer information, and development logs.
  • Jaguar Land Rover taking necessary precautions to address the breach and will notify affected customers.
  • Bank of America (BoA) experienced a data breach due to the mishandling of sensitive paper records by a third-party vendor.

Read Full Article

like

24 Likes

share

5 Shares

source image

Kaspersky

3w

read

30

img
dot

Image Credit: Kaspersky

How to store cryptocurrency after the Bybit hack | Kaspersky official blog

  • Bybit, the world’s second-largest crypto exchange, was subject to a $1.5 billion heist, highlighting flaws in the crypto ecosystem and revealing lessons for users.
  • The attackers compromised a Safe{Wallet} developer machine to carry out the theft by manipulating transactions.
  • Bybit employees unknowingly green-lighted a malicious smart contract, resulting in the theft of funds from a cold wallet.
  • The FBI identified a North Korean group as the perpetrators, known for sophisticated cryptocurrency theft tactics.
  • The hack emphasizes the challenges in securing blockchain transactions and the limitations in canceling or refunding transactions.
  • Bybit responded by compensating losses and initiating a bounty program for funds recovery, encouraging self-custody of assets in the future.
  • Self-custody of cryptocurrency assets requires secure measures like using hardware wallets, storing seed phrases offline, and diversifying wallets.
  • Strict digital hygiene, dedicated computers for transactions, and cautious software practices are recommended for secure self-custody.
  • Users are advised to follow enhanced security measures, detect phishing attempts, and stay informed about crypto scams to protect their investments.
  • The incident with Bybit underscores the importance of individual responsibility and vigilance in safeguarding cryptocurrency assets.

Read Full Article

like

1 Like

share

Share

source image

Pymnts

3w

read

148

img
dot

Image Credit: Pymnts

New York Sues Allstate and National General Over Data Breaches

  • The New York State Attorney General has filed a lawsuit against insurance companies doing business as National General and Allstate.
  • The lawsuit alleges that National General failed to protect consumer personal information, including not notifying impacted consumers about data breaches.
  • The suit claims that National General failed to implement reasonable data security measures under Allstate's ownership.
  • The lawsuit seeks penalties and an injunction to stop further violations.

Read Full Article

like

8 Likes

share

2 Shares

source image

TechCrunch

3w

read

380

img
dot

Image Credit: TechCrunch

What PowerSchool won’t say about its data breach affecting millions of students

  • PowerSchool, a K-12 software provider, suffered a significant data breach in December 2024, potentially affecting millions of students and staff across North America.
  • The breach originated from a compromised credential in the customer support portal, granting access to the school information system.
  • While some details of the breach have been disclosed, many crucial questions remain unanswered by PowerSchool.
  • The company has not revealed the exact number of individuals impacted by the breach, despite estimates from various sources.
  • Reports suggest that personal data of over 62 million students and 9.5 million teachers may have been accessed by the hacker.
  • The types of stolen data, including sensitive personal information and medical records, remain undisclosed by PowerSchool.
  • The company worked with a cyber-extortion incident response firm to negotiate with the hackers, hinting at a ransom payment.
  • Concerns linger about whether the stolen data has been completely deleted, as PowerSchool has not provided evidence of deletion.
  • The identity of the hacker responsible for the breach is unknown, raising questions about cybersecurity measures.
  • Forensic reports have shed some light on the breach timeline, indicating potential long-standing access to PowerSchool's network.

Read Full Article

like

22 Likes

share

5 Shares

source image

TechCrunch

3w

read

306

img
dot

Image Credit: TechCrunch

Hacker accessed PowerSchool’s network months before massive December breach

  • A new forensic report by CrowdStrike reveals that U.S. edtech giant PowerSchool was compromised by a hacker months before the December breach.
  • PowerSchool confirmed unauthorized activity on its network prior to December, possibly dating back to August 2024.
  • The hacker used compromised support credentials to access PowerSchool's network and gained unauthorized access to the customer support portal.
  • PowerSchool's log data did not go far enough to attribute the earlier access to the same threat actor involved in the December breach.

Read Full Article

like

18 Likes

share

4 Shares

source image

Cybersecurity-Insiders

3w

read

4

img
dot

Image Credit: Cybersecurity-Insiders

Twitter not down due to Cyber Attack

  • On March 10, 2025, Twitter experienced widespread disruptions in service, affecting users globally.
  • Speculation arose that the outage was due to a cyber-attack, but it was later debunked and attributed to a technical glitch caused by a software rollout.
  • The issue was swiftly addressed, and services were restored within 24 to 60 minutes, though some users experienced longer interruptions.
  • The Twitter outage was not a result of a cyber-attack, but rather a technical glitch, according to Twitter sources.

Read Full Article

like

Like

share

Share

source image

Securityaffairs

3w

read

166

img
dot

Image Credit: Securityaffairs

Experts warn of mass exploitation of critical PHP flaw CVE-2024-4577

  • Threat actors exploit PHP flaw CVE-2024-4577 for remote code execution.
  • Over 1,000 attacks detected globally.
  • The vulnerability tracked as CVE-2024-4577 allows for remote code execution on vulnerable servers using Apache and PHP-CGI.
  • GreyNoise researchers report a significant increase in attacks targeting multiple regions, including the US, UK, Singapore, and Japan.

Read Full Article

like

10 Likes

share

2 Shares

source image

Kaspersky

3w

read

170

img
dot

Image Credit: Kaspersky

Technology to check QR codes for phishing | Kaspersky official blog

  • Kaspersky Secure Mail Gateway has added a technology to read QR codes and check for phishing links hidden within them.
  • Attackers use QR codes to bypass security measures and hide phishing links from scanners.
  • QR codes are commonly scanned on personal devices without proper security software, making them more vulnerable to phishing attacks.
  • Kaspersky's technology extracts links from QR codes in images and PDF files, checking them for phishing and flagging suspicious emails accordingly.

Read Full Article

like

10 Likes

share

2 Shares

source image

Securityaffairs

3w

read

109

img
dot

Image Credit: Securityaffairs

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

  • RansomHouse gang claims the hack of the Loretto Hospital in Chicago.
  • The RansomHouse gang claims to have stolen 1.5TB of sensitive data from Loretto Hospital.
  • RansomHouse is a data extortion group that focuses on data theft instead of encryption. Victims include AMD and Keralty.
  • Ransomware attacks on US healthcare providers have surged, with 98 attacks compromising 117 million records in 2024.

Read Full Article

like

6 Likes

share

1 Share

source image

Securityaffairs

3w

read

350

img
dot

Image Credit: Securityaffairs

Large-scale cryptocurrency miner campaign targets Russian users with SilentCryptoMiner

  • A large-scale cryptocurrency miner campaign is targeting Russian users with SilentCryptoMiner.
  • Threat actors are disguising the malware as a tool to bypass internet restrictions.
  • Over 2,000 victims have been identified, with the true number potentially higher.
  • The malware campaign was spread via malicious archives, YouTube, and Telegram channels.

Read Full Article

like

21 Likes

share

4 Shares

source image

Securityaffairs

3w

read

210

img
dot

Image Credit: Securityaffairs

Feds seized $23 million in crypto stolen using keys from LastPass breaches

  • U.S. authorities seized $23M in crypto linked to a $150M Ripple wallet theft, experts believe the incident is linked to the 2022 LastPass breach.
  • Authorities seized $24M in frozen assets before they could be withdrawn, aligning with prior findings that cybercriminals cracked master passwords from LastPass to carry out major heists.
  • Law enforcement traced $23,604,815.09 of stolen crypto between June 2024 and February 2025 to multiple exchanges, including OKX, Kraken, WhiteBIT, AscendEX, FixedFloat, SwapSpace, and CoinRabbit.
  • Investigators found no evidence of device hacking, supporting the hypothesis that attackers decrypted stolen password manager data to access the victim’s crypto wallet.

Read Full Article

like

12 Likes

share

2 Shares

Prev

1
2
3
4
5
6
7
8
9
10

Next

For uninterrupted reading, download the app