menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Cyber Crime News

Cyber Crime News

source image

Cybersecurity-Insiders

2w

read

170

img
dot

Image Credit: Cybersecurity-Insiders

Satellite receivers enriched with DDoS Attack functionality led to CEO Arrests

  • Two South Korean companies manufacturing satellite receivers were found to have equipped their devices with DDoS attack capabilities.
  • Arrest warrants have been issued for the CEOs of these companies, following investigations by the South Korean government.
  • The companies delivered approximately 240,000 satellite receivers, with over 98,560 devices already integrated with DDoS functionality.
  • Some of the compromised devices were sold to broadcasting companies in developed countries, and the investigation is ongoing.

Read Full Article

like

10 Likes

source image

Hackernoon

2w

read

266

img
dot

Image Credit: Hackernoon

This New Tool Claims to Help Identify Ethereum Phishing Gangs

  • A recent study conducted at Sun Yat-sen University sheds light on Ethereum phishing gangs.
  • Phishers exploit Ethereum's pseudonymous and decentralized structure to steal funds.
  • Researchers have developed a tool called PGDetector to identify and track Ethereum phishing gangs.
  • PGDetector analyzes transaction data to detect patterns of fraud and uncover the full extent of these networks.

Read Full Article

like

16 Likes

source image

TechCrunch

2w

read

48

img
dot

Image Credit: TechCrunch

Ransomware hackers target NHS hospitals with new cyberattacks

  • Ransomware hackers continue to target NHS hospitals across the UK, compromising multiple hospitals, exposing patient data, and disrupting emergency services.
  • Inc Ransom, a Russia-linked ransomware group, claims to have breached Alder Hey Children's Hospital Trust and stolen patient records, donor reports, and procurement data.
  • Alder Hey confirmed the cybersecurity incident and stated that investigations are ongoing to determine if confidential data has been obtained.
  • Wirral University Teaching Hospital, located near Alder Hey, has also been targeted, forcing the hospital to declare a 'major incident' and causing ongoing disruptions.

Read Full Article

like

2 Likes

source image

Silicon

2w

read

379

img
dot

Image Credit: Silicon

Telegram Joins Child Safety Scheme

  • The Telegram messenger app has partnered with the Internet Watch Foundation (IWF) to proactively prevent child sexual abuse imagery from being spread in public parts of its platform.
  • Previously, encrypted apps like Telegram and Discord were used by criminals to peddle illegal content, including child sexual abuse material (CSAM). Telegram has now agreed to work with IWF to stop the spread of CSAM.
  • Telegram had previously refused to join official schemes citing their strict privacy stance against the sharing of confidential data with government entities and resisted other governments’ attempts to weaken end-to-end encryption or provide access to people’s messages.
  • For the first time, Telegram will use tools and data from the UK’s Internet Watch Foundation (IWF) along with its own to detect, disrupt, remove, and block child sexual abuse imagery.
  • Telegram will use a range of IWF services, including taking IWF “hashes” to spot when criminal content is being shared in public parts of the site to instantly block it.
  • Telegram has stated that when reported, child abuse images are usually processed within one hour.
  • The IWF has confirmed thousands of reports of child sexual abuse imagery on Telegram including category A imagery, the most severe kinds of child sexual abuse, and imagery involving children younger than two years old.
  • Telegram removes hundreds of thousands of child abuse materials each month, relying on reports, proactive moderation which includes AI, machine learning and hash-matching.
  • Telegram had previously refused to comply with demands by Russia’s FSB Federal Security Service which wanted access to some messages.
  • Dubai-based Telegram is said to be the most popular instant messaging application in parts of Europe, Asia, and Africa.

Read Full Article

like

22 Likes

source image

TechCrunch

3w

read

131

img
dot

Image Credit: TechCrunch

US says Chinese hackers are still lurking in American phone networks

  • U.S. government officials confirm that China-backed hacking group Salt Typhoon is still present in the networks of major American phone and internet providers.
  • Telecom giants such as AT&T, Verizon, and Lumen are currently working to remove the hackers, as their motivations remain unclear.
  • The hacks are believed to be part of China's espionage efforts, with U.S. officials and senior Americans, including presidential candidates, being targeted.
  • The U.S. government has issued guidance to telecom networks on securing their systems against these China-backed hackers.

Read Full Article

like

7 Likes

source image

Silicon

3w

read

78

img
dot

Image Credit: Silicon

UK Underestimates Threat Of Cyber-Attacks, Says NCSC Head

  • The new head of GCHQ’s National Cyber Security Centre (NCSC) has used his first speech to warn that the cyber risk to the UK is “widely underestimated.”
  • NCSC’s Richard Horne emphasised the need for sustained vigilance in an increasingly aggressive online world.
  • Horne issued a rallying call for collective action against an increasingly complex array of threats.
  • The NCSC is a National Technical Authority and has been publishing advice, guidance and frameworks since its inception, but these must be put into practice urgently across the board.
  • Countries like Russia and China pose increased risk in cyberspace to the UK, with increasingly sophisticated cyber attacks.
  • Organisations must invest in cybersecurity and see it as both an essential foundation for their operations, and a driver for growth, innovation and purpose.
  • The volume and severity of cyber threats against the UK has not been fully appreciated, including the escalating nature of cyber attacks against critical infrastructure supply chains.
  • The NCSC has handled an increasing number of incidents and sees ransomware as the most pervasive cyber threat to the UK.
  • The the real-world impact of cyberattacks and their potential to cause human costs must not be ignored amid our dependence on technology.
  • Lastly, cybercriminals are using artificial intelligence tools to increase the volume and height of impact in cyberattacks.

Read Full Article

like

4 Likes

source image

Krebsonsecurity

3w

read

179

img
dot

Why Phishers Love New TLDs Like .shop, .top and .xyz

  • Phishing attacks have risen almost 40% in the year up to August 2024 in new generic top-level domains, including .shop, .top, and .xyz, as 37% of cybercrime domains reported between September 2023 and August 2024 were in new gTLDs.
  • Interisle Consulting’s phishing report shows that these new gTLDs only have an 11% share of the new domains market in the same period.
  • .com and .net domains comprised50% of the domains registered in the previous year but represented just over 40% of cybercrime domains.
  • A near-equal 37% of cybercrime domains were registered through new gTLDs due to their cheap or free registration and insufficient identity verification requirements.
  • ICANN plans to propose new gTLDs again in 2026 despite reports of phishers abusing these domains.
  • New gTLD registrars tend to sell domains cheaply to customers who buy them in bulk but end up losing out as criminals and spammers never renew.
  • This past year, the US Postal Service was the most common target of phishing attacks, while cybercriminals are increasingly turning to subdomain providers to disguise their criminal activity.
  • Interisle tracked more than 1.18 million cases of subdomains being used for phishing in the past year, and more than half of those were subdomains at Google.
  • Subdomain providers should limit the number of subdomains a customer can create at one time and suspend automated, high-volume automated account sign-ups.

Read Full Article

like

10 Likes

source image

Securityaffairs

3w

read

218

img
dot

Image Credit: Securityaffairs

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

  • Energy industry contractor ENGlobal Corporation disclosed a ransomware attack on November 25, disrupting operations.
  • The threat actors gained unauthorized access to the company's IT system and encrypted some data files.
  • ENGlobal Corporation is currently working with external cybersecurity specialists to investigate and remediate the incident.
  • It is unclear when full access to the company's IT systems will be restored, and the impact on its financial condition and operations is being assessed.

Read Full Article

like

13 Likes

source image

Socprime

3w

read

249

img
dot

Image Credit: Socprime

SmokeLoader Malware Detection: Notorious Loader Reemerges to Target Companies in Taiwan

  • The SmokeLoader malware has reemerged and is targeting Taiwanese companies in various sectors.
  • SmokeLoader, typically used as a downloader for deploying other malicious samples, is now directly executing attacks by retrieving plugins from its C2 server.
  • Security professionals can rely on SOC Prime Platform for collective cyber defense and access dedicated Sigma rules to detect SmokeLoader attacks.
  • SmokeLoader belongs to the adversary toolkit of the financially motivated UAC-0006 group and has been used in phishing campaigns against Ukraine in the past.

Read Full Article

like

15 Likes

source image

TechCrunch

3w

read

39

img
dot

Image Credit: TechCrunch

US agency proposes new rule blocking data brokers from selling Americans’ sensitive personal data

  • The Consumer Financial Protection Bureau has proposed a new rule to block data brokers from selling Americans' personal and financial information.
  • The proposed rule aims to rein in data brokers who evade federal law by claiming they're not subject to the Fair Credit Reporting Act (FCRA).
  • The rule treats data brokers the same as credit bureaus and background check companies, subjecting them to federal protection under the FCRA.
  • The proposed rule restricts data brokers from selling sensitive information like Social Security numbers and phone numbers.

Read Full Article

like

2 Likes

source image

Hackernoon

3w

read

192

img
dot

Image Credit: Hackernoon

Sweet Security Unveils First Unified Detection And Response Platform

  • Sweet Security has unveiled its unified Cloud Native Detection and Response platform.
  • The platform integrates capabilities of Application Detection and Response (ADR), Cloud Detection and Response (CDR), and Cloud Workload Protection Platform (CWPP).
  • Sweet Security aims to provide unparalleled detection and response capabilities for cloud environments.
  • The platform offers unified visibility, vulnerability management, runtime CSPM, and identity threat detection and response (ITDR).

Read Full Article

like

11 Likes

source image

Secureerpinc

3w

read

241

img
dot

Image Credit: Secureerpinc

Cybercriminals Exploit AI Tools for Advanced Phishing

  • Cybercriminals are using AI tools for advanced phishing attacks.
  • Hackers impersonate OpenAI in a new widespread phishing scam.
  • AI tools make it difficult for existing security systems to catch phishing messages.
  • Deepfake technology is also being used in phishing attacks.

Read Full Article

like

14 Likes

source image

Securityaffairs

3w

read

434

img
dot

Image Credit: Securityaffairs

Interpol: Operation HAECHI-V led to more than 5,500 suspects arrested

  • Operation HAECHI-V led to more than 5,500 suspects arrested and $400 million seized.
  • The operation targeted cyber frauds such as phishing, romance scams, and online gambling.
  • A voice phishing syndicate causing $1.1 billion in losses was dismantled, leading to 27 arrests.
  • INTERPOL issued a Purple Notice warning about cryptocurrency fraud involving the USDT Token Approval Scam.

Read Full Article

like

26 Likes

source image

Securelist

3w

read

258

img
dot

Image Credit: Securelist

Horns&Hooves campaign delivers NetSupport RAT and BurnsRAT

  • Horns&Hooves campaign uses ZIP files containing JScript scripts with lookalike names of customer and partner requests, containing decoy documents related to the organization, and licenses belonging to cybercriminal group TA569.
  • The campaign hitting over one thousand users in Russia began in March 2023, changes were made to the script, while the same distribution method was employed.
  • The early samples, dating back to April and May 2023, used scripts with the HTA.extension. The DOM is used to create nodes, remove nodes, or to replace one node with another.
  • The later versions of the campaign had JS script names like the ones calling on the browser to open or purchase request variations.
  • Using a label or a linked scope, the attackers were able to make the malicious code execute when the corresponding check box in the browser window is checked.
  • The NetSupport RAT which can infiltrate the system through scam websites and fake browser updates, disguised as technical support, is used to remotely manage and gain access to infected devices.
  • BurnsRAT is also utilized by the attackers and RMS is launched as a service, with information regarding the computer sent to the server post installation.
  • Access is gained by TA569, whose security key matched that of the installation configuration file.
  • The stolen documents could be used to further the malicious campaign in the future, as they may possess sensitive corporate information.
  • Phishing scams like the Horns&Hooves campaign often are spearheaded to gain the initial foothold, with the attackers seeking encryption or may sell access to other cybercriminal organizations.

Read Full Article

like

15 Likes

source image

Medium

3w

read

123

img
dot

Image Credit: Medium

The Rise in Ransomware Attacks: Trends, Impacts, and Mitigation Strategies

  • Ransomware attacks have become more accessible due to RaaS platforms.
  • Critical infrastructure, such as healthcare systems, is at risk from ransomware attacks.
  • Governments are implementing stricter cybersecurity regulations.
  • Employee training programs are crucial for mitigating ransomware attacks.

Read Full Article

like

7 Likes

For uninterrupted reading, download the app