menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Cyber Crime News

Cyber Crime News

source image

Medium

1w

read

16

img
dot

Image Credit: Medium

Stories of data leakage | Overkill Security

  • A US Navy contractor deliberately sabotaged a submarine's threat detection system by inserting malicious code in 2007.
  • Robert Birchum, a retired US Air Force intelligence officer, was sentenced to three years in federal prison for unlawfully possessing and retaining classified documents.
  • Harold Martin, a former NSA contractor, was arrested for stealing and retaining highly classified top-secret documents for 20 years.
  • Jerry Chun Shing Lee, a former CIA officer, was arrested for unlawful retention of national defense information, possessing notebooks containing classified information.
  • Jack Teixeira, a member of the Massachusetts Air National Guard, pleaded guilty to leaking highly classified military documents on a social media platform.

Read Full Article

like

1 Like

share

Share

source image

Siliconangle

1w

read

317

img
dot

Image Credit: Siliconangle

Zscaler addresses rising phishing threats and AI security challenges

  • During the RSA Conference, concerns were raised about the use of AI in cyber attacks.
  • Zscaler Inc. addresses the rising phishing threats and the need to secure AI technologies.
  • Zscaler blocked 2 billion phishing attempts and observed a 60% increase in phishing attacks last year.
  • To combat the threat, Zscaler leverages AI to analyze logs and detect compromised users.

Read Full Article

like

19 Likes

share

4 Shares

source image

Securityaffairs

1w

read

54

img
dot

Image Credit: Securityaffairs

LockBit gang claimed responsibility for the attack on City of Wichita

  • The LockBit ransomware group has claimed responsibility for the attack on the City of Wichita.
  • The City of Wichita, Kansas, experienced a ransomware attack and shut down its network to contain the threat.
  • The incident took place on May 5th, 2024, and the City is working with security experts and law enforcement agencies.
  • The ransomware gang has demanded a ransom payment by May 15, 2024.

Read Full Article

like

3 Likes

share

Share

source image

Pymnts

1w

read

255

img
dot

Image Credit: Pymnts

MGM Hackers Reportedly Targeting Banks and Insurers

  • A group called Scattered Spider, known for a previous massive hack on casinos, is now reportedly targeting banks and insurers.
  • Since late last month, Scattered Spider has targeted 29 companies and successfully breached the systems of at least two insurers.
  • The hackers used lookalike domains and fake login pages to deceive employees in the sector, utilizing phishing techniques.
  • Scattered Spider was also responsible for the ransomware attack on MGM Resorts and a cyberattack on Clorox last year.

Read Full Article

like

15 Likes

share

3 Shares

source image

Medium

1w

read

217

img
dot

Image Credit: Medium

Patchwork Your Defense: Why Patch Management is Crucial for Cyber Security

  • Software vendors release patches to address security vulnerabilities.
  • Patch management ensures systems are updated with the latest fixes.
  • Building a sustainable patch management strategy requires ongoing effort.
  • Partnering with a trusted security provider reduces the risk of cyber attacks.

Read Full Article

like

13 Likes

share

3 Shares

source image

Silicon

1w

read

322

img
dot

Image Credit: Silicon

Chinese Hack Exposes Ministry Of Defence Payroll Data

  • The payroll records of nearly all members of the UK's armed forces have been exposed to Chinese hackers through a third-party supplier to the Ministry of Defence.
  • Approximately 270,000 payroll records, including names, bank details, and a small number of addresses, were compromised.
  • The compromised third-party payroll system was managed by a private contractor, SSCL, based in Newport.
  • The hack is suspected to be the work of a malign actor with potential state involvement, possibly China.

Read Full Article

like

19 Likes

share

4 Shares

source image

Hackernoon

1w

read

108

img
dot

Image Credit: Hackernoon

Social Engineering Attacks: One of the Biggest and Quietest Threats to Your Business

  • Social engineering attacks are considered silent threats to SMBs and SMEs - this blog addresses these specific types of threats for small and medium-sized business owners.
  • According to a report by Barracuda, there is a 350% increase in social engineering attacks on small businesses compared to larger enterprises.
  • Social engineering refers to the psychological manipulation of people into divulging confidential information or performing unsafe actions, and it is an assault on emotions and feelings to extract sensitive information.
  • This type of attack can happen online, in-person, or through other interactions - prime targets are SMBs/SMEs where employees are overburdened, and there is a lack of resources.
  • Counter social engineering attacks by training employees to recognize phishing emails, suspicious phone calls and unsolicited requests for sensitive data and verification of all emails received for legitimacy.
  • Deployment of two-factor authentication or multi-factor authentication to all accounts, data encryption and backups can help mitigate the effects of cyberattacks.
  • Some common scams to watch out for include phishing, tech support, pretexting, baiting, malware and CEO fraud.
  • Creating awareness among employees about social engineering attacks and various tactics used by threat actors will go a long way in preventing such attacks.
  • It is essential to act on prevention measures as social engineering attacks are becoming more sophisticated, with hackers using tech evolution to their advantage.

Read Full Article

like

6 Likes

share

1 Share

source image

Securityaffairs

1w

read

289

img
dot

Image Credit: Securityaffairs

LiteSpeed Cache WordPress plugin actively exploited in the wild

  • Threat actors are exploiting a high-severity vulnerability in the LiteSpeed Cache plugin for WordPress to take over web sites.
  • The vulnerability allows for stored cross-site scripting (XSS) attacks, enabling the creation of rogue admin accounts with full control over the website.
  • The issue was discovered in February 2024 and affects vulnerable versions of the LiteSpeed plugin.
  • The vulnerability was fixed in October 2023 with the release of version 5.7.0.1.

Read Full Article

like

17 Likes

share

4 Shares

source image

Kaspersky

1w

read

83

img
dot

Image Credit: Kaspersky

How to protect yourself from phishing and malware on GitHub and GitLab | Kaspersky official blog

  • GitHub and GitLab, popular developer repositories, have a flaw that allows anyone to upload malicious files and share them via direct links.
  • Cybercriminals are taking advantage of this flaw to carry out convincing phishing attacks.
  • Users should avoid downloading files from direct GitHub or GitLab links found in external sources and instead verify the file's authenticity on the project page.
  • Additionally, users should be cautious of typosquatting, avoid downloading applications with few stars and created recently, and use robust malware and phishing protection.

Read Full Article

like

5 Likes

share

1 Share

source image

Securityaffairs

1w

read

234

img
dot

Image Credit: Securityaffairs

UK Ministry of Defense disclosed a third-party data breach exposing military personnel data 

  • The UK Ministry of Defense disclosed a data breach at a third-party payroll system that exposed data of armed forces personnel and veterans.
  • Approximately 272,000 armed forces personnel and veterans have been affected by the breach.
  • The breached system is separate from the main military HR system, according to Defence Secretary Grant Shapps.
  • China has been suspected as the responsible party, but they have denied any involvement in the attack.

Read Full Article

like

14 Likes

share

3 Shares

source image

TechCrunch

1w

read

142

img
dot

Image Credit: TechCrunch

Brandywine Realty Trust says data stolen in ransomware attack

  • Brandywine Realty Trust has confirmed a cyberattack resulting in data theft.
  • The attack involved unauthorized access and encryption of its internal IT systems.
  • The incident caused disruption to business applications, but the company believes it has contained the activity.
  • Brandywine is investigating whether sensitive or personal information was taken.

Read Full Article

like

8 Likes

share

2 Shares

source image

Securityaffairs

1w

read

0

img
dot

Image Credit: Securityaffairs

Law enforcement agencies identified LockBit ransomware admin and sanctioned him

  • Law enforcement agencies have identified and sanctioned the admin of the LockBit ransomware operation.
  • The admin, Dmitry Yuryevich Khoroshev, a Russian national, is now subject to asset freezes and travel bans.
  • LockBit targeted over 100 hospitals and healthcare companies, resulting in at least 2,110 victims.
  • Law enforcement agencies have obtained decryption keys and are assisting LockBit victims in recovering their files.

Read Full Article

like

Like

share

Share

source image

TechCrunch

1w

read

298

img
dot

Image Credit: TechCrunch

What we learned from the indictment of LockBit’s mastermind

  • The mastermind behind LockBit, Dmitry Yuryevich Khoroshev, has been identified and charged with computer crimes, fraud, and extortion.
  • Khoroshev had an online alias, putinkrab, which may reference Russian President Vladimir Putin.
  • Surprisingly, LockBit targeted Russian victims as well, contrary to the usual unwritten rule of not targeting within the country.
  • Khoroshev closely monitored his affiliates and developed a tool called 'StealBit' to store stolen data on his servers.
  • LockBit and its affiliates extorted around $500 million from 2,500 victims, causing billions of dollars in damages worldwide.
  • In a shocking revelation, Khoroshev reached out to law enforcement offering his services in exchange for information on competitors.

Read Full Article

like

17 Likes

share

4 Shares

source image

Guardian

1w

read

399

img
dot

Image Credit: Guardian

Dmitry Khoroshev named as alleged leader of ransomware gang LockBit

  • Dmitry Khoroshev has been named as the alleged leader of ransomware gang LockBit by the UK's National Crime Agency (NCA) after the seizure of the gang's infrastructure.
  • Khoroshev, also known as LockBitSupp, has been sanctioned by the UK, US, and Australia.
  • LockBit was a dangerous ransomware group that targeted high-profile victims, including Royal Mail and Boeing.
  • The NCA's efforts have successfully disrupted LockBit, but Khoroshev, believed to be in Russia, may remain at large due to the country's historical reluctance to extradite cybercriminals.

Read Full Article

like

24 Likes

share

5 Shares

source image

Cybersecurity-Insiders

1w

read

172

img
dot

Image Credit: Cybersecurity-Insiders

UK Military data breach and LockBit admin identified

  • The UK Ministry of Defense confirms a data breach resulting in personal and financial information exposure of military personnel and political figures.
  • The cyber intrusion targeted payroll systems managed by a third-party contractor, with suspicions of potential Chinese involvement.
  • A government investigation is underway to determine the extent of the breach, which may be part of a larger campaign targeting government databases.
  • In a separate development, the alleged administrator of the LockBit ransomware group, Dmitry Yuryevich Khoroshev, has been identified and faces criminal charges.

Read Full Article

like

10 Likes

share

2 Shares

Prev

1
2
3
4
5
6
7
8
9
10

Next

For uninterrupted reading, download the app