Cyber Crime News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Cyber Crime News

TechDigest

Image Credit: TechDigest

UK public sector IT leaders braced for cyber attacks – phishing biggest threat

60% of UK public sector IT leaders believe a cyber attack is inevitable, according to Trend Micro.
Phishing is perceived as the top threat by 60% of respondents, followed by ransomware at 41%.
Internal vulnerabilities include a lack of proactive threat hunting, with 31% of leaders admitting exposure.
24% estimate a one to three-day delay in identifying ransomware attacks, showing a reactive defense posture.
Time constraints hinder strategic planning, with 49% overwhelmed by immediate challenges.
42% note the absence of a cybersecurity-first culture within their workforce.
Employee behaviors such as bypassing security protocols (47%) and human errors (39%) are concerns.
Jonathan Lee from Trend Micro warns of the public sector being a prime cybercrime target.
38% of IT leaders plan to adopt advanced technologies, like Generative AI, by 2027 to enhance threat detection.
The public sector is urged to fortify defenses as traditional methods may not suffice against sophisticated attacks.

Read Full Article

Hackernoon

360

Image Credit: Hackernoon

Salt Typhoon: The Hidden Hand Behind the Telecom Gift Card Scam?

Security researchers have warned about state-sponsored hacking groups, including the Typhoon family, actively targeting U.S. government agencies and telecom operators.
The Salt Typhoon group is suspected of being behind telecom-related gift card scams by gaining unauthorized access to customer records.
The Typhoon family includes Volt Typhoon, targeting critical infrastructure, Flax Typhoon, focusing on long-term espionage, and Salt Typhoon, specializing in telecom providers.
Volt Typhoon uses living-off-the-land techniques to evade detection and prepare for potential cyberattacks during geopolitical tensions.
Flax Typhoon forms botnets using internet-connected devices for long-term access and data theft with a low-and-slow strategy.
Salt Typhoon targets U.S. telecom companies, breaching networks and exploiting vulnerabilities in hardware and interception networks linked to CALEA.
Salt Typhoon's access to internal customer databases raises concerns about financial fraud possibilities, such as impersonating service representatives for fraudulent transactions.
The Comcast gift card scam involves scammers obtaining sensitive customer information, potentially facilitated by Salt Typhoon's network penetration.
Mitigation strategies for telecom providers include implementing Zero Trust security, enhancing network visibility, patching vulnerabilities, strengthening authentication, and educating customers about scams.
Salt Typhoon's expertise in network intrusion and data extraction makes them potential suspects in telecom gift card scams, highlighting evolving cybersecurity threats from state-sponsored actors.

Read Full Article

21 Likes

Hackernoon

396

Image Credit: Hackernoon

How to Tackle New Cybersecurity Threats and Data Breaches

The cybersecurity landscape is ever-changing, with increasing threats highlighted by incidents like the Ticketmaster data breach via Snowflake and attacks on UK retailers.
CrowdStrike's 2025 Global Threat Report shows a rise in cloud intrusions and victims, with numerous threat groups identified, including a surge in China-linked espionage attacks.
The Ticketmaster-Snowflake breach impacted over 165 organizations, demanding ransoms and raising concerns about third-party cloud security.
Major UK retailers like Co-op, Harrods, and M&S faced cyberattacks, showcasing vulnerabilities in third-party services and a shift to malware-free attacks.
Actionable steps to enhance cybersecurity include implementing phishing-resistant MFA, educating staff on social engineering tactics, and conducting cybersecurity gap analyses.
Companies should perform penetration testing, monitor third-party vendors closely, and enforce secure development practices to mitigate supply chain risks.
Despite evolving cyber threats utilizing new technology and exploiting vulnerabilities, organizations can enhance resilience through proactive defense strategies and decisive actions.

Read Full Article

23 Likes

TronWeekly

423

Image Credit: TronWeekly

Crypto Crackdown: India’s CBI Seizes $327K in Major Transnational Cybercrime Raid

India’s CBI seized $327,000 in cryptocurrency and $26,400 in cash from a suspect in a major transnational cybercrime raid.
The cyber ring targeted U.S. and Canadian victims using spoofing technology for impersonation and fraud schemes.
Rahul Arora was arrested in New Delhi, and tools like caller ID spoofing software were recovered during the raid.
The group exploited enforcement loopholes in different countries, posed as police or technical support officials to scam victims.
International calling devices, crypto wallets, and lead generation tools were seized by CBI during the operation.
CBI initiated actions as per digital asset regulations and presented Arora before a Special Court in Delhi.
The investigation involved international agencies like Interpol and the FBI, with more arrests possible based on digital evidence.
The enforcement action was part of Project Chakra-V, a collaborative cybercrime effort specializing in combating crimes on the dark web.
The fraud did not use blockchain technologies, and crypto was only used to store illegal funds, not classified as a crypto scam.
Web3 experts recommended handling confiscated digital assets with industry-grade tools and legal protection.
CBI clarified their protocols for managing Virtual Digital Assets and ensuring security of confiscated properties.
Digital forensics experts aim to track down transactions linked to the seized crypto wallets.
In previous cases like the GainBitcoin Ponzi scheme, CBI confiscated close to $3 million in crypto.
Bitcoin nears all-time highs while regulatory efforts continue in the cryptocurrency space.

Read Full Article

25 Likes

Discover more

Securityaffairs

272

Image Credit: Securityaffairs

Operation Secure: INTERPOL dismantles 20,000+ malicious IPs in major cybercrime crackdown

INTERPOL conducted Operation Secure, targeting malicious IPs tied to info-stealing malware.
The operation, held from January to April 2025, involved 26 countries and partners like Group-IB, Kaspersky, and Trend Micro.
20,000+ malicious IPs/domains were dismantled, with 41 servers seized and 32 arrests made.
Authorities alerted over 216,000 victims for securing accounts after the operation.
Vietnam, Sri Lanka, Nauru, and Hong Kong were among the countries where arrests and seizures took place.
Vietnam arrested 18 suspects, Sri Lanka and Nauru made 14 arrests, and Hong Kong Police exposed phishing servers.
INTERPOL emphasized the importance of collaborative action against cyber threats during Operation Secure.

Read Full Article

16 Likes

Medium

227

Image Credit: Medium

How to Fortify Cloudflare Against Brute-Force and Credential Stuffing Attacks

Cloudflare's Under Attack Mode is a blunt-force approach that can frustrate real users and slow down legitimate traffic.
Default Cloudflare protections may not be sufficient to stop credential stuffing attacks.
Attackers can mimic normal user behavior to evade automated defenses.
Proactive defenses against brute-force and credential stuffing attacks include setting up specific rules and WAF expressions.
It's important not to set thresholds too low to avoid blocking legitimate login attempts.
Automating early-warning systems can help react to threats before users are impacted.
Under Attack Mode should be a last resort, with rate limiting, bot management, and WAF rules being more proactive defenses.
Tuning Cloudflare setup is crucial as attackers do not wait for manual reactions.

Read Full Article

13 Likes

TechCrunch

374

Image Credit: TechCrunch

Whole Foods warns of shortages after cyberattack at its primary distributor UNFI

Whole Foods is facing shortages due to a cyberattack at its primary distributor, United Natural Foods (UNFI), which is experiencing a nationwide technology system outage.
The cyberattack is affecting UNFI's ability to select and ship products, impacting delivery schedules and product availability.
Whole Foods instructed staff to limit communication with customers and cite 'temporary supply challenges' as the only approved response.
UNFI is gradually restoring its systems and aims to increase capacity over the coming days.
The company disclosed the cyberattack to federal regulators and took its network offline after detecting the intrusion.
TechCrunch observed empty shelves at some Whole Foods and other grocery stores reliant on UNFI.
The full impact of the cyberattack on stores and customers may not be evident until later this week.
Whole Foods spokeswoman mentioned they are working on restocking shelves quickly and apologized for any inconvenience caused.
UNFI's net sales for the quarter ended May 3, 2025, were reported at $8.1 billion.
Readers with information regarding the cyberattack or impacted corporate customers can contact the reporter via encrypted message.
The story was first published on June 10 and updated with information on UNFI's recovery.
Whole Foods did not specify how quickly the situation may be resolved as UNFI works to bring back ordering and receiving capabilities.
The cyberattack has led to disruptions in grocery supply chains, potentially affecting stores across the U.S. and Canada.
Reports of empty shelves have emerged, signifying ongoing challenges faced by retailers reliant on UNFI.
UNFI CEO disclosed taking the entire network offline following the intrusion, aiming to restore services and meet customer expectations.
The impacts of the cyberattack may escalate through the week as UNFI continues its recovery efforts.

Read Full Article

22 Likes

TechCrunch

Image Credit: TechCrunch

23andMe says 15% of customers asked to delete their genetic data since bankruptcy

23andMe's interim CEO stated that 15% of its customers, around 1.9 million people, requested deletion of their genetic data following the company's bankruptcy protection filing in March.
During a House Oversight Committee hearing, concerns were raised about the sale of 23andMe after bankruptcy, with fears of customers' data falling into wrong hands.
Regeneron, a pharmaceutical giant, won the bankruptcy auction for 23andMe with a bid of $256 million, pledging to maintain privacy practices and utilize the genetic data for drug discovery.
A federal court is set to review Regeneron's bid for 23andMe in June.
23andMe's bankruptcy follows a data breach affecting 6.9 million customers due to lack of multi-factor authentication, with blame initially placed on customers.
Several states, including Florida, New York, and Pennsylvania, have sued 23andMe over concerns about the sale of customers' private data without explicit consent.
Customers seeking to delete their 23andMe data can refer to a guide available on TechCrunch.

Read Full Article

Securityaffairs

Image Credit: Securityaffairs

Texas Department of Transportation (TxDOT) data breach exposes 300,000 crash reports

Hackers breached Texas DOT (TxDOT), stealing 300,000 crash reports with personal data from its Crash Records Information System (CRIS).
Threat actors compromised the CRIS system, leading to unauthorized access and download of crash reports containing personal information.
TxDOT, as a state agency managing transportation systems in Texas, oversees various functions, including traffic safety and crash data management through CRIS.
Following the breach, TxDOT disabled the compromised account, initiated an investigation, and is enhancing security measures to prevent future incidents.

Read Full Article

2 Likes

TechCrunch

183

Image Credit: TechCrunch

Whole Foods tells staff cyberattack at its primary distributor UNFI will affect product availability

Whole Foods informed its employees about ongoing outages and disruptions at its primary distributor, United Natural Foods (UNFI), due to a nationwide technology system outage described as a cybersecurity incident.
The cyberattack is affecting UNFI's ability to select and ship products, impacting normal delivery schedules and product availability for Whole Foods.
Whole Foods instructed staff to limit communications with customers and provided a single approved customer talking point about temporary supply challenges.
UNFI, one of the largest food distributors in North America, disclosed the cyberattack and took its entire network offline. Real-world impacts on grocery stores and customers may become more evident later this week.

Read Full Article

11 Likes

TechCrunch

285

Image Credit: TechCrunch

Ongoing cyberattack at US grocery distributor giant UNFI affecting customer orders

United Natural Foods (UNFI) is working to restore its capabilities after a cyberattack last week disrupted the grocery supply chain.
The company has shut down its entire network following unauthorized access to its IT systems, causing ongoing disruptions to operations and customer orders.
Customers are experiencing limited deliveries, with reports of empty shelves in some stores; however, the full impact may not be visible immediately.
UNFI has not disclosed the nature of the cyberattack or the extent of its cybersecurity spending, and external-facing systems like web systems and VPN products are offline.

Read Full Article

17 Likes

Managedmethods

312

Image Credit: Managedmethods

Why Traditional Email Filters Aren’t Enough to Stop Phishing in K–12

Phishing poses a significant cybersecurity threat to K-12 schools, with attacks becoming increasingly sophisticated and targeted.
Traditional email filters provided by Google Workspace and Microsoft 365 are inadequate in detecting advanced phishing tactics that rely on social engineering.
These filters lack the ability to assess the intent of emails, leading to potential impersonation attacks that evade detection.
AI and machine learning tools are essential in proactively defending against phishing attempts by analyzing contextual cues and behavioral patterns in emails.
Advanced phishing detection tools powered by AI can identify anomalies and suspicious requests that traditional filters may overlook.
These modern tools also offer automated response capabilities, saving time for IT teams in responding to phishing threats.
ManagedMethods provides Advanced Phishing Detection as a solution tailored for K-12 schools, offering AI-driven protection without exceeding budget constraints.
Investing in AI-powered phishing detection tools can help K-12 schools stay ahead of evolving cyber threats and enhance overall cybersecurity measures.
By leveraging AI reasoning models, organizations can analyze email content more comprehensively and accurately identify potential phishing threats.
The use of reasoning AI enables systems to ask critical questions about the legitimacy of emails and detect manipulative or abnormal communication patterns.

Read Full Article

18 Likes

Securityaffairs

106

Image Credit: Securityaffairs

Mirai botnets exploit Wazuh RCE, Akamai warned

Akamai researchers warned that multiple Mirai botnets are exploiting the critical remote code execution vulnerability CVE-2025-24016 in Wazuh servers.
The vulnerability allows for remote code execution on Wazuh servers, and active exploitation of the flaw has been observed via DAPI request abuse.
Two Mirai botnet variants named 'Resbot' have been exploiting this bug since March 2025, utilizing Italian domain names and targeting IoT devices.
Indicators of compromise and details on the exploitation of the Wazuh servers by Mirai botnets have been shared by Akamai researchers.

Read Full Article

5 Likes

Guardian

Image Credit: Guardian

Hit by a cyber-attack? Seven ways to protect yourself

Companies and organizations are frequently targeted by cyber-attacks, leading to concerns about stolen personal data.
In response to cyber incidents, affected companies usually contact customers via email to provide information and necessary steps.
After a cyber-attack, changing passwords for affected websites and using strong, unique passwords is essential.
Utilizing password managers and implementing two-step authentication adds extra layers of security to online accounts.
Beware of phishing emails that reference recent cyber-attacks to deceive users into providing personal information.
Monitoring credit records is advised post-cyber-attack to detect and prevent potential identity fraud.
Credit agencies like Equifax and Experian offer credit report monitoring services for suspicious activities.
Remaining cautious on social media and opting out of saving payment card details to enhance online security.
Be wary of common scams like 'Hi Mum' incidents and verify requests for urgent cash transfers to avoid falling victim.
Taking proactive measures and staying informed can help individuals protect themselves in the face of increasing cyber threats.

Read Full Article

4 Likes

Securityaffairs

192

Image Credit: Securityaffairs

DOJ moves to seize $7.74M in crypto linked to North Korean IT worker scam

The US Department of Justice (DoJ) has filed a civil forfeiture complaint to seize $7.74 million in crypto connected to North Korean fake IT worker schemes.
The frozen assets include cryptocurrency, NFTs, and other digital assets tied to the indictment of North Korean Foreign Trade Bank representative Sim Hyon Sop.
North Korean IT workers obtained illegal employment to amass millions in cryptocurrency, evading US sanctions.
These workers used fake IDs and deceptive tactics to hide their identities while gaining remote jobs in blockchain firms, paid in stablecoins unknowingly supporting North Korea's revenue stream.
Illicit gains were laundered through various means and funneled back to the regime, including using US accounts to mask their origins.
The US authorities unsealed charges against individuals aiding overseas IT workers to defraud US companies, with North Korea dispatching IT workers globally using stolen US identities.
The operations financed North Korea's illicit nuclear program, highlighting the country's exploitation of global remote IT contracting and cryptocurrency ecosystems to circumvent sanctions.
Several arrests were made, including Christina Marie Chapman and Oleksandr Didenko, facing charges related to fraud, money laundering, and unlawful employment.
Additionally, Matthew Isaac Knoot was arrested for aiding North Korean IT workers, hosting company laptops and laundering payments, contributing to North Korea's illicit weapons program.
Knoot and his associates caused targeted companies over $500,000 in costs. If convicted, Knoot could face a maximum of 20 years in prison.

Read Full Article

11 Likes

For uninterrupted reading, download the app