A naukri.com initiative
Cyber Crime News
TronWeekly
3w
53
Image Credit: TronWeekly
U.S. Sanctions 49 Crypto Addresses Tied to Nemesis Darknet Site
- The U.S. Department of the Treasury's Office of Foreign Assets Control (OFAC) has sanctioned 49 cryptocurrency addresses linked to the darknet marketplace Nemesis.
- Nemesis facilitated approximately $30 million in illicit transactions, including drug sales, data exchange, ransomware, and hacking tools.
- The alleged administrator of Nemesis, Behrouz Parsarad, profited from the platform by charging transaction fees and is estimated to have enriched himself by millions of dollars.
- The U.S. government is actively taking steps to combat illegal online markets and prevent the relaunch of similar darknet marketplaces.
Read Full Article
3 Likes
Silicon
3w
203
Image Credit: Silicon
Trump Suspends Offensive Cyber Operations Against Russia
- The Trump administration has suspended offensive cyber operations against Russia, according to the US Defense Secretary Pete Hegseth.
- The decision to pause offensive operations comes after the US cancelled a planned minerals deal with Ukraine and implemented tariffs against Canada, Mexico, and China.
- The pause in cyber operations does not affect other agencies conducting cyber operations, but the Trump administration has rolled back efforts related to countering cyber threats.
- Cybersecurity experts have urged greater investments in both cyber defense and offense due to the continued interference of China and Russia in the West's economy, elections, and security.
Read Full Article
12 Likes
Gritdaily
3w
323
Image Credit: Gritdaily
What Is Phishing and Why Does It Target Businesses?
- Phishing is a prevalent cyber threat to businesses, with 68% of data breaches involving human errors or social engineering.
- Cybercriminals adapt phishing strategies to bypass traditional security measures, utilizing AI-driven attacks for harder detection.
- Impersonating trusted sources, phishing attacks manipulate employees to compromise security.
- Businesses are prime targets due to valuable data, increased email interactions, and remote work vulnerabilities.
- Common tactics include email phishing, spear phishing, whaling attacks, smishing, and vishing.
- Recognizing phishing attempts involves identifying warning signs like suspicious addresses, urgency, and poor grammar.
- Prevention strategies include phishing simulations, advanced email security tools, multi-factor authentication, ongoing training, and verification protocols.
- AI-driven phishing attacks are growing, using machine learning to craft personalized emails and deepfakes to deceive employees.
- Countermeasures against AI-enhanced phishing involve AI-powered threat detection, robust verification processes, and continuous cybersecurity training.
- Proactive employee training and awareness, alongside advanced threat detection, are crucial for businesses to mitigate phishing risks.
Read Full Article
19 Likes
Bitcoinist
3w
300
Image Credit: Bitcoinist
20% of Stolen Bybit Funds ‘Gone Dark,’ Says CEO—Here’s How
- Approximately $1.4 billion worth of cryptocurrency was stolen in a major hack on Bybit exchange.
- Around 20% of the stolen funds have 'gone dark', while 77% remain traceable and 3% have been frozen.
- Hackers converted stolen ETH tokens into Bitcoin, predominantly using the decentralized liquidity protocol THORChain.
- Concerns are rising over the role of decentralized platforms in facilitating illicit transactions.
Read Full Article
18 Likes
TechCrunch
4w
385
Image Credit: TechCrunch
Polish space agency says it’s investigating a cyberattack
- Poland's space agency (POLSA) is investigating a cyberattack on its IT infrastructure.
- POLSA disconnected its network from the internet after detecting the attack and its website remains offline.
- The nature of the cyberattack is still unknown and state cybersecurity services are working to identify the perpetrators.
- Poland has previously reported being the most attacked country in the European Union, with Russia being attributed as the source of many incidents.
Read Full Article
23 Likes
Securityaffairs
4w
199
Image Credit: Securityaffairs
Mass exploitation campaign hit 4,000+ ISP networks to deploy info stealers and crypto miners
- A mass exploitation campaign originating from Eastern Europe has targeted ISPs in China and the U.S. West Coast.
- The threat actors gain access through weak credential brute-force and deploy info stealers and crypto miners.
- The malware disables remote access and uses PowerShell to drop binaries and disable security features.
- The campaign focuses on ISPs in China and the U.S. West Coast, and the malware sends data to its C2 server via a Telegram bot.
Read Full Article
11 Likes
Cybersecurity-Insiders
4w
164
Image Credit: Cybersecurity-Insiders
How to Prevent a Second Cyber Attack After the First: A Guide to Strengthening Your Cybersecurity Post-Breach
- Cyberattacks have become a significant threat to businesses and individuals, with the risk of a second attack looming after an initial breach.
- To prevent a second cyberattack, swift action, and comprehensive cybersecurity measures are crucial post-breach.
- Steps to prevent a second cyberattack include assessing the damage, identifying vulnerabilities, and understanding the attack vector.
- Key strategies after a cyberattack involve strengthening passwords, implementing MFA, and reviewing user access controls.
- Regularly updating and patching software, enhancing network security, and monitoring suspicious activities are essential to prevent further breaches.
- Educating employees on cybersecurity best practices, developing an incident response plan, and backing up data are critical measures post-cyberattack.
- A proactive cybersecurity approach, including continuous monitoring and testing, is vital in preventing second cyberattacks and future breaches.
- By adopting a multi-layered security approach and fostering a culture of awareness and preparedness, organizations can fortify their systems against cyber threats.
- Maintaining reliable backups and having a well-defined incident response plan are key components in safeguarding against the devastating impacts of cyberattacks.
- In conclusion, learning from past cyberattacks and implementing robust cybersecurity measures are essential to protect organizations and mitigate the risks of subsequent cyber threats.
Read Full Article
9 Likes
TechCrunch
4w
17
Image Credit: TechCrunch
Lee Enterprises ransomware attack hits freelance and contractor payments
- The ransomware attack on Lee Enterprises is affecting payments to freelancers and contractors.
- The cyberattack, which started on February 3, has caused disruptions and delays at several newspapers in the US.
- Freelancers and contractors working for Lee Enterprises have yet to receive payment, causing uncertainty and anxiety.
- Lee Enterprises has confirmed the attack impacted its distribution, billing, collections, and vendor payments.
Read Full Article
1 Like
Securityaffairs
4w
199
Image Credit: Securityaffairs
U.S. Authorities recovered $31 Million Related to 2021 Uranium Finance cyber heist
- U.S. authorities have recovered $31 million in cryptocurrency stolen during the 2021 cyberattacks on Uranium Finance.
- Uranium Finance is a decentralized finance (DeFi) protocol built on Binance’s BNB Chain.
- The cyberattacks on Uranium Finance exploited smart contract flaws, resulting in theft and money laundering.
- US authorities, with the help of TRM Labs, successfully tracked and seized $31 million in stolen assets.
Read Full Article
12 Likes
Hackernoon
4w
252
Image Credit: Hackernoon
AI-Powered Phishing Scams Are Evolving—Here’s How Businesses Can Fight Back
- Phishing has become a major security concern for businesses, with AI-enhanced attacks posing significant risks.
- Gartner's survey highlighted AI-based cyber threats as top emerging risks, emphasizing the need for protective measures.
- To combat AI phishing, using AI for defense is essential, as stated by analyst Zeus Kerravla.
- AI phishing attacks utilize personalization to deceive targets effectively, making them harder to detect.
- Various evolving phishing trends like Quishing, 2-Step Phishing, Smishing, and BitB phishing pose serious threats.
- Businesses must educate employees on spotting phishing red flags and implement safeguards like end-user training.
- End-users should be cautious of QR code phishing, 2-step phishing techniques, and browser-in-the-browser attacks.
- Implementing stringent policies, staying informed on cyber threats, and using security tools are crucial preventive measures.
- Creating unique identification methods like safe words or codes can help verify authenticity and combat phishing risks.
- AI tools like GenAI can enhance cybersecurity training and detection to mitigate the evolving threat landscape.
Read Full Article
15 Likes
Eu-Startups
4w
323
Cybersecurity for the quantum era: QI raises €9.5 million for secure communications
- Vienna-based startup Quantum Industries GmbH (QI) raised €9.5 million in a Seed financing round for quantum secure communications.
- The round was led by Sparring Capital Partners, Findus Venture, and KGAL, focusing on infrastructure investments.
- QI specializes in quantum cryptography and aims to provide secure and efficient cryptographic solutions backed by science.
- The funding will enable QI to commercialize its technology and provide critical infrastructure with secure communication solutions.
Read Full Article
19 Likes
Securityaffairs
4w
350
Image Credit: Securityaffairs
Qilin ransomware gang claimed responsibility for the Lee Enterprises attack
- The Qilin ransomware group claimed responsibility for the recent cyberattack on Lee Enterprises, stealing 350GB of data.
- Lee Enterprises, Inc. is a publicly traded American media company with 79 newspapers in 25 states.
- Qilin ransomware gang threatened to leak the stolen data on March 5.
- Qilin is a Russian-speaking cybercrime group operating a Ransomware-as-a-Service (RaaS) model since 2022.
Read Full Article
21 Likes
Securityaffairs
4w
244
Image Credit: Securityaffairs
Security Affairs newsletter Round 513 by Pierluigi Paganini – INTERNATIONAL EDITION
- Ransomware gangs exploited a Paragon Partition Manager BioNTdrv.sys driver zero-day.
- Microsoft disrupted a global cybercrime ring abusing Azure OpenAI Service.
- Enhanced capabilities sustain the rapid growth of Vo1d botnet.
- China-linked threat actors stole 10% of Belgian State Security Service's staff emails.
- Criminal group UAC-0173 targets the Notary Office of Ukraine.
- DragonForce Ransomware group targeted Saudi Arabia.
- New Ghostwriter campaign targets Ukrainian Government and opposition activists in Belarus.
- GitVenom campaign targets gamers and crypto investors posing as fake GitHub projects.
- Lazarus APT stole $1.5B from Bybit, the largest cryptocurrency heist ever.
- Australia bans Kaspersky over national security concerns.
Read Full Article
14 Likes
Cryptopotato
4w
200
Image Credit: Cryptopotato
Binance Users Targeted in Latest SMS Spoofing Scam
- Several Binance users have fallen victim to an SMS spoofing attack.
- Phishing texts disguised as legitimate Binance communications were sent to users.
- Users were tricked into setting up a SafePal wallet and transferring their assets for investigation.
- The incident occurred shortly after the Bybit hack, and phishing scams remain a significant threat to crypto users.
Read Full Article
12 Likes
Securityaffairs
4w
400
Image Credit: Securityaffairs
Ransomware gangs exploit a Paragon Partition Manager BioNTdrv.sys driver zero-day
- Microsoft warns of a Paragon Partition Manager BioNTdrv.sys driver zero-day flaw actively exploited by ransomware gangs in attacks.
- The IT giant reported that one of the discovered vulnerabilities (CVE-2025-0289) is currently being exploited by ransomware groups in zero-day attacks.
- Paragon Software has released an update (BioNTdrv.sys v2.0.0) to address the vulnerabilities.
- Users are advised to update Paragon Partition Manager and enable Windows' Vulnerable Driver Blocklist for protection.
Read Full Article
24 Likes
For uninterrupted reading, download the app