menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Cyber Crime News

Cyber Crime News

source image

Securityaffairs

3w

read

252

img
dot

Image Credit: Securityaffairs

Russian group RomCom exploited Firefox and Tor Browser zero-days to target attacks Europe and North America

  • The Russian RomCom group exploited Firefox and Tor Browser zero-day vulnerabilities in attacks on users in Europe and North America.
  • The first zero-day, tracked as CVE-2024-9680, is a use-after-free issue in Firefox Animation Timelines.
  • The second zero-day, CVE-2024-49039, is a Windows Task Scheduler privilege escalation flaw.
  • RomCom used the vulnerabilities to deploy a backdoor on victims' systems through a fake website.

Read Full Article

like

15 Likes

source image

Cybersecurity-Insiders

4w

read

225

img
dot

Image Credit: Cybersecurity-Insiders

How to Defend Against Thanksgiving and Black Friday Online Cyber Attacks

  • The holiday shopping season is a prime opportunity for cybercriminals to launch various online attacks.
  • Multi-Factor Authentication (MFA) provides extra protection by requiring users to provide at least two forms of verification.
  • Consumers and businesses should implement a strong password policy to prevent credential stuffing attacks.
  • Phishing attacks are common during high-traffic shopping periods like Black Friday and Thanksgiving.
  • Securing the website with HTTPS and SSL encryption helps protect sensitive data like credit card information.
  • Regular software updates are crucial to maintaining a secure online environment.
  • Retailers and e-commerce businesses should set up fraud detection and prevention systems to identify suspicious transactions.
  • Distributed Denial of Service (DDoS) attacks are common during busy shopping days.
  • Educating both employees and customers about potential cyber threats is a crucial step in preventing cyber attacks.
  • Following these defensive measures can reduce the risk and enjoy a safer holiday shopping experience.

Read Full Article

like

13 Likes

source image

Securityintelligence

4w

read

4

img
dot

Image Credit: Securityintelligence

What’s up India? PixPirate is back and spreading via WhatsApp

  • PixPirate is a remote access tool (RAT) malware campaign that recently began infecting users in India via Smishing campaigns and WhatsApp spam messages from infected users.
  • The newer campaign uses a downloader application that prompts the target victim to update the application and install other untrusted apps, which installs the PixPirate droppee malware.
  • Although no Indian banks are targeted specifically by PixPirate, the malware seems to be laying the groundwork for future campaigns in the country.
  • The new campaign includes a new version of the downloader that uses a YouTube video to show targets how to install the malware, which has already been viewed over 78,000 times.
  • The downloader app supports PixPirate's incognito mode that allows the malware to sustain long periods on the victim's device.
  • The malware is activated by the downloader using an API command to find the related droppee app activity holding specific unique action items
  • WhatsApp is an integral part of PixPirate's operations and is used to spread the malware and infect other victims and devices. The malware can disguise itself and read contact lists and block and unblock WhatsApp user accounts.
  • WhatsApp messages are more reliable than SMS messages and tend to be sent from a known contact, which lowers a victim's awareness and makes malicious messages more effective.
  • The long-term consequences of a successful PixPirate infection can be significant and should not be minimized by banks, financial institutions, and businesses.
  • IOCs: Downloader SHA256: 1196c9f7102224eb1334cef1b0b1eab070adb3826b714c5ebc932b0e19bffc55, Droppee SHA256: d723248b05b8719d5df686663c47d5789c323d04cd74b7d4629a1a1895e8f69a.

Read Full Article

like

Like

source image

Cybersecurity-Insiders

4w

read

164

img
dot

Image Credit: Cybersecurity-Insiders

Fancy Bear Threat Actor launches Nearest Neighbor Cyber Attacks

  • Fancy Bear, a threat actor associated with Russian intelligence agencies, is using proximity-based attacks, dubbed Nearest Neighbor attacks, to compromise organisations's networks located near a primary target in order to gain unauthorised access to another entity.
  • These attacks were first launched in February 2022 in Ukraine followed by public and private entities in the US. APT actors monitoring group Volexity has kept Russian-linked groups under surveillance, as it views them as one of the most active and dangerous groups operating today.
  • The success of these attacks largely depends on the security measures in place at the target organizations, with credential-stuffing attacks having a higher chance of success when the victim organizations do not employ Multi-Factor Authentication (MFA).
  • Fancy Bear has historically used a variety of tools and techniques to infiltrate networks and steal sensitive data. Its targets have ranged across multiple countries and sectors such as the Democratic National Committee, TV5Monde media outlet and the White House.
  • The new wave of Nearest Neighbor attacks represents a dangerous escalation in cyber warfare tactics, adding a new layer of complexity surrounding cybersecurity defenses to keep pace with evolving threats.
  • Fancy Bear’s latest tactics demonstrate a shift in how cyber threats are carried out by focusing not just on the target organisation itself, but also exploiting nearby networks to facilitate a chain of attacks.
  • As a result, it’s imperative for organizations, both large and small, to adopt comprehensive security strategies that include measures such as Multi-Factor Authentication and network segmentation to minimize the risk of falling victim to these increasingly sophisticated attacks.

Read Full Article

like

9 Likes

source image

Securityaffairs

4w

read

226

img
dot

Image Credit: Securityaffairs

The source code of Banshee Stealer leaked online

  • The source code of Banshee Stealer, a MacOS Malware-as-a-Service, leaked online.
  • Russian hackers promoted BANSHEE Stealer, a macOS malware capable of stealing browser data and crypto wallets.
  • BANSHEE Stealer supports evasion techniques, checks for debugging and virtualization, and targets multiple browsers.
  • After the source code leak, the operators shut down their operations.

Read Full Article

like

13 Likes

source image

Securityaffairs

4w

read

319

img
dot

Image Credit: Securityaffairs

Thai police arrested Chinese hackers involved in SMS blaster attacks

  • Thai police arrested Chinese hackers involved in SMS blaster attacks
  • Fraud gangs in Bangkok were arrested for conducting SMS blaster attacks.
  • The attackers used fake cell towers to send malicious SMS messages to nearby phones.
  • Thai authorities discovered call center gangs using fake '02' numbers for scams and fraudulent investments.

Read Full Article

like

19 Likes

source image

Securityaffairs

4w

read

155

img
dot

Image Credit: Securityaffairs

Zyxel firewalls targeted in recent ransomware attacks

  • Zyxel warns that a ransomware group has been observed exploiting a recently patched command injection issue in its firewalls.
  • Remote, unauthenticated attackers could exploit the flaw to execute OS commands on vulnerable devices.
  • Zyxel addressed the vulnerability with the release of firmware version 5.39 for certain firewall models.
  • Users are advised to update admin and user account passwords for enhanced protection.

Read Full Article

like

9 Likes

source image

Pymnts

4w

read

244

img
dot

Image Credit: Pymnts

Geico and Travelers Fined $11.3 Million For NY Data Breaches 

  • Geico and Travelers fined $11.3 million for poor data security in New York.
  • Over 120,000 New Yorkers' information compromised in data breaches.
  • Geico to pay $9.75 million and Travelers to pay $1.55 million in penalties.
  • Breaches were part of an industry-wide hacking campaign.

Read Full Article

like

14 Likes

source image

TechCrunch

4w

read

301

img
dot

Image Credit: TechCrunch

Authorities catch ‘SMS blaster’ gang that drove around Bangkok sending thousands of phishing messages

  • Thai authorities announced the arrests of two fraud gangs accused of SMS blasting attacks.
  • One gang drove through Bangkok while sending hundreds of thousands of malicious SMS text messages.
  • The SMS blasting attack impersonated cellular base stations and targeted nearby cellphones.
  • The messages aimed to deceive recipients into clicking on malicious links or downloading malware.

Read Full Article

like

18 Likes

source image

TechBullion

4w

read

26

img
dot

Image Credit: TechBullion

Why Customer Data Security is a Non-Negotiable in Fintech

  • Transaction of sensitive data in the fintech sector happens quickly, making customer data security undeniably important.
  • Fintech handles vast amounts of sensitive data and is a prime target for cyberattacks, which can result in far-reaching consequences for both users and companies.
  • In the fintech sector, data security cannot be an afterthought but a central aspect of every operational decision.
  • Fintech companies should be transparent about their data protection practices to build trust and enhance customer loyalty.
  • Adopting third-party certifications and independent security audits can contribute to establishing a company's trustworthiness and commitment to accountability.
  • To create a secure environment in fintech, organizations should implement multiple layers of proactive security, which requires a cultural shift across all teams.
  • Regulatory compliance is a minimum requirement for any serious fintech provider, and company responsibility should go beyond compliance.
  • Proactive measures require a continuous improvement cycle to withstand rapidly-evolving cyber threats.
  • Educating users to recognize phishing attempts and creating strong passwords is a proactive approach to safeguarding user data.
  • Data security will remain an unwavering priority in fintech companies' product development and fostering a culture where data protection is a fundamental service offered.

Read Full Article

like

1 Like

source image

Cybersecurity-Insiders

4w

read

93

img
dot

Image Credit: Cybersecurity-Insiders

British businesses lost $55 billion from Cyber Attacks

  • UK businesses have lost a total of $55 billion (£47 billion) to cyber-attacks over the past five years.
  • Many companies are becoming more aware of the critical importance of cybersecurity and are beginning to allocate the necessary budgets to safeguard their digital assets.
  • 61% of organizations have started using antivirus solutions within their IT environments, and 55% have implemented firewalls—an increase of 30% from just four years ago.
  • The staggering $55 billion figure highlights the urgency for businesses to take cybersecurity seriously, invest in robust security frameworks, and educate their teams to prevent future cyber threats.

Read Full Article

like

5 Likes

source image

Neuways

4w

read

404

img
dot

Image Credit: Neuways

Cybersecurity Update: Over 2,000 Palo Alto Firewalls Compromised Due to Exploited Vulnerabilities

  • Hackers have exploited two zero-day vulnerabilities in Palo Alto Networks firewalls, compromising over 2,000 devices worldwide.
  • The vulnerabilities allow attackers to bypass authentication and escalate privileges.
  • The cyber attack highlights the importance of rapid vulnerability management and proactive defense strategies.
  • Palo Alto Networks advises immediate action including patching, access restriction, monitoring, and configuration review.

Read Full Article

like

24 Likes

source image

Securityaffairs

4w

read

395

img
dot

Image Credit: Securityaffairs

Malware campaign abused flawed Avast Anti-Rootkit driver

  • Threat actors exploit an outdated Avast Anti-Rootkit driver to evade detection, disable security tools, and compromise the target systems.
  • Trellix researchers discover a malware campaign that abuses a vulnerable Avast Anti-Rootkit driver to gain deeper access to the target system.
  • The malware corrupts trusted kernel-mode drivers, terminates protective processes, and compromises infected systems.
  • Organizations are advised to implement protections against attacks using vulnerable drivers.

Read Full Article

like

23 Likes

source image

Socprime

4w

read

41

img
dot

Image Credit: Socprime

BlackSuit Ransomware Detection: Ignoble Scorpius Escalates Attacks, Targets 90+ Organizations Worldwide

  • BlackSuit ransomware, operated by Ignoble Scorpius, is aggressively targeting over 90 organizations worldwide.
  • There has been a significant surge in BlackSuit ransomware activity, primarily targeting the construction, manufacturing, and education industries.
  • The ransom demands from BlackSuit typically average around 1.6% of the victim organization's annual revenue.
  • Ignoble Scorpius employs various tactics like phishing emails, software supply chain compromises, and credential harvesting to gain access.

Read Full Article

like

2 Likes

source image

Cybersecurity-Insiders

4w

read

93

img
dot

Image Credit: Cybersecurity-Insiders

Microsoft seizes websites distributing Phishing email kits

  • Microsoft has warned about a cybercrime group called ONNX Marketing Services distributing sophisticated phishing email kits.
  • The group has compromised the security of 63 networks, primarily in the banking and financial sectors.
  • They have used fraudulent websites to deceive victims and steal sensitive information.
  • Microsoft also highlighted the cyber threats posed by North Korea's cryptocurrency theft and concerns of Russia engaging in cyber warfare.

Read Full Article

like

5 Likes

For uninterrupted reading, download the app