A naukri.com initiative
Cyber Security News
Securityaffairs
4w
192
Image Credit: Securityaffairs
DOJ moves to seize $7.74M in crypto linked to North Korean IT worker scam
- The US Department of Justice (DoJ) has filed a civil forfeiture complaint to seize $7.74 million in crypto connected to North Korean fake IT worker schemes.
- The frozen assets include cryptocurrency, NFTs, and other digital assets tied to the indictment of North Korean Foreign Trade Bank representative Sim Hyon Sop.
- North Korean IT workers obtained illegal employment to amass millions in cryptocurrency, evading US sanctions.
- These workers used fake IDs and deceptive tactics to hide their identities while gaining remote jobs in blockchain firms, paid in stablecoins unknowingly supporting North Korea's revenue stream.
- Illicit gains were laundered through various means and funneled back to the regime, including using US accounts to mask their origins.
- The US authorities unsealed charges against individuals aiding overseas IT workers to defraud US companies, with North Korea dispatching IT workers globally using stolen US identities.
- The operations financed North Korea's illicit nuclear program, highlighting the country's exploitation of global remote IT contracting and cryptocurrency ecosystems to circumvent sanctions.
- Several arrests were made, including Christina Marie Chapman and Oleksandr Didenko, facing charges related to fraud, money laundering, and unlawful employment.
- Additionally, Matthew Isaac Knoot was arrested for aiding North Korean IT workers, hosting company laptops and laundering payments, contributing to North Korea's illicit weapons program.
- Knoot and his associates caused targeted companies over $500,000 in costs. If convicted, Knoot could face a maximum of 20 years in prison.
Read Full Article
11 Likes
TechDigest
4w
184
Image Credit: TechDigest
M&S food sales growth stalls following cyber attack disruption
- Marks & Spencer's food sales growth has been impacted by a cyber attack in April, with a significant slowdown in sales.
- Spending in M&S food halls rose by only 0.8% in the four weeks to May 17 compared to a year earlier, down from 11% growth over the previous 12 months.
- The cyber incident by the group 'Scattered Spider' led to disrupted online orders, food deliveries, and caused a slip in M&S market share to 3.3% from 3.6%.
- M&S has estimated a £300 million profit loss due to the attack, with ongoing IT system restorations expected to continue until July. However, analysts anticipate a bounce back once issues are resolved.
Read Full Article
10 Likes
TechCrunch
4w
321
Image Credit: TechCrunch
Paragon says it canceled contracts with Italy over government’s refusal to investigate spyware attack on journalist
- Spyware maker Paragon canceled contracts with Italy over the government's refusal to investigate a journalist's spyware attack.
- Paragon claims it offered a solution for Italy to determine if its system was used against the journalist but terminated contracts when Italian authorities did not proceed with it.
- The Italian government rebuffed Paragon's remarks, stating the decision to suspend and terminate the contract was mutual, citing concerns over national security and confidentiality.
- The spyware scandal involves Paragon, WhatsApp, and Italian intelligence agencies, with ongoing investigations and disputes regarding targeted individuals and their activities.
Read Full Article
19 Likes
Tech Radar
4w
4
Image Credit: Tech Radar
Dangerous new MacOS malware is targeting Apple users everywhere - here's what you need to know
- Russian threat actors are using the ClickFix method to steal passwords and drop infostealer malware on macOS targets.
- CloudSek researchers found spoofed websites mimicking Spectrum to trick visitors into running malicious commands on their devices.
- The attackers prompt victims to go through a fake verification process and then run a command that delivers the malware that steals sensitive data.
- The campaign is attributed to Russian-speaking cybercriminals, targeting both consumer and corporate users through social engineering attacks.
Read Full Article
Like
Infoblox
4w
210
Image Credit: Infoblox
Encrypted DNS + Protective DNS = ?
- Encrypted DNS and Protective DNS are being likened to the combination of chocolate and peanut butter, offering enhanced security measures for DNS communication.
- Encrypted DNS addresses the vulnerability of communications between DNS stub resolvers and recursive DNS servers by encrypting traffic, preventing snooping and spoofing.
- Protective DNS allows administrators to apply policies to prevent the resolution of malicious or suspicious domain names, providing a universal layer of protection for internet-connected devices.
- Microsoft has integrated Encrypted DNS and Protective DNS to create a Zero Trust security solution called ZTDNS, which ensures that Windows DNS clients can only query authorized servers and send traffic to vetted destinations.
Read Full Article
12 Likes
TechCrunch
4w
299
Image Credit: TechCrunch
Major US grocery distributor warns of disruption after cyberattack
- United Natural Foods (UNFI), a major distributor of groceries, was hit by a cyberattack, leading to disruptions in fulfilling and distributing customer orders.
- UNFI became aware of unauthorized access to its IT systems last Thursday, prompting the shutdown of parts of its network.
- The company is implementing workarounds to continue servicing customers, but the intrusion has caused ongoing disruptions in its business operations.
- The cyberattack at UNFI is the latest in a series affecting the retail and grocery supply chain, with no timeline provided for system recovery.
Read Full Article
18 Likes
Tech Radar
4w
125
Image Credit: Tech Radar
Microsoft moves to stop Indian fake tech support scams - make sure you stay protected
- Indian and Japanese law enforcement, with the help of Microsoft's Digital Crimes Unit, arrested six individuals in a major financial fraud operation targeting elderly Japanese victims.
- Raids were conducted at 19 locations in India, resulting in the seizure of equipment including computers, storage devices, and phones used in tech support scams.
- The cybercriminal operation, known as Chakra V, involved fake pop-ups tricking individuals into calling a fake Microsoft support number to fix non-existent computer issues.
- The scammers used generative AI to scale their operations and target victims, highlighting the need for global collaboration to combat cybercrime.
Read Full Article
7 Likes
Secureerpinc
4w
424
AI-Powered Phishing Scams Are Smarter Than Ever
- AI-powered phishing attacks are on the rise, becoming more convincing and effective, fooling even cautious employees.
- Generative AI enables cybercriminals to create personalized, professionally crafted phishing emails at scale, making them harder to detect.
- AI-powered phishing attacks pose a serious challenge to businesses by personalizing emails, mimicking internal language, and bypassing spam filters.
- To protect against sophisticated phishing attacks, businesses should focus on employee education, upgrading security tools, establishing clear reporting protocols, and verifying unexpected requests.
Read Full Article
25 Likes
Tech Radar
4w
219
Image Credit: Tech Radar
Popular NPM packages with over a million downloads hit by malware
- 17 NPM packages with more than a million weekly downloads were compromised to deliver a RAT, potentially impacting a vast number of users.
- Cybersecurity experts warn of a possible major supply chain attack as malicious code was discovered in popular Gluestack packages.
- The affected packages, including @react-native-aria and @gluestack-ui, have been deprecated, but users are advised to remain cautious.
- Access tokens were revoked by Gluestack to prevent further harm, and the compromised tools are marked as deprecated on NPM.
Read Full Article
13 Likes
TechCrunch
4w
281
Image Credit: TechCrunch
Google fixes bug that could reveal users’ private phone numbers
- Google fixed a bug that could reveal users' private recovery phone numbers.
- The bug was discovered by a security researcher and reported to Google in April.
- The bug exploit involved an 'attack chain' to obtain the recovery phone number of a Google account.
- Google confirmed fixing the bug and rewarded the researcher with a $5,000 bug bounty.
Read Full Article
16 Likes
Wired
4w
59
Image Credit: Wired
A Researcher Figured Out How to Reveal Any Phone Number Linked to a Google Account
- A cybersecurity researcher was able to uncover phone numbers linked to Google accounts, which is typically private information.
- The vulnerability that allowed this has been fixed, but it posed a significant privacy risk as even hackers with limited resources could access personal data.
- The researcher, known as brutecat, used a process of brute forcing to reveal phone numbers, which can facilitate SIM swapping attacks.
- Google has acknowledged and addressed the issue, emphasizing the importance of collaboration with the security research community.
Read Full Article
3 Likes
TechDigest
4w
259
Image Credit: TechDigest
UK leads world in demanding emergency data from Big Tech
- The UK has emerged as a global leader in demanding user data from major tech companies like Apple, Google, Meta, and Microsoft.
- A report by cybersecurity firm Surfshark shows that the UK makes a high number of requests for urgent data in emergencies compared to other countries.
- The UK ranks fifth globally in overall data demands with 542,755 requested accounts and ranks fourth in the density of requests, significantly higher than the global average.
- The UK leads in emergency data requests, accounting for 26% of such requests globally since 2013, raising concerns about potential abuse of these practices for mass surveillance.
Read Full Article
15 Likes
Hitconsultant
4w
313
Image Credit: Hitconsultant
Healthcare’s Cybersecurity Overhaul: Navigating the New Federal Security Standards for Hospitals
- Proposed updates to federal healthcare cybersecurity standards aim to enhance security in response to advanced cyber threats, introducing measures such as encryption, multifactor authentication, and security audits.
- The regulations mark a significant update to HIPAA's Security Rule and address emerging technologies like AI, quantum computing, and virtual reality.
- After the comment period closed on the proposed rule, the healthcare industry awaits the outcome while facing urgent cybersecurity challenges.
- The cost of complying with the new standards is estimated at $9 billion for the first year and $6 billion annually for years two through five.
- Smaller hospitals may struggle to meet the new standards due to limited IT resources and financial constraints.
- Healthcare systems can enhance their IT capabilities by implementing staff augmentation strategies, leveraging managed service providers, health IT consultants, and freelance talent.
- Advanced tools like AI-driven threat detection systems and encryption technologies play a crucial role in strengthening cybersecurity and ensuring compliance.
- Effective program management, regular security audits, and realistic testing scenarios are essential for smooth implementation and adherence to the new regulations.
- Having robust disaster recovery plans with data backup strategies and system restoration procedures is critical to maintaining continuity during cyber incidents.
- Dr. Scott Schell, a seasoned healthcare executive, emphasizes the importance of adapting to the evolving cybersecurity landscape to protect patient information and optimize healthcare services.
Read Full Article
18 Likes
Tech Radar
4w
165
Image Credit: Tech Radar
Cyberattacks on smartphones hit new high - here's how to stay safe
- Mobile malware attacks targeting Android users, including banking trojans and infostealers, are increasing, according to Kaspersky.
- Kaspersky detected a 27% increase in malware samples, totaling 180,000 in Q4 2024, with over 12 million smartphone users affected.
- The Mamont banking trojan and the Triada backdoor have been highlighted as active threats, with attacks targeting users in Turkey as well.
- Kaspersky advises users to download apps only from official stores after checking reviews, permissions, and to regularly update their OS and apps for security.
Read Full Article
9 Likes
Lastwatchdog
4w
223
Shared Intel Q&A: Can risk-informed patching finally align OT security with real-world threats?
- Cyber threats are increasing for the U.S. electric grid, with attackers becoming more persistent and creative in targeting utility networks and operational technology systems.
- Current compliance-centric models often fail to address real risks faced by utility companies.
- Bastazo co-founder Philip Huff criticizes NERC's patching requirement for prioritizing compliance over actual security risks.
- Bastazo advocates for risk-informed patching, utilizing vulnerability intelligence, AI, and contextual awareness to prioritize exploitable risks.
- As utilities face pressure to enhance cybersecurity, Bastazo offers an alternative to checkbox compliance, aiming to focus on reducing real risks.
- Huff emphasizes the need to move towards intelligent, risk-based patching to improve both security and reliability.
- Risk-informed remediation ensures a balance between acceptable risk levels and feasible remediation efforts within utilities.
- Utilities tend to prioritize compliance due to immediate penalties rather than cybersecurity threats, hindering the shift towards risk-informed approaches.
- Integrating AI into OT patching requires verification and transparency to mitigate new risks effectively.
- Bastazo distinguishes itself by offering actionable remediation beyond asset inventory and vulnerability scoring in OT security.
Read Full Article
13 Likes
For uninterrupted reading, download the app