A naukri.com initiative
Cyber Security News
Secureerpinc
1M
40
Image Credit: Secureerpinc
Massive Cyberattack Leaves Thousands of Domains Exposed
- Massive cyberattacks have continued to cause problems for businesses online, infiltrating thousands of domains.
- Domain hijackers exploit vulnerabilities, steal login credentials, and manipulate DNS settings.
- Over 70,000 registered domain owners, including big brands and government entities, have been affected.
- Proactive measures, such as using separate hosting providers and avoiding weak DNS registrars, are recommended for protection.
Read Full Article
2 Likes
Wired
1M
71
Image Credit: Wired
She Was a Russian Socialite and Influencer. Cops Say She’s a Crypto Laundering Kingpin
- Ekaterina Zhdanova, a Russian socialite and entrepreneur, has allegedly been running a crypto money-laundering operation used by Russian oligarchs, ransomware gangs, and other criminals. She has now been hit with economic sanctions by the US government. Zhdanova has acted as the head of a sophisticated money-laundering network that swaps cash for cryptocurrency, using a broker in the United Arab Emirates, which has positioned itself as friendly to cryptocurrencies. The two alleged money-laundering networks—Smart Group, which officials say Zhdanova runs, and TGR Group, have their tentacles in more than 30 locations.
- The Smart Group is at the top of the funnel, dealing with money from Russians, plus directing cash exchanges involved in the layering, while TGR companies are often involved in integration. Investigators say the network uses Tether stable coin frequently, which is under investigation by the US government for the cryptocurrency’s potential to be used in money laundering and sanction violations.
- Since Russia’s full-scale invasion of Ukraine more than 1,000 days ago, the country’s economy has been hit by sanctions—and cryptocurrency payments are banned domestically. Money laundering plays a large role in getting around economic sanctions. By its very design, laundering is vastly complex and deceptive—and that can be exaggerated when crypto is used. Vast sums of crypto being shuttled between digital wallets can be traced, but it is not as blatant as stuffing thousands of bank notes into gym bags.
- The two money-laundering networks are helping Russian elites to use their money outside of Russia and are perfect for evading sanctions. The UK and London, in particular, have long been a home to dirty money and laundering, with cryptocurrencies apparently increasingly being linked to cash in the capital. Operation Destabilise has led to 84 arrests, with more than £20 million of cash and crypto being seized by UK law enforcement. More than 30 locations are involved.
- Investigators believe Zhdanova may have split time in recent years between Russia and the UAE. A review of available material from data breaches provided by Constella Intelligence shows Zhdanova’s Gmail address, which was previously published by OFAC, is the last seven digits of her phone number, and is linked to a Telegram account called Smart Group.
- George Rossi and TGR are allegedly involved in integrating money into financial networks. OFAC announced sanctions against the founder, as well as Elena Chirkinyan and Andrej Bradens, both of whom work for TGR—Chirkinyan is described as Rossi’s 'second in command.' Both networks have copied techniques from traditional laundering processes, but using crypto means they don’t have to worry about banks detecting the activity and freezing payments.
- Over a 74-day period, Semen Kuksov and Andrii Dzektsa helped launder £12.3 million, while investigators followed a van from Kensington, in London. Bags removed from it contained more than £200,000. Over the course of the same week, two addresses contained around £800,000 in cash.
- The Smart Group, allegedly run by Zhdanova, coordinates with cash handlers in European cities. The network could arrange for Russian cybercriminals with cryptocurrency to exchange it for cash held by a drug gang in the UK before the money is further laundered. 'What TGR will do is provide an interface to be able to take illicitly generated cash and put it into the legitimate banking system,' says Will Lyne, head of cyber intelligence at the NCA.
- While both TGR and the Smart Group are separate but linked entities, there may be times where they work together using 'each other’s specific capabilities' for those they work on behalf of, a senior NCA official reveals.
- The UK, and London in particular, have long been a home to dirty money and laundering, with cryptocurrencies increasingly linked to cash in the capital. More arrests have taken place and the risk of laundering has risen. With Zhdanova in French custody and legal cases ongoing, many details about the total money movements in recent years remain unknown.
Read Full Article
4 Likes
Cybersecurity-Insiders
1M
174
Image Credit: Cybersecurity-Insiders
Satellite receivers enriched with DDoS Attack functionality led to CEO Arrests
- Two South Korean companies manufacturing satellite receivers were found to have equipped their devices with DDoS attack capabilities.
- Arrest warrants have been issued for the CEOs of these companies, following investigations by the South Korean government.
- The companies delivered approximately 240,000 satellite receivers, with over 98,560 devices already integrated with DDoS functionality.
- Some of the compromised devices were sold to broadcasting companies in developed countries, and the investigation is ongoing.
Read Full Article
10 Likes
Securityaffairs
1M
13
Image Credit: Securityaffairs
Veeam addressed critical Service Provider Console (VSPC) bug
- Veeam addressed a critical vulnerability in Service Provider Console (VSPC) that could allow remote attackers to execute arbitrary code.
- The vulnerability affects Veeam Service Provider Console 8.1.0.21377 and all earlier versions 8 and 7 builds.
- Veeam also addressed another vulnerability that could be exploited to leak an NTLM hash of the VSPC server service account and delete files on the VSPC server machine.
- Both vulnerabilities have been addressed in version 8.1.0.21999 and organizations are recommended to upgrade to the latest version of the software.
Read Full Article
Like
Tech Radar
1M
421
Image Credit: Tech Radar
Ransomware attack forces US government contractor ENGlobal to shut down some operations
- US government contractor ENGlobal Corporation has been hit by a ransomware attack, forcing the shutdown of parts of its infrastructure.
- The attack was detected on November 25, 2024, and a preliminary investigation revealed that a threat actor illegally accessed and encrypted some of the company's data files.
- ENGlobal has taken steps to contain the incident, including engaging external cybersecurity specialists and restricting access to its IT system.
- The company's full access to its IT system remains uncertain, and the financial impact of the attack is yet to be determined.
Read Full Article
25 Likes
TechCrunch
1M
49
Image Credit: TechCrunch
Ransomware hackers target NHS hospitals with new cyberattacks
- Ransomware hackers continue to target NHS hospitals across the UK, compromising multiple hospitals, exposing patient data, and disrupting emergency services.
- Inc Ransom, a Russia-linked ransomware group, claims to have breached Alder Hey Children's Hospital Trust and stolen patient records, donor reports, and procurement data.
- Alder Hey confirmed the cybersecurity incident and stated that investigations are ongoing to determine if confidential data has been obtained.
- Wirral University Teaching Hospital, located near Alder Hey, has also been targeted, forcing the hospital to declare a 'major incident' and causing ongoing disruptions.
Read Full Article
2 Likes
TechCrunch
1M
372
Image Credit: TechCrunch
Business leaders among Pegasus spyware victims, says security firm
- A security firm has revealed that business leaders, including the leader of a major company, were targeted with the Pegasus spyware.
- This highlights the misuse of spyware typically used by governments for commercial espionage.
- The iVerify app detected evidence of compromise on seven iPhones, some running newer versions of iOS, out of 2,500 users who scanned for spyware.
- There are concerns about the reuse of spyware exploits by government-backed hackers, such as the China-backed hacking group Salt Typhoon.
Read Full Article
22 Likes
Siliconangle
1M
210
Image Credit: Siliconangle
$2B secondary funding gives Veeam $15B valuation on path to IPO
- Veeam Software Group announced a new $2 billion investment with about the same valuation of Commvault Systems Inc. and Rubrik Inc. combined.
- The firm's valuation now stands at $15 billion.
- The oversubscribed funding round was led by TPG.
- TPG was joined by other investors including Temasek, & Neuberger Berman Capital Solutions.
- Having well-capitalized investors will help Veeam grow and become more profitable.
- The funding is a great validation as investors conducted a 'massive independent analysis' of the company before investing.
- Veeam's growth is attributed to four key reasons: a best-in-class product, the strength of its ecosystem, a unique balance of scale, growth and profitability, and the people who work there.
- Veeam expects to finish 2024 with more than $1.7 billion in annualized recurring revenue, 29% EBITDA, rapidly expanding enterprise sales, and 129% subscription net dollar retention from enterprise sales.
- Veeam is focused on delivering backup-as-a-service solutions through Veeam Data Cloud.
- Veeam's leadership is bullish on the capabilities of Veeam Data Cloud which should create the next wave of Veeam's growth.
Read Full Article
12 Likes
Tech Radar
1M
22
Image Credit: Tech Radar
US Government says Salt Typhoon still lurks on telecoms networks, shares some top tips to stay protected
- The US Cybersecurity and Infrastructure Security Agency (CISA) warns that Salt Typhoon, a Chinese state-sponsored threat actor, is still present on telecoms networks.
- CISA released guidelines to help organizations defend against Salt Typhoon and other similar threats.
- Salt Typhoon is part of a wider campaign that targets critical infrastructure and engages in cyber-espionage.
- The guidance advises strengthening network visibility, hardening systems and devices, and prioritizing secure-by-design configurations.
Read Full Article
1 Like
TechCrunch
1M
94
Image Credit: TechCrunch
Linux Foundation report highlights the true state of open-source libraries in production apps
- The Linux Foundation has released a report on the state of open-source libraries in production apps.
- The report relies on data collected from software composition analysis tools deployed at over 10,000 companies.
- It highlights the increasing adoption of Rust for memory-safe programming.
- The report also points out security concerns related to Python 2 and lack of standardized naming for components.
Read Full Article
5 Likes
TechCrunch
1M
143
Image Credit: TechCrunch
Axiado claims its chip can prevent cyberattacks
- Axiado, a startup specializing in security chips and apps, claims to provide end-to-end digital infrastructure security.
- Their chip authenticates boot-level updates and checks the integrity of the boot sequence, protecting against boot-level attacks.
- The chip also handles runtime security for software, apps, and workloads post-boot.
- Axiado has recently launched a system that dynamically adjusts data center cooling using their chip and raised $60 million in a Series C funding round.
Read Full Article
8 Likes
Dev
1M
152
Image Credit: Dev
Part 10: Cross-Site Scripting (XSS) Series - The Future of XSS: Evolving Techniques and Defenses.
- Cross-Site Scripting (XSS) remains a prevalent and evolving threat in web application security. In this final part of the series, the future of XSS, evolving techniques in XSS attacks, targeted attacks, and bypassing modern defenses are explored.
- Evolving Techniques in XSS Attacks: Advanced payloads, encoding and obfuscation, mutation XSS, and persistent DOM-based XSS are discussed.
- Targeted Attacks: Third-party libraries and dependencies, IoT and embedded devices, and API and mobile app XSS are highlighted.
- Bypassing Modern Defenses: CSP bypasses through improper configuration and subdomain takeovers are covered.
Read Full Article
9 Likes
TechCrunch
1M
148
Image Credit: TechCrunch
Tuskira unifies and optimizes disparate cybersecurity tools
- Tuskira is a platform founded to unify and optimize disparate cybersecurity tools.
- The platform looks for vulnerabilities and misconfigurations in a firm's security stack, providing comprehensive analyses.
- Tuskira aims to reduce attacker dwell time and strengthen defenses proactively, offering a more efficient solution compared to competitors.
- Tuskira recently closed a $28.5 million funding round co-led by Intel Capital and SYN Ventures.
Read Full Article
8 Likes
Silicon
1M
390
Image Credit: Silicon
Telegram Joins Child Safety Scheme
- The Telegram messenger app has partnered with the Internet Watch Foundation (IWF) to proactively prevent child sexual abuse imagery from being spread in public parts of its platform.
- Previously, encrypted apps like Telegram and Discord were used by criminals to peddle illegal content, including child sexual abuse material (CSAM). Telegram has now agreed to work with IWF to stop the spread of CSAM.
- Telegram had previously refused to join official schemes citing their strict privacy stance against the sharing of confidential data with government entities and resisted other governments’ attempts to weaken end-to-end encryption or provide access to people’s messages.
- For the first time, Telegram will use tools and data from the UK’s Internet Watch Foundation (IWF) along with its own to detect, disrupt, remove, and block child sexual abuse imagery.
- Telegram will use a range of IWF services, including taking IWF “hashes” to spot when criminal content is being shared in public parts of the site to instantly block it.
- Telegram has stated that when reported, child abuse images are usually processed within one hour.
- The IWF has confirmed thousands of reports of child sexual abuse imagery on Telegram including category A imagery, the most severe kinds of child sexual abuse, and imagery involving children younger than two years old.
- Telegram removes hundreds of thousands of child abuse materials each month, relying on reports, proactive moderation which includes AI, machine learning and hash-matching.
- Telegram had previously refused to comply with demands by Russia’s FSB Federal Security Service which wanted access to some messages.
- Dubai-based Telegram is said to be the most popular instant messaging application in parts of Europe, Asia, and Africa.
Read Full Article
23 Likes
AllTopStartups
1M
35
Image Credit: AllTopStartups
How Can Early AI Security Standards Protect Businesses From Cyber Threats?
- The rise of AI has brought new vulnerabilities and cyber threats to businesses.
- Organizations like ISO and NIST are developing early AI security standards to protect businesses.
- ISO/IEC 42001 focuses on risk management and governance for secure AI adoption.
- The NIST AI Risk Management Framework addresses technical and organizational risks.
Read Full Article
2 Likes
For uninterrupted reading, download the app