A naukri.com initiative
Hacking News
Securityaffairs
3w
355
Image Credit: Securityaffairs
U.S. CISA adds Advantive VeraCore and Ivanti EPM flaws to its Known Exploited Vulnerabilities catalog
- U.S. Cybersecurity and Infrastructure Security Agency (CISA) adds Advantive VeraCore and Ivanti EPM flaws to its Known Exploited Vulnerabilities catalog.
- Vietnamese cybercrime group XE Group is exploiting the Advantive VeraCore vulnerabilities, deploying reverse shells and web shells for remote access.
- No real-world attacks exploiting the Ivanti EPM flaws have been reported, but PoC exploit code is available.
- CISA orders federal agencies to address these vulnerabilities by March 31, 2025.
Read Full Article
21 Likes
Securityaffairs
3w
311
Image Credit: Securityaffairs
Cybersecurity Challenges in Cross-Border Data Transfers and Regulatory Compliance Strategies
- Cross-border data transfers play a crucial role in global business operations but face cybersecurity challenges from diverse laws and cyber threats. The reliance on data movement across borders for e-commerce, cloud computing, and financial transactions exposes organizations to risks of cyberattacks and data breaches.
- The complexity arises from differing national cybersecurity policies and data protection regulations that organizations must navigate while ensuring data security in cross-border transfers. Governments have implemented stringent laws like GDPR, China's Cybersecurity Law, and the US's CLOUD Act to regulate international data flow.
- Challenges in cross-border data transfers include cyber threats, legal inconsistencies, and geopolitical factors, necessitating robust security and compliance strategies. Cyberattacks targeting data transfers exploit vulnerabilities in international exchange systems and challenge data integrity and confidentiality.
- Legal and regulatory disparities across jurisdictions create compliance challenges for organizations navigating multiple data protection laws. The lack of a unified global regulatory framework leads to inefficiencies and potential legal risks for multinational corporations.
- Geopolitical tensions and economic disputes impact the security of cross-border data transfers, forcing companies to comply with trade restrictions, data localization laws, and government surveillance policies. Proactive engagement with regulators and compliance frameworks can help mitigate risks.
- Regulatory compliance strategies involve legal agreements, security frameworks, and privacy-enhancing technologies to ensure data protection and legal adherence in international data transfers. Privacy-enhancing technologies like encryption and data masking enhance security during cross-border transactions.
- Data localization compliance strategies, continuous monitoring, and compliance automation are vital for organizations to navigate evolving data protection regulations. AI, ML, and blockchain technologies aid in automating compliance tasks, predicting risks, and ensuring regulatory adherence.
- Maintaining compliance with international data regulations is crucial to avoid fines, legal actions, and reputational damage. Organizations must invest in compliance automation, cybersecurity awareness, and collaboration with policymakers to navigate the dynamic cybersecurity landscape.
- A comprehensive approach that combines legal frameworks, privacy-enhancing technologies, and compliance automation is necessary to address the complexities of cross-border data transfers. Continuous adaptation to emerging cybersecurity challenges and regulatory reforms is essential for secure and compliant data exchange.
- Author Arfi Siddik Mollashaik, a Solution Architect at Securiti.ai, specializes in data security, privacy, and compliance for global organizations. With experience in enhancing data protection programs, he emphasizes investments in compliance automation and cybersecurity awareness to mitigate risks.
Read Full Article
18 Likes
Cybersecurity-Insiders
3w
416
Image Credit: Cybersecurity-Insiders
Ship hacked to burn US Military Oil Tanker into a Fireball
- Twitter (now known as X) servers were targeted in a DDoS attack, causing disruption for two hours.
- A Portuguese cargo ship, MV Solong, had its GPS system hacked, resulting in a collision with a US military oil tanker and causing a massive explosion.
- Millions of liters of oil from the tanker have spilled into the North Sea, posing a severe environmental threat to marine life.
- Experts suspect a Russian hacker group orchestrated the attack, and the incident is being investigated by US intelligence and Pentagon teams.
Read Full Article
25 Likes
TechCrunch
3w
381
Image Credit: TechCrunch
What PowerSchool won’t say about its data breach affecting millions of students
- PowerSchool, a K-12 software provider, suffered a significant data breach in December 2024, potentially affecting millions of students and staff across North America.
- The breach originated from a compromised credential in the customer support portal, granting access to the school information system.
- While some details of the breach have been disclosed, many crucial questions remain unanswered by PowerSchool.
- The company has not revealed the exact number of individuals impacted by the breach, despite estimates from various sources.
- Reports suggest that personal data of over 62 million students and 9.5 million teachers may have been accessed by the hacker.
- The types of stolen data, including sensitive personal information and medical records, remain undisclosed by PowerSchool.
- The company worked with a cyber-extortion incident response firm to negotiate with the hackers, hinting at a ransom payment.
- Concerns linger about whether the stolen data has been completely deleted, as PowerSchool has not provided evidence of deletion.
- The identity of the hacker responsible for the breach is unknown, raising questions about cybersecurity measures.
- Forensic reports have shed some light on the breach timeline, indicating potential long-standing access to PowerSchool's network.
Read Full Article
22 Likes
Securityaffairs
3w
166
Image Credit: Securityaffairs
Experts warn of mass exploitation of critical PHP flaw CVE-2024-4577
- Threat actors exploit PHP flaw CVE-2024-4577 for remote code execution.
- Over 1,000 attacks detected globally.
- The vulnerability tracked as CVE-2024-4577 allows for remote code execution on vulnerable servers using Apache and PHP-CGI.
- GreyNoise researchers report a significant increase in attacks targeting multiple regions, including the US, UK, Singapore, and Japan.
Read Full Article
10 Likes
Siliconangle
3w
382
Image Credit: Siliconangle
Fortinet identifies thousands of malicious software packages exploiting open-source repositories
- A new report from FortiGuard Labs highlights a wave of malicious software packages exploiting system vulnerabilities.
- The report identifies thousands of malicious packages distributed across open-source repositories, using techniques such as low-file-count packages, suspicious installation scripts, and typosquatting.
- Attackers employ deceptive tactics, including artificially high version numbers and empty descriptions, to obscure their true intent and mislead users.
- Fortinet urges organizations to implement strong security hygiene, vet open-source dependencies, utilize threat intelligence solutions, and apply behavioral analysis techniques.
Read Full Article
22 Likes
Securityaffairs
3w
109
Image Credit: Securityaffairs
RansomHouse gang claims the hack of the Loretto Hospital in Chicago
- RansomHouse gang claims the hack of the Loretto Hospital in Chicago.
- The RansomHouse gang claims to have stolen 1.5TB of sensitive data from Loretto Hospital.
- RansomHouse is a data extortion group that focuses on data theft instead of encryption. Victims include AMD and Keralty.
- Ransomware attacks on US healthcare providers have surged, with 98 attacks compromising 117 million records in 2024.
Read Full Article
6 Likes
Securityaffairs
3w
180
Image Credit: Securityaffairs
North Korea-linked APT Moonstone used Qilin ransomware in limited attacks
- The North Korea-linked APT group Moonstone Sleet has utilized the Qilin ransomware in limited attacks since February 2025.
- This marks the first time Moonstone Sleet has deployed ransomware developed by a Ransomware-as-a-Service (RaaS) operator.
- Moonstone Sleet, previously known as Storm-1789, has employed various techniques, including trojanized software and custom ransomware, for financial gain and cyber espionage.
- The Qilin ransomware group, active since at least 2022, gained attention in June 2024 for attacking a UK governmental service provider and utilizes double extortion tactics.
Read Full Article
10 Likes
Securityaffairs
3w
351
Image Credit: Securityaffairs
Large-scale cryptocurrency miner campaign targets Russian users with SilentCryptoMiner
- A large-scale cryptocurrency miner campaign is targeting Russian users with SilentCryptoMiner.
- Threat actors are disguising the malware as a tool to bypass internet restrictions.
- Over 2,000 victims have been identified, with the true number potentially higher.
- The malware campaign was spread via malicious archives, YouTube, and Telegram channels.
Read Full Article
21 Likes
Securelist
3w
52
Image Credit: Securelist
SideWinder targets the maritime and nuclear sectors with an updated toolset
- SideWinder, a prolific APT group, targeted military and government entities across South and Southeast Asia, the Middle East, and Africa in 2024.
- They expanded activities to infect maritime infrastructures, logistics companies, and nuclear energy sectors, focusing on countries like Djibouti, Egypt, and South Asia.
- The group constantly updates its toolset, alters infection techniques, and counters security software detections with new malware versions within hours of being identified.
- In 2024, SideWinder extensively targeted maritime and logistics sectors, using spear-phishing emails with malicious DOCX files exploiting CVE-2017-11882 vulnerability.
- The infection flow involved multi-level processes to install malware like 'StealerBot,' designed for espionage purposes.
- Various themed malicious documents, including those related to nuclear power plants and maritime infrastructures, were used in the attacks.
- The malware components included anti-analysis techniques, sophisticated loaders, and updated versions to evade detections.
- SideWinder targeted diverse sectors beyond government and military, affecting industries like telecommunications, consulting, IT services, real estate, and hotels.
- Countries targeted in 2024 include Bangladesh, Cambodia, Indonesia, Myanmar, Pakistan, Sri Lanka, UAE, along with diplomatic entities in Afghanistan, Algeria, China, Saudi Arabia, and others.
- To mitigate SideWinder's threat, patch management, comprehensive security solutions, employee training, and monitoring are recommended to safeguard critical assets against sophisticated attacks.
Read Full Article
3 Likes
Securityaffairs
3w
210
Image Credit: Securityaffairs
Feds seized $23 million in crypto stolen using keys from LastPass breaches
- U.S. authorities seized $23M in crypto linked to a $150M Ripple wallet theft, experts believe the incident is linked to the 2022 LastPass breach.
- Authorities seized $24M in frozen assets before they could be withdrawn, aligning with prior findings that cybercriminals cracked master passwords from LastPass to carry out major heists.
- Law enforcement traced $23,604,815.09 of stolen crypto between June 2024 and February 2025 to multiple exchanges, including OKX, Kraken, WhiteBIT, AscendEX, FixedFloat, SwapSpace, and CoinRabbit.
- Investigators found no evidence of device hacking, supporting the hypothesis that attackers decrypted stolen password manager data to access the victim’s crypto wallet.
Read Full Article
12 Likes
Securityaffairs
3w
996
Image Credit: Securityaffairs
Japanese telecom giant NTT suffered a data breach that impacted 18,000 companies
- Japanese telecom giant NTT suffered a data breach that exposed information of nearly 18,000 corporate customers.
- The breach was detected in NTT's 'Order Information Distribution System' and access was immediately restricted.
- Unauthorized access was discovered on another device during the investigation.
- NTT will notify the affected customers and has taken additional security measures.
Read Full Article
28 Likes
Securityaffairs
3w
369
Image Credit: Securityaffairs
Undocumented hidden feature found in Espressif ESP32 microchip
- Undocumented hidden feature discovered in the ESP32 microchip manufactured by Espressif.
- The hidden functionality acts as a potential backdoor, enabling impersonation attacks and persistent infections on IoT devices.
- The hidden feature poses a security risk for millions of IoT devices.
- Tarlogic researchers developed BluetoothUSB, a tool for auditing Bluetooth device security to protect Bluetooth-enabled gadgets.
Read Full Article
22 Likes
Securityaffairs
3w
184
Image Credit: Securityaffairs
Security Affairs newsletter Round 514 by Pierluigi Paganini – INTERNATIONAL EDITION
- Akira ransomware gang used an unsecured webcam to bypass EDR
- Japanese telecom giant NTT suffered a data breach that impacted 18,000 companies
- Mirai-based botnets exploit CVE-2025-1316 zero-day in Edimax IP cameras
- International law enforcement operation seized the domain of the Russian crypto exchange Garantex
Read Full Article
11 Likes
Medium
3w
233
My Linux Tool Journey: Exploring Essential Tools ✨
- Stacer is a powerful system optimizer and resource monitor designed for Linux. It simplifies system management and improves performance.
- TimeShift is a reliable backup utility that allows you to take system snapshots and restore them when needed. It ensures quick recovery in case of failures.
- NeoFetch is a command-line tool that displays detailed system information in a visually appealing way. It is useful for showcasing system specs and troubleshooting hardware-related issues.
- Brave Browser is a privacy-centric web browser that blocks ads and trackers by default. It offers a secure and efficient browsing experience with built-in ad and tracker blocking.
Read Full Article
14 Likes
For uninterrupted reading, download the app