menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Hacking News

Hacking News

source image

Securityaffairs

1d

read

280

img
dot

Image Credit: Securityaffairs

CoffeeLoader uses a GPU-based packer to evade detection

  • CoffeeLoader is a sophisticated malware that uses numerous techniques to bypass security solutions.
  • It implements advanced evasion techniques including call stack spoofing, sleep obfuscation, and Windows fibers.
  • The malware is being used to deploy Rhadamanthys info-stealer and is distributed via SmokeLoader.
  • There are similarities between CoffeeLoader and SmokeLoader, indicating a possible connection between the two malware.

Read Full Article

like

16 Likes

share

3 Shares

source image

Medium

1d

read

228

img
dot

The One Cybersecurity Mistake Everyone Makes (Are You Guilty?)

  • The biggest cybersecurity mistake is reusing passwords.
  • 80% of hacking-related incidents occur because of stolen or compromised passwords.
  • Hackers steal passwords through data breaches, phishing attacks, WiFi snooping, and social engineering.
  • To prevent being hacked, use a password manager, enable two-factor authentication, scan for leaked passwords, and avoid storing passwords in web browsers.

Read Full Article

like

13 Likes

share

3 Shares

source image

Medium

1d

read

45

img
dot

Image Credit: Medium

Top Secure Messaging Apps for 2025: Ensuring Your Privacy in the Digital Age

  • Signal is a top secure messaging app known for its dedication to privacy, earning endorsements from security experts globally.
  • Threema, originating from Switzerland, is a paid messaging app that prioritizes security and user anonymity, operating independently.
  • Session is a decentralized messaging app that eliminates vulnerabilities associated with central servers, ensuring user identities remain concealed.
  • SimpleX is gaining popularity for its advanced privacy features and encryption protocols, catering to users who prioritize anonymity and secure communication.

Read Full Article

like

2 Likes

share

Share

source image

Securityaffairs

1d

read

344

img
dot

Image Credit: Securityaffairs

Morphing Meerkat phishing kits exploit DNS MX records

  • Morphing Meerkat phishing kits exploit DNS MX records to deliver spoofed login pages, targeting over 100 brands.
  • A new phishing-as-a-service (PhaaS) platform called Morphing Meerkat has been discovered, which generates multiple phishing kits using DNS mail exchange (MX) records.
  • Threat actors use MX records to serve dynamically tailored fake login pages, abusing open redirects and compromised domains.
  • Morphing Meerkat enables large-scale phishing campaigns, using obfuscated code and dynamic translations, and distributing stolen credentials via email and chat.

Read Full Article

like

20 Likes

share

4 Shares

source image

Silicon

1d

read

214

img
dot

Image Credit: Silicon

NHS Software Provider Fined £3m Over Breach

  • NHS software services provider Advanced Computer Software Group has been fined £3.07 million by the Information Commissioner’s Office due to security lapses.
  • The ransomware attack on Advanced's health and care subsidiary resulted in the personal data of 79,404 people being at risk.
  • Hackers gained access to patients' phone numbers, medical records, and details of 890 people receiving home care.
  • The Information Commissioner's Office criticized Advanced for insufficient security measures and lack of complete multi-factor authentication coverage.

Read Full Article

like

12 Likes

share

3 Shares

source image

Securityaffairs

1d

read

69

img
dot

Image Credit: Securityaffairs

CISA warns of RESURGE malware exploiting Ivanti flaw

  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) warns of RESURGE malware, targeting a vulnerability in Ivanti Connect Secure (ICS) appliances.
  • RESURGE malware exploits the CVE-2025-0282 flaw in Ivanti Connect Secure appliances and has been used in attacks.
  • The malware creates web shells, bypasses integrity checks, and facilitates credential harvesting and privilege escalation.
  • CISA provides details about the malicious Linux shared object file 'libdsupgrade.so' and the log-tampering variant of 'SPAWNSLOTH' associated with the RESURGE malware.

Read Full Article

like

4 Likes

share

Share

source image

Hackingblogs

2d

read

277

img
dot

Image Credit: Hackingblogs

Vroom Leaked 30000+ Australians Bank Detail Are Exposed And ID’S Leaked

  • Australia's car loan marketplace Vroom by YouX experienced a security breach in which 27,000 driver's licenses, Medicare cards, and partial credit card information were made public.
  • The breach involved a non-password-protected Amazon S3 database that contained personal information such as bank statements, employment data, and Medicaid cards.
  • The exposed data poses risks of identity theft and fraud, and cybercriminals could potentially use the information for phishing scams or creating fake accounts.
  • To prevent similar incidents, cybersecurity researcher Jeremiah Fowler suggests implementing data minimization policies, active monitoring, and anomaly detection systems.

Read Full Article

like

16 Likes

share

3 Shares

source image

Securityaffairs

2d

read

168

img
dot

Image Credit: Securityaffairs

Security Affairs newsletter Round 517 by Pierluigi Paganini – INTERNATIONAL EDITION

  • FBI and DOJ seize $8.2 Million in romance baiting crypto fraud scheme
  • Experts warn of the new sophisticate Crocodilus mobile banking Trojan
  • Russian authorities arrest three suspects behind Mamont Android banking trojan
  • Mozilla fixed critical Firefox vulnerability CVE-2025-2857

Read Full Article

like

10 Likes

share

2 Shares

source image

Securityaffairs

2d

read

136

img
dot

Image Credit: Securityaffairs

Sam’s Club Investigates Alleged Cl0p Ransomware Breach

  • Sam's Club, a Walmart-owned membership warehouse club chain, is investigating the alleged Cl0p ransomware security breach.
  • The Cl0p ransomware group listed Sam's Club among its victims, accusing the company of ignoring security.
  • Sam's Club announced that it is actively investigating the matter, but has seen no evidence of a breach.
  • In December 2024, the Cl0p ransomware group claimed to have breached multiple companies through the Cleo file transfer software vulnerability.

Read Full Article

like

8 Likes

share

1 Share

source image

Hackersking

2d

read

87

img
dot

Image Credit: Hackersking

How To Use Remote Access Trojan AndroRAT | All Errors Solved

  • AndroRAT is a free software that allows remote control of Android devices.
  • It can be used responsibly in penetration testing.
  • Before using AndroRAT, you need a computer running Windows or Linux, JDK, and a port forwarding service.
  • AndroRAT can be used to generate a malicious APK, gain remote access, and perform various actions on the target device.

Read Full Article

like

5 Likes

share

1 Share

source image

Hackernoon

3d

read

3

img
dot

Image Credit: Hackernoon

Hallucination by Design: How Embedding Models Misunderstand Language

  • Text embeddings are crucial for converting words and sentences into numerical vectors to capture their meaning, used widely in NLP systems.
  • Despite their prevalent use, there's a lack of comprehensive understanding of how embedding models operate practically, leading to errors and suboptimal user experiences.
  • Issues like missing negations, numerical illiteracy, insensitivity to capitalization, and the handling of spaces and references pose significant challenges in embedding model behavior.
  • Industries such as Retail, Medical Care, and Finance can benefit significantly from addressing and understanding these embedding model flaws.
  • The article highlights various problematic scenarios, including issues with case sensitivity, numerical distinctions, negations, spaces, references, counterfactuals, and ranges.
  • The author outlines a testing framework to evaluate how embedding models handle different text variations and emphasizes the importance of real-world testing before deployment.
  • Recommendations include building safeguards for critical blind spots, combining multiple techniques, and being transparent with users about the system limitations.
  • Understanding that embedding models interpret language through statistical patterns rather than human-like comprehension is crucial for improving system performance.
  • Acknowledging and designing around these inherent blind spots in embedding models can lead to more effective and reliable language processing systems.
  • Further investigation into other cases of model limitations and their implications will be covered in the subsequent post by the author.
  • The article emphasizes the importance of recognizing and addressing the limitations of embedding models to enhance the efficiency and reliability of language processing systems.

Read Full Article

like

Like

share

Share

source image

Securityaffairs

3d

read

333

img
dot

Image Credit: Securityaffairs

FBI and DOJ seize $8.2 Million in romance baiting crypto fraud scheme

  • The U.S. DOJ seized over $8.2 million in USDT stolen through ‘romance baiting’ scams.
  • Fraudsters tricked victims into fake investments promising high returns.
  • The FBI used blockchain intelligence to trace the flow of funds through various platforms and networks.
  • The seizure provides restitution for victims as the FBI traces additional addresses.

Read Full Article

like

20 Likes

share

4 Shares

source image

Securityaffairs

3d

read

342

img
dot

Image Credit: Securityaffairs

Experts warn of the new sophisticate Crocodilus mobile banking Trojan

  • The new Android trojan Crocodilus exploits accessibility features and targets users in Spain and Turkey.
  • Crocodilus uses overlay attacks, keylogging, and remote access to steal banking and crypto credentials.
  • The trojan supports advanced keylogger capabilities and a wide range of bot and RAT commands.
  • Crocodilus is linked to the threat actor 'sybra' and poses a significant threat to banks and cryptocurrency wallets.

Read Full Article

like

20 Likes

share

4 Shares

source image

Gizchina

3d

read

183

img
dot

Image Credit: Gizchina

Hackers Steal Data and Blackmail U.S. Hospitals in Oracle Breach

  • Hackers breached Oracle's servers, stole sensitive patient data, and blackmailed several US medical institutions.
  • The breach highlights security concerns in the healthcare sector and the need for improved security protocols for patient records.
  • Oracle notified affected firms and authorities are investigating the ransom demands.
  • The incident emphasizes the importance of collaboration between healthcare and technology companies to protect patient data and privacy.

Read Full Article

like

11 Likes

share

2 Shares

source image

Medium

3d

read

275

img
dot

Image Credit: Medium

The Dark Truth About Instagram: Why You Need to Make Your Account Hacking-Proof

  • Being a content creator on Instagram comes with the risk of having your account hacked, and recovery is difficult.
  • To make your Instagram account hacking-proof, using an Authenticator App for 2FA is recommended.
  • Additionally, it is essential to avoid logging into Instagram from unofficial apps or sketchy websites
  • Regular security checkups, using unique and complex passwords, and being cautious of phishing emails are also important preventive measures.

Read Full Article

like

16 Likes

share

3 Shares

Prev

1
2
3
4
5
6
7
8
9
10

Next

For uninterrupted reading, download the app