menu
techminis

A naukri.com initiative

New

google-web-stories
Home

>

Hacking News

Hacking News

source image

Cultofmac

1M

read

227

img
dot

Image Credit: Cultofmac

Turn hacking into a game with this $45 educational bundle

  • The 2024 All-in-One Ethical Hacking Course Bundle offers comprehensive training for aspiring cybersecurity experts.
  • The bundle includes 18 courses covering 92 hours of content, teaching hacking from foundational concepts to advanced topics.
  • Students will learn about industry tools like Nmap and Metasploit, practice hacking in lab environments, and gain practical skills for certifications.
  • Available at a discounted price of $44.99, this bundle is a cost-effective way to learn ethical hacking.

Read Full Article

like

13 Likes

share

3 Shares

source image

Mcafee

1M

read

240

img
dot

How To Tell If Your Smartphone Has Been Hacked

  • iPhones, whether through malware or a bad app, can be hacked. Apple has designed iOS to run apps in a virtual environment, which limits the access apps have to other apps, thereby preventing the spread of viruses. The owner jail-breaking the iPhone or downloading apps outside of the App Store increases risks from hackers.
  • Some signs that your device may have been hacked include performance issues, the device feeling overly hot, and mysterious calls, texts or apps appearing. Instructions on how to identify whether your iPhone has malware and how to resolve the issue are listed in the article.
  • Protecting smartphones from hackers is vital. To avoid hacks, iOS users should: update phones and their apps, avoid downloading from third-party app stores, and not jail-break iPhones.
  • While antivirus software may not be needed on non-jailbroken iPhones, extra protection is recommended. Online protection software can keep users and their phones safer. It can block worrying links on texts and social media, as well as protect users' identity and privacy.

Read Full Article

like

14 Likes

share

3 Shares

source image

Coinpedia

1M

read

145

img
dot

Image Credit: Coinpedia

Former Digital River Employee Charged in $45K Cryptojacking Scheme

  • Former Digital River employee charged in $45K cryptojacking scheme.
  • Joshua Paul Armbrust allegedly used Digital River's Amazon Web Services (AWS) for crypto mining without consent.
  • Armbrust mined Ethereum and transferred it to his personal Coinbase accounts.
  • He withdrew over $7k from the funds and transferred the money to his Wells Fargo account.

Read Full Article

like

8 Likes

share

2 Shares

source image

Securityaffairs

1M

read

381

img
dot

Image Credit: Securityaffairs

Canada ordered ByteDance to shut down TikTok operations in the country over security concerns

  • Canada ordered ByteDance to shut down TikTok operations over security concerns but did not issue a full ban on the platform.
  • The Canadian government ordered ByteDance to wind up TikTok Technology Canada, Inc. over security concerns following a national security review.
  • Canada's decision was guided by security and intelligence advice, but Canadians can still access and use TikTok by choice.
  • The shutdown of TikTok's Canadian offices will cause the loss of hundreds of local jobs.

Read Full Article

like

22 Likes

share

5 Shares

source image

Securityaffairs

1M

read

295

img
dot

Image Credit: Securityaffairs

Critical bug in Cisco UWRB access points allows attackers to run commands as root

  • Cisco fixed a critical flaw in URWB access points, allowing attackers to run root commands, compromising industrial wireless automation security.
  • The vulnerability allows attackers to execute arbitrary commands with root privileges by sending crafted HTTP requests to the device.
  • The vulnerability only affects specific models in URWB mode: Catalyst IW9165D, IW9165E, and IW9167E access points.
  • The Cisco PSIRT is not aware of attacks in the wild exploiting this vulnerability.

Read Full Article

like

17 Likes

share

4 Shares

source image

Securityaffairs

1M

read

558

img
dot

Image Credit: Securityaffairs

South Korea fined Meta $15.67M for illegally collecting and sharing Facebook users

  • South Korea's data privacy watchdog, Personal Information Protection Commission (PIPC), fined Meta $15.67 million for illegally collecting and sharing sensitive data of Facebook users.
  • Meta shared sensitive data, including political views and sexual orientation, of 980,000 Facebook users with 4,000 advertisers.
  • PIPC found Meta in violation of the Personal Information Protection Act and ordered corrective measures.
  • Meta previously faced fines for storing user passwords in plaintext.

Read Full Article

like

2 Likes

share

Share

source image

Securityaffairs

1M

read

395

img
dot

Image Credit: Securityaffairs

Memorial Hospital and Manor suffered a ransomware attack

  • A ransomware attack hit Memorial Hospital and Manor in Bainbridge, Georgia, disrupting access to its Electronic Health Record system.
  • The hospital identified the attack after antivirus software flagged potential risks and launched an internal investigation.
  • Operations were unaffected, but staff had to switch to pen and paper for patient information recording.
  • The Embargo ransomware gang claimed responsibility for the attack, stealing 1.15 terabytes of data.

Read Full Article

like

23 Likes

share

5 Shares

source image

Securelist

1M

read

209

img
dot

Image Credit: Securelist

New SteelFox Trojan mimics software activators, stealing sensitive data and mining cryptocurrency

  • SteelFox is a new crimeware bundle found in 2024 which imitates popular software products like Foxit PDF Editor and AutoCAD and spreads via forum posts, and malicious torrents.
  • It communicates with its Command and Control (C2) via SSL pinning and TLSv1.3, and it utilizes a domain with dynamically changing IP, implemented using Boost.Asio library.
  • The malware can elevate its privileges through exploiting a vulnerable driver.
  • SteelFox affects users worldwide, with most affected users in Brazil, China, Russia, Mexico, UAE, Egypt, Algeria, Vietnam, India, and Sri Lanka.
  • The malware is capable of stealing sensitive data like Credit Card details, browsing history, and can mine cryptocurrencies after elevating permissions with the vulnerable driver.
  • The Shellcode and driver in this malware are detected as XMRig miner, which helps it communicate with specific mining pools to mine cryptocurrencies.
  • The communication with the attacker's C2 is via SSL pinned TLSv1.3, also using Google Public DNS and DNS over HTTPS (DoH) to hide domain resolution.
  • The attackers use various platforms to spread the dropper, i.e., Baidu and Russian torrent trackers.
  • Users can use security solutions that prevent downloading infected software and only install apps from official sources to avoid attacks.
  • Kaspersky detects this threat as HEUR:Trojan.Win64.SteelFox.gen and Trojan.Win64.SteelFox.*.

Read Full Article

like

12 Likes

share

2 Shares

source image

Securityaffairs

1M

read

36

img
dot

Image Credit: Securityaffairs

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

  • Synology has fixed a critical vulnerability affecting DiskStation and BeePhotos NAS devices.
  • The vulnerability, named RISK:STATION, allows remote code execution.
  • The flaw was demonstrated by a security researcher at the Pwn2Own Ireland 2024 hacking contest.
  • Synology released a patch within 48 hours and urges users to update their devices immediately.

Read Full Article

like

2 Likes

share

Share

source image

Siliconangle

1M

read

9

img
dot

Image Credit: Siliconangle

Ransomware gang demands ransom payment in Schneider Electric data breach: baguettes

  • French multinational firm Schneider Electric SE has been breached and data stolen.
  • The ransomware gang Hellcat is demanding a payment of $62,500 USD in baguettes.
  • Schneider Electric confirmed the breach and is investigating the cybersecurity incident.
  • If the ransom is not paid by November 7th, Hellcat threatens to release the stolen data.

Read Full Article

like

Like

share

Share

source image

Securityaffairs

1M

read

63

img
dot

Image Credit: Securityaffairs

ToxicPanda Android banking trojan targets Europe and LATAM, with a focus on Italy

  • The ToxicPanda Android malware has infected over 1,500 devices, enabling attackers to perform fraudulent banking transactions.
  • ToxicPanda has infected thousands of devices across Italy, Portugal, Spain, and Latin America, targeting 16 banks.
  • The malware uses On-Device Fraud (ODF) techniques to bypass bank security measures and initiate account takeovers.
  • Experts speculate that Chinese-speaking individuals may be behind the malware campaign, indicating a potential shift or expansion in their operational focus.

Read Full Article

like

3 Likes

share

Share

source image

TechCrunch

1M

read

368

img
dot

Image Credit: TechCrunch

Canadian authorities say they arrested hacker linked to Snowflake data breaches

  • Canadian authorities have arrested a hacker connected to Snowflake data breaches.
  • The hacker, known as Alexander Moucka or Connor Moucka, was apprehended based on a provisional arrest warrant requested by the United States.
  • The hacker targeted various companies, including AT&T, Ticketmaster, and Advanced Auto Parts, stealing sensitive corporate data stored in Snowflake.
  • Moucka appeared in court on October 30, and his case was adjourned to November 5, 2024. Potential extradition to the United States is unclear.

Read Full Article

like

22 Likes

share

5 Shares

source image

Coinjournal

1M

read

373

img
dot

Image Credit: Coinjournal

Mt. Gox moves $2.2 billion in Bitcoin as it works to repay creditors

  • Defunct crypto exchange Mt. Gox has moved another $2.19 billion to two unmarked wallets.
  • The movement includes 32,371 Bitcoin transferred to one wallet and an additional 2,000 Bitcoin sent to another wallet.
  • This is one of the largest movements made by Mt. Gox this year.
  • The exchange is likely preparing for repayment to creditors after its collapse in 2014.

Read Full Article

like

22 Likes

share

5 Shares

source image

Securityaffairs

1M

read

437

img
dot

Image Credit: Securityaffairs

U.S. CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog

  • U.S. CISA adds PTZOptics camera bugs to its Known Exploited Vulnerabilities catalog
  • PTZOptics PT30X-SDI/NDI camera vulnerabilities CVE-2024-8956 and CVE-2024-8957 added
  • Threat actors attempting to exploit the zero-day vulnerabilities
  • Vulnerabilities allow attackers to execute arbitrary commands and bypass authentication

Read Full Article

like

26 Likes

share

6 Shares

source image

Securityaffairs

1M

read

346

img
dot

Image Credit: Securityaffairs

Canadian authorities arrested alleged Snowflake hacker

  • Canadian authorities arrested a suspect linked to multiple hacks following a breach of cloud data platform Snowflake earlier this year.
  • The suspect, Alexander 'Connor' Moucka, was arrested on October 30, 2024, on a US provisional arrest warrant.
  • He is accused of being responsible for a series of attacks involving as many as 165 customers of Snowflake Inc.
  • The attacks involved stolen credentials, data theft, extortion attempts, and selling stolen data on criminal forums.

Read Full Article

like

20 Likes

share

4 Shares

Prev

20
21
22
23
24
25
26
27
28

Next

For uninterrupted reading, download the app