A naukri.com initiative
Hacking News
Securityaffairs
1M
136
Image Credit: Securityaffairs
Nigerian man Sentenced to 26+ years in real estate phishing scams
- Nigerian national, Kolade Ojelade, has been sentenced to 26 years in prison in the US for phishing scams.
- Ojelade compromised the email accounts of real estate businesses to steal millions of dollars.
- He conducted Business Email Compromise (BEC) attacks by changing wire payment instructions.
- The actual losses from the scheme were estimated at $12 million, with intended losses exceeding $100 million.
Read Full Article
8 Likes
Siliconangle
1M
214
Image Credit: Siliconangle
JFrog report highlights critical security flaws in machine learning platforms
- A new report from JFrog Ltd. highlights critical security flaws in machine learning platforms.
- The report reveals vulnerabilities in open-source machine learning projects, focusing on server-side risks.
- Specific vulnerabilities include directory traversal and improper access control issues in various platforms.
- The report warns that these vulnerabilities can lead to unauthorized access and compromise the integrity of models.
Read Full Article
12 Likes
Siliconangle
1M
127
Image Credit: Siliconangle
White-noise apps exploited in major audio ad fraud schemes, report finds
- White-noise apps are being exploited in audio ad fraud schemes, according to a report by DoubleVerify Holdings Ltd.
- The apps are used to commit audio stream fraud and divert advertising dollars.
- Two major global fraud schemes, BeatSting and FM Scam, were found to falsify audio traffic, causing significant financial losses.
- Fraudulent apps generate fake streaming data, tricking advertisers into spending money on ad placements that never reach real users.
Read Full Article
7 Likes
Bravenewcoin
1M
383
Image Credit: Bravenewcoin
Crypto Casino Platform MetaWin Hacked
- Hackers targeted MetaWin’s hot wallets on both the Ethereum and Solana blockchains, exploiting a vulnerability in the frictionless withdrawal system.
- MetaWin suspended withdrawals and is working to restore stolen funds and account balances.
- Blockchain investigator ZachXBT traced the stolen funds to addresses on Kucoin and HitBTC, indicating an organized operation.
- MetaWin involved law enforcement to recover assets and prevent future attacks, highlighting the rising trend of crypto hacks.
Read Full Article
23 Likes
Securityaffairs
1M
355
Image Credit: Securityaffairs
Russian disinformation campaign active ahead of 2024 US election
- U.S. intelligence agencies report a fake video circulating on social media, falsely claiming Haitians voted illegally in Georgia, with Russia's intent to spread election disinformation.
- The fake video is linked to the Russia-linked APT group Storm-1516, which has previously spread videos to discredit Vice-President Kamala Harris and stir controversy.
- Russia-linked threat actors also created another fake video accusing a Democratic presidential associate of accepting a bribe from a U.S. entertainer.
- The Office of the Director of National Intelligence warns that Russia will continue to create and release media content to undermine trust in the integrity of the U.S. election and divide Americans.
Read Full Article
21 Likes
Securityaffairs
1M
255
Image Credit: Securityaffairs
International law enforcement operation shut down DDoS-for-hire platform Dstat.cc
- German police shut down DDoS-for-hire platform Dstat.cc and arrested two men accused of operating the site used for launching DDoS attacks.
- The operation was coordinated by the Central Office for Combating Internet Crime (ZIT) along with authorities from France, Greece, Iceland, and the U.S.
- The suspects are also accused of running the online platform Flight RCS for drug trafficking and are set to appear before a judge.
- This operation marks a significant action against the underground economy and showcases the strength of international law enforcement in combating digital crime.
Read Full Article
15 Likes
Idownloadblog
1M
41
Image Credit: Idownloadblog
Nugget SparseRestore device modding utility updated to v4.0.1 with more features & fixes
- Nugget, a device modding utility, has been updated to version 4.0.1.
- The update includes new features such as spoofing for AI, improved skip setup method, and more models to spoof to.
- Bug fixes include improved error handling, fixed crashes, and corrected model labels.
- Nugget allows device customization without jailbreaking, using the SparseRestore exploit.
Read Full Article
2 Likes
Hackingblogs
1M
59
Image Credit: Hackingblogs
Starhealth’s Data Was Leaked By RansomHub and is available in the Darkweb: 200 GB Of Data Leaked
- Data from the ransomware attack on Starhealth life insurance firm was leaked by the ransomhub gang and is available on the darkweb.
- The attack occurred on October 19, 2024, at 07:09:13, resulting in the leak of approximately 200 gigabytes of data.
- The leaked data includes sensitive information such as personally identifiable information (PII), financial details, health records, and confidential business data.
- Star Health and Allied Insurance Co Ltd is an independent health insurance company based in Chennai, India, offering comprehensive health insurance solutions with features like maternity benefits and cashless hospitalization.
Read Full Article
3 Likes
Securityaffairs
1M
109
Image Credit: Securityaffairs
Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION
- Chinese threat actors use Quad7 botnet in password-spray attacks
- FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info
- Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide
- PTZOptics cameras zero-days actively exploited in the wild
Read Full Article
6 Likes
Securityaffairs
1M
150
Image Credit: Securityaffairs
US Election 2024 – FBI warning about fake election videos
- The FBI has issued a warning about two fake videos spreading false claims of ballot fraud and misinformation about Kamala Harris's husband.
- The videos, which were falsely presented as being from the FBI, did not receive significant views from real people on social media platform X.
- The FBI is also investigating a separate fake video showing ballots being destroyed in Pennsylvania.
- Experts have cautioned about the increase in misinformation and influence campaigns related to the 2024 US elections, particularly on social media.
Read Full Article
9 Likes
Securityaffairs
1M
392
Image Credit: Securityaffairs
Chinese threat actors use Quad7 botnet in password-spray attacks
- Microsoft warns Chinese threat actors are using the Quad7 botnet to carry out password-spray attacks and steal credentials.
- Quad7 botnet, also known as CovertNetwork-1658, targets SOHO devices and VPN appliances.
- Chinese threat actors, including Storm-0940, are using credentials obtained from Quad7 botnet through password-spray attacks.
- Microsoft advises organizations to prioritize credential hygiene and harden cloud identities to defend against password spraying.
Read Full Article
23 Likes
Hackersking
1M
4
Image Credit: Hackersking
Know Passwords Using Email From Data breach And Leaks On The Internet
- Data breaches have become a common occurrence in today's connected world, leading to severe consequences for individuals and businesses.
- A data breach occurs when unauthorized individuals access sensitive information through hacking or other means.
- Websites like ihavebeenpwned can help determine if your email credentials have been compromised in a data breach.
- A tool called Zehef allows users to check for compromised passwords associated with their email from various data breaches and leaks on the internet.
Read Full Article
Like
Hackersking
1M
95
Image Credit: Hackersking
HomePwn: Swiss Army Knife for Penetration Testing of IoT Devices
- HomePwn is a Swiss Army Knife for testing the security of IoT devices.
- It is a Python-coded program that runs on Windows and Linux.
- HomePwn provides features to audit and pen-test devices in home or office environments.
- It has a modular architecture with discovery modules and specific modules for audited technologies.
Read Full Article
5 Likes
Securityaffairs
1M
228
Image Credit: Securityaffairs
FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info
- A former Disney World employee hacked servers after being fired, altering prices, adding profanities, and mislabeling allergy info.
- The FBI arrested the man last week, falsely declaring some items as allergy-safe could put the lives of visitors at risk.
- The former Disney employee denied any misconduct when FBI agents searched his home last month.
- The company had to take its menu creation program offline for over a week, incurring costs of at least $150,000 due to the attacks.
Read Full Article
13 Likes
Medium
1M
452
The Java Enigma: A Hacker’s Odyssey
- Java's sandboxing model provides security but can be bypassed by hackers.
- Buffer overflow attacks and the use of Java's reflection API are common techniques used by hackers to exploit Java.
- Java has been a popular target for hackers due to its ecosystem and platform independence.
- Oracle has invested in Java security, but new techniques and vulnerabilities will continue to be discovered.
Read Full Article
27 Likes
For uninterrupted reading, download the app