A naukri.com initiative
Hacking News
Securityaffairs
1w
1k
Image Credit: Securityaffairs
FBI warns of malicious free online document converters spreading malware
- The FBI warns of a significant increase in scams involving free online document converters to infect users with malware.
- Threat actors are using malicious online document converters to steal sensitive information and infect systems with malware.
- Fake file converters and download tools can provide resulting files containing hidden malware, giving criminals access to victims' devices.
- The FBI advises staying cautious online, keeping antivirus software updated, and reporting any incidents to IC3.gov.
Read Full Article
26 Likes
Bitcoinik
1w
389
Image Credit: Bitcoinik
Lazarus Group Details – All You Need To Know About the Bybit Hacker
- Lazarus Group, a hacker group directed from DPRK, known by various unofficial names like Hidden Cobra, ZINC, Diamond Sleet, and Guardian of Peace.
- Led by Park Jin-hook, a DPRK citizen involved in software development, very little is known about the organization's size and composition.
- Lazarus Group attacks crippled computer systems, stole funds, engaged in a large-scale criminal conspiracy with sophisticated hacking techniques.
- Notorious for major attacks including the 2014 Sony Pictures Entertainment hack and the hacking of financial systems like SWIFT for $1 billion.
- The group targeted crypto exchanges, stealing around $882 million in assets, and attacked platforms like Axie Infinity and Horizon protocol.
- The attack on Bybit exchange in 2025 resulted in the theft of around $1.4 billion worth of Ethereum, attributed to Lazarus Group.
- North Korean cybercriminals, including Lazarus Group, are estimated to have stolen around $1.7 billion in a year from various hacks.
- The involvement of Lazarus Group in criminal activities affects the credibility of the cryptocurrency industry, leading to sanctions by authorities.
- With complex operations linked to state involvement, Lazarus Group is believed to be connected to the DPRK's cybercrime activities and potential nuclear program funding.
- Lazarus Group is one of the units in DPRK's cyber operations, operating alongside other groups like Kimsuky and Ricochet Chollima, similar to structures in other non-democratic regimes.
- The negative impact of Lazarus Group's actions reflects on the DPRK's image as a totalitarian regime and raises concerns about funding sources for potential mass destruction projects.
Read Full Article
23 Likes
Securityaffairs
1w
62
Image Credit: Securityaffairs
Cloak ransomware group hacked the Virginia Attorney General’s Office
- The Cloak ransomware group claims responsibility for a cyberattack on the Virginia Attorney General’s Office that occurred in February.
- A cyberattack on the Virginia Attorney General’s Office forced officials to shut down IT systems, including email and VPN, and revert to paper filings.
- The group said that the waiting period had expired and claimed the theft of 134GB of sensitive data.
- The Cloak ransomware group has been active since at least 2023 and breached more than one hundred organizations across the years.
Read Full Article
3 Likes
Medium
1w
75
Pivoting for Hackers: Expanding Your Foothold in a Network
- Pivoting allows hackers to use a compromised system as a stepping stone to access other systems inside a network.
- Pivoting can be done in two main ways: Proxy-based Pivoting and VPN-based Pivoting.
- Practical pivoting techniques include using tools like Metasploit, SSH tunnels, Chisel, and Ligolo-NG.
- Defensive measures against pivoting include network segmentation, host-based firewalls, log monitoring, and multi-factor authentication (MFA).
Read Full Article
4 Likes
Hackingblogs
1w
138
Image Credit: Hackingblogs
Why AI Alone Isn’t Enough To Stop Phishing Emails : Human Awareness Is Still Crucial.
- AI alone is insufficient to fully defend against phishing emails.
- Hackers are exploiting AI for their own ends and crafting convincing phishing messages.
- AI has limitations and struggle with new and complex attacks.
- Combining human awareness with AI security provides the best defense against phishing.
Read Full Article
8 Likes
Securityaffairs
1w
281
Image Credit: Securityaffairs
Security Affairs newsletter Round 516 by Pierluigi Paganini – INTERNATIONAL EDITION
- U.S. Treasury removed sanctions against the crypto mixer service Tornado Cash
- Zero-day broker Operation Zero offers up to $4 million for Telegram exploits
- RansomHub affiliate uses custom backdoor Betruger
- Pennsylvania State Education Association data breach impacts 500,000 individuals
Read Full Article
16 Likes
Securityaffairs
1w
247
Image Credit: Securityaffairs
UAT-5918 ATP group targets critical Taiwan
- UAT-5918, an info-stealing threat actor, targets Taiwan using web shells and open-source tools for persistence, info theft, and credential harvesting.
- The group exploits N-day vulnerabilities in unpatched servers for long-term access and conducts post-compromise activities manually.
- APT UAT-5918 deploys web shells, creates admin accounts, and uses tools like Mimikatz and Impacket for lateral movement and credential theft.
- Talos researchers link UAT-5918 to Chinese APT groups based on TTP overlaps and shared tooling and tactics.
Read Full Article
14 Likes
Hackingblogs
1w
172
Image Credit: Hackingblogs
Keenetic Router Data Leak: What You Need to Know
- A major data leak involving Keenetic routers has exposed sensitive user information, leaving networks at risk.
- Over a million user records, device records, and detailed logs were exposed, providing hackers with the means to breach networks.
- Keenetic took immediate action upon discovery of the breach and notified affected users.
- The data leak poses significant threats, including complete administrative power for hackers, remote access to networks, and potential DNS hijacking.
Read Full Article
10 Likes
Securityaffairs
1w
371
Image Credit: Securityaffairs
U.S. Treasury removed sanctions against the crypto mixer service Tornado Cash
- The U.S. Treasury has decided to lift sanctions on the crypto mixer service Tornado Cash, which was accused of aiding North Korea's Lazarus Group in laundering illicit funds.
- The sanctions were imposed by the U.S. Treasury Department's Office of Foreign Assets Control (OFAC) in August 2022 due to Tornado Cash's involvement in money laundering activities.
- Tornado Cash was utilized by cybercriminals, including the Lazarus APT Group, to launder over $7 billion in virtual currency since its establishment in 2019.
- The Treasury removed the sanctions based on its review of legal and policy considerations concerning financial activities in evolving technological environments.
- Secretary of the Treasury Scott Bessent emphasized the importance of safeguarding the digital asset industry from misuse by illicit actors like North Korea.
- In addition to lifting sanctions on Tornado Cash, the U.S. Treasury also delisted over 100 Ethereum wallet addresses from the Specially Designated Nationals (SDN) list maintained by OFAC.
- The founders of Tornado Cash, Roman Storm and Roman Semenov, were charged with money laundering and violating economic emergency powers laws, potentially facing significant prison sentences.
- Recent reports suggest that Lazarus APT Group has resumed using Tornado Cash for money laundering operations, indicating ongoing challenges in combating illicit financial activities.
- Numerous individuals involved in facilitating money laundering through Tornado Cash have faced legal repercussions, with arrests and convictions highlighting law enforcement efforts against illicit financial flows.
- The case involving Tornado Cash underscores the importance of regulatory oversight and accountability in the cryptocurrency space to prevent misuse for criminal purposes and ensure financial safety.
Read Full Article
22 Likes
Hackingblogs
1w
346
Image Credit: Hackingblogs
New Phishing Attack Targets Meta Advertisers: Fake Suspension Emails Lead to Account Hijacking
- A new phishing attack is targeting Meta advertisers, using fake suspension emails to trick users into account hijacking.
- The phishing emails appear to be authentic Meta support contact, with subject lines indicating account suspension.
- When users click on the link provided in the email, they are directed to a fake Meta support website that resembles the real interface.
- Hackers take over user accounts by tricking them into entering sensitive information or login credentials on the fake website.
Read Full Article
20 Likes
Hackernoon
1w
409
Image Credit: Hackernoon
Want to Buy Ed-Tech That Isn't Evil? Here's How
- The edtech industry is growing rapidly, offering a plethora of products to K-12 schools and universities with no mandatory licensing process for quality assurance.
- Concerns over edtech products potentially harming children due to lack of oversight have been raised by experts and organizations like UNESCO.
- Educators and administrators are advised to evaluate the necessity of edtech tools, seek demonstrations, and consider reviews before purchasing.
- Factors such as educational impact, student privacy, and data security should be thoroughly assessed before adopting any edtech solutions.
- Expert recommendations include involving students in product evaluations, seeking peer reviews, and ensuring vendors prioritize privacy agreements.
- Organizations like EdTech Impact and Education Alliance Finland provide evaluations and certifications for edtech products, aiding decision-making for schools.
- Collaborative efforts among districts and parents are suggested to negotiate better privacy agreements with edtech vendors.
- The growing influence of edtech in education highlights the need for thorough scrutiny to ensure the effective use of technology resources.
- Schools have spent billions on edtech, especially during the pandemic, emphasizing the importance of informed decision-making in technology procurement.
- Educators acknowledge the challenges but emphasize the importance of asking the right questions to make informed choices about edtech integration.
Read Full Article
24 Likes
NullTX
1w
245
Image Credit: NullTX
Suspicious Transaction and Security Breach Impact Zoth Platform, $8.4 Million Stolen
- The decentralized finance platform Zoth has fallen victim to a significant security breach, resulting in the theft of $8.4 million worth of assets, sparking concern in the cryptocurrency community.
- The breach was discovered by the Cyber Alert System and appears to have originated from a compromise of the platform's deployer wallet, leading to a suspicious transaction and the transfer of funds.
- The attacker exploited vulnerabilities within the protocol, swiftly converting stolen assets into a stablecoin (DAI) and transferring them to an undisclosed address, making tracking difficult.
- Zoth has taken immediate action by entering maintenance mode to investigate the breach, raising questions about the platform's security measures and overall safety of DeFi services.
- The breach's total impact is still unknown, with ongoing efforts to track the stolen funds and identify the perpetrator, potentially involving blockchain forensics and cybersecurity experts.
- Concerns remain regarding the recovery of the stolen tokens, as well as the DeFi ecosystem's vulnerability to security threats and the need for enhanced risk management practices.
- The incident underscores the growing security risks in DeFi platforms, highlighting the importance of addressing weaknesses in smart contracts and implementing additional protections to deter potential attacks.
- The Zoth breach serves as a wake-up call for improved security practices within the DeFi space, emphasizing the necessity for thorough audits and enhanced measures to safeguard user funds and platform integrity.
- Amid ongoing investigations, the Zoth community remains vigilant, emphasizing the importance of account security and caution when engaging with digital assets in the wake of such security breaches.
- The incident has raised concerns about the overall security of decentralized platforms and the need for proactive measures to mitigate risks associated with handling large sums of digital assets.
- In light of the breach, there is a call for improvements in security protocols and risk management practices within the DeFi ecosystem to enhance user trust and protect against potential exploits.
Read Full Article
14 Likes
Securityaffairs
1w
139
Image Credit: Securityaffairs
Zero-day broker Operation Zero offers up to $4 million for Telegram exploits
- Russian zero-day broker Operation Zero is offering up to $4 million for Telegram exploits.
- The company seeks up to $500K for one-click RCE, $1.5M for zero-click RCE, and $4M for a full-chain exploit.
- Potential reasons for the high valuation of Telegram exploits include government and intelligence demand, strategic cyber warfare, and law enforcement and cybercrime control.
- The ban of Telegram by Ukraine's National Coordination Centre for Cybersecurity has raised concerns about Russian intelligence accessing users' data.
Read Full Article
8 Likes
TechCrunch
1w
283
Image Credit: TechCrunch
Valve removes video game demo suspected of being malware
- Valve removed a video game called Sniper: Phantom’s Resolution from its online store Steam.
- Users reported that the free demo for the game was installing malware on their computers.
- This is not the first time Valve has encountered such issues, as they dealt with a similar situation last month with a game called PirateFi.
- Valve has not yet provided any response or comment regarding the removal of the game from their platform.
Read Full Article
17 Likes
Medium
1w
50
Why is Cybersecurity? (No, Seriously. Why?)
- Cybersecurity is important for everyone, not just secret agents, as individuals are potential targets of hackers and cyber threats.
- The different threats to cybersecurity include hackers who try to steal passwords, malware and viruses that disrupt systems, and social engineers who deceive individuals to give up sensitive information.
- To enhance cybersecurity, it is advised to use strong passwords, enable two-factor authentication, avoid clicking on suspicious links, and keep software updated.
- Cybersecurity is crucial for protecting personal information online, and with a few simple steps, individuals can stay safe from cyber disasters.
Read Full Article
3 Likes
For uninterrupted reading, download the app