menu
techminis

A naukri.com initiative

google-web-stories
Home

>

Hacking News

Hacking News

source image

Idownloadblog

1w

read

246

img
dot

Image Credit: Idownloadblog

Security researcher releases S5Late bootrom exploit for iPod Nano 7th generation

  • A hardware-based bootrom exploit has been released for the iPod Nano 7th generation.
  • Hardware-based bootrom exploits are rare and cannot be fixed with a software update.
  • The S5Late bootrom exploit is tethered, requiring DFU mode for device boot-up.
  • The exploit allows for jailbreaking of the iPod Nano 7th generation.

Read Full Article

like

14 Likes

source image

Securityaffairs

1w

read

75

img
dot

Image Credit: Securityaffairs

ConnectOnCall data breach impacted over 900,000 individuals

  • ConnectOnCall, a telehealth platform, disclosed a data breach impacting over 900,000 individuals.
  • The breach occurred between February 16, 2024, and May 12, 2024, and an unknown third party accessed personal and medical information.
  • ConnectOnCall took its product offline, hired cybersecurity experts, and notified law enforcement.
  • Potentially exposed information includes names, phone numbers, Social Security numbers, and health-related information.

Read Full Article

like

4 Likes

source image

Securityaffairs

1w

read

292

img
dot

Image Credit: Securityaffairs

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

  • Researchers warn of previously undetected surveillance spyware, named NoviSpy, that was found infecting a Serbian journalist’s phone.
  • Amnesty International discovered that Serbian authorities used the Cellebrite tool to unlock and extract data from the journalist's device without consent.
  • They also found the presence of NoviSpy spyware, which can extract personal data and activate the device's microphone and camera.
  • The spyware deployment utilized the Cellebrite unlocking process and is linked to the Serbian intelligence agency and government.

Read Full Article

like

17 Likes

source image

Cybersecurity-Insiders

1w

read

121

img
dot

Image Credit: Cybersecurity-Insiders

Kids videos games are acting as espionage points for missile attacks

  • Cybercriminals are using video games to recruit child players for missile attacks.
  • Russian cybercrime groups target children, promising rewards like Bitcoin.
  • Children are asked to send pictures and videos of their surroundings, which are used to pinpoint their location.
  • The attackers then target the area with missile strikes, causing devastation.

Read Full Article

like

7 Likes

source image

Kaspersky

1w

read

138

img
dot

Image Credit: Kaspersky

Telegram account hacked: what to do? | Kaspersky official blog

  • With stolen accounts, scammers can launch deepfake, phishing, and social engineering attacks and prey on the victim's contacts.
  • It's hard to notice whether your Telegram account has been hacked, but some giveaways include suspicious password changes and receiving messages that you did not send.
  • If you detect signs of hacking, you need to act fast and terminate all other sessions other than the current one.
  • If you can't recover your hacked account, the only option left is to create a new one and set up two-step verification to prevent future attacks.
  • Additionally, users should be cautious of suspicious links and messages and should not provide any personal or financial information unless confirmed through official channels.
  • It is recommended that Telegram users share these guidelines with friends and family to stay protected from cyber attacks.
  • Telegram has built-in protection against account theft; the first 24 hours after the hack are crucial, as scammers can not terminate active sessions on other devices.
  • The best way to safeguard your Telegram account from hacking is to enable two-step verification.
  • We should always remain vigilant to protect our Telegram accounts by setting strong passwords, avoiding clicking on suspicious links, and reporting any suspicious activity to Telegram support.
  • It is essential not to share any sensitive information such as passwords, financial details, and other personal data to prevent it from falling into the wrong hands.

Read Full Article

like

8 Likes

source image

Securelist

1w

read

377

img
dot

Image Credit: Securelist

Dark web threats and dark market predictions for 2025

  • AV evasion tools for malware have become more popular as developers have incorporated new ways to evade security solutions. There has been a shift towards private solutions ranging from $100 for monthly subscriptions to $20,000 for premium ones.
  • Loader malware family has witnessed a surge in the number of services. They exhibit broad capabilities, from mass-distributed to specialized loaders.
  • Crypto asset-draining services are still increasing, with drainers aimed at stealing victims’ tokens and NFTs.
  • Black traffic schemes continue to remain popular on underground markets, posing a threat to online users.
  • The number of services advertising cryptocurrency “cleaning” solutions has not seen a significant increase in 2024.
  • The year 2025 may witness an increase in data breaches via contractors. The dark web has seen an increase in the frequency of corporate database advertisements.
  • Cybercriminals may migrate from Telegram to the dark web forums in search of better data trading resources. We may see an increase in high-profile law enforcement operations against cybercrime groups.
  • Stealers and drainers will continue to be promoted as services on the dark web.
  • We may see ransomware groups fragmenting into smaller independent entities next year. The number of Dedicated Leak Sites (DLS) grew 1.5 times compared to 2023.
  • The Middle East is a potential hotbed for cyber threats like hacktivism and ransomware with an increase in hacktivist movements.
  • Many successful operations against cybercrime in the year 2024 have highlighted the coordination and collaboration between law enforcement and cybersecurity organizations.

Read Full Article

like

22 Likes

source image

Securityaffairs

1w

read

41

img
dot

Image Credit: Securityaffairs

Multiple flaws in Volkswagen Group’s infotainment unit allow for vehicle compromise

  • Researchers discovered multiple flaws in the infotainment systems of Volkswagen Group vehicles that could allow to track them in real-time.
  • A team of security researchers from cybersecurity firm PCAutomotive discovered 12 vulnerabilities in the MIB3 infotainment systems used in Volkswagen Group cars.
  • The vulnerabilities include issues with phone book synchronization, contact photo handling, and access restrictions, among others.
  • Volkswagen Group confirmed that some vulnerabilities have been fixed and others are being addressed to ensure customer safety.

Read Full Article

like

2 Likes

source image

Hackersking

1w

read

184

img
dot

Image Credit: Hackersking

Recent Cyber Attacks: Trends, Tactics, and Countermeasures

  • The frequency and complexity of cyber attacks have surged in recent years, with over 700 million attacks reported in 2023 alone.
  • Types of recent cyber attacks include ransomware attacks, state-sponsored attacks, supply chain attacks, and phishing/social engineering.
  • Cybercriminals are adopting evolving tactics such as AI automation, social media exploitation, and polymorphic malware.
  • Countermeasures against these attacks include regular updates and patching, employee training, MFA, incident response planning, and advanced threat detection tools.

Read Full Article

like

11 Likes

source image

Hackersking

1w

read

12

img
dot

Image Credit: Hackersking

Pumakit: The Dangerous New Linux Rootkit Unveiled

  • A new rootkit named Pumakit has been discovered, posing a serious threat to Linux-based systems.
  • Pumakit uses advanced techniques to infiltrate and persist in systems, evading detection by traditional security tools.
  • It targets Linux servers, leading to potential disruption of critical infrastructure, data theft, and botnet creation.
  • Prevention measures include regular updates, limiting root access, monitoring network traffic, and verifying software sources.

Read Full Article

like

Like

source image

Siliconangle

1w

read

311

img
dot

Image Credit: Siliconangle

Rhode Island’s RIBridges system breached in cyberattack targeting personal data

  • Rhode Island’s RIBridges system has been breached in a cyberattack.
  • Unknown threat actor stole personal data and is demanding payment.
  • Data stolen includes names, addresses, dates of birth, Social Security numbers, and banking information.
  • Rhode Island is providing free credit monitoring and assistance to affected individuals.

Read Full Article

like

18 Likes

source image

Hackingblogs

1w

read

109

img
dot

Image Credit: Hackingblogs

The Mysterious Case Of Suchir Balaji Who Exposed OpenAI Was Found Dead

  • Suchir Balaji, a former OpenAI researcher, was found dead at his residence in San Francisco. The cause of death has been determined as suicide.
  • Balaji worked for OpenAI for four years and left due to disagreements about copyright and fair use policies. He accused OpenAI of breaking U.S. copyright law while working on the ChatGPT project.
  • The Office of the Chief Medical Examiner confirmed the cause of death to be suicide. Balaji's death has sparked controversy and lawsuits against OpenAI regarding copyright violations.
  • Balaji's allegations and evidence are seen as significant in the ongoing legal battle against OpenAI by media publications.

Read Full Article

like

6 Likes

source image

Securityaffairs

1w

read

8

img
dot

Image Credit: Securityaffairs

IOCONTROL cyberweapon used to target infrastructure in the US and Isreael

  • Iran-linked threat actors target IoT and OT/SCADA systems in US and Israeli infrastructure with IOCONTROL malware.
  • IOCONTROL is a custom-built, modular malware used to target devices in critical infrastructure.
  • Multiple device families were affected, including IP cameras, routers, PLCs, and firewalls.
  • The malware is believed to be part of a global cyber operation against western IoT and OT devices.

Read Full Article

like

Like

source image

Securityaffairs

1w

read

207

img
dot

Image Credit: Securityaffairs

U.S. CISA adds Cleo Harmony, VLTrader, and LexiCom flaw to its Known Exploited Vulnerabilities catalog

  • The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2024-50623 vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.
  • The flaw impacts multiple Cleo products including Harmony, VLTrader, and LexiCom.
  • Cleo advises customers to upgrade to the latest patch (version 5.8.0.21) to address the vulnerability.
  • CISA orders federal agencies to fix this vulnerability by January 3, 2025.

Read Full Article

like

12 Likes

source image

Hackingblogs

1w

read

253

img
dot

Image Credit: Hackingblogs

Bitcoin , Dogecoin and Proton Wallets Were Crashed due to DogeReaper Vulnerability

  • A vulnerability known as DogeReaper resulted in 69% of the Bitcoin, Dogecoin, and Proton wallet networks crashing.
  • The DogeReaper vulnerability allows anyone to remotely crash any Dogecoin node, potentially bringing down the entire network.
  • 69% of Dogecoin nodes crashed due to the exploit, targeting older nodes running outdated software.
  • The vulnerability was disclosed by the 'Department Of DOGE Efficiency' and compared to the fictional 'Death Note' from a Japanese manga.

Read Full Article

like

15 Likes

source image

Coinpedia

1w

read

270

img
dot

Image Credit: Coinpedia

Weekly Crypto Hack Report: Are Your Digital Assets Safe?

  • Crypto hackers are targeting various areas - DeFi platforms, hardware wallets, social media accounts, and even blockchains themselves.
  • Some hacks resulted in financial losses, while others exposed vulnerabilities and highlighted regulatory risks.
  • Be cautious of links and unusual offers, and never share your private information.
  • Recent hacks include a reentrancy attack on Clober DEX, hacking of Cardano Foundation's X account, theft from Ledger Nano S wallet, Dogecoin network attack, and shutdown of Gate.io exchange in India.

Read Full Article

like

16 Likes

For uninterrupted reading, download the app