Info. Security News News, Latest Updates and Recent Announcements on Techminis

A naukri.com initiative

New

Home

Info. Security News News

Adamlevin

179

Image Credit: Adamlevin

Can AI Commit the Perfect Crime?

AI is being used for various purposes including making organizations run better, helping students get into college or land a new job, and aiding scammers in swindling people more efficiently.
Cybersecurity and privacy expert Eduard Goodman and Doug Guion of Yabbel discuss the ultimate AI crime.
The podcast 'What the Hack with Adam Levin' explores the mind of Adam and discusses the importance of being aware of one's expenditures.

Read Full Article

10 Likes

Securityaffairs

362

Image Credit: Securityaffairs

A member of the Scattered Spider cybercrime group pleads guilty

A 20-year-old man linked to the Scattered Spider cybercrime group has pleaded guilty to charges filed in Florida and California.
Noah Urban, known as 'Sosa' and 'King Bob' online, admitted to conspiracy, wire fraud, and identity theft in two federal cases.
The cybercrime group, Scattered Spider, is suspected of hacking into hundreds of organizations, including Twilio, LastPass, DoorDash, and Mailchimp.
Urban will pay approximately $13 million in restitution to victims and faces a long prison term with an additional sentence for aggravated identity theft.

Read Full Article

21 Likes

Securityaffairs

273

Image Credit: Securityaffairs

The controversial case of the threat actor EncryptHub

Microsoft credited the likely lone actor behind the EncryptHub alias for reporting two Windows security flaws.
EncryptHub, a controversial figure with ties to cybercrime, pursued both legitimate security research and engaged in cybercriminal activity.
He reported two vulnerabilities to Microsoft, addressing a security feature bypass issue and a file explorer spoofing vulnerability.
Despite his considerable hacking skills, EncryptHub made OPSEC mistakes that exposed his cybercrime operations.

Read Full Article

16 Likes

Socprime

166

Image Credit: Socprime

UAC-0226 Attack Detection: New Cyber-Espionage Campaign Targeting Ukrainian Innovation Hubs and Government Entities with GIFTEDCROOK Stealer

UAC-0226 hacking group is involved in a cyber-espionage campaign targeting critical sectors in Ukraine.
The group is using GIFTEDCROOK stealer to gather intelligence from military innovation hubs, armed forces, law enforcement entities, and government institutions.
The cyber-espionage activities have been observed since February 2025, with an increase in attacks against Ukraine.
Phishing emails with macro-enabled Excel files are used as the initial attack vector, and GIFTEDCROOK steals browser data and exfiltrates it via Telegram.

Read Full Article

10 Likes

Discover more

Securityaffairs

175

Image Credit: Securityaffairs

PoisonSeed Campaign uses stolen email credentials to spread crypto seed scams and and empty wallets

A campaign named PoisonSeed uses stolen CRM and bulk email credentials to send crypto seed scams, aiming to empty victims’ digital wallets.
The PoisonSeed campaign targets both crypto and non-crypto entities, exploiting compromised CRM and bulk email accounts.
PoisonSeed attackers automate list exports and send spam urging victims to create crypto wallets using fake seed phrases.
The campaign is distinct from groups like Scattered Spider and CryptoChameleon but reflects growing threats in the broader cybercrime ecosystem.

Read Full Article

10 Likes

Schneier

324

DIRNSA Fired

President Trump has fired the Director of the National Security Agency, General Timothy Haugh.
There are concerns that the replacement of Haugh with a loyalist could refocus the NSA's vast surveillance capabilities domestically.
Critics argue that giving the NSA such extensive powers over the years was a mistake which may now have significant consequences.
Public policy decisions should avoid deploying technologies that strengthen the hand of a potential police state.

Read Full Article

19 Likes

Securityaffairs

247

Image Credit: Securityaffairs

EDR-as-a-Service makes the headlines in the cybercrime landscape

Cybercriminals are utilizing compromised accounts for EDR-as-a-Service (Emergency Data Requests), targeting major platforms.
A detailed analysis by Meridian Group reveals the rise of 'EDR-as-a-Service' in the cybersecurity landscape.
Criminal groups exploit stolen credentials to forward false Emergency Data Requests, obtaining sensitive information.
The model has evolved to cover every aspect of the process, making it easier for non-technical individuals to access confidential data for a fee in cryptocurrencies.
Payment dynamics involve transactions in Bitcoin or Monero on underground forums with escrow services for secure exchanges.
Operational manuals and deception strategies guide the use of EDR services, facilitating social engineering and doxxing campaigns.
The illicit sector's professionalization poses risks to cybersecurity and privacy, potentially affecting governmental infrastructures and citizens' privacy.
Ransomware groups are showing interest in EDR techniques, hinting at a future blend of ransomware attacks with specific data obtained through fraudulent EDRs.
Recommendations include strengthening validation procedures and authentication systems to mitigate risks and safeguard digital security and privacy.
Urgent collaboration and process enhancement are crucial to prevent the proliferation of this threat and protect institutional channels and citizens' privacy.

Read Full Article

14 Likes

Securityaffairs

297

Image Credit: Securityaffairs

Oracle privately notifies Cloud data breach to customers

Oracle confirms a cloud data breach, quietly informing customers while downplaying the impact of the security breach.
A threat actor claims to possess millions of data lines tied to over 140,000 Oracle Cloud tenants.
The hacker has published 10,000 customer records as proof of the hack.
Oracle privately notifies customers of the breach, denying that any customer data was compromised.

Read Full Article

17 Likes

Hackingarticles

Image Credit: Hackingarticles

Credential Dumping: GMSA

Credential Dumping: GMSA involves attackers exploiting misconfigured Group Managed Service Accounts (gMSA) to retrieve passwords.
Attackers can abuse misconfigured gMSA permissions to extract passwords and authenticate as service accounts.
The extracted gMSA credentials enable lateral movement, privilege escalation, and persistence in the domain.
Attackers can leverage retrieved NT hash for Pass-the-Hash or Overpass-the-Hash attacks to access network resources.
Properly securing gMSA permissions and monitoring account access is crucial to prevent such attacks.
Group Managed Service Accounts (gMSA) are specialized Active Directory accounts for secure automated services.
gMSAs improve security by automatically rotating passwords, eliminating manual management, and enabling multi-machine use.
Key concepts include automatic password generation, controlled password storage, and access definitions for gMSAs.
Attackers can abuse ReadGMSAPassword privilege to steal gMSA passwords, perform Pass-the-Hash attacks, and run malicious services.
Exploitation methods like gMSADumper, nxc, ntlmrelayx, ldap_shell, and GMSAPasswordReader are used for credential dumping.

Read Full Article

2 Likes

Securityaffairs

171

Image Credit: Securityaffairs

Security Affairs newsletter Round 518 by Pierluigi Paganini – INTERNATIONAL EDITION

A flaw in Verizon’s iOS Call Filter app exposed call records of millions
Port of Seattle’s August data breach impacted 90,000 people
President Trump fired the head of U.S. Cyber Command and NSA
CERT-UA reports attacks in March 2025 targeting Ukrainian agencies with WRECKSTEEL Malware39M secrets exposed: GitHub rolls out new security tools

Read Full Article

10 Likes

Securityaffairs

107

Image Credit: Securityaffairs

Expert used ChatGPT-4o to create a replica of his passport in just 5 minutes bypassing KYC

A researcher used ChatGPT-4o to create a replica of his passport in just five minutes, realistic enough to deceive most automated KYC systems.
The AI-generated passport exposed flaws in digital ID verification systems that rely solely on photo and selfie matching.
The fake passport successfully bypassed basic KYC checks used by fintech platforms like Revolut and Binance.
Experts recommend implementing digitally verified identity solutions like eID wallets for stronger authentication.

Read Full Article

6 Likes

Securityaffairs

Image Credit: Securityaffairs

A flaw in Verizon’s iOS Call Filter app exposed call records of millions

A flaw in Verizon’s iOS Call Filter app exposed call records of millions.
Verizon's Call Filter app allows users to identify and manage unwanted calls.
The vulnerability in Verizon's app allowed retrieval of call histories for arbitrary numbers.
Verizon quickly fixed the flaw, and no evidence of exploitation was found.

Read Full Article

2 Likes

Securityaffairs

Image Credit: Securityaffairs

Port of Seattle ‘s August data breach impacted 90,000 people

Port of Seattle is notifying 90,000 people of a data breach after personal data was stolen in a ransomware attack in August 2024.
The cyber attack in August 2024 disrupted travel plans and impacted websites and phone systems of the Port of Seattle, which also operates the Seattle-Tacoma International Airport.
The Rhysida ransomware group was identified as behind the attack, and the Port confirmed that unauthorized actors accessed and encrypted parts of their computer systems.
Approximately 90,000 people were impacted by the data breach, with personal information compromised, including names, dates of birth, Social Security numbers, and driver's license numbers.

Read Full Article

3 Likes

Hackersking

228

Image Credit: Hackersking

Crypto30x.com & AC Milan: A Game-Changing Partnership

Crypto30x.com has partnered with AC Milan, one of the most distinguished clubs in Europe, to bring blockchain technologies and digital currencies into the fan experience, sponsorships, and club activities.
Crypto30x.com is a new contender in the crypto world, offering simple trading interface, secure transactions, and advanced blockchain solutions.
The partnership with AC Milan benefits both parties, with AC Milan seeking to expand internationally and Crypto30x.com gaining exposure through sponsorship with a renowned football club.
The partnership includes branding of Crypto30x.com in AC Milan's promotional content, blockchain-enabled fan interaction, potential adoption of cryptocurrency for merchandise, tickets, and club memberships, as well as collaboration in social responsibility initiatives.

Read Full Article

13 Likes

Infoblox

Image Credit: Infoblox

Disrupting Fast Flux with Predictive Intelligence

A recent cybersecurity advisory from the Cybersecurity and Infrastructure Security Agency (CISA) highlighted the threat posed by fast flux-enabled malicious activities and the inadequate defenses of many networks.
Infoblox Threat Intel indicates that fast flux attacks are no longer as common and actors have moved on to more lucrative techniques.
Protective DNS solutions, like Infoblox, provide comprehensive protections with low rates of false positives and can identify bad domain behavior in many ways.
Security teams should focus on leveraging predictive intelligence and DNS-based intelligence to effectively protect against a broad spectrum of attack techniques.

Read Full Article

1 Like

For uninterrupted reading, download the app