Cybercrime

A critical vulnerability in YouTube’s infrastructure allowed attackers to expose the email addresses tied to anonymous channels by combining flaws in Google’s account management system and an outdated Pixel Recorder API. The exploit chain, discovered by security researchers Brutecat and Nathan, leveraged YouTube’s internal user-blocking feature and a misconfigured cloud service to bypass privacy protections,… Read more: New YouTube Bug Exploited to Leak Users’ Email Addresses

Hacking The Hackers—How 18,000 Cybercrime Wannabes Fell Victim There is no shortage of hacking stories right now, from how the speed of hacking is getting ever faster, to the use of malicious AI chatbots to speed things along even more. However, one report has caught my eye as it shows how hackers are attacking each other, especially when… Read more: Hacking the Hackers

Hackers use many methods to steal your data, from cybercrime AI-chatbots, two-factor authentication bypass attacks, and even novel don’t click twice hacks. They also, however, attack after gaining employment with your organization, as is the case outlined in the latest warning from the Federal Bureau of Investigation in public service announcement I-012325-PSA. Disable local admin accounts, the FBI said:… Read more: New FBI Warning—Disable Local Admin Accounts As Attacks Continue

The security threat driven by advances in AI is hardly new news: be it billions of Gmail users, bank customers, or attacks against individuals by way of smartphone calls and messages that even the FBI has been concerned enough about to issue a warning, AI is a real and present danger when employed by bad faith actors. Unfortunately,… Read more: Introducing GhostGPT—The New Cybercrime AI Used By Hackers

This is a good breakdown and linking of hacking techniques. This can and will relate to MITRE attack frames and OWASP.

Chinese state-backed hackers have reportedly breached the Office of Foreign Assets Control (OFAC), a Treasury Department office that administers and enforces trade and economic sanctions programs. OFAC was created in December 1950, and after China entered the Korean War, it blocked all Chinese and North Korean assets under U.S. jurisdiction. In a letter sent to… Read more: Chinese hackers targeted sanctions office in Treasury attack

CISA released guidance today to help network defenders harden their systems against attacks coordinated by the Salt Typhoon Chinese threat group ​CISA released guidance today to help network defenders harden their systems against attacks coordinated by the Salt Typhoon Chinese threat group that breached multiple major global telecommunications providers earlier this year. The U.S. cybersecurity… Read more: US shares tips to block hackers behind recent telecom breaches

OAuth, short for Open Authorization, is an open standard protocol used for secure authorization. It allows users to grant third-party applications limited access to their resources without sharing their credentials, such as passwords1. Here’s a quick overview: How OAuth Works Common Uses OAuth strikes a balance between convenience and security, making it a widely adopted… Read more: What is OAuth?

“Defense in depth” (DiD) is a cyber security strategy that uses multiple security products and practices to safeguard an organization’s network, web properties, and resources. It is sometimes used interchangeably with the term “layered security” because it depends on security solutions at multiple control layers — physical, technical, and administrative — to prevent attackers from… Read more: What is Defense In Depth?

An insider threat is a security risk posed by an employee, former employee, contractor, or vendor. Insider threats can result in fines, reputational damage, and loss of intellectual property. What is an insider threat? An insider threat is a risk to an organization’s security stemming from someone associated with the organization, such as an employee,… Read more: What is an insider threat?

An RSA token keyfob, often called an RSA SecurID token, is a hardware device used for two-factor authentication (2FA). Here’s how it works: The RSA token keyfob is a small, portable device that can easily carry on a keychain. It’s designed to be tamper-resistant and provides a secure way to verify identity. Wikipedia Contributors. “RSA… Read more: What is a RSA Tolken Keyfob?

Indicators of compromise (IoC) are evidence left behind by an attacker or malicious software that can be used to identify a security incident. What are indicators of compromise (IoC)? Indicators of compromise (IoCs) are information about a specific security breach that can help security teams determine if an attack has taken place. This data can… Read more: What are indicators of compromise (IoC)?

The FBI and the U.S. Cybersecurity & Infrastructure Security Agency (CISA) have disclosed that Chinese hackers breached commercial telecommunication service providers in the United States. The breached entities have been warned, and the agencies are proactively alerting other potential targets of the elevated cyber activity. “The U.S. Government is investigating the unauthorized access to commercial… Read more: US says Chinese hackers breached multiple telecom providers

WordPress sites are being hacked to install malicious plugins that display fake software updates and errors to push information-stealing malware. Over the past couple of years, information-stealing malware has become a scourge to security defenders worldwide as stolen credentials are used to breach networks and steal data. Since 2023, a malicious campaign called ClearFake has… Read more: Over 6,000 WordPress hacked to install plugins pushing infostealers

American Water, the largest water utility in US, is targeted by a cyberattack. AP —  The largest regulated water and wastewater utility company in the United States announced Monday that it was the victim of a cyberattack, prompting the firm to pause billing to customers. New Jersey-based American Water — which provides services to more than… Read more: American Water targeted by a Cyberattack

Multiple U.S. broadband providers, including Verizon, AT&T, and Lumen Technologies, have been breached by a Chinese hacking group tracked as Salt Typhoon, the Wall Street Journal reports. The purpose of the attack appears to be intelligence collection as the hackers might have had access to systems used by the U.S. federal government for court-authorized network… Read more: AT&T, Verizon reportedly hacked to target US government wiretapping platform

Three Iranian nationals have been charged by US authorities for hacking into Donald Trump’s 2024 presidential campaign. Three Iranian nationals have been charged by US authorities for hacking into Donald Trump’s 2024 presidential campaign. Prosecutors identified Masoud Jalili, Seyyed Ali Aghamiri, and Yasar Balaghi as members of Iran’s Islamic Revolutionary Guard Corps. They allegedly engaged… Read more: United States Charges Three Members of Iran’s Islamic Revolutionary Guard Corps For Election Interference

Today, the U.S. Justice Department said the FBI seized 32 web domains used by the Doppelgänger Russian-linked influence operation network in a disinformation campaign targeting the American public ahead of this year’s presidential election. According to court documents, Doppelgänger is believed to be linked to Russian companies Social Design Agency (SDA), Structura National Technology (Structura), and… Read more: US cracks down on Russian disinformation before 2024 election

Stolen funds from beleaguered Indian crypto exchange WazirX are on the move as executives continue to shift blame amid an ongoing restructuring in Singapore. Stolen funds from beleaguered Indian crypto exchange WazirX are on the move as executives continue to shift blame amid an ongoing restructuring in Singapore. Hackers behind the WazirX’s $230 million hack… Read more: WazirX Hacker Moves $32M Stolen Ether in Four Days to Tornado Cash as Binance Denies Founder’s Claims

Tool-X is a Kali Linux hacking tools installer for Termux and Linux systems. Tool-X was developed for Termux and other Android terminals. Using Tool-X, you can install almost 370+ hacking tools in Termux (Android) and other Linux-based distributions. Now Tool-X is available for Ubuntu, Debian, etc. Operating System Requirements Tool-X works on any of the following… Read more: Tool X – A Kali Linux Hacking Tools Installer

The U.S. government is warning of increased efforts from Iran to influence upcoming elections through cyber operations targeting Presidential campaigns and the American public. In a joint statement from the Office of the Director of National Intelligence (ODNI), the FBI, and the Cybersecurity and Infrastructure Security Agency (CISA), the U.S. says that Iran carried out cyberattacks… Read more: US warns of Iranian hackers escalating influence operations

The data breach at the debt collection agency Financial Business and Consumer Solutions (FBCS) was much bigger than initially thought. After first reporting some 1.9 million victims, the company now says that more than 4.2 million were affected. In late April, it was reported that FBCS suffered a cyberattack two months prior, losing sensitive customer… Read more: Millions more victims exposed in debt collection agency data breach

Hackers try to exploit WordPress plugin vulnerability that’s as severe as it gets. WP Automatic plugin was patched, but the release notes don’t mention the critical fix. Hackers are assailing websites using a prominent WordPress plugin with millions of attempts to exploit a high-severity vulnerability that allows complete takeover, researchers said. The vulnerability resides in WordPress… Read more: Hackers try to exploit WordPress

Hotel chain giant Omni Hotels & Resorts has confirmed cybercriminals stole the personal information of its customers in an apparent ransomware attack last month. In an update on its website posted on Sunday, Omni said the stolen data includes customer names, email addresses, and postal addresses, as well as guest loyalty program information. The company said the… Read more: Omni Hotels says customers’ personal data stolen in ransomware attack

AT&T announced on Saturday that it is investigating a 70 million customer data breach involving personal information on the dark web. According to information about the breach on the company’s website, 7.6 million current account holders and 65.4 million former account holders have been impacted. An AT&T press release said the breach occurred about two… Read more: Millions of Customers’ Data Found On Dark Web In Latest AT&T Data Breach

Russian state-backed hackers gained access to some of Microsoft’s core software systems. Russian state-backed hackers gained access to some of Microsoft’s core software systems in a hack first disclosed in January, the company said Friday. This revealed a more extensive and severe intrusion into Microsoft’s systems than previously known. In recent weeks, Microsoft believes that… Read more: Russian hackers breached key Microsoft systems

DoJ boots Fancy Bear out of hundreds of routers US law enforcement agents have revealed their success in shutting down a malicious botnet used by the notorious Fancy Bear hackers. The U.S. Department of Justice (DoJ) said in a press release that its agents conducted a “court-authorized operation” that neutralized a network of “hundreds of… Read more: US Crime-fighters shut down botnet used by Russian Fancy Bear hackers

Russian hacking group accessed some of Microsoft’s senior leaders’ email accounts on January 12, 2024, security experts announced. Russian hacking group accessed some email accounts of Microsoft senior leaders, the software giant disclosed in a regulatory filing Friday afternoon. “The Microsoft security team detected a nation-state attack on our corporate systems on January 12, 2024,… Read more: Microsoft says state-sponsored Russian hacking group accessed email accounts of senior leaders.

Maze is a strain of ransomware* that has been impacting organizations since 2019. Although one main group created Maze, multiple attackers have used Maze for extortion purposes. In addition to encrypting data, most operators of Maze also copy the data they encrypt and threaten to leak it unless the ransom is paid. A Maze ransomware infection… Read more: What is Maze ransomware?

The Chinese state-sponsored APT hacking group known as Volt Typhoon (Bronze Silhouette) has been linked to a sophisticated botnet named ‘KV-botnet’ it has been used since at least 2022 to attack SOHO routers in high-value targets. Volt Typhoon commonly targets routers, firewalls, and VPN devices to proxy malicious traffic so it blends with legitimate traffic… Read more: Stealthy KV-botnet hijacks SOHO routers and VPN devices

The Open Web Application Security Project maintains a regularly updated list of the most pressing security concerns. What is OWASP? The Open Web Application Security Project, or OWASP, is an international non-profit organization dedicated to web application security. One of OWASP’s core principles is that all of their materials be freely available and easily accessible on… Read more: What is OWASP? What is the OWASP Top 10?

Token-based authentication is one way to confirm a user’s or device’s identity. It relies on checking whether the entity possesses a previously issued token. What is token-based authentication? Token-based authentication is the process of verifying identity by checking a token. In access management, servers use token authentication to check the identity of a user, an API, a computer, or… Read more: What is token-based authentication?

Bankman-Fried, convicted on seven charges, faces a maximum sentence of 110 years. FTX founder Sam Bankman-Fried was convicted of defrauding customers by a federal jury today. He was convicted on all seven counts, Reuters and other news outlets reported. The 12-member jury returned the verdict after several hours of deliberation. The seven charges are wire fraud on customers… Read more: Guilty: Sam Bankman-Fried convicted on all counts after monthlong trial

Okta is warning nearly 5,000 current and former employees that their personal information was exposed after a third-party vendor was breached. Okta is a San Fransisco-based cloud identity and access management solutions provider whose Single Sign-On (SSO), multi-factor authentication (MFA), and API access management services are used by thousands of organizations worldwide. The data breach notification warns… Read more: Okta hit by third-party data breach exposing employee information

Memcached can speed up websites, but a Memcached server can also be exploited to perform a DDoS attack. What is a memcached DDoS attack? A memcached distributed denial-of-service (DDoS) attack is a cyber attack in which an attacker attempts to overload a targeted victim with internet traffic. The attacker spoofs requests to a vulnerable UDP memcached server, flooding a targeted victim… Read more: Memcached DDoS attack

1Password, a popular password management platform used by over 100,000 businesses, suffered a security incident after hackers gained access to its Okta ID management tenant. “We detected suspicious activity on our Okta instance related to their Support System incident. After a thorough investigation, we concluded that no 1Password user data was accessed,” reads a very… Read more: 1Password discloses security incident linked to Okta breach

Okta says attackers accessed files containing cookies and session tokens uploaded by customers to its support management system after breaching it using stolen credentials. “The threat actor was able to view files uploaded by certain Okta customers as part of recent support cases,” said Okta’s Chief Security Officer David Bradbury. “It should be noted that the Okta… Read more: Okta says its support system was breached using stolen credentials

The most recent AT&T data breach occurred in March 2023, when AT&T notified 9 million customers that their data had been exposed following an attack on a third-party vendor. As of October 2023, there have been no reported AT&T data breaches since this incident. Below is a complete timeline of the AT&T data breaches through… Read more: AT&T Data Breaches: Full Timeline Through 2023

Click fraud fakes clicks target pay-per-click ads, boosting webpage search rankings or artificially inflating the popularity of a post. Click bots are often responsible for click fraud. What is click fraud? Click fraud is when a person or a bot pretends to be a legitimate website visitor and clicks on an ad, a button, or a hyperlink.… Read more: What is click fraud? | How click bots work

A warrant canary is a public statement describing an action that a service provider has not done; the statement is removed if the service provider gets a legal order to take that action but is prohibited from disclosing it. What is a warrant canary? A warrant canary is a statement that declares that an organization… Read more: What is a warrant canary?

Data privacy is the protection of personal data from those who should not have access to it and the ability of individuals to determine who can access their personal information. What is data privacy? Data privacy generally means the ability of a person to determine for themselves when, how, and to what extent personal information about them… Read more: What is data privacy?

Content scraping or web scraping is when bots download or “scrape” all the content from a website, often using that content maliciously. What is content scraping? Content scraping, or web scraping, refers to when a bot downloads much or all of the content on a website, regardless of the website owner’s wishes. Content scraping is a form… Read more: What is content scraping? | Web scraping

The Mirai malware exploits security holes in IoT devices and has the potential to harness the collective power of millions of IoT devices into botnets and launch attacks. What is Mirai? Mirai is malware that infects smart devices that run on ARC processors, turning them into a network of remotely controlled bots or “zombies.” This network of bots, called… Read more: What is the Mirai Botnet?

Attack vectors are how attackers can breach sensitive data or compromise an organization. What is an attack vector? An attack vector, or threat vector, is a way for attackers to enter a network or system. Common attack vectors include social engineering attacks, credential theft, vulnerability exploits, and insufficient protection against insider threats. A significant part… Read more: What is an attack vector?

TLS 1.3 improves over previous versions of the TLS (SSL) protocol in several essential ways. What is the difference between TLS 1.3 and TLS 1.2? TLS 1.3 is the latest version of the TLS protocol. TLS, which is used by HTTPS and other network protocols for encryption, is the modern version of SSL. TLS 1.3 dropped support for older, less… Read more: Why use TLS 1.3?

The Rhysida ransomware operation is making a name for itself after a wave of attacks on healthcare organizations has forced government agencies and cybersecurity companies to pay closer attention to its operations. Following a security bulletin by the U.S. Department of Health and Human Services (HHS), CheckPoint, Cisco Talos, and Trend Micro have all released… Read more: Rhysida ransomware behind recent attacks on healthcare

An on-path attacker places themselves between victims and the services they are trying to reach, often to steal data. On-path attackers place themselves between two devices (often a web browser and a web server) and intercept or modify communications. The attackers can then collect information and impersonate either of the two agents. In addition to websites,… Read more: What is an on-path attacker?

Officers with the Indianapolis Metropolitan Police Department were called to the downtown area Wednesday after a pallet jack containing upwards of $300,000 worth of gaming cards was stolen. The theft coincided with opening preparations for Gen Con, North America’s largest annual gathering of tabletop gaming enthusiasts. RELATED: Gen Con returning to Indianapolis this weekend While official… Read more: IMPD: Over $300K in gaming cards stolen before Gen Con in downtown Indy

Marat Tambiev Got Arrested in Russia for a Bitcoin Bribe. Now the Coins Are Moving to Exchanges According to reports from local media outlet Kommersant, a Russian government official has been accused of accepting over 1,000 BTC (~ $28 million) in a bribery scandal. This incident has been deemed one of the most substantial instances… Read more: Russian government official under investigation for receiving 1,000 BTC in bribery scandal.

Threat actors behind a recently surfaced ransomware operation known as Rhysida have leaked online what they claim to be documents stolen from the network of the Chilean Army (Ejército de Chile). The leak comes after the Chilean Army confirmed on May 29 that its systems were impacted in a security incident detected over the weekend… Read more: Rhysida ransomware leaks documents stolen from the Chilean Army.

Background Wiretapping is the oldest form of modern surveillance, with new technology it’s more powerful than ever. Wiretapping is using a device to listen in on a person’s phone calls. Pen registers are a similar technology used to collect a record of who a person calls, when, and for how long, without recording the content… Read more: Wiretaps

Microsoft says a Chinese cyberespionage group it tracks as Volt Typhoon has been targeting critical infrastructure organizations across the United States, including Guam, an island hosting multiple military bases, since at least mid-2021. Their targets and breached entities span a wide range of critical sectors, including government, maritime, communications, manufacturing, information technology, utilities, transportation, construction, and education.… Read more: Chinese hackers breach US critical infrastructure in stealthy attacks

In social engineering attacks, victims are manipulated into handing over sensitive information that can be used for malicious purposes. What is social engineering? Social engineering is the practice of manipulating people into giving up sensitive information. Social engineering attacks can happen in person, such as a burglar dressed as a delivery man getting buzzed into… Read more: What is a social engineering attack?

A data breach involves the release of sensitive information. Many types of online attacks have a primary goal of causing a data breach to release information such as login credentials and personal financial data. A data breach is releasing confidential, private, or otherwise sensitive information into an unsecured environment. A data breach can occur accidentally… Read more: What is a data breach?

Data loss prevention (DLP) is a set of tools and processes used to ensure that sensitive data is not lost, misused, or unauthorized access. DLP software classifies regulated, confidential, and business-critical data. It identifies violations of policies defined by organizations or within a predefined policy pack, typically driven by regulatory compliance such as HIPAA, PCI-DSS,… Read more: What is Data Loss Prevention (DLP)?

Hackers have attacked Ferrari, gaining access to the company’s systems, including a list of customers with email addresses and phone numbers, according to the Italian carmaker’s statement released Monday evening. The company stressed that customer payment data is secure and the Maranello-based conglomerate has no intention of giving in to the criminals’ demands. “We regret… Read more: Ferrari customer data crack following cyber hack attack

As a result of a joint effort of the CISA, FBI, and MS-ISAC, a public advisory was published recently. This public advisory claims that between November 2022 and the beginning of January 2023, attackers gained access to the server of the US Federal Agency Telerik vulnerability. The joint CSA has provided all the TTPs used… Read more: US Federal Agency Hacked By Exploiting Telerik Vulnerability in IIS Server

Russian military-linked hackers targeted — and in some cases successfully infiltrated — the networks of European military, energy, and transportation organizations in an apparent spying campaign that went undetected for months as the war in Ukraine raged, Microsoft told its customers in a report obtained by CNN. The report demonstrates how, despite the heightened defensive posture of… Read more: Newly discovered spying campaign, Russian hackers targeted European military and transport organizations.

A cross-site request forgery attack is a confused deputy cyber attack that tricks a user into accidentally using their credentials to invoke a state-changing activity, such as transferring funds from their account, changing their email address and password, or some other undesired action. While the potential impact against a regular user is substantial, a successful… Read more: What is Cross-Site Request Forgery (CSRF)?

What is SQL injection (SQi)? Structured Query Language (SQL*) Injection is a code injection technique used to modify or retrieve data from SQL databases. By inserting specialized SQL statements into an entry field, an attacker can execute commands allowing for data retrieval from the database, destroying sensitive data, or other manipulative behaviors. With the proper… Read more: What is SQL injection?

A cross-sites scripting attack tricks a web browser into running malicious code. Cross-site scripting (XSS) is an exploit where the attacker attaches code to a legitimate website viewed by the unbeknownst visitor.  That malicious code can be inserted in several ways. Most popularly, it is either added to the end of a url or posted… Read more: What is cross-site scripting (XSS)?

The compromised computer system includes information on both investigative targets and agency employees. The U.S. Marshals Service suffered a significant security breach this month when hackers broke into and stole data from a computer system that included a trove of personal information about investigative targets and agency employees, a spokesman said on Monday. The service,… Read more: Hackers Breach U.S. Marshals System With Sensitive Personal Data

A distributed denial-of-service (DDoS) attack is a malicious attempt to disrupt the regular traffic of a targeted server, service, or network by overwhelming the target or its surrounding infrastructure with a flood of Internet traffic. DDoS attacks achieve effectiveness by utilizing multiple compromised computer systems as sources of attack traffic. Exploited machines can include computers… Read more: What is a DDoS attack?

A bot is a piece of malware that infects a computer to carry out commands under the remote control of the attacker. A botnet (short for “robot network”) is a network of computers infected by malware that is under the control of a single attacking party, known as the “bot-herder.” Each machine under the control of the bot-herder is… Read more: What is a Botnet?

Man-in-the-Middle Attacks Defined A Man-in-the-Middle Attack (MITM) is a form of cyber eavesdropping in which malicious actors insert themselves into a conversation between two parties and intercept data through a compromised but trusted system. The targets are often intellectual property or fiduciary information. MITM aggressors will also use malware to open the communications channel to… Read more: What is a Man-in-the-Middle Attack?

Advanced Persistent Threat Defined and Explained An advanced persistent threat (APT) is a sophisticated, systematic cyber-attack program that continues for an extended period, often orchestrated by a group of skilled hackers. The hacker group, or the APT, designs the attack with a particular motive ranging from sabotage to corporate espionage. From stealing intellectual property to… Read more: What is an Advanced Persistent Threat (APT)?

Lateral movement is how attackers spread across multiple parts of a network. In network security, lateral movement is the process by which attackers spread from an entry point to the rest of the network. There are many methods by which they can achieve this. For instance, an attack could start with malware on an employee’s desktop computer.… Read more: What is Lateral Movement?

What exactly is ransomware? If ransomware or an encryption Trojan gets onto your computer, it encrypts your data or locks your operating system. As ransomware gets hold of a “digital hostage,” such as a file, it demands a ransom for its release. To reduce the likelihood of finding yourself in front of a locked laptop or encrypted file, it’s essential to be prepared. The chances of infection can be… Read more: Ransomware protection: How to keep your data safe in 2023

https://tryhackme.com/Madscientist/badges/adventofcyber4

​Comcast Xfinity customers report their accounts being hacked in widespread attacks that bypass two-factor authentication. These compromised accounts are then used to reset passwords for other services, such as the Coinbase and Gemini crypto exchanges. Starting on December 19th, many Xfinity email users began receiving notifications that their account information had been changed. However, when… Read more: Comcast Xfinity accounts were hacked in widespread 2FA bypass attacks.

The Computer Fraud and Abuse Act of 1986 (CFAA) is a United States cybersecurity bill enacted in 1986. The Computer Fraud and Abuse Act of 1986 (CFAA) is a United States cybersecurity bill enacted in 1986 to amend existing computer fraud law (18 U.S.C. § 1030), which had been included in the Comprehensive Crime Control Act of 1984. The law prohibits accessing a computer without authorization or above authorization. Before computer-specific criminal laws,… Read more: Computer Fraud and Abuse Act (CFAA)

The pro-Russian hacktivist group ‘KillNet’ is claiming large-scale distributed denial-of-service (DDoS) attacks against the websites of several major airports in the U.S., making them inaccessible. The DDoS attacks have overwhelmed the servers hosting these sites with garbage requests, making it impossible for travelers to connect and get updates about their scheduled flights or book airport… Read more: US Airports’ sites taken down in DDoS attacks by Pro-Russian Hackers

CHI Memorial Hospital in Tennessee, some St. Luke’s hospitals in Texas, and Virginia Mason Franciscan Health in Seattle have announced they were affected. One of the largest hospital chains in the U.S. was hit with a suspected ransomware cyberattack this week, leading to delayed surgeries, hold-ups in patient care, and rescheduled doctor appointments across the… Read more: Ransomware attack delays patient care at hospitals across the U.S.

UBER’S FORMER CHIEF Security Officer (CSO), Joe Sullivan, was found guilty this week of actively hiding a data breach from the US Federal Trade Commission (FTC) and concealing a felony. The case has reverberated through the security and tech worlds because it is seemingly the first time an individual executive has faced criminal prosecution for charges… Read more: The Uber Data Breach Conviction Shows Security Execs What Not to Do

A “Cristy Davis ” Powerball Donation Lottery Scam I Googled this text message / SMS I just received today. Wondering what this was all about, and smelled a scam, and sure enough, it was after some quick checks. This scam started to be reported back in March 2021, maybe earlier. The scam persisted and was… Read more: Cristy Davis Powerball Donation Lottery Scam

On Monday, Uber disclosed more details about the security incident last week, pinning the attack on a threat actor it believes is affiliated with the notorious LAPSUS$ hacking group. “This group typically uses similar techniques to target technology companies, and in 2022 alone has breached Microsoft, Cisco, Samsung, NVIDIA, and Okta, among others,” the San Francisco-based company said in… Read more: Uber Blames LAPSUS$ Hacking Group for Recent Security Breach

Ever heard of rug pulls and pig butchering? Be more intelligent than the scammers and learn how common crypto scams work in detail. The US Federal Bureau of Investigation (FBI) estimates that, between January and March 2022, more than US$1.3 billion dollars in cryptocurrencies were stolen by cybercriminals. It is a significant amount, given that by… Read more: Common Crypto Scams and How to Avoid Them

Researchers from Google and IBM see an unprecedented blurring of lines. Financially motivated hackers with ties to a notorious Conti cybercrime group are repurposing their resources for use against targets in Ukraine, indicating that the threat actor’s activities closely align with the Kremlin’s invasion of its neighboring country, a Google researcher reported on Wednesday. Since April,… Read more: Ukraine is under attack by hacking tools repurposed from the Conti cybercrime group

The growth of cryptocurrency from speculative investment to a new asset class has prompted governments worldwide to explore ways to regulate it. Below, we summarize the current digital currency regulatory landscape in several countries. United States The U.S. announced a new framework in 2022 that opened the door to further regulation. The new directive has handed power… Read more: Cryptocurrency Regulations Around the World

Smishing meaning and definition Smishing is a phishing cybersecurity attack carried out over mobile text messaging, also known as SMS phishing. As a variant of phishing, victims are deceived into giving sensitive information to a disguised attacker. SMS phishing can be assisted by malware or fraudulent websites. It occurs on many mobile text messaging platforms,… Read more: What is Smishing and How to Defend Against it?

The Lapsus$ hacking group has claimed another victim: U.S. telecom giant T-Mobile. T-Mobile’s latest security incident — the seventh data breach in the past four years — was first revealed by security journalist Brian Krebs, who obtained a week’s worth of private chat messages between the core members of Lapsus$. This hacking and extortion group gained notoriety in recent… Read more: T-Mobile Admits Lapsus$ Hackers Gained Access to its Internal Tools and Source Code

Just a week after arresting seven individuals as part of its investigation into a series of cyberattacks conducted by the Lapsus$ hacking group, U.K. authorities have charged two teenagers with multiple cyber offenses. In a statement on Friday, Detective Inspector Michael O’Sullivan from the City of London Police said that the two teenagers, aged 16 and 17, are… Read more: UK police charge 2 teenagers in connection with Lapsus$ hacks.

Just days after police in the U.K. arrested seven people over suspected connections to the now-infamous hacking and extortion group, Lapsus$ is claiming its latest victim. Lapsus$, whose recent victims include Okta, Microsoft, Nvidia, and Samsung, now claims to have breached Globant, a Luxembourg-based software development consultancy. After declaring itself “back from vacation” on Wednesday, the group published a 70-gigabyte torrent… Read more: Lapsus$ hacking group claims software consultancy giant Globant as its latest breach victim

Police in the United Kingdom has arrested seven people over suspected connections to the Lapsus$ hacking group, which has targeted tech giants including Samsung, Nvidia, Microsoft, and Okta in recent weeks. In a statement given to TechCrunch, Detective Inspector Michael O’Sullivan from the City of London Police said: “The City of London Police has been… Read more: UK police arrest 7 people in connection with Lapsus$ hacks

Okta, who has a business relationship with Sitel, says 366 corporate customers, or about 2.5% of its customer base, were impacted by a security breach that allowed hackers to access the company’s internal network. The authentication giant admitted the compromise after the Lapsus$ hacking and extortion group posted screenshots of Okta’s apps and systems on Monday, two… Read more: Okta says hundreds of companies impacted by security breach

Microsoft has confirmed that the Lapsus$ hacking group breached it. In a blog post on Tuesday — published hours after Lapsus$ posted a torrent file containing partial source code from Bing, Bing Maps, and Cortana — Microsoft revealed that a single employee’s account was compromised by the hacking group, granting the attackers “limited access” to Microsoft’s systems… Read more: Microsoft confirms Lapsus$ breach after hackers publish Bing, Cortana source code.

Ransomware is a type of malware (malicious software) used by cybercriminals. If a computer or network has been infected with ransomware, the ransomware blocksaccess to the system or encrypts its data. Cybercriminals demand ransom money from their victims in exchange for releasing the data. To protect against ransomware infection, a watchful eye and security software are recommended. Victims of malware attacks have three options after an infection: options… Read more: Ransomware Attacks and Types – How Encryption Trojans Differ

Ransomware is a form of Cyber Crime that threatens you and your device, but what makes this malware unique? The word “ransom” tells you everything you need to know about this pest. Ransomware is extortion software that can lock your computer and demand a ransom for its release. In most cases, ransomware infection occurs as follows. The malware… Read more: What is Ransomware?

Gaming giant Ubisoft has confirmed a cybersecurity incident that led to the mass reset of company passwords but has declined to say what the incident was. In a brief statement, Ubisoft said: “Last week, Ubisoft experienced a cyber security incident that caused temporary disruption to some of our games, systems, and services. Our IT teams are… Read more: Ubisoft won’t say why it reset employee passwords after a ‘cyber incident.’

Hacker gang sometimes acts in Russia’s interest, with ad hoc links to FSB, and Cozy Bear. For years, Russia’s cybercrime groups have acted with relative impunity. The Kremlin and local law enforcement have largely turned a blind eye to disruptive ransomware attacks as long as they didn’t target Russian companies. Despite direct pressure on Vladimir Putin to tackle ransomware groups,… Read more: Leaked ransomware documents show Conti helping Putin from the shadows

After hackers obtained and leaked almost 200 gigabytes of confidential data, Samsung confirmed a security breach, including source code for various technologies and algorithms for biometric unlock operations. The Lapsus$ hacking group — the same group that infiltrated Nvidia and subsequently published thousands of employee credentials online — took responsibility for the breach. In a post on its Telegram… Read more: Samsung confirms data breach after hackers leak internal source code.

The hacking group that claims to have taken a terabyte of data from chipmaking giant Nvidia is threatening to release the company’s “most closely-guarded secrets” today unless it meets the gang’s increasingly bizarre demands. The Lapsus$ hacking group, which first claimed responsibility for the data breach last week, has already started leaking data. According to a data… Read more: Thousands of Nvidia employee passwords leak online as hackers’ ransom deadline looms.

Russia has warned that any cyber-attack on its satellite systems will be treated as an act of war as tensions with the West rise over its invasion of Ukraine. According to the country’s news agency Interfax, the head of the country’s Roscosmos space agency, Dmitry Rogozin, issued the warning yesterday on a Russian TV channel.… Read more: Russia Denies Satellite Hacking and Warns of Wider War

Nvidia has confirmed that hackers stole sensitive data from its networks, including employee credentials and proprietary company information, during last week’s cyberattack and are now “leaking it online,” a spokesperson told TechCrunch on Tuesday. Nvidia declined to say what data was stolen during the attack, which first came to light on Friday. However, a hacking outfit called “Lapsus$” has… Read more: Nvidia Says Hackers Are Leaking Company Data After Cyberattack Attack

A relatively unknown group of Vietnamese hackers calling themselves ‘XE Group’ has been linked to eight years of for-profit hacking and credit card skimming. The threat actors are thought to be responsible for the theft of thousands of credit cards per day, mainly from restaurants, non-profit, art, and travel platforms. The actors use publicly available… Read more: XE Group was exposed for eight years of hacking and credit card theft.

Over one million GoDaddy hosting customers suffered a data breach in September 2021 that went unnoticed for two months. GoDaddy described the security event as a vulnerability. Security researchers indicate that the cause of the vulnerability was due to inadequate security that did not meet industry best practices. The statement by GoDaddy announced that they… Read more: Why GoDaddy Data Breach Of +1 Million Clients Is Worse Than Described

Some News in Recent Ransomware Attacks The Justice Department said on Monday that it had brought charges against a Russian National whom it accused of conducting ransomware attacks against American government entities and businesses, including one that temporarily shut down the meat supply giant JBS. In the Biden administration’s latest crackdown on cybercrime, the Justice… Read more: Justice Dept. Brings New Charges in Ransomware Attacks – The New York Times

Hacktivism is a new type of activism. Here’s an overview of the concept and activism groups like Anonymous, to name at least one that has made headlines through their attacks. Gone are the days when activists only resorted to hitting the pavement and sitting in unauthorized places to draw attention to causes. The internet has changed advocacy,… Read more: Hacktivism: An overview plus high-profile groups and examples

Like a regular system holder, you might wonder why your system is running slower than usual. You are always getting random messages like pop-ups, something got added as an extension in your browser, and you have never used this. Your browser cannot load the page, internet connectivity is slow, and even the computer is always… Read more: What is a Command and Control(C2/CnC) Server?

Army Gen. Paul Nakasone, director of the National Security Agency, says the U.S. has a “blind spot” when it comes to foreign intelligence services that effectively carry out cyberspying from inside the U.S.Anna Moneymaker/The New York Times via AP The National Security Agency considers itself the world’s most formidable cyber power, with an army of… Read more: After A Major Hack, U.S. Looks To Fix A Cyber ‘Blind Spot’