FreshRSS

🔒
☐ ☆ ✇ The Hacker News

The Risks and Preventions of AI in Business: Safeguarding Against Potential Pitfalls

By The Hacker News — July 12th 2023 at 11:04
Artificial intelligence (AI) holds immense potential for optimizing internal processes within businesses. However, it also comes with legitimate concerns regarding unauthorized use, including data loss risks and legal consequences. In this article, we will explore the risks associated with AI implementation and discuss measures to minimize damages. Additionally, we will examine regulatory
☐ ☆ ✇ The Hacker News

Cybercrime Group 'Muddled Libra' Targets BPO Sector with Advanced Social Engineering

By Ravie Lakshmanan — June 23rd 2023 at 14:44
A threat actor known as Muddled Libra is targeting the business process outsourcing (BPO) industry with persistent attacks that leverage advanced social engineering ploys to gain initial access. "The attack style defining Muddled Libra appeared on the cybersecurity radar in late 2022 with the release of the 0ktapus phishing kit, which offered a prebuilt hosting framework and bundled templates,"
☐ ☆ ✇ The Hacker News

Kimsuky Targets Think Tanks and News Media with Social Engineering Attacks

By Ravie Lakshmanan — June 8th 2023 at 04:23
The North Korean nation-state threat actor known as Kimsuky has been linked to a social engineering campaign targeting experts in North Korean affairs with the goal of stealing Google credentials and delivering reconnaissance malware. "Further, Kimsuky's objective extends to the theft of subscription credentials from NK News," cybersecurity firm SentinelOne said in a report shared with The
☐ ☆ ✇ The Hacker News

6 Steps to Effectively Threat Hunting: Safeguard Critical Assets and Fight Cybercrime

By The Hacker News — May 31st 2023 at 11:47
Finding threat actors before they find you is key to beefing up your cyber defenses. How to do that efficiently and effectively is no small task – but with a small investment of time, you can master threat hunting and save your organization millions of dollars. Consider this staggering statistic. Cybersecurity Ventures estimates that cybercrime will take a $10.5 trillion toll on the global
☐ ☆ ✇ The Hacker News

Iranian Tortoiseshell Hackers Targeting Israeli Logistics Industry

By Ravie Lakshmanan — May 24th 2023 at 13:49
At least eight websites associated with shipping, logistics, and financial services companies in Israel were targeted as part of a watering hole attack. Tel Aviv-based cybersecurity company ClearSky attributed the attacks with low confidence to an Iranian threat actor tracked as Tortoiseshell, which is also called Crimson Sandstorm (previously Curium), Imperial Kitten, and TA456. "The infected
☐ ☆ ✇ The Hacker News

How to Build a Research Lab for Reverse Engineering — 4 Ways

By The Hacker News — March 29th 2023 at 11:43
Malware analysis is an essential part of security researcher's work. But working with malicious samples can be dangerous — it requires specialized tools to record their activity, and a secure environment to prevent unintended damage. However, manual lab setup and configuration can prove to be a laborious and time-consuming process. In this article, we'll look at 4 ways to create a reverse
☐ ☆ ✇ The Hacker News

New Cyber Platform Lab 1 Decodes Dark Web Data to Uncover Hidden Supply Chain Breaches

By The Hacker News — March 20th 2023 at 10:44
2022 was the year when inflation hit world economies, except in one corner of the global marketplace – stolen data. Ransomware payments fell by over 40% in 2022 compared to 2021. More organisations chose not to pay ransom demands, according to findings by blockchain firm Chainalysis. Nonetheless, stolen data has value beyond a price tag, and in risky ways you may not expect. Evaluating stolen
☐ ☆ ✇ The Hacker News

Authorities Shut Down ChipMixer Platform Tied to Crypto Laundering Scheme

By Ravie Lakshmanan — March 16th 2023 at 09:46
A coalition of law enforcement agencies across Europe and the U.S. announced the takedown of ChipMixer, an unlicensed cryptocurrency mixer that began its operations in August 2017. "The ChipMixer software blocked the blockchain trail of the funds, making it attractive for cybercriminals looking to launder illegal proceeds from criminal activities such as drug trafficking, weapons trafficking,
☐ ☆ ✇ The Hacker News

Coinbase Employee Falls for SMS Scam in Cyber Attack, Limited Data Exposed

By Ravie Lakshmanan — February 21st 2023 at 10:13
Popular cryptocurrency exchange platform Coinbase disclosed that it experienced a cybersecurity attack that targeted its employees. The company said its "cyber controls prevented the attacker from gaining direct system access and prevented any loss of funds or compromise of customer information." The incident, which took place on February 5, 2023, resulted in the exposure of a "limited amount of
☐ ☆ ✇ The Hacker News

Hackers Abused Microsoft's "Verified Publisher" OAuth Apps to Breach Corporate Email Accounts

By Ravie Lakshmanan — February 1st 2023 at 05:30
Microsoft on Tuesday said it took steps to disable fake Microsoft Partner Network (MPN) accounts that were used for creating malicious OAuth applications as part of a phishing campaign designed to breach organizations' cloud environments and steal email. "The applications created by these fraudulent actors were then used in a consent phishing campaign, which tricked users into granting
☐ ☆ ✇ The Hacker News

Bitzlato Crypto Exchange Founder Arrested for Aiding Cybercriminals

By Ravie Lakshmanan — January 19th 2023 at 10:43
The U.S. Department of Justice (DoJ) on Wednesday announced the arrest of Anatoly Legkodymov (aka Gandalf and Tolik), the cofounder of Hong Kong-registered cryptocurrency exchange Bitzlato, for allegedly processing $700 million in illicit funds. The 40-year-old Russian national, who was arrested in Miami, was charged in a U.S. federal court with "conducting a money transmitting business that
☐ ☆ ✇ The Hacker News

How XDR Helps Protect Critical Infrastructure

By The Hacker News — December 7th 2022 at 13:39
Critical infrastructure is important for societal existence, growth, and development. Societies are reliant on the services provided by critical infrastructure sectors like telecommunication, energy, healthcare, transportation, and information technology. Safety and security are necessary for the optimal operation of these critical infrastructures. Critical infrastructure is made up of digital
☐ ☆ ✇ The Hacker News

U.S. Authorities Seize Domains Used in 'Pig butchering' Cryptocurrency Scams

By Ravie Lakshmanan — November 22nd 2022 at 09:10
The U.S. Justice Department (DoJ) on Monday announced the takedown of seven domain names in connection to a "pig butchering" cryptocurrency scam. The fraudulent scheme, which operated from May to August 2022, netted the actors over $10 million from five victims, the DoJ said. Pig butchering, also called Sha Zhu Pan, is a type of scam in which swindlers lure unsuspecting investors into sending
☐ ☆ ✇ The Hacker News

Iranian Hackers Target High-Value Targets in Nuclear Security and Genomic Research

By Ravie Lakshmanan — September 13th 2022 at 09:25
Hackers tied to the Iranian government have been targeting individuals specializing in Middle Eastern affairs, nuclear security, and genome research as part of a new social engineering campaign designed to hunt for sensitive information. Enterprise security firm Proofpoint attributed the targeted attacks to a threat actor named TA453, which broadly overlaps with cyber activities monitored under
☐ ☆ ✇ The Hacker News

North Korea Hackers Spotted Targeting Job Seekers with macOS Malware

By Ravie Lakshmanan — August 17th 2022 at 06:20
The North Korea-backed Lazarus Group has been observed targeting job seekers with malware capable of executing on Apple Macs with Intel and M1 chipsets. Slovak cybersecurity firm ESET linked it to a campaign dubbed "Operation In(ter)ception" that was first disclosed in June 2020 and involved using social engineering tactics to trick employees working in the aerospace and military sectors into
☐ ☆ ✇ The Hacker News

Hackers Exploited Atlassian Confluence Bug to Deploy Ljl Backdoor for Espionage

By Ravie Lakshmanan — August 4th 2022 at 10:24
A threat actor is said to have "highly likely" exploited a security flaw in an outdated Atlassian Confluence server to deploy a never-before-seen backdoor against an unnamed organization in the research and technical services sector. The attack, which transpired over a seven-day-period during the end of May, has been attributed to a threat activity cluster tracked by cybersecurity firm Deepwatch
❌