Category: CySecurity News – Latest Information Security and Hacking Incidents

  Gravy Analytics, the parent company of data broker Venntel, is facing mounting scrutiny after hackers reportedly infiltrated its systems, accessing an alarming 17 terabytes of sensitive consumer data. This breach includes detailed cellphone behavior and location data of U.S.…

Read more →

  The hacking group Silent Crow has claimed responsibility for breaching Russia’s Federal Service for State Registration, Cadastre, and Cartography (Rosreestr), releasing what it describes as a fragment of the agency’s database. The leak reportedly includes sensitive personal information of…

Read more →

  Japan’s National Police Agency (NPA) and the National Centre of Incident Readiness and Strategy for Cybersecurity (NISC) have officially attributed a prolonged cyberattack campaign targeting Japanese organizations and individuals since 2019 to the China-linked threat actor MirrorFace, also known…

Read more →

  Cybersecurity researchers have identified a dangerous new version of Banshee Stealer, a sophisticated malware specifically targeting macOS users. This updated strain is designed to bypass antivirus defenses and steal sensitive data from millions of macOS devices. Originally detected in…

Read more →

The Ministry of Electronics and Information Technology (MeitY) announced on January 3, 2025, the release of draft rules under the Digital Personal Data Protection Act, 2023 for public feedback. A significant provision in this draft mandates that parental consent must…

Read more →

Ken Liem, a California resident, has filed a lawsuit against three major banks, accusing them of negligence in enabling a cryptocurrency investment scam. Liem claims he was defrauded of $986,000 after being targeted on LinkedIn in June 2023 by a…

Read more →

The Digital Markets Act (DMA) is poised to reshape the European digital landscape. This pioneering legislation by the European Union seeks to curb the dominance of tech giants, foster competition, and create a fairer digital marketplace for consumers and businesses…

Read more →

  1Password, the renowned password management platform, has announced its largest acquisition to date: Trelica, a UK-based SaaS (Software-as-a-Service) management company. While the financial details remain undisclosed, this strategic move aims to significantly enhance 1Password’s ability to help businesses better…

Read more →

  Jakub Korepta, Principal Security Consultant at Securing, has discovered a critical command injection vulnerability in the Aviatrix Network Controller, identified as CVE-2024-50603. This flaw, impacting versions 7.x through 7.2.4820, has been assigned the highest possible CVSS severity score of…

Read more →

The latest Android malware called ‘FireScam’ is being shared as a premium variant of the Telegram application through phishing sites on GitHub that impersonate the RuStore, a Russian app market for mobile devices. About FireScam vulnerability Russian internet group VK…

Read more →

  A newly discovered malware, named PLAYFULGHOST, is causing concern among cybersecurity experts due to its versatile capabilities for data theft and system compromise. According to researchers, this malware employs techniques such as screen and audio capture, keylogging, remote shell…

Read more →

  As business operates at an unprecedented pace, consumers are demanding quick, simple, and secure payment options. The future of payment authentication is here — and it’s centered around biometrics. Biometric payment companies are set to join established players in…

Read more →

  Apple made headlines with the launch of its Apple Intelligence tool, which quickly gained global attention. However, the tech giant now faces mounting criticism after reports emerged that the AI feature has been generating false news notifications, raising concerns…

Read more →

Users of the unified payments interface (UPI) are the victims of a recent cyber fraud known as the “jumped deposit scam.” First, scammers persuade victims by making a modest, unsolicited deposit into their bank accounts.  How does it operate?  A…

Read more →

  The RIBridges system, a very important tool for Rhode Island’s social services, has become the latest victim of a ransomware attack, resulting in the leak of personal data belonging to hundreds of thousands of residents. This breach, orchestrated by…

Read more →

A new Android malware named ‘FireScam’ has surfaced, disguised as a premium version of the Telegram app. Distributed through phishing websites hosted on GitHub, the malware tricks users by mimicking the interface of RuStore, Russia’s official mobile app market. This…

Read more →

  In today’s digital age, the line between public and private life often blurs. Social media enables us to share moments, connect, and express ourselves. However, oversharing online—whether through impulsive posts or lax privacy settings—can pose serious risks to your…

Read more →

  < p style=”text-align: justify;”>It has been predicted that India, with its vast youth population, will emerge as one of the most influential players in the gaming industry within the next few years, as online gaming evolves into a career.…

Read more →

  In today’s hyperconnected world, securing your home Wi-Fi network is more critical than ever. Whether hosting a party or managing daily internet use, your network faces risks with every new device connection. Without proper safeguards, you could unintentionally expose…

Read more →

  India’s National Cyber Crime Reporting Portal now features a ‘Report and Check Suspect’ tool, allowing users to verify UPI IDs, phone numbers, emails, and social media handles against a database of known cyber fraudsters. Focusing on Digital Arrest Scams…

Read more →

  A major cybersecurity breach has been reported against the U.S. Treasury Department, specifically its Office of Foreign Assets Control (OFAC). OFAC, which oversees trade and economic sanctions, was accessed by Chinese state-backed hackers in what officials have described as…

Read more →

As part of its initiatives to enhance public services and modernize government processes, Jordan has approved the 2025 Blockchain Technology Policy. The Jordanian Council of Ministers unveiled a new policy to improve service delivery to citizens, cut expenses, and streamline…

Read more →

  There is no denying that Solana, one of the fastest-growing blockchain networks, has introduced a groundbreaking security feature called the Winternitz Vault. This feature will protect digital assets from quantum computing threats while maintaining the platform’s high performance. Solana…

Read more →

  < p style=”text-align: justify;”>Recent incidents have revealed a troubling trend of cryptocurrency dealers being targeted for kidnappings and extortion. These cases underline the risks associated with the growing prominence of the cryptocurrency sector. French authorities recently rescued a 56-year-old…

Read more →

< p style=”text-align: justify;”>Hackers have launched a sophisticated phishing campaign impersonating the United States Social Security Administration (SSA) to deliver the ConnectWise Remote Access Tool (RAT), according to a report by Cofense Intelligence. This operation, active since September 2024 and…

Read more →

  < p style=”text-align: justify;”>After a rented Tesla Cybertruck caught fire outside the Trump International Hotel in Las Vegas, Tesla’s advanced data systems became a focal point in the investigation. The explosion, which resulted in a fatality, initially raised concerns…

Read more →

  Cybersecurity researchers have uncovered a malicious WordPress plugin called PhishWP that transforms legitimate websites into tools for phishing scams. This plugin allows attackers to set up fake payment pages mimicking trusted services like Stripe, tricking users into divulging sensitive…

Read more →

  Between September and November, T-Mobile successfully defended against a cyberattack attributed to the Chinese state-sponsored group Salt Typhoon. Unlike previous incidents, this time, no data was compromised. However, the attack highlights growing cybersecurity vulnerabilities in the U.S. telecom sector. …

Read more →

  In a new study published by ShadowServer, it was revealed that 3.3 million POP3 (Post Office Protocol) and IMAP (Internet Message Access Protocol) servers are currently at risk of network sniffing attacks because they are not encrypting their data…

Read more →

  Online shopping is something that we all love. It is time-efficient, convenient, and frequently results in the best offers and savings. However, since many people are busy with online shopping, con artists are also trying to find ways to…

Read more →

  Cybersecurity concerns are growing as malicious browser extensions target unsuspecting users. One such case involves the removal of the popular EditThisCookie extension, which had over 3 million downloads, from the Chrome Web Store due to its reliance on the…

Read more →

  Cybersecurity experts said that a malware campaign targeting Ukraine’s military personnel has been released. The malware is spread with the help of a fake installer for an app called “Army+.” That installer looks perfectly legitimate but embeds malicious code.…

Read more →

In today’s digital era, data has become a valuable currency, akin to Gold. From shopping platforms like Flipkart to healthcare providers and advertisers, data powers personalization through targeted ads and tailored insurance plans. However, this comes with its own set…

Read more →

  Cybersecurity experts are raising alarms about a new twist on the classic clickjacking attack technique. Paulos Yibelo, a security engineer at Amazon, has uncovered a variant called “double-clickjacking,” capable of disabling security settings, deleting accounts, or even taking over…

Read more →

  The growing number of online accounts has made managing passwords increasingly difficult. With users juggling dozens of accounts, creating secure yet memorable passwords has become a major challenge. Traditional password guidelines emphasize complexity, requiring combinations of uppercase and lowercase…

Read more →

  As digital privacy concerns grow, taking steps to declutter your online footprint can help protect your sensitive information. Whether you’re worried about expanding government surveillance or simply want to clean up old data, there are practical ways to safeguard…

Read more →

  The phenomenon of “pig-butchering” scams has emerged as a significant cybercrime, exploiting vulnerabilities intensified by the Covid-19 pandemic. These schemes involve creating fraudulent investment platforms and manipulating victims emotionally, often targeting them through social media. Shockingly, these operations are…

Read more →

  WhatsApp, Instagram, and Telegram have once again become the favorite tools for hackers, as per a report released by India’s Home Ministry (MHA).  According to the report, WhatsApp is still the most commonly utilized medium for cybercrime. Several examples…

Read more →

  There is a new online scam, where cyber criminals trick people into downloading harmful software under the pretext of beta testing a game. This campaign targets people on platforms such as Discord, email, and even text messages, aiming at…

Read more →

< p style=”text-align: justify;”>The FBI has issued a cautionary alert for travelers, urging them to avoid using public USB charging stations found in airports, hotels, and other public spaces. A rising cyber threat, known as “juice jacking,” enables cybercriminals to…

Read more →

  < p style=”text-align: justify;”>On Christmas Eve, Cyberhaven, a data loss prevention company, experienced a cyberattack targeting its Google Chrome extension. The breach exposed sensitive customer data, including passwords and session tokens. The company has since taken swift measures to…

Read more →

< p style=”text-align: justify;”>In a significant revelation, researchers from Korea University have uncovered “SysBumps,” the first successful Kernel Address Space Layout Randomization (KASLR) break attack targeting macOS devices powered by Apple Silicon processors. Presented at CCS ’24, the study exposes…

Read more →

Israel, often known as the “Startup Nation,” has emerged as a global leader in cybersecurity, defense, and internet technologies. Cryptocurrency has easily integrated into the high-tech ecosystem, transforming the digital asset class and blockchain technology into key drivers of the…

Read more →

    In recent times, the rapid development of artificial intelligence took a significant turn when OpenAI introduced its O3 model, a system demonstrating human-level performance on tests designed to measure “general intelligence.” This achievement has reignited discussions on artificial…

Read more →

< p style=”text-align: justify;”>For years, cybersecurity experts have criticized passwords as outdated and insecure. Frequently re-used, susceptible to phishing, and vulnerable to leaks, they remain one of the weakest links in online security. Passkeys have been hailed as the solution…

Read more →

  A fraudulent text message claiming to notify residents about an overdue City of Milwaukee parking penalty has been flagged as a scam and should be deleted, city authorities announced earlier this week. According to Ald. Lamont Westmoreland, the scam…

Read more →

Google Chrome to block cookies The digital advertising world is changing rapidly due to privacy concerns and regulatory needs, and the shift is affecting how advertisers target customers. Starting in 2025, Google to stop using third-party cookies in the world’s most…

Read more →

Experts find critical flaws  The Cyber Security Agency of Singapore has issued warning against three critical flaws in Apache software products. The Apache Software Foundation has released security patches to address these vulnerabilities, which can cause risk to users and…

Read more →

  < p style=”text-align: justify;”>A recent cybersecurity lapse within Volkswagen’s Cariad unit, which manages the company’s cloud systems, exposed sensitive data from hundreds of thousands of vehicles. The breach, attributed to a misconfiguration in a cloud environment hosted on Amazon…

Read more →

  As the Dutch privacy watchdog DPA announced on Wednesday, it was concerned that software developers developing artificial intelligence (AI) might use personal data. To get more information about this, DPA sent a letter to Microsoft-backed OpenAI. The Dutch Data…

Read more →

< p style=”text-align: justify;”>A recent report by SecurityScorecard has shed light on the widespread issue of third-party data breaches among the European Union’s top companies. The study, which evaluated the cybersecurity health of the region’s 100 largest firms, revealed that…

Read more →

  < p style=”text-align: justify;”>A recent report by OPS Group, a global aviation safety network, has highlighted a sharp rise in GPS interference across several global conflict zones, including India’s borders with Pakistan and Myanmar. This interference poses significant risks…

Read more →

  < p style=”text-align: justify;”>Mapping the ionosphere is essential for improving the precision of navigation systems, yet traditional methods face significant limitations. Ground-based GNSS stations, while providing detailed maps of ionospheric total electron content (TEC), suffer from poor spatial coverage,…

Read more →

  < p style=”text-align: justify;”>The CrowdStrike outage in July 2024 exposed significant weaknesses in global IT supply chains, raising concerns about their resilience and dependence on major providers. The disruption caused widespread impact across critical sectors, including healthcare, transportation, banking,…

Read more →

The latest research has found a sharp rise in suspicious email activities and a change in attack tactics. If you are someone who communicates via email regularly, keep a lookout for malicious or unusual activities, it might be a scam.…

Read more →

  AT&T has confirmed being targeted in the Salt Typhoon hacking attack, a cyber operation suspected to involve China. Despite the attack, the telecommunications giant assured customers that its networks remain secure. In a statement, AT&T revealed that hackers aimed…

Read more →

  The Reserve Bank of India (RBI) has revealed a significant rise in bank fraud cases during the first half of the current fiscal year. According to the Report on Trend and Progress of Banking in India 2023-24, fraud cases…

Read more →

  In a proposal posted on Friday in the Federal Register, the Office for Civil Rights of the US Department of Health and Human Services (HHS) outlined several new requirements that could improve the cybersecurity practices of healthcare organizations. The…

Read more →

  Palo Alto Networks has issued a warning about the active exploitation of the CVE-2024-3393 denial of service (DoS) vulnerability, which attackers are using to compromise firewall defenses by triggering device reboots. Repeated exploitation of this vulnerability forces the firewall…

Read more →

  Ransomware is a type of malicious software designed to block access to files until a ransom is paid. Over the past 35 years, it has evolved from simple attacks into a global billion-dollar industry. In 2023 alone, ransomware victims…

Read more →

  < p style=”text-align: justify;”>In October 2024, General Dynamics (GD), a prominent name in aerospace and defense, confirmed a data breach impacting employee benefits accounts. The breach, detected on October 10, affected 37 individuals, including two residents of Maine. Attackers…

Read more →

  < p style=”text-align: justify;”>For tech enthusiasts and environmentalists in the European Union (EU), December 28, 2024, marked a major turning point as USB-C officially became the required standard for electronic gadgets. The new policy mandates that phones, tablets, cameras,…

Read more →

Hackers compromised Cyberhaven’s Chrome extension in a suspected supply-chain attack, publishing a malicious update capable of stealing customer passwords and session tokens. The attack raised serious concerns about the security of widely-used browser extensions. Cyberhaven, a data-loss prevention startup, confirmed…

Read more →

  < p style=”text-align: justify;”>In September 2024, American Addiction Centers (AAC) experienced a significant cyberattack that exposed the personal and health-related information of 422,424 individuals. The breach involved sensitive data such as Social Security numbers and health insurance details, prompting…

Read more →

  Hackers associated with North Korea have taken cyber theft to a record-breaking level in 2024, stealing $1.8 billion in cryptocurrency. According to a detailed report by blockchain analytics firm Chainalysis, this highlights the growing sophistication of these attackers and…

Read more →

  < p style=”text-align: justify;”>According to VulnCheck, a critical vulnerability identified as CVE-2024-12856 has been discovered in Four-Faith industrial routers, specifically affecting the F3x24 and F3x36 models, as well as users’ machines. Evidence suggests active exploitation of this vulnerability in…

Read more →

< p style=”text-align: justify;”>Cybersecurity researchers are raising alarms over the misuse of large language models (LLMs) by cybercriminals to create new variants of malicious JavaScript at scale. A report from Palo Alto Networks Unit 42 highlights how LLMs, while not…

Read more →

  A novel two-step phishing strategy is targeting Microsoft Visio files (.vsdx) and SharePoint, signaling a new trend in cyber deception, according to experts. Researchers at Perception Point have noted a significant rise in attacks leveraging these previously uncommon .vsdx…

Read more →

  Cybercriminals on the dark web have developed new ways to exploit identity verification systems. Rather than hacking or stealing personal information, they are purchasing it directly from individuals, as revealed by security researchers at iProov. This approach allows them…

Read more →

  South Korea has announced sanctions against 15 North Korean nationals and the Chosun Geumjeong Economic Information Technology Exchange Corporation for orchestrating schemes that finance North Korea’s nuclear weapons and missile programs. These measures target a global network involved in…

Read more →

  The North Korean hackers behind the ongoing Contagious Interview campaign have been observed launching a new JavaScript malware named OtterCookie.  The campaign includes social engineering techniques, with the hacker team frequently posing as recruiters to trick job seekers into…

Read more →

  A malware attack on the European Space Agency’s official web shop revealed that the application was hacked by loading a JavaScript script that generated a fake Stripe payment page at checkout. With an annual budget of more than 10…

Read more →

  Zelle has become a popular choice for online money transfers due to its simplicity, zero fees, and support from over 1,700 banks. However, since its launch in June 2017, the peer-to-peer payment service has been plagued by fraud. On…

Read more →

  The Q3 2024 Threat Report from Gen unveils a concerning rise in the sophistication of cyber threats, shedding light on how artificial intelligence (AI) is both a tool for attackers and defenders.  As cybercriminals evolve their tactics, the line…

Read more →

  A distributed denial-of-service (DDoS) attack targets a VoIP server by overwhelming it with phony user requests. This excessive traffic can exceed the network’s capacity, causing service disruptions and making genuine user requests unprocessable. Online criminals exploit these attacks to…

Read more →

  In October 2024, Interlock claimed to have attacked several organizations, including Wayne County, Michigan, which is known for its cyberattacks. Ransomware is characterized by the fact that the encrypted data is encrypted by an encryptor specifically designed for the…

Read more →

  A huge data security breach has come to light, with the data platform Builder.ai. It’s a service that lets organizations build their own proprietary, custom software applications, which don’t need heavy programming. According to a blog post by a…

Read more →

  A joint alert from the FBI, the Department of Defense (D.O.D.) Cyber Crime Center and the National Police Agency of Japan reveal that a North Korean threat group carried out a significant cryptocurrency theft from Japan’s crypto firm DMM…

Read more →

  The Cybersecurity and Infrastructure Security Agency (CISA) issued updated recommendations in December 2024 aimed at enhancing mobile phone cybersecurity. Following a significant hack involving major U.S. telecom companies like AT&T, Verizon, and Lumen Technologies, these guidelines focus on adopting…

Read more →

  As technology advances at an unprecedented rate, the recent unveiling of Willow, Google’s quantum computing device, ushers in a new age for startups. Willow’s unprecedented computing capabilities—105 qubits, roughly double those of its predecessor, Sycamore—allow it to accomplish jobs…

Read more →

  The ethos of the tech industry for a long time has always been that there is no shortage of data, and that is a good thing. Recent patents from IBM and Intel demonstrate that the concept of data minimization…

Read more →

Healthcare industry giant Ascension has broken the silence and revealed more sensitive information concerning the recent hack in June. Through a worker opening a suspicious file without even knowing the malware was actually very harmful to download, it gave room…

Read more →

  Approximately 75% of ransomware attacks on the healthcare sector over the past year occurred during weekends or holidays, highlighting the urgency for organizations to strengthen their staffing and security measures during these high-risk periods. Jeff Wichman, director of incident…

Read more →

  In the age of rapidly evolving artificial intelligence (AI), a new breed of frauds has emerged, posing enormous risks to companies and their clients. AI-powered impersonations, capable of generating highly realistic voice and visual content, have become a major…

Read more →

  < p style=”text-align: justify;”> In today’s complex digital landscape, the role of human expertise in cybersecurity remains indispensable. Two pivotal approaches — human-led security testing and human-centric cybersecurity (HCC) — have gained prominence, each contributing distinct strengths. However, these…

Read more →

Three severe SQL injection vulnerabilities have been identified in specific Amazon Redshift drivers, posing a significant risk of privilege escalation and data compromise. The vulnerabilities, labeled as CVE-2024-12744, CVE-2024-12745, and CVE-2024-12746, each hold a CVSS severity score of 8.0, emphasizing…

Read more →

  Botnet attacks exploit a command-and-control model, enabling hackers to control infected devices, often referred to as “zombie bots,” remotely. The strength of such an attack depends on the number of devices compromised by the hacker’s malware, making botnets a…

Read more →

  In today’s tech-driven world, scams have become increasingly sophisticated, fueled by advancements in artificial intelligence (AI) and deepfake technology. Falling victim to these scams can result in severe financial, social, and emotional consequences. Over the past year alone, cybercrime…

Read more →

  A new research published earlier this week by Fortinet Inc.’s FortiGuard Labs warns of two newly found malicious Python packages that indicate a major threat of credential theft, data exfiltration, and unauthorised system access. The first flaw, Zebo-0.1.0, was…

Read more →

  While phishing scams are on the rise over the holiday period, the FBI has reminded Gmail, Outlook, Apple Mail, and other services users to be more alert. More phishing schemes are becoming common as criminals use the festive season…

Read more →

  AI models are like babies: continuous growth spurts make them more fussy and needy. As the AI race heats up, frontrunners such as OpenAI, Google, and Microsoft are throwing billions at massive foundational AI models comprising hundreds of billions…

Read more →

  A Cybernews research team discovered a huge exposed data server on June 25th. The server contained 3GB of personal information and telemetry from iPhones equipped with an app known as “Home V.” According to the log samples, the data…

Read more →

  A Bengaluru software engineer recently fell victim to a complex cyber scam, losing ₹11.8 crore in just 18 days. The incident highlights the growing sophistication of cybercrimes in India, particularly in tech hubs like Bengaluru. The victim, whose identity…

Read more →

  The Clop ransomware gang has intensified its extortion tactics following a data theft attack targeting Cleo software. On its dark web portal, the group revealed that 66 companies have been given 48 hours to meet their ransom demands. According…

Read more →

  The infamous LockBit ransomware group has announced its return with the upcoming release of LockBit 4.0, set for February 2025. This marks a big moment for the group, which has had major setbacks over the last year. A global…

Read more →

  The ransomware epidemic may have been stopped by recent law enforcement operations that disrupted attack infrastructure, led to the arrest of cybercriminals, and broke up some threat groups, but this would be wrong as well. A recent study on…

Read more →

  Chainalysis, a blockchain analytics company that provides data analysis on the blockchain ecosystem, has reported that the volume of compromised crypto funds and the number of hacking incidents are set to rise in 2024. The report states that the…

Read more →

  Big Mama VPN, a free virtual private network app, is drawing scrutiny for its involvement in both legitimate and questionable online activities. The app, popular among Android users with over a million downloads, provides a free VPN service while…

Read more →

  When Microsoft launched Windows 11 in 2021, it introduced a strict hardware compatibility requirement, including the necessity for a Trusted Platform Module (TPM) that adheres to the TPM 2.0 standard. A TPM is a secure cryptoprocessor designed to manage…

Read more →

  ‘BMI CalculationVsn’ is a malicious Android spyware app that was identified on the Amazon Appstore. It poses as a simple health tool while covertly harvesting data from compromised devices.  Cybersecurity researchers from McAfee Labs discovered the app and notified…

Read more →