Tag: theft
-
Durch Identitätsdiebstahl 1,5 Millionen Dollar von US-Stadtverwaltung gestohlen
by
in SecurityNewsComptroller: FBI investigating cyberattack, ID theft that defrauded Baltimore of $1.5M First seen on wbal.com Jump to article: www.wbal.com/comptroller-fbi-investigating-cyberattack-id-theft-that-defrauded-baltimore-city-of-1-5m
-
Check Point Responds to Hacking Claims
by
in SecurityNewsCheck Point has responded to a hacker’s claims of sensitive data theft, confirming an incident but saying that it had limited impact. The post Check Point Responds to Hacking Claims appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/check-point-responds-to-hacking-claims/
-
Infostealer malware poses potent threat despite recent takedowns
by
in SecurityNewsHow CISOs can defend against infostealers: To defend against these threats, CISOs should rely on multi-factor authentication MFA and least privilege access to prevent their incursion into the corporate network, as well as endpoint detection and response (EDR) and anti-malware to detect and quarantine infostealers that manage to trick users into running the malware. Regular…
-
Triton RAT Uses Telegram for Remote System Access and Control
by
in SecurityNewsCado Security Labs has uncovered a new Python-based Remote Access Tool (RAT) named Triton RAT, which leverages Telegram for remote system access and data exfiltration. This open-source malware, available on GitHub, is designed to execute a wide range of malicious activities, including credential theft, system control, and persistence establishment. Technical Overview Triton RAT initiates its…
-
Russian Hackers Leverage Bulletproof Hosting to Shift Network Infrastructure
by
in SecurityNewsRussian-aligned cyber threat groups, UAC-0050 and UAC-0006, have significantly escalated their operations in 2025, targeting entities worldwide with a focus on Ukraine. These groups employ bulletproof hosting services to mask their network infrastructure, enabling sophisticated campaigns involving financial theft, espionage, and psychological operations. UAC-0050, linked to Russian law enforcement agencies, has transitioned to deploying NetSupport…
-
‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft
The newly identified Android banking trojan Crocodilus takes over devices, enabling overlay attacks, remote control, and keylogging. The post ‘Crocodilus’ Android Banking Trojan Allows Device Takeover, Data Theft appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/crocodilus-android-banking-trojan-allows-device-takeover-data-theft/
-
CrushFTP Vulnerability Lets Hackers Bypass Security and Seize Server Control
by
in SecurityNewsA newly disclosed authentication bypass vulnerability (CVE-2025-2825) in CrushFTP file transfer software enables attackers to gain complete control of servers without valid credentials. The vulnerability affects versions 10.0.0 through 11.3.0 of the popular enterprise file transfer solution, exposing organizations to data theft and system compromise. The Exploit: Bypassing Security in 3 Steps Security researchers have…
-
9-Year-Old NPM Crypto Package Hijacked for Information Theft
by
in SecurityNewsNearly a dozen crypto packages on NPM, including one published 9 years ago, have been hijacked to deliver infostealers. The post 9-Year-Old NPM Crypto Package Hijacked for Information Theft appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/9-year-old-npm-crypto-package-hijacked-to-steal-information/
-
Oracle customers confirm data stolen in alleged cloud breach is valid
Despite Oracle denying a breach of its Oracle Cloud federated SSO login servers and the theft of account data for 6 million people, BleepingComputer has confirmed with multiple companies that associated data samples shared by the threat actor are valid. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oracle-customers-confirm-data-stolen-in-alleged-cloud-breach-is-valid/
-
Crypto Heist Suspect >>Wiz<< Arrested After $243 Million Theft
by
in SecurityNewsVeer Chetal, known online as “Wiz” and one of the key suspects in the massive $243 million cryptocurrency heist, has been apprehended by U.S. Marshals. First seen on hackread.com Jump to article: hackread.com/crypto-heist-suspect-wiz-arrested-243-million-theft/
-
Legal impact on cybersecurity in 2025: new developments and challenges in the EU
by
in SecurityNews
Tags: 5G, authentication, compliance, corporate, cybersecurity, dora, finance, framework, fraud, identity, law, network, regulation, resilience, risk, service, strategy, technology, theftDORA Regulation: digital operational resilience in the financial sector: Regulation 2022/2554 (DORA) focuses on increasing the “Digital Operational Resilience” of financial institutions. Approved on 14 December 2022, DORA seeks to strengthen the security and robustness of financial sector entities’ information systems, with the aim of reducing technological risks and cyberthreats.As mentioned, DORA is applicable to…
-
Abracadabra Cyberattack: How Hackers Drained $13M from DeFi Platform
by
in SecurityNewsThe decentralized finance (DeFi), Abracadabra, is dealing with a cyberattack that resulted in the theft of nearly $13 million worth of cryptocurrency. The Abracadabra cyberattack, which targeted the platform’s “gmCauldrons,” has shaken the cryptocurrency market particularly those that rely on liquidity tokens from decentralized exchanges like GMX. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/abracadabra-cyberattack/
-
Pocket Card Users Targeted in Sophisticated Phishing Campaign
by
in SecurityNewsA new phishing campaign targeting Japanese Pocket Card users has been uncovered by Symantec. The attackers are employing sophisticated tactics to deceive cardholders into divulging their login credentials, potentially compromising their financial accounts. Japanese Cardholders at Risk of Credential Theft The phishing operation begins with fraudulent emails masquerading as official notifications from Pocket Card’s online…
-
Google Account Hijackers Target Victims Via Semrush Ads
Threat actors are looking to compromise Google accounts to further malvertising and data theft First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/google-hijackers-target-victims/
-
UAT-5918 ATP group targets critical Taiwan
by
in SecurityNewsCisco Talos found UAT-5918, active since 2023, using web shells and open-source tools for persistence, info theft, and credential harvesting. Cisco Talos uncovered UAT-5918, an info-stealing threat actor active since 2023, using web shells and open-source tools for persistence and credential theft. The APT UAT-5918 targets Taiwan, exploiting N-day vulnerabilities in unpatched servers for long-term…
-
Oracle denies breach after hacker claims theft of 6 million data records
Oracle denies it was breached after a threat actor claimed to be selling 6 million data records allegedly stolen from the company’s Oracle Cloud federated SSO login servers First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/oracle-denies-data-breach-after-hacker-claims-theft-of-6-million-data-records/
-
Checkpoint ZoneAlarm Driver Flaw Exposes Users to Credential Theft
by
in SecurityNewsCredential theft alert! Venak Security discovers a BYOVD attack using .SYS drivers to bypass Windows security. Learn how… First seen on hackread.com Jump to article: hackread.com/checkpoint-zonealarm-driver-flaw-user-credential-theft/
-
UAT-5918 Targets Taiwan’s Critical Infrastructure Using Web Shells and Open-Source Tools
by
in SecurityNewsThreat hunters have uncovered a new threat actor named UAT-5918 that has been attacking critical infrastructure entities in Taiwan since at least 2023.”UAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to conduct post-compromise activities to establish persistence in victim…
-
UAT-5918 Hackers Exploit N-Day Vulnerabilities in Exposed Web and Application Servers
by
in SecurityNews
Tags: access, credentials, cyber, cybersecurity, data-breach, exploit, group, hacker, healthcare, infrastructure, theft, threat, vulnerabilityA recent cybersecurity threat, identified as UAT-5918, has been actively targeting entities in Taiwan, particularly those in critical infrastructure sectors such as telecommunications, healthcare, and information technology. This advanced persistent threat (APT) group is believed to be motivated by establishing long-term access for information theft and credential harvesting. UAT-5918 gains initial access by exploiting known…
-
Infostealers Fuel 2.1B Credentials and 23M Host Infections
by
in SecurityNewsCybercrime surged with a 33% spike in credential theft and 200 million credentials stolen in early 2025, signaling a daunting threat landscape for organizations. First seen on esecurityplanet.com Jump to article: www.esecurityplanet.com/trends/infostealers-2-1b-credentials-23m-hosts/
-
Cryptohack Roundup: $6.1M Wemix Theft
by
in SecurityNewsAlso: OKX Temporarily Suspends Services to Prevent Funds Laundering. This week, $6.1M Wemix theft, OKX suspended services, Vermont dropped Coinbase case, new RAT-targeted crypto wallet extensions, TJ Stone got prison time, Nebraska’s new crypto ATM rule, Trezor disclosed a potential bug and British prosecutors charged a former police officer for 50 Bitcoin theft. First seen…
-
State-Backed Hackers Exploiting Windows Zero-Day Since 2017
by
in SecurityNewsAt least 11 state-sponsored hacking groups from North Korea, Iran, Russia, and China have been actively exploiting a newly uncovered Windows zero-day vulnerability in cyber espionage and data theft attacks since 2017. Despite clear evidence of exploitation, Microsoft has declined… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/zdi-can-25373-zero-day-exploited-since-2017/
-
UAT-5918 targets critical infrastructure entities in Taiwan
by
in SecurityNewsUAT-5918, a threat actor believed to be motivated by establishing long-term access for information theft, uses a combination of web shells and open-sourced tooling to conduct post-compromise activities to establish persistence in victim environments for information theft and credential harvesting. First seen on blog.talosintelligence.com Jump to article: blog.talosintelligence.com/uat-5918-targets-critical-infra-in-taiwan/
-
Attack time frames are shrinking rapidly. Here’s how cyber teams can cope
by
in SecurityNewsTime frame changes to time to exploit: The time frames are quickly shortening as the focus by a variety of attackers’ ransomware efforts shift to data stealing first, rather than trying to collect ransoms.A recent Huntress Cyber Report shows that that TTE, which the researchers refer to as “time-to-ransom” or TTR, has dropped to a few…
-
Nation-state actors and cybercrime gangs abuse malicious .lnk files for espionage and data theft
by
in SecurityNews11 state-sponsored APTs exploit malicious .lnk files for espionage and data theft, with ZDI uncovering 1,000 such files used in attacks. At least 11 state-sponsored threat groups have been abusing Windows shortcut files for espionage and data theft, according to an analysis by Trend Micro’s Zero Day Initiative (ZDI). Trend ZDI researchers discovered 1,000 malicious…
-
New Windows zero-day exploited by 11 state hacking groups since 2017
by
in SecurityNewsAt least 11 state-backed hacking groups from North Korea, Iran, Russia, and China have been exploiting a new Windows vulnerability in data theft and cyber espionage zero-day attacks since 2017. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/new-windows-zero-day-exploited-by-11-state-hacking-groups-since-2017/
-
Unpatched Windows Zero-Day Flaw Exploited by 11 State-Sponsored Threat Groups Since 2017
by
in SecurityNewsAn unpatched security flaw impacting Microsoft Windows has been exploited by 11 state-sponsored groups from China, Iran, North Korea, and Russia as part of data theft, espionage, and financially motivated campaigns that date back to 2017.The zero-day vulnerability, tracked by Trend Micro’s Zero Day Initiative (ZDI) as ZDI-CAN-25373, refers to an issue that allows bad…