Tag: theft
-
Windows Themes zero-day bug exposes users to NTLM credential theft
by
in SecurityNewsFirst seen on theregister.com Jump to article: www.theregister.com/2024/10/30/zeroday_windows_themes/
-
Suspect arrested in Snowflake data-theft attacks affecting millions
by
in SecurityNewsThreat actor exploited account credentials swept up by infostealers years earlier. First seen on arstechnica.com Jump to article: arstechnica.com/security/2024/11/suspect-arrested-in-snowflake-data-theft-attacks-affecting-millions/
-
FBI pierces ‘anonymity’ of cryptocurrency, secret domain registrars in Scattered Spider probe
by
in SecurityNewsThe US Justice Department on Wednesday announced the arrest of five suspected members of the notorious Scattered Spider phishing crew, but the most interesting part of the case was a US Federal Bureau of Investigation (FBI) document detailing how easily the feds were able to track the phishers’ movements and activities. In recent years, services that push…
-
Walking the Walk: How Tenable Embraces Its >>Secure by Design<< Pledge to CISA
by
in SecurityNews
Tags: access, application-security, attack, authentication, best-practice, business, cisa, cloud, conference, container, control, credentials, cve, cvss, cyber, cybersecurity, data, data-breach, defense, exploit, Hardware, identity, infrastructure, injection, Internet, leak, lessons-learned, mfa, open-source, passkey, password, phishing, risk, saas, service, siem, software, sql, strategy, supply-chain, theft, threat, tool, update, vulnerability, vulnerability-managementAs a cybersecurity leader, Tenable was proud to be one of the original signatories of CISA’s “Secure by Design” pledge earlier this year. Our embrace of this pledge underscores our commitment to security-first principles and reaffirms our dedication to shipping robust, secure products that our users can trust. Read on to learn how we’re standing…
-
Cybersecurity Snapshot: Prompt Injection and Data Disclosure Top OWASP’s List of Cyber Risks for GenAI LLM Apps
by
in SecurityNews
Tags: access, advisory, ai, application-security, attack, backup, best-practice, breach, cisa, cloud, computer, cve, cyber, cyberattack, cybercrime, cybersecurity, data, exploit, extortion, firewall, framework, governance, government, group, guide, Hardware, incident, incident response, infrastructure, injection, intelligence, Internet, LLM, malicious, microsoft, mitigation, mitre, monitoring, network, nist, office, open-source, powershell, privacy, ransomware, regulation, risk, risk-management, russia, service, skills, software, sql, strategy, supply-chain, tactics, technology, theft, threat, tool, update, vulnerability, vulnerability-management, windowsDon’t miss OWASP’s update to its “Top 10 Risks for LLMs” list. Plus, the ranking of the most harmful software weaknesses is out. Meanwhile, critical infrastructure orgs have a new framework for using AI securely. And get the latest on the BianLian ransomware gang and on the challenges of protecting water and transportation systems against…
-
CISA says BianLian ransomware now focuses only on data theft
by
in SecurityNews
Tags: advisory, cisa, cyber, cybersecurity, data, extortion, group, infrastructure, ransomware, tactics, theftThe BianLian ransomware operation has shifted its tactics, becoming primarily a data theft extortion group, according to an updated advisory from the U.S. Cybersecurity & Infrastructure Security Agency, the FBI, and the Australian Cyber Security Centre. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/cisa-says-bianlian-ransomware-now-focuses-only-on-data-theft/
-
The Dangerous Blend of Phishing for Government IDs and Facial Recognition Video
by
in SecurityNewsIn an era where online convenience has become the norm, the risk of identity theft through scam websites has surged. The potential for exploitation grows as more services transition to conducting business online. These sites pose a significant risk to personal security and undermine public trust in the digital infrastructure we have in place. A…
-
Feds Indict 5 Suspects Tied to Scattered Spider Cybercrime
by
in SecurityNewsFBI Ties Men to at Least 45 Attacks and Theft of Cryptocurrency Worth Millions. The U.S. government on Wednesday unsealed criminal charges against five suspected members of the loosely organized financially motivated cybercriminal group Scattered Spider. The suspects have been tied to 45 attacks, disrupting businesses and stealing cryptocurrency worth millions of dollars. First seen…
-
Financial Software Firm Finastra Investigating Data Breach
by
in SecurityNewsFinastra is investigating a data breach after a hacker claimed the theft of information from an internal file-transfer application. The post Financial Software Firm Finastra Investigating Data Breach appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/financial-software-firm-finastra-investigating-data-breach/
-
Phishing Scheme Busted: U.S. Charges Five in Cryptocurrency Theft
by
in SecurityNewsThe U.S. law enforcement has unsealed criminal charges against five individuals involved in a large-scale phishing scheme targeting employees at companies across the United States. First seen on thecyberexpress.com Jump to article: thecyberexpress.com/running-phishing-scheme/
-
Ford data breach involved a third-party supplier
by
in SecurityNewsFord investigates a data breach linked to a third-party supplier and pointed out that its systems and customer data were not compromised. Ford investigation investigated a data breach after a threat actors claimed the theft of customer information on the BreachForums cybercrime. On November 17, threat actors IntelBroker and EnergyWeaponUser published a post on BreachForums…
-
Five alleged members of Scattered Spider cybercrime group charged for breaches, theft of $11 million
by
in SecurityNewsFirst seen on therecord.media Jump to article: therecord.media/five-scattered-spider-members-charged-breaches-11-million-theft
-
Equinox Notifies 21,000 Patients And Staff Of Data Theft
by
in SecurityNewsFirst seen on packetstormsecurity.com Jump to article: packetstormsecurity.com/news/view/36619/Equinox-Notifies-21-000-Patients-And-Staff-Of-Data-Theft.html
-
Healthcare org Equinox notifies 21K patients and staff of data theft
by
in SecurityNewsRansomware scum LockBit claims it did the dirty deed First seen on theregister.com Jump to article: www.theregister.com/2024/11/20/equinox_patients_employees_data/
-
Fortinet VPN zero-day leveraged in new Chinese credential theft campaign
by
in SecurityNewsFirst seen on scworld.com Jump to article: www.scworld.com/brief/fortinet-vpn-zero-day-leveraged-in-new-chinese-credential-theft-campaign
-
Hackers Redirect $250,000 Payment in iLearningEngines Cyberattack
by
in SecurityNewsAI-powered learning automation firm iLearningEngines has been targeted in a cyberattack that resulted in the theft of $250,000. The post Hackers Redirect $250,000 Payment in iLearningEngines Cyberattack appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/hackers-redirect-250000-payment-in-ilearningengines-cyberattack/
-
Ford Investigating Potential Breach After Hackers Claim Data Theft
by
in SecurityNewsFord has launched an investigation after hackers claimed to have stolen 44,000 customer data records. The post Ford Investigating Potential Breach After Hackers Claim Data Theft appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/ford-investigating-potential-breach-after-hackers-claim-data-theft/
-
How and where to report cybercrime: What you need to know
by
in SecurityNewsCybercrime reporting mechanisms vary across the globe, with each country offering different methods for citizens to report cybercrime, including online fraud, identity theft, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2024/11/18/how-to-report-cybercrime/
-
Two-Step Phishing Technique Leveraging Microsoft Visio Files Exposed by Researchers
by
in SecurityNewsPerception Point’s latest findings have uncovered an advanced two-step phishing technique exploiting Microsoft Visio files (.vsdx) and SharePoint to launch highly deceptive credential theft campaigns. Traditionally used for professional diagrams... First seen on securityonline.info Jump to article: securityonline.info/two-step-phishing-technique-leveraging-microsoft-visio-files-exposed-by-researchers/
-
One Brooklyn Agrees to $1.5M Settlement in 2022 Hack Lawsuit
by
in SecurityNewsHealth System’s Cyberattack Affected More Than 235,000 Patients, Employees, Others. A New York state court has approved a preliminary $1.5 million settlement of a consolidated proposed class action lawsuit against One Brooklyn Health System following a November 2022 cyberattack that involved theft of sensitive health data belonging to more than 235,000 people. First seen on…
-
Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison
by
in SecurityNewsBitfinex hacker, Ilya Lichtenstein, who stole 1 billion worth of Bitcoins from Bitfinex in 2016, has been sentenced to five years in prison. >>Ilya Lichtenstein was sentenced today to five years in prison for his involvement in a money laundering conspiracy arising from the hack and theft of approximately 120,000 bitcoin from Bitfinex, a global…
-
Bitfinex Hacker Sentenced to 5 Years for Massive Bitcoin Heist and Laundering Scheme
by
in SecurityNewsIlya Lichtenstein, the mastermind behind the infamous 2016 Bitfinex hack, has been sentenced to five years in prison for his role in the theft of nearly 120,000 Bitcoin, valued at... First seen on securityonline.info Jump to article: securityonline.info/bitfinex-hacker-sentenced-to-5-years-for-massive-bitcoin-heist-and-laundering-scheme/
-
Bitfinex Hacker Sentenced to 5 Years, Guilty of Laundering $10.5 Billion in Bitcoin
by
in SecurityNewsIlya Lichtenstein, who pleaded guilty to the 2016 hack of cryptocurrency stock exchange Bitfinex, has been sentenced to five years in prison, the U.S. Department of Justice (DoJ) announced Thursday.Lichtenstein was charged for his involvement in a money laundering scheme that led to the theft of nearly 120,000 bitcoins (valued at over $10.5 billion at…
-
Feds find ‘broad and significant’ China espionage campaign in US telecom networks
The FBI and CISA warned the nation-state affiliated malicious activities are extensive and include the theft of sensitive call records and court-ordered information. First seen on cybersecuritydive.com Jump to article: www.cybersecuritydive.com/news/china-espionage-us-telecom-networks/732947/
-
Idaho Man Sentenced to 10 Years in Prison for Hacking, Data Theft, Extortion
by
in SecurityNewsRobert Purbeck was sentenced to 10 years in prison for stealing the personal information of over 132,000 people. The post Idaho Man Sentenced to 10 Years in Prison for Hacking, Data Theft, Extortion appeared first on SecurityWeek. First seen on securityweek.com Jump to article: www.securityweek.com/idaho-man-sentenced-to-10-years-in-prison-for-hacking-data-theft-extortion/
-
Delhi Police Crack Down on WazirX Crypto Heist, Arrest Bengal Man for ₹2,000 Crore Theft
by
in SecurityNewsDelhi Police have arrested a key suspect, SK Masud Alam, a resident of East Midnapore in West Bengal for a massive WazirX cyberattack. Alam is accused of being involved in the WazirX crypto heist, a high-profile cyberattack that saw the theft of over ₹2,000 crore (approximately $230 million) worth of digital assets. First seen on thecyberexpress.com…
-
Critical Flaws in Ollama AI Framework Could Enable DoS, Model Theft, and Poisoning
by
in SecurityNewsCybersecurity researchers have disclosed six security flaws in the Ollama artificial intelligence (AI) framework that could be exploited by a maliciou… First seen on thehackernews.com Jump to article: thehackernews.com/2024/11/critical-flaws-in-ollama-ai-framework.html