#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
Cloud Security

email scams | Breaking Cybersecurity News | The Hacker News

Hacker Ordered to Pay Back Nearly £1 Million to Phishing Victims

Hacker Ordered to Pay Back Nearly £1 Million to Phishing Victims

Aug 23, 2019
A prolific hacker who carried out phishing scams against hundreds of companies worldwide has been ordered to pay back more than $1.1 million (over £922,000) worth of cryptocurrencies to his victims. Grant West , a 27-year-old resident of Kent, England, targeted several well-known companies around the world since 2015 to obtain the financial data of tens of thousands of customers and then sold that data on underground forums in exchange for Bitcoins or other cryptocurrencies. West, who operated under the online moniker of 'Courvoisier,' stashed the resulting cryptocurrencies in multiple accounts and wallets, which was confiscated by the Metropolitan police after West's arrest in September 2017 following a two-year-long investigation code-named ' Operation Draba .' Metropolitan Police Cyber Crime Unit (MPCCU) also seized an SD card from West's home, which contained approximately 78 million individual usernames and passwords as well as 63,000 credit and de
Email Phishers Using A Simple Way to Bypass MS Office 365 Protection

Email Phishers Using A Simple Way to Bypass MS Office 365 Protection

Jun 19, 2018
Security researchers have been warning about a simple technique that cyber criminals and email scammers are using in the wild to bypass most AI-powered phishing detection mechanisms implemented by widely used email services and web security scanners. Dubbed ZeroFont , the technique involves inserting hidden words with a font size of zero within the actual content of a phishing email, keeping its visual appearance same, but at the same time, making it non-malicious in the eyes of email security scanners. According to cloud security company Avanan , Microsoft Office 365 also fails to detect such emails as malicious crafted using ZeroFont technique. Like Microsoft Office 365, many emails and web security services use natural language processing and other artificial intelligence-based machine learning techniques to identify malicious or phishing emails faster. The technology helps security companies to analyze, understand and derive meaning from unstructured text embedded in an
Timing is Everything: The Role of Just-in-Time Privileged Access in Security Evolution

Timing is Everything: The Role of Just-in-Time Privileged Access in Security Evolution

Apr 15, 2024Active Directory / Attack Surface
To minimize the risk of privilege misuse, a trend in the privileged access management (PAM) solution market involves implementing just-in-time (JIT) privileged access. This approach to  privileged identity management  aims to mitigate the risks associated with prolonged high-level access by granting privileges temporarily and only when necessary, rather than providing users with continuous high-level privileges. By adopting this strategy, organizations can enhance security, minimize the window of opportunity for potential attackers and ensure that users access privileged resources only when necessary.  What is JIT and why is it important?   JIT privileged access provisioning  involves granting privileged access to users on a temporary basis, aligning with the concept of least privilege. This principle provides users with only the minimum level of access required to perform their tasks, and only for the amount of time required to do so. One of the key advantages of JIT provisioning
Feds Arrest 74 Email Fraudsters Involved in Nigerian BEC Scams

Feds Arrest 74 Email Fraudsters Involved in Nigerian BEC Scams

Jun 12, 2018
The United States Department of Justice announced Monday the arrest of 74 email fraudsters across three continents in a global crackdown on a large-scale business email compromise (BEC) scheme. The arrest was the result of a six-month-long operation dubbed " Operation Wire Wire " that involved the US Department of Justice, the US Department of Homeland Security, the US Treasury, and the US Postal Inspection Service. The international law enforcement authorities led by the FBI arrested 42 of the total 74 individuals involved in BEC scheme in the United States, 29 in Nigeria and 3 each in Canada, Mauritius, and Poland. "Foreign citizens perpetrate many BEC scams. Those individuals are often members of transnational criminal organizations, which originated in Nigeria but have spread throughout the world," the DoJ says. Moreover, the authorities seized nearly $2.4 million and recovered about $14 million in fraudulent transfers, according to the FBI, which estima
cyber security

Today's Top 4 Identity Threat Exposures: Where To Find Them and How To Stop Them

websiteSilverfortIdentity Protection / Attack Surface
Explore the first ever threat report 100% focused on the prevalence of identity security gaps you may not be aware of.
Cybersecurity Resources