#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Get the Free Newsletter
SaaS Security

Search results for cyber criminals | Breaking Cybersecurity News | The Hacker News

Ecuador Bank Hacked — $12 Million Stolen in 3rd Attack on SWIFT System

Ecuador Bank Hacked — $12 Million Stolen in 3rd Attack on SWIFT System

May 21, 2016
Bangladesh is not the only bank that had become victim to the cyber heist . In fact, it appears to be just a part of the widespread cyber attack on global banking and financial sector by hackers who target the backbone of the world financial system, SWIFT. Yes, the global banking messaging system that thousands of banks and companies around the world use to transfer Billions of dollars in transfers each day is under attack. A third case involving SWIFT has emerged in which cyber criminals have stolen about $12 million from an Ecuadorian bank that contained numerous similarities of later attacks against Bangladesh's central bank that lost $81 Million in the cyber heist . The attack on Banco del Austro (BDA) in Ecuador occurred in January 2015 and, revealed via a lawsuit filed by BDA against Wells Fargo, a San Francisco-based bank on Jan. 28, Reuters reported. Here's how cyber criminals target banks: Uses malware to circumvent local security systems of a bank. Gains acces
Ransomware Attacks Threaten Wearable Devices and Internet of Things

Ransomware Attacks Threaten Wearable Devices and Internet of Things

Aug 14, 2015
Are you a proud owner of a Smartwatch, a Smart TV , a Smart fridge, a Smart lock, an Internet-enabled car , or live in a smart city? Caution! Recently, it has been reported that the growth of the Internet of Things would eventually lead to cyber criminals in making lots of money, as they started attacking the Internet of Things for Ransom. Yes, the latest Interest of the cyber criminals in the field of Internet of Things is ' Ransomware '. Internet of Things (IoT) such as Android and iOS-based wearable Smartwatches and the concept of connected homes has now given a treat to the current generation Ransomware. With the advancements in Technology, cyber criminals are simultaneously promoting themselves from the threat known for restricting computers or encrypting files and asking users for money in return for gaining back access to their systems. From computers to mobile phones, now criminals are targeting the IoT and the wearables devices. Security resea
Making Sense of Operational Technology Attacks: The Past, Present, and Future

Making Sense of Operational Technology Attacks: The Past, Present, and Future

Mar 21, 2024Operational Technology / SCADA Security
When you read reports about cyber-attacks affecting operational technology (OT), it's easy to get caught up in the hype and assume every single one is sophisticated. But are OT environments all over the world really besieged by a constant barrage of complex cyber-attacks? Answering that would require breaking down the different types of OT cyber-attacks and then looking back on all the historical attacks to see how those types compare.  The Types of OT Cyber-Attacks Over the past few decades, there has been a growing awareness of the need for improved cybersecurity practices in IT's lesser-known counterpart, OT. In fact, the lines of what constitutes a cyber-attack on OT have never been well defined, and if anything, they have further blurred over time. Therefore, we'd like to begin this post with a discussion around the ways in which cyber-attacks can either target or just simply impact OT, and why it might be important for us to make the distinction going forward. Figure 1 The Pu
Online security losing cyber battle !

Online security losing cyber battle !

Feb 19, 2011
THE internet was never meant to do sensitive banking transactions, cyber criminals are winning the war against online security and Australia's easy going nature is making us vulnerable targets to ever-more sophisticated internet thugs. That was San Francisco-based internet security watcher and author Joseph Menn's assessment of the current state of the internet before he spoke to the Internet Industry Association's gala dinner in Sydney last night. The only glimmer of hope was that people were becoming more aware of the risks involved with the internet - which he described as a "loaded gun" - but we have to be even more savvy if we are not to be become a cyber crime victim. Mr Menn said when he interviewed the former head of the US Department of Justice's Cyber Crime Unit she said half of all credit cards were in the hands of criminals. "And if your credit card details weren't in criminals' hands it was only because they hadn't got around to
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Obama urged to expand State Department’s cybercrime reach !

Obama urged to expand State Department's cybercrime reach !

Dec 14, 2010
In New York on Sunday, lawmakers urged President Obama to expand the U.S. State Department's foreign policy mechanisms to address crime and security on the Internet. The recent attacks on companies that severed ties to WikiLeaks were cited as one of the main reasons these changes were needed. Standing at Symantec's New York City office, Senator Kirsten Gillibrand and Representative Yvette D. Clarke urged the President to adopt proposals that protect New York businesses and infrastructure. These proposals would put foreign countries that fail to enforce cyber security laws on notice, and even apply sanctioning to those that do not cooperate. For the past week, the lawmakers explained during a press event, MasterCard, Visa, PayPal, and other American companies were sabotaged by a string of coordinated attacks. The reason for said attacks is due to the fact that each company cut ties to WikiLeaks. They said the global cyber assault was "intended to flood the companies' web
Cyber Criminals can make your Diwali unforgettable with Scams

Cyber Criminals can make your Diwali unforgettable with Scams

Nov 11, 2012
Cyber criminals become hyper active during festivals. Diwali is no exception. Shantanu Ghosh, Vice-President and Managing Director (India Product Operations) of Internet security solutions company Symantec has observed that malware authors and spammers are using Diwali (The festival of lights that's celebrated across the world (primarily in the Indian sub-continent) as the latest event to lure unsuspecting users into downloading malware, buying products, and falling for scams. Shantanu said cyber criminals attempt to 'poison' web search engine results to take advantage of huge rush in search activity during popular events. " We have observed that cyber attackers are using various techniques to make the most of Diwali, " he warned. Cyber-attackers make use of social engineering tactics to lure users to purchase from or register on unknown websites. Users may be exposing personal information to Internet scammers. " Before giving into the temptation of clicking on a link in
To Tackle Cyber Crime, FBI Could Hire Hackers Who Smoke Weed

To Tackle Cyber Crime, FBI Could Hire Hackers Who Smoke Weed

May 21, 2014
Federal Bureau of Investigation (FBI) has been authorized by U.S Congress to hire 2,000 new employees this year, and many of those will be young hackers and Programmers in order to built-up its cyber crime division, but FBI's Director 'James B. Comey' is facing some difficulties. Apparently, FBI's Strict Anti-Drug Policy is making it very difficult for them to go after real criminals because most of the hackers have a fondness of smoking weeds, illicit drug. According to US agency policy, they won't hire anyone who used marijuana in the last three years, but it seems that now the law enforcement agency has to think about deviating from its own policy to get right talent to tackle cybercrimes over the Internet which has become a first priority for the agency. Recently, During an annual conference held at Manhattan's New York City Bar Association, One attendee asked James B. Comey that -- One of his friend who considered an FBI job but ultimately did not apply becaus
FBI — Botnets Infecting 18 Computers per Second. But How Many of Them NSA Holds?

FBI — Botnets Infecting 18 Computers per Second. But How Many of Them NSA Holds?

Jul 17, 2014
Botnets - a secretly compromised networks of ordinary home and office computers with rogue software or "malware" that are controlled by an individual criminal or a group - has dramatically increased over the past several years and are considered to pose the biggest threat to the Internet. Cyber criminals have brushed-up their hacking skills and are using Botnets as a cyber weapon to carry out multiple crimes like DDoS attacks (distributed denial of service), mass spamming, page rank and advertising revenue manipulation, mining bitcoins, cyber espionage and surveillance etc. 18 BOTNET INFECTIONS PER SECOND According to the director of FBI's cyber division, Joseph Demarest, Botnet has become one of the biggest enemies of the Internet today, and therefore its impact has been significant. Yesterday during a hearing before a U.S. Senate committee, he says that every second 18 computers worldwide are part of botnet armies, which amounts to over 500 million comp
Hackers Install Free SSL Certs from Let's Encrypt On Malicious Web Sites

Hackers Install Free SSL Certs from Let's Encrypt On Malicious Web Sites

Jan 07, 2016
Who else didn't see this coming? It was so obvious as I stressed earlier that the  Let's Encrypt free HTTPS certificates would not just help legitimate website operators to encrypt its users' traffic, but also help criminals to bother innocent users with malware through secure sites. Let's Encrypt allows anyone to obtain free SSL/TLS ( Secure Socket Layer/Transport Layer Security ) certificates for their web servers that encrypt all the Internet traffic passed between a server and users. Let's Encrypt is recognized by all major browsers, including Google's Chrome, Mozilla's Firefox and Microsoft's Internet Explorer. The organization started offering Free HTTPS certs to everyone from last month, and it is very easy for anyone to set up an HTTPS website in a few simple steps ( How to Install Free SSL Cert ). However, the most bothersome part is that Let's Encrypt free SSL certs are not only used by website owners to secure its
As New Clues Emerges, Experts Wonder: Is REvil Back?

As New Clues Emerges, Experts Wonder: Is REvil Back?

Jul 05, 2022
Change is a part of life, and nothing stays the same for too long, even with hacking groups, which are at their most dangerous when working in complete silence. The notorious REvil  ransomware  gang, linked to the infamous JBS and Kaseya, has resurfaced three months after the arrest of its members in Russia. The Russian domestic intelligence service, the FSB, had caught 14 people from the gang. In this apprehension, the 14 members of the gang were found in possession of 426 million roubles, $600,000, 500,000 euros, computer equipment, and 20 luxury cars were brought to justice. REvil Ransomware Gang- The Context The financially-motivated cybercriminal threat group Gold Southfield controlled ransomware group known as REvil emerged in 2019 and spread like wildfire after extorting $11 million from the meat-processor JBS. REvil would incentivize its affiliates to carry out cyberattacks for them by giving a percentage of the ransom pay-outs to those who help with infiltration activitie
360 Million Stolen Credential FOR SALE on Underground Black Market

360 Million Stolen Credential FOR SALE on Underground Black Market

Feb 27, 2014
Your Financial Credentials are on SALE on the Underground Black Market without your Knowledge… sounds like a nightmare, but it's TRUE. Cyber security firm, Hold Security, said it has traced over 360 million stolen account credentials that are available for Sale on Hacker's black market websites over past three weeks. The credentials include usernames, email addresses, and passwords that are in unencrypted in most cases, according to the report released on Tuesday. It is not known till now from where these credentials exactly were stolen, but the security researchers estimated that these credentials are a result of multiple breaches. Since the banking credentials are one of the most ' valuable bounties ' for the cyber criminals, and the ways to steal these credentials can be directly from the companies and from the services in which users entrust data as well. According to Hold Security, in addition to the sale of 360 million credentials, the cyber criminals are  s
China is planting spying microchips in Electric Iron and kettles that can scan Wi-Fi devices to serve malware

China is planting spying microchips in Electric Iron and kettles that can scan Wi-Fi devices to serve malware

Nov 01, 2013
We have discussed many times in our stories the network of Intelligent devices , their capabilities and the possibilities that cyber criminals could exploit them for illegal activities. Hidden chips are used by cyber criminals and state-sponsored hackers to infiltrate company networks and organizations for various purposes, to send out spam or for cyber espionage . The fact has happened in Russia, the State-owned channel Rossiya 24 has showed the images of an electric iron included in a batch of Chinese imports where the operators find a chip used for spying the environment surround. China is planting Microchips practically in every electrical device, as recently it has been discovered that the  electric iron  and kettles were modified with this technique to launch spam attacks. The Microchips were equipped with a little microphone and according to the correspondent the component were mostly being used to serve malware and the chips in fact are able to connect any co
SNMP Reflection DDoS Attacks on the Rise

SNMP Reflection DDoS Attacks on the Rise

May 23, 2014
The DDoS techniques have massively increased with the attackers becoming more skillful at working around the network security. A massive 300Gbps DDoS attack launched against Spamhaus website almost broke the Internet a year ago and also earlier this year, hackers have succeeded in reaching new heights of the massive DDoS attack targeting content-delivery and anti-DDoS protection firm CloudFlare, reaching more than 400Gbps at its peak of traffic. Akamai's Prolexic Security Engineering and Response Team (PLXsert) issued a threat advisory on Thursday reporting a significant surge in DDoS attacks last month abusing the Simple Network Management Protocol (SNMP) interface in network devices. Simple Network Management Protocol (SNMP) is a UDP-based protocol which is commonly known and often used to manage network devices. SNMP is typically used in devices such as printers, routers and firewalls that can be found in the home and enterprise environments as well. Just as D
Cyber Criminals Selling Millions of U.S military email addresses

Cyber Criminals Selling Millions of U.S military email addresses

Mar 18, 2012
Cyber Criminals Selling Millions of U.S military email addresses Web based underground market service currently selling Millions of harvested U.S government and U.S military harvested emails addresses to potential spammers, and find out just how easy it is to purchase that kind of data within the cyber crime ecosystem. Cyber criminals are getting more sophisticated in their scams and phishing schemes, which are designed to steal personal data and financial information. Spammers and virus creators are motivated by money and backed by organized crime on a global scale. They are also launching massive attacks on anti-spam organizations in an attempt to bring them down. In respect to targeted malware attacks, the service is currently offering 2.462.935 U.S government email addresses, and another 2.178.000 U.S military email addresses. A Screenshot of the inventory of harvested emails currently offered for sale: Spammers buy lists from brokers that continuously harvest email addresses
TESCO Customers' account details leaked online

TESCO Customers' account details leaked online

Feb 15, 2014
You all were busy in celebrating Valentine's Day with your loved ones, and the cyber criminals were too celebrating the day in their own way, and this time, with the TESCO customers. A list of over 2,240 Tesco.com  Internet Shopping accounts was posted Online on the Pastebin website by some unknown hackers on Thursday, allowing access to online shopping accounts, personal details and Tesco Clubcard vouchers, reported by The Guardian . A Tesco spokesperson told The Hacker News that this information has not come from Tesco's website itself, rather there have been high profile hacks on other businesses  A Tesco spokesperson said, " We take the security of our customers' data extremely seriously and are urgently investigating these claims. " " We have contacted all customers who may have been affected and are committed to ensuring that none of them miss out as a result of this. We will issue replacement vouchers to the very small numbers who are affected. "
Beware! Cyber Criminals may spoil your Valentine's Day

Beware! Cyber Criminals may spoil your Valentine's Day

Feb 11, 2014
Valentine's Day   - a day of hearts, Chocolates, Flowers and Celebrations when people express their emotions to their loved ones and most of us send E-cards, purchase special gifts with the help of various Online Shop Sites and many other tantrums making them feel special. While you are busy in Googling ideal gifts for your loved ones, the Cyber thieves are also busy in taking advantage of such events by spreading various malware , phishing campaigns and fraud schemes as these days come out to be a goldmine for the cyber criminals. Online Shopping Scams are popular among Cyber criminals as it is the easiest way for hackers to steal money in easy and untraceable ways. Security Researchers at Anti virus firm - Trend Micro discovered various Valentine's Day threats which are common at such occasion i.e. A flower-delivery service and it appears to be a normal promotional e-mail, but the links actually lead to various survey scams. The Malware threats also arr
On-Demand Webinar: New CISO Survey Reveals Top Challenges for Small Cyber Security Teams

On-Demand Webinar: New CISO Survey Reveals Top Challenges for Small Cyber Security Teams

Aug 03, 2022
The only threat more persistent to organizations than cyber criminals? The cyber security skills crisis.  Nearly  60% of enterprises  can't find the staff to protect their data (and reputations!) from new and emerging breeds of cyber-attacks, reports the Information Systems Security Association (ISSA) in its 5th annual global industry study.  The result?  Heavier workloads, unfilled positions, and burnout.  And technology  isn't  easing the burden in many organizations, especially smaller ones. In fact, it's making the problem worse, suggests  Cynet's recent CISO survey . Big Tech Pushes Small Teams to the Limits Tech stacks normally supercharge cyber security teams, but in the case of crews of five or fewer — it just leads to overwhelm. For example, it took them an average of 18 months to fully implement and feel proficient in endpoint detection and response (EDR) tools — making the technology yet another barrier to cyber security for the  85% of teams adopting it in 2022 .  Su
Cybersecurity Resources