#1 Trusted Cybersecurity News Platform Followed by 4.50+ million
The Hacker News Logo
Subscribe – Get Latest News
SaaS Security

Search results for cyber criminals | Breaking Cybersecurity News | The Hacker News

WhatsApp for Windows? Naaa.. Hackers are spamming Malware as WhatsApp Software

WhatsApp for Windows? Naaa.. Hackers are spamming Malware as WhatsApp Software

Jan 24, 2014
Cyber criminals are taking advantage of the widespread popularity of the mobile messaging app ' WhatsApp '. A malware expert at the Kaspersky Lab revealed a large-scale spamming campaign, advertising a fake PC version of the WhatsApp , to spread a banking trojan. According to the report, unaware users have received an email written in Portuguese language , it also tries to deceive the recipient with a social engineering tactic in which cyber criminals composed the malicious email informing that victims already have 11 pending friend invitations.  If users click on the " Baixar Agora " (Download Now) link in the spam email, they will be redirected to a Hightail.com URL to download the Trojan. Hightail is a cloud storage service, the malicious component deployed on it then downloads the malware via a server in Brazil. The file stored on Hightail server looks like a 64-bit installation file bundled with 2.5 megabyte MP3 file. According to Virus Total engine, onl
Warning! Invitation for PC Version of 'Grand Theft Auto V' Game infects Computers with Malware

Warning! Invitation for PC Version of 'Grand Theft Auto V' Game infects Computers with Malware

Mar 19, 2014
Since all the versions of the popular game ' Grand Theft ' gone blatant and during the first week of the release of the Grand Theft Auto 4 in 2008, it topped half of millions of dollars, sold 3.6 million copies and generated $310 million in sales i.e., earning about 5 times as much as the blockbuster movie - Iron Man. But the latest version -- Grand Theft Auto V is only available for the Xbox 360 and PS3 and there are rumors of a PC version of it on GameStop's PowerUp Rewards website. So, it's very common that if I offer you Grand Theft Auto V for PC, you eagerly want it.  Mind this, " There is no Grand Theft Auto V for PC ," accept the reality and don't let cyber criminals take leverage of this fact. If you receive any email that alerts that you have been invited to the PC beta test for the game, considering it unreal, don't click on embedded links in the email because it can lead you to several bad websites that will infect you with all kinds of malwa
How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

How to Accelerate Vendor Risk Assessments in the Age of SaaS Sprawl

Mar 21, 2024SaaS Security / Endpoint Security
In today's digital-first business environment dominated by SaaS applications, organizations increasingly depend on third-party vendors for essential cloud services and software solutions. As more vendors and services are added to the mix, the complexity and potential vulnerabilities within the  SaaS supply chain  snowball quickly. That's why effective vendor risk management (VRM) is a critical strategy in identifying, assessing, and mitigating risks to protect organizational assets and data integrity. Meanwhile, common approaches to vendor risk assessments are too slow and static for the modern world of SaaS. Most organizations have simply adapted their legacy evaluation techniques for on-premise software to apply to SaaS providers. This not only creates massive bottlenecks, but also causes organizations to inadvertently accept far too much risk. To effectively adapt to the realities of modern work, two major aspects need to change: the timeline of initial assessment must shorte
Malicious Chrome Extension Hijacks CryptoCurrencies and Wallets

Malicious Chrome Extension Hijacks CryptoCurrencies and Wallets

Apr 25, 2014
Although the number of malicious browser extensions has significantly increased in the past years, but recently a new extension of the Google Chrome is allegedly targeting Cryptocurrency users that is capable of stealing Bitcoins and other crypto coins silently. The malicious Chrome browser extension dubbed as ' Cryptsy Dogecoin (DOGE) Live Ticker ' which is available on Chrome Web store for free downloads and developed by " TheTrollBox " account. Reddit user noticed that the updated version of the extension has a malicious code, which is designed to hijack the crypto currency transactions. HOW CHROME EXTENSION STEALS CRYPTOCURRENCY It is very obvious that the kind of crypto related software extensions is downloaded only by the users who deal with the digital currency. So, once the user installed the malicious extension, the software within the extension starts monitoring users' web activity and looks for those users who go to Cryptocurrency exchange sites s
cyber security

Automated remediation solutions are crucial for security

websiteWing SecurityShadow IT / SaaS Security
Especially when it comes to securing employees' SaaS usage, don't settle for a longer to-do list. Auto-remediation is key to achieving SaaS security.
Europol and IT Security Companies Team Up to Combat Ransomware Threat

Europol and IT Security Companies Team Up to Combat Ransomware Threat

Jul 25, 2016
No More Ransom, so is the Ransomware Threat. The European Police agency Europol has joined forces with police and cyber security companies to launch a worldwide initiative to combat and tackle together the exponential growth of Ransomware used by cyber criminals. Europol announced today the initiative, dubbed NO More Ransom, that has been backed by technology giant Intel, cyber security firm Kaspersky Lab and the Netherlands police, aiming at decreasing an "exponential" rise in Ransomware threat. Ransomware is a piece of malware that typically locks victim's device using encryption and demands a fee to decrypt the important data. The estimated number of ransomware victims tripled in the first quarter of this year alone. "For a few years now ransomware has become a dominant concern for EU law enforcement," said Europol's deputy director Wil van Gemert. "We expect to help many people to recover control over their files, while raising awareness
Hacker wanted by FBI held in India For Carding Crimes

Hacker wanted by FBI held in India For Carding Crimes

Jul 14, 2012
Nikhil Kolbekar, aka HellsAngel, was arrested on July 11 in Mumbai, India. Eric Bogle, known as Swat Runs Train, and Justin Mills, or xTGxKAKAROT, were taken into custody in Canada, respectively Colorado, US.  HellsAngel and  Bogle is suspected of selling complete credit card details, including names, addresses, social security numbers, birth dates, and bank account information. He also sold remote desktop protocol (RDP) access data that could be utilized to breach computers in countries such as Turkey, India, Czech Republic, Brazil, Germany, France, Italy, Spain, Sweden, and others. The suspect, Nikhil Kolbekar, was produced before the Esplanade Court on Thursday and has been remanded in judicial custody. He will be produced before the Patiala House court in Delhi on July 25, with the US pressing for his extradition through the Interpol. Carding refers to various criminal activities associated with stealing personal identification information and financial information belonging to
FIFA World Cup 2014, Big Opportunity for Cybercriminals

FIFA World Cup 2014, Big Opportunity for Cybercriminals

Jun 16, 2014
With the beginning of FIFA World Cup tournaments in Brazil, Football fever is going viral across the world. Soccer or Football is the most popular sport in the world with billions of fans who don't even miss a single tournament. Now, this is the most awaited and rejoicing atmosphere for Football fans as well as cybercriminals right now. For bad actors, the World Cup is a perfect opportunities to scam people online. While you are busy figuring out websites where you can stream live Fifa Matches on your PCs without missing a single moment of the world cup tournament, cyber criminals are also busy to launch phishing attacks in form of scams and malwares in order to victimize the system by several Trojans and viruses. This isn't surprising as cyber criminals have become smart enough to gain from every possible eventuality they get and their prior/common target is every time the users' interest based major news and current events. The most popular threat this World
Hackers Hijacked Chrome Extension for Web Developers With Over 1 Million Users

Hackers Hijacked Chrome Extension for Web Developers With Over 1 Million Users

Aug 03, 2017
From past few years, spammers and cyber criminals were buying web extensions from their developers and then updating them without informing their users to inject bulk advertisements into every website user visits in order to generate large revenue. But now they have shifted their business model—instead of investing, spammers have started a new wave of phishing attacks aimed at hijacking popular browser extensions. Just two days ago, we reported how cyber criminals managed to compromise the Chrome Web Store account of a German developer team and hijacked Copyfish extension , and then modified it with ad-injection capabilities to distribute spam correspondence to users. Now just yesterday, another popular Chrome extension ' Web Developer ' was hijacked by some unknown attackers, who updated the software to directly inject advertisements into the web browser of over its 1 million users. Chris Pederick , the creator of Web Developer Chrome extension that offers various w
FBI Warns of Fake Cryptocurrency Apps Stealing Millions from Investors

FBI Warns of Fake Cryptocurrency Apps Stealing Millions from Investors

Jul 19, 2022
The U.S. Federal Bureau of Investigation (FBI) has warned of cyber criminals building rogue cryptocurrency-themed apps to defraud investors in the virtual assets space. "The FBI has observed cyber criminals contacting U.S. investors, fraudulently claiming to offer legitimate cryptocurrency investment services, and convincing investors to download fraudulent mobile apps, which the cyber criminals have used with increasing success over time to defraud the investors of their cryptocurrency," the agency  said  [PDF]. The illicit scheme, which aims to take advantage of increased interest in the crypto sector, is believed to have netted 244 victims, with losses estimated at $42.7 million between October 4, 2021, and May 13, 2022. According to the law enforcement authority, threat actors are misusing the names, logos, and other identifying information of legitimate businesses to create fake websites in an attempt to lure potential investors. In three instances highlighted by
Israeli Road Control System hacked, caused Traffic jam on Haifa Highway

Israeli Road Control System hacked, caused Traffic jam on Haifa Highway

Oct 28, 2013
Israel is considered one of the most advanced country in cyber security, but at the same time is a privileged target for hostile governments intent in sabotage and cyber espionage on his technology. Yesterday, Cybersecurity experts revealed that a major artery in Israel's national road network located in the northern the city of Haifa suffered a cyber attack, that caused massive traffic congestion in the City. Isreal military officials are aware of cyber threats that could hit the infrastructure of the country and they afraid the possible effect of a cyber attack on a large scale. Israeli government websites suffer thousands of cyberattacks each day according Ofir Ben Avi, head of the government's website division. The Israel Electric Corp. confirmed that its servers register about 6,000 unique computer attacks every second. In June, Prime Minister Benjamin Netanyahu stated that Iran militia, Hezbollah and Hamas have targeted in numerous occasions Israel
Cyber Fraud: Tactics, Techniques and Procedures

Cyber Fraud: Tactics, Techniques and Procedures

Nov 30, 2010
Gone are the days when those BlackHat Hackers would tickle you for fun, Now they will poke you & take your diamonds without you even knowing anything about it until it's too late. Landscape in the Cyber underground has completely changed since then, making it more like well organized business controlled by global entities around the world. It is not just the script kiddies sitting out there in the dark and pulling the strings, the game is now run by skilled experts and high profile business elements making millions overnight. In this process of lucrative business framework, the dark guys have even left behind the white hats who have been struggling to catch up with the smart moves of these these skilled men behind the scenes. . In this direction, this book on "Cyber Fraud" explores all those techniques, technologies and territories owned by the Cyber crooks in an well organized manner by demonstrating the case studies, live examples from the Cyber underground. . He
300 cyber cafes in Nepal come under police scanner !

300 cyber cafes in Nepal come under police scanner !

Dec 28, 2011
Some 300 internet cafes in Nepal have come under the police scanner after the introduction of a new regulation by the government to check cyber crimes. Cyber users will now be required to show ID cards, register their names, address and telephone numbers in the cyber cafe as per the new regulation, chief of the Metropolitan Police Crime Division, SSP Rana Bahadur Chand said. There are around 1,200 cyber cafes in Kathmandu valley and we will gradually bring all under the new law, he informed. As the use of internet is growing day by day among the people in the urban areas, cyber crime has also increased manyfold, he pointed out. As per the instruction of the government, MPCD has initiated steps to bring the cyber cafes, which are being operated in Kathmandu valley, under its scanner, he said. The cafes will now have to provide details to the police whenever demanded, he added. Every month some 8-10 cyber-related cases are being registered with the police, he revealed. People complain a
Supply Chain Attacks and Critical Infrastructure: How CISA Helps Secure a Nation's Crown Jewels

Supply Chain Attacks and Critical Infrastructure: How CISA Helps Secure a Nation's Crown Jewels

Apr 06, 2023 SCADA / Network Security
Critical infrastructure attacks are a preferred target for cyber criminals. Here's why and what's being done to protect them. What is Critical Infrastructure and Why is It Attacked? Critical infrastructure is the physical and digital assets, systems and networks that are vital to national security, the economy, public health, or safety. It can be government- or privately-owned. According to Etay Maor, Senior Director Security Strategy at  Cato Networks , "It's interesting to note critical infrastructure doesn't necessarily have to be power plants or electricity. A nation's monetary system or even a global monetary system can be and should be considered a critical infrastructure as well." These qualities make critical infrastructure a preferred target for cyber attacks. If critical infrastructure is disrupted, the impact is significant. In some cases, such cyber attacks on critical infrastructure have become another means of modern warfare. But unlike
Harkonnen Operation — Malware Campaign that Went Undetected for 12 Years

Harkonnen Operation — Malware Campaign that Went Undetected for 12 Years

Sep 16, 2014
A huge data-stealing cyber espionage campaign that targeted Banks, Corporations and Governments in Germany, Switzerland, and Austria for 12 years, has finally come for probably the longest-lived online malware operation in history. The campaign is dubbed as ' Harkonnen Operation ' and involved more than 800 registered front companies in the UK — all using the same IP address – that helped intruder installs malware on victims' servers and network equipments from different organizations, mainly banks, large corporations and government agencies in Germany, Switzerland and Austria. In total, the cyber criminals made approximately 300 corporations and organisations victims of this well-organised and executed cyber-espionage campaign . CyberTinel , an Israel-based developer of a signature-less endpoint security platform, uncovered this international cyber-espionage campaign hitting Government institutions, Research Laboratories and critical infrastructure facilit
These Are The FBI's Most Wanted Hackers — Total $4.2 Million Reward

These Are The FBI's Most Wanted Hackers — Total $4.2 Million Reward

Jul 01, 2015
The US State Department and the Federal Bureau of Investigation are willing to pay a total $4.2 Million for information leading to the arrest and/or conviction of top 5 most wanted cyber criminals accused of conducting frauds of hundreds of millions of dollars. Evgeniy Bogachev,30; Nicolae Popescu, 34; Alexsey Belan, 28; Peteris Sahurovs, 26; and Shailesh Kumar Jain, 45; are in the list of FBI's Top 5 most-wanted hackers. 1. Evgeniy Mikhailovich Bogachev | Reward - $3 MILLION Evgeniy Mikhailovich Bogachev , also known under the aliases "lucky12345," "Slavik," and "Pollingsoon," is the mastermind behind the GameOver Zeus botnet , which was allegedly used by criminals to infect more than 1 Million computers, resulting in up to $100 Million in losses since 2009. Besides GameOver Zeus botnet, Bogachev is also accused of developing CryptoLocker Ransomware , which was designed to extort money from computer victims by holding their system
Hack or attempt to Hack, you may face 20 years in prison

Hack or attempt to Hack, you may face 20 years in prison

Jan 09, 2014
The Senate Judiciary Committee Chairman ' Patrick Leahy ' reintroduced a revamped version of the " Personal Data Privacy and Security Act " for tough criminal penalties for hackers, that he originally authored in 2005. During last Christmas Holidays, a massive data breach had occurred at the shopping giant  Target,  involving hack of 40 million credit & debit cards, used to pay for purchases at its 1500 stores nationwide in the U.S. Reason: "Target Data Breach? Seriously"?  In a statement, as published below, the Senator wrote: "The recent data breach at Target involving the debit and credit card data of as many as 40 million customers during the Christmas holidays is a reminder that developing a comprehensive national strategy to protect data privacy and cybersecurity remains one of the most challenging and important issues facing our Nation" It seems that the  TARGET Breach  was scheduled, as the best opportunity to ramp up the cyber secu
Cybersecurity Resources