Tag: theft

Russian APT28 hackers have redoubled efforts during Ukraine war, says French security agency

Apr 30, 2025 11:50 PM

Tags: apt, attack, backdoor, cisco, credentials, crowdstrike, cyber, detection, exploit, finance, government, group, hacker, hacking, infrastructure, intelligence, Internet, mail, malicious, military, monitoring, network, phishing, russia, service, theft, ukraine, vpn, vulnerability

Targeting and Compromise of French Entities Using the APT28 Intrusion Set, the group now aggressively targets the networks of government organizations and companies connected to Ukraine’s allies, including France.Since 2021, the group has targeted specific industrial sectors including aerospace, financial services, think tanks and research, local government, and government ministries.Nothing APT28 does stands out as…
New Reports Uncover Jailbreaks, Unsafe Code, and Data Theft Risks in Leading AI Systems

Apr 29, 2025 7:51 PM

Tags: ai, attack, data, intelligence, risk, service, theft, tool, vulnerability

Various generative artificial intelligence (GenAI) services have been found vulnerable to two types of jailbreak attacks that make it possible to produce illicit or dangerous content.The first of the two techniques, codenamed Inception, instructs an AI tool to imagine a fictitious scenario, which can then be adapted into a second scenario within the first one…
The state of intrusions: Stolen credentials and perimeter exploits on the rise, as phishing wanes

Apr 29, 2025 11:52 AM

Tags: access, apt, attack, authentication, awareness, backdoor, breach, business, china, cloud, control, corporate, credentials, crypto, cyber, cyberespionage, cybersecurity, data, email, espionage, exploit, extortion, finance, fraud, group, Hardware, incident response, infection, ivanti, jobs, law, lockbit, malicious, malware, mandiant, mfa, middle-east, mobile, network, north-korea, oracle, password, phishing, ransom, ransomware, RedTeam, russia, social-engineering, software, theft, threat, tool, training

Financial gains, data theft, dwell time: Of the intrusions Mandiant investigated in 2024, 35% were financially motivated, with ransomware alone representing 21% of all intrusions, according to the company’s data.Financial gains were realized via data theft for the purpose of extortion, cryptomining, cryptocurrency theft, business email compromise, and cases in which attackers monetized their access…
Earth Kurma APT is actively targeting government and telecommunications orgs in Southeast Asia

Apr 28, 2025 10:51 PM

Tags: apt, business, cloud, credentials, data, data-breach, espionage, government, malware, risk, theft, threat

Earth Kurma APT carried out a sophisticated campaign against government and telecommunications sectors in Southeast Asia. Trend Research exposed the Earth Kurma APT campaign targeting Southeast Asia’s government and telecom sectors. Threat actors use custom malware, rootkits, and cloud storage for espionage, credential theft, and data exfiltration, posing a high business risk with advanced evasion…
Fog Ransomware Reveals Active Directory Exploitation Tools and Scripts

Apr 28, 2025 7:51 PM

Tags: credentials, cyber, cybersecurity, exploit, group, ransomware, theft, threat, tool

Cybersecurity researchers from The DFIR Report’s Threat Intel Group uncovered an open directory hosted at 194.48.154.79:80, believed to be operated by an affiliate of the Fog ransomware group, which emerged in mid-2024. This publicly accessible server revealed a sophisticated arsenal of tools and scripts tailored for reconnaissance, exploitation, credential theft, lateral movement, and persistence. The…
Huntress expands ITDR capabilities to combat credential theft and BEC

Apr 28, 2025 5:51 PM

Tags: access, attack, compliance, credentials, data, detection, email, exploit, firewall, fortinet, intelligence, malicious, microsoft, monitoring, network, password, risk, service, siem, soc, sophos, technology, theft, threat, unauthorized

from rogue and/or malicious applications in the past year. These applications refer to the ones designed by attackers to exploit Microsoft’s OAuth protocol to gain unauthorized access to sensitive environments.Detecting and removing these rogue applications is another upgrade ITDR received.”Our Rogue Apps detection engine works by continuously analyzing OAuth application metadata across our customer base (over…
China Claims U.S. Cyberattack Targeted Leading Encryption Company

Apr 28, 2025 1:51 PM

Tags: china, computer, cryptography, cyber, cyberattack, encryption, intelligence, network, theft

China has accused U.S. intelligence agencies of carrying out a sophisticated cyberattack against one of its foremost commercial cryptography providers, resulting in the theft of vast amounts of sensitive data. The allegations were announced in a report published Monday by China’s National Computer Network Emergency Response Technical Team/Coordination Center (CNCERT), intensifying digital tensions between the…
Earth Kurma Targets Southeast Asia With Rootkits and Cloud-Based Data Theft Tools

Apr 28, 2025 12:51 PM

Tags: attack, cloud, data, government, group, malware, service, theft, threat, tool

Government and telecommunications sectors in Southeast Asia have become the target of a “sophisticated” campaign undertaken by a new advanced persistent threat (APT) group called Earth Kurma since June 2024.The attacks, per Trend Micro, have leveraged custom malware, rootkits, and cloud storage services for data exfiltration. The Philippines, Vietnam, Thailand, and Malaysia are among the…
Salt Typhoon Cyberattack: FBI Investigates PRC-linked Breach of US Telecoms

Apr 25, 2025 2:50 PM

Tags: breach, china, cyber, cyberattack, infrastructure, malicious, network, theft

The FBI has issued a public appeal for information concerning an ongoing cyber campaign targeting US telecommunications infrastructure, attributed to actors affiliated with the People’s Republic of China (PRC). This cyber operation, tracked under the moniker Salt Typhoon, has compromised networks at multiple US telecommunications companies and resulted in the theft of sensitive data. As…
Flexible working models fuel surge in device theft

Apr 25, 2025 7:50 AM

Tags: theft

76% of respondents have been impacted by incidents of device theft in the past two years, with incidents more common in organizations with more flexible working models, … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/25/flexible-working-models-device-theft-impact/
Beyond the Inbox: ThreatLabz 2025 Phishing Report Reveals How Phishing Is Evolving in the Age of GenAI

Apr 25, 2025 1:50 AM

Tags: access, ai, attack, authentication, best-practice, captcha, cloud, control, credentials, crypto, cyber, cybercrime, data, defense, detection, dmarc, email, exploit, finance, google, identity, jobs, login, malicious, malware, mfa, phishing, radius, risk, scam, spam, strategy, tactics, technology, theft, threat, tool, vulnerability, zero-day, zero-trust

Gone are the days of mass phishing campaigns. Today’s attackers are leveraging generative AI (GenAI) to deliver hyper-targeted scams, transforming every email, text, or call into a calculated act of manipulation. With flawless lures and tactics designed to outsmart AI defenses, cybercriminals are zeroing in on HR, payroll, and finance teams”, exploiting human vulnerabilities with…
Minnesota Dental Clinic Notifying 135,000 of 2024 Hack

Apr 18, 2025 9:28 PM

Tags: data, theft

Community Dental Care Is State’s Largest Non-Profit Serving Medicaid Patients. Minnesota’s largest nonprofit Medicaid dental practice is notifying nearly 135,000 people of a December 2024 data theft incident that potentially compromised their health and personal information, ranging from medical information to passport numbers. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/minnesota-dental-clinic-notifying-135000-2024-hack-a-28042
Oracle hopes talk of cloud data theft dies off. CISA just resurrected it for Easter

Apr 18, 2025 7:28 PM

Tags: cisa, cloud, data, infosec, oracle, theft

Some in the infosec world definitely want to see Big Red crucified First seen on theregister.com Jump to article: www.theregister.com/2025/04/18/oracle_cisa_advisory/
Chinese Smishing Kit Powers Widespread Toll Fraud Campaign Targeting U.S. Users in 8 States

Apr 18, 2025 6:28 PM

Tags: attack, china, cisco, cybersecurity, finance, fraud, phishing, smishing, theft, threat

Cybersecurity researchers are warning of a “widespread and ongoing” SMS phishing campaign that’s been targeting toll road users in the United States for financial theft since mid-October 2024.”The toll road smishing attacks are being carried out by multiple financially motivated threat actors using the smishing kit developed by ‘Wang Duo Yu,’” Cisco Talos researchers Azim…
Researchers Uncover Stealthy Tactics and Techniques of StrelaStealer Malware

Apr 18, 2025 2:28 PM

Tags: credentials, cyber, cybersecurity, email, group, ibm, malware, microsoft, tactics, theft, threat

Cybersecurity experts have recently shed light on the sophisticated operations of StrelaStealer, also known by its alias Strela, revealing a suite of stealthy tactics employed in its information theft campaigns. This malware, spotlighted by IBM Security X-Force for its association with the HIVE-0145 threat actor group, targets email credentials from prominent clients like Microsoft Outlook…
The UK’s phone theft crisis is a wake-up call for digital security

Apr 18, 2025 8:28 AM

Tags: breach, network, organized, phone, theft

Phone theft is now commonplace in London. The Met Police recently revealed that it seizes 1,000 stolen phones weekly as it cracks down on organized criminal networks driving … First seen on helpnetsecurity.com Jump to article: www.helpnetsecurity.com/2025/04/18/uk-phone-theft-crisis/
Cryptohack Roundup: $7M KiloEx Theft

Apr 17, 2025 8:29 PM

Tags: crypto, exploit, korea, law, scam, theft

Also: A $40M Block Penalty, US SEC Guidance on Crypto Laws. This week, a KiloEx exploit, Block fined $40M, U.S. Securities and Exchange Commission guidance on crypto laws, Senate Democrats slammed NCET disbandment, $4.3M scam disrupted, guilty plea in $3.3M tax evasion and a South Korea ban on crypto apps. First seen on govinfosecurity.com Jump…
Your Network Is Showing Time to Go Stealth

Apr 17, 2025 6:28 PM

Tags: access, ai, attack, authentication, backdoor, breach, china, cisco, cloud, computer, control, credentials, cyberattack, cybersecurity, data, data-breach, defense, detection, encryption, endpoint, exploit, firewall, firmware, fortinet, group, Hardware, infrastructure, mfa, network, software, theft, threat, tool, update, vpn, vulnerability, zero-day
Ahold Delhaize confirms data theft after INC ransomware claims attack

Apr 17, 2025 5:28 PM

Tags: attack, breach, business, data, ransomware, theft

Food retail giant Ahold Delhaize confirms that data was stolen from its U.S. business systems during a November 2024 cyberattack. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/ahold-delhaize-confirms-data-theft-after-inc-ransomware-claims-attack/
The FTC Is Watching: GoDaddy’s Settlement Sends a Clear Message on API Security

Apr 17, 2025 3:28 PM

Tags: access, api, attack, authentication, breach, business, communications, compliance, control, credentials, data, data-breach, detection, encryption, exploit, finance, framework, fraud, governance, government, incident response, law, mfa, monitoring, password, privacy, risk, service, theft, threat, tool, unauthorized, vulnerability, vulnerability-management

In today’s rapidly changing digital environment, APIs play a crucial role in modern business, facilitating smooth connectivity and data sharing. Yet, this interconnected nature brings significant security and privacy risks, as evidenced by the Federal Trade Commission’s (FTC) recent settlement with GoDaddy. This settlement serves as a stark reminder that strong API security is no…
Model Context Protocol Flaw Allows Attackers to Compromise Victim Systems

Apr 17, 2025 3:28 PM

Tags: ai, attack, cyber, data, data-breach, exploit, flaw, ransomware, risk, theft, tool, unauthorized, vulnerability

A critical vulnerability in the widely adopted Model Context Protocol (MCP), an open standard for integrating generative AI (GenAI) tools with external systems, has exposed organizations to risks of data theft, ransomware, and unauthorized access. Security researchers demonstrated two proof-of-concept (PoC) attacks exploiting the flaw, raising alarms about emerging GenAI security challenges. What is MCP?…
Node.js Malware Campaign Targets Crypto Users with Fake Binance and TradingView Installers

Apr 17, 2025 12:28 PM

Tags: crypto, data, malicious, malware, microsoft, software, theft

Microsoft is calling attention to an ongoing malvertising campaign that makes use of Node.js to deliver malicious payloads capable of information theft and data exfiltration.The activity, first detected in October 2024, uses lures related to cryptocurrency trading to trick users into installing a rogue installer from fraudulent websites that masquerade as legitimate software like Binance…
Identity Attacks Now Comprise a Third of Intrusions

Apr 17, 2025 12:28 PM

Tags: ai, attack, credentials, email, ibm, identity, phishing, theft

IBM warns of infostealer surge as attackers automate credential theft and adopt AI to generate highly convincing phishing emails en masse First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/identity-attacks-now-comprise/
CISOs no closer to containing shadow AI’s skyrocketing data risks

Apr 17, 2025 10:28 AM

Tags: access, ai, authentication, awareness, best-practice, breach, business, ceo, chatgpt, ciso, compliance, computer, control, cybersecurity, data, data-breach, detection, finance, framework, github, google, governance, group, jobs, law, leak, LLM, mitigation, monitoring, privacy, RedTeam, regulation, risk, risk-management, service, software, technology, theft, tool, training, unauthorized, vulnerability

While most organizations (90%) offer sanctioned generative AI apps and even more (98%) offer their users apps that incorporate gen AI features, unauthorized use of AI services is skyrocketing in business, according to a study by Netskope.Most gen AI use in the enterprise (72%) is shadow IT, driven by individuals using personal accounts to access…
Credential theft achieved by malicious MEXC order-hijacking PyPI package

Apr 16, 2025 11:28 PM

Tags: credentials, malicious, pypi, theft

First seen on scworld.com Jump to article: www.scworld.com/brief/credential-theft-achieved-by-malicious-mexc-order-hijacking-pypi-package
Law firm ‘didn’t think’ data theft was a breach, says ICO. Now it’s nursing a £60K fine

Apr 16, 2025 5:28 PM

Tags: breach, data, law, theft

DPP Law is appealing against data watchdog’s conclusions First seen on theregister.com Jump to article: www.theregister.com/2025/04/16/law_firm_ico_fine/
Hackers Exploit Node.js to Spread Malware and Exfiltrate Data

Apr 16, 2025 9:28 AM

Tags: attack, cyber, data, exploit, hacker, malware, microsoft, software, theft, threat, tool

Threat actors are increasingly targeting Node.js”, a staple tool for modern web developers”, to launch sophisticated malware campaigns aimed at data theft and system compromise. Microsoft Defender Experts (DEX) have reported a spike in such attacks since October 2024, especially focusing on malvertising and deceptive software installers. Node.js: From Developer Darling to Hacker’s Tool Node.js…
Critical Chrome Vulnerability Exposes Users to Data Theft and Unauthorized Access

Apr 16, 2025 8:28 AM

Tags: access, browser, chrome, cyber, data, google, theft, threat, unauthorized, update, vulnerability, windows

A critical security vulnerability has been discovered in Google Chrome, prompting an urgent update as millions of users worldwide face potential threats of data theft and unauthorized access. The newly released Stable channel update”, now available as version 135.0.7049.95/.96 for Windows and Mac, and 135.0.7049.95 for Linux”, is being rolled out over the next few…
Conduent Discloses Theft Of Client Data In Hack, ‘Significant Number’ Of Individuals Impacted

Apr 15, 2025 3:28 PM

Tags: cyberattack, data, theft, threat

A threat actor exfiltrated personal data belonging to a ‘significant number of individuals’ connected to Conduent clients in a January cyberattack, the solution provider giant disclosed in a regulatory filing Monday. First seen on crn.com Jump to article: www.crn.com/news/security/2025/conduent-discloses-theft-of-client-data-in-hack-significant-number-of-individuals-impacted
Precision-Validated Phishing: A New Trend in Credential Theft

Apr 15, 2025 1:28 PM

Tags: attack, credentials, phishing, theft

Phishing attacks are becoming increasingly sophisticated, but one emerging tactic is setting a new bar for precision and deception. Known as Precision-Validated Phishing, this method uses real-time credential validation to enhance the success rate of phishing campaigns. A recent report… First seen on sensorstechforum.com Jump to article: sensorstechforum.com/precision-validated-phishing-credential-theft/