Latest Security News Collection
01
Indian Police Arrest Suspect in $230 Million WazirX Crypto Exchange Hack
#CryptoHack #DelhiPolice #MasudAlam #Cryptocurrency #CyberSecurity #LiminalCustody #HotWallet #ColdWallet #CryptoTheft #Investigation #WazirXHack #cybercrime #cybersecurity
Delhi police have made a significant breakthrough in the investigation of the WazirX crypto exchange hack, arresting Masud Alam from West Bengal.
Alam is accused of creating a fraudulent account on WazirX and selling it on Telegram, which was then used to steal $230 million worth of cryptocurrency.
The cybercriminals drained WazirX’s “hot” wallet and attempted to breach its “cold” wallet, which is more secure. Singapore-based Liminal Custody, responsible for securing WazirX’s wallets, has not cooperated with the investigation, hindering efforts to trace the stolen assets.
Despite the breach, Liminal Custody assured that their operations remain secure and uninterrupted. WazirX has stated that the attackers managed to bypass their security measures before the theft, and local police have seized laptops to investigate further.
→ Read more on therecord.media
02
T-Mobile Targeted in Chinese Telecom Hacking Campaign
#TMobile #CyberEspionage #SaltTyphoon #TelecomHack #USBroadband #Verizon #ATT #LumenTechnologies #CISA #FBI #CyberSecurity #HackingCampaign #TelecomInfrastructure #DataBreach #NetworkSecurity #WSJReport #GovernmentCommunications #SensitiveInformation #SecurityControls #cybercrime #cybersecurity
T-Mobile has been identified as a target in a major cyberespionage campaign by the Chinese threat group Salt Typhoon, which has also affected several US telecommunications companies.
The Wall Street Journal reported that the hackers compromised networks of major broadband providers, including Verizon, AT> &T, and Lumen Technologies, potentially accessing wiretap systems. The cybersecurity agency CISA and the FBI confirmed the investigation into this significant campaign, revealing that hackers stole customer call record data and compromised private communications of individuals involved in government or political activities.
Despite the breach, T-Mobile stated that its systems and data remain secure due to its robust security measures and diligent monitoring.
→ Read more on securityweek.com
03
Chinese Cyber Spies Infiltrate US Telecom Networks
#ChineseCyberSpies #USTelecom #CyberEspionage #ATT #Verizon #GovernmentData #PoliceWiretaps #FBI #CISA #SecurityBreach #NetworkInfiltration #TelecomSecurity #CyberThreat #InformationGathering #StateBackedAttack #CustomerData #cybercrime #cybersecurity
Chinese cyber spies have infiltrated US telecom networks, accessing conversations and data from government officials and politicians, as well as police wiretaps.
Major US telecom providers like AT> &T and Verizon have fallen victim to these state-backed attackers, who gained access to customer call records and private communications. Even court-approved police wiretaps were compromised.
The FBI and the US Cybersecurity and Infrastructure Security Agency (CISA) have confirmed this as a “comprehensive and significant cyber espionage campaign.”
The FBI and CISA’s confirmation follows earlier reports from October that AT> &T, Verizon, and others were allegedly infiltrated by a Chinese espionage group. The campaign appears to be focused on information gathering and is considered a potentially catastrophic security breach, as cybercriminals may have had access to network infrastructures for several months or longer.
→ Read more on heise.de
04
Swiss Postal Service Used to Spread Malware
#SwissCyberSecurity #MalwareAlert #PostalServiceHack #CoperTrojan #AlertSwiss #CyberThreat #BankingSecurity #TwoFactorAuthentication #SpearPhishing #NCSC #Switzerland #CyberEspionage #FakeApp #QRCodeScam #CyberAttack #DataTheft #cybercrime #cybersecurity
Switzerland’s National Cyber Security Centre (NCSC) has issued an alert about malware being spread via the country’s postal service. Citizens have received fake letters, purportedly from the Federal Office of Meteorology and Climatology, instructing them to scan a QR code to download a “Severe Weather Warning App” for Android.
This app, a variant of the Coper trojan, mimics the genuine Alertswiss app but is spelled “AlertSwiss” and has a slightly different logo. The malware, hosted on a third-party site, specializes in keylogging, intercepting two-factor authentication SMSes, and stealing banking credentials.
The NCSC has received reports from over a dozen people, but the actual number of affected individuals is unknown. The high cost of sending these letters suggests a targeted spear-phishing campaign.
→ Read more on theregister.com
05
Data Breach at Energy Provider Tibber
#DataBreach #CyberAttack #Tibber #CustomerData #Darknet #Compensation #ConsumerRights #DataSecurity #EcoFriendlyEnergy #DynamicPricing #CyberCrime #cybersecurity
A recent cyberattack on energy provider Tibber has exposed the data of over 50,000 German customers. Since 11 November 2024, these records have been available for sale on the Darknet. The stolen data includes names, email addresses, order amounts, and partial address details.
Although Tibber assures that no payment or consumption data was compromised, the incident has caused significant concern among affected customers. The chances of compensation have increased significantly, especially after the Federal Court of Justice’s consumer-friendly ruling on the Facebook data breach. Law firm Dr. Stoll & Sauer recommends that potentially affected consumers seek a free initial consultation through their data breach online check.
Investigations are ongoing, and authorities have been informed about the Tibber data breach. Tibber, known for its dynamic electricity prices and eco-friendly energy, now joins the list of companies affected by data breaches.
→ Read more on it-daily.net
06
DNS Predators Hijack 70K Websites with Simple Hack
#DNSAttack #CyberSecurity #WebsiteHijack #SittingDucks #Infoblox #CyberThreat #DNSVulnerability #LameDelegation #CyberCrime #WebsiteSecurity #cybercrime #cybersecurity
In less than six months, cybercriminals have hijacked 70,000 domains out of an estimated 800,000 vulnerable to the ‘Sitting Ducks’ attack. Despite warnings from Infoblox Threat Intel researchers in July 2024, many website owners failed to implement a simple fix.
The easily exploitable vulnerability has affected millions of websites, including those belonging to CBS Interactive, McDonald’s Corporation, JM Eagle, and Mississippi Baptist Health Systems. Hackers even took control of Missouri.com.
The attacks exploit DNS settings’ misconfigurations, known as ‘lame delegation,’ which is not officially recognised as a CVE. These attacks are simple to execute and difficult to detect. Infoblox Threat Intel highlighted that victim domains include well-known brands, non-profits, and government entities. Some hijacked websites frequently change hands as threat actors compete for control.
→ Read more on cybernews.com
07
UK Shoppers Lost £11.5m Last Christmas
#OnlineFraud #ChristmasShopping #NCSC #ActionFraud #StaySafeOnline #BlackFriday #CyberCrime #Phishing #OnlineSafety #cybercrime #cybersecurity
One of the UK’s leading cybersecurity agencies is urging shoppers to stay safe online after revealing that over £11.5m ($14.5m) was lost to fraudsters during last year’s festive period.
The countdown to Christmas shopping typically begins around Black Friday and lasts until early January. New figures from the NCSC and Action Fraud show that scammers took an average of £695 from each victim between November 2023 and January 2024.
Out of 7168 reports, 43% cited social media platforms, while 19% mentioned online marketplaces. Losses to cybercrime and fraud last Christmas were up over 8% from 2022. The largest number of reports came from those aged 30-39, followed by 40-49-year-olds.
Scammers use various tactics, from advertising non-existent items at low prices to setting up lookalike web stores promoted by fake ads and phishing messages designed to steal personal and financial information.
→ Read more on infosecurity-magazine.com
08
Palo Alto Networks’ Migration Tool Hit by Trio of CVE Exploits
#PaloAltoNetworks #CVE #ExpeditionTool #FirewallCredentials #CISA #Vulnerability #CyberThreat #SecurityAdvisory #CustomerSafety #cybercrime #cybersecurity
Palo Alto Networks’ customer migration tool, Expedition, has been hit by three critical vulnerabilities, exposing customers’ firewall credentials.
The Cybersecurity and Infrastructure Security Agency (CISA) warned of two actively exploited vulnerabilities just a week after another CVE was found in the same product. Palo Alto Networks updated its security advisory following CISA’s alert but did not disclose when it became aware of the exploitation or how many customers are affected.
Steven Thai, senior manager of global crisis communications at Palo Alto Networks, emphasised the company’s commitment to customer safety and advised turning off the tool if immediate updates are not possible. The vulnerabilities are fixed in Expedition 1.2.96 and later versions. Palo Alto Networks plans to discontinue Expedition in January, integrating its functionalities into new products.
Expedition allows customers to convert configurations from vendors like Checkpoint and Cisco to PAN-OS deployments.
→ Read more on cybersecuritydive.com
09
Cybersecurity Flaws in US Drinking Water Systems Put 26 Million at Risk
#EPAReport #WaterSystems #PublicSafety #InfrastructureRisk #CyberThreats #WaterSupply #CriticalInfrastructure #USWaterSystems #CyberVulnerabilities #cybercrime #cybersecurity
A recent report by the U.S. Environmental Protection Agency (EPA) Office of Inspector General (OIG) has highlighted significant cybersecurity vulnerabilities in the nation’s drinking water systems.
These vulnerabilities, affecting systems serving populations of 50,000 or more, put 26.6 million people at risk of cyberattacks that could disrupt services, lead to data loss, or enable information theft.
The OIG’s passive assessment of 1,062 drinking water systems, covering approximately 193 million people, revealed critical and high-risk vulnerabilities in 97 systems. Additionally, 211 systems were found with medium and low-risk issues, making them susceptible to exploitation if not addressed.
The report underscores the urgent need for enhanced cybersecurity measures to protect this essential infrastructure from potential threats.
→ Read more on hackread.com
10
Teen Behind Hundreds of Swatting Attacks Pleads Guilty to Federal Charges
#CyberFraud #BusinessEmailCompromise #BabatundeAyeni #PhishingScam #RealEstateFraud #CyberCrime #Bitcoin #USJustice #FinancialCrime #VictimImpacth #cybercrime #cybersecurity
Alan Filion, an 18-year-old from Lancaster, California, has pleaded guilty to federal charges for orchestrating over 375 fake threats against schools, places of worship, and prominent US politicians.
Known online as “Torswats,” Filion’s actions led to police responses across the nation, targeting high schools, courthouses, and the homes of law enforcement officials. Filion faces up to five years in prison for each of the four counts of making interstate threats.
Arrested earlier this year and extradited to Florida, Filion has been in jail without trial for nearly a year. His swatting activities, which included bomb and mass shooting threats, extended far beyond Florida. The federal charges highlight the extensive reach of his actions, affecting religious institutions, high schools, and historically black colleges and universities.
→ Read more on wired.com
+49 89 360 5310 | security-awareness@metafinanz.de
The editors are not responsible for the content of each article.