Online Safety | Breaking Cybersecurity News | The Hacker News

French prosecutors on Wednesday formally charged Telegram CEO Pavel Durov with facilitating a litany of criminal activity on the popular messaging platform and placed him under formal investigation following his arrest Saturday. Russian-born Durov, who is also a French citizen, has been charged with being complicit in the spread of child sexual abuse material (CSAM) as well as enabling organized crime, illicit transactions, drug trafficking, and fraud. Durov has also been charged with a "refusal to communicate, at the request of competent authorities, information or documents necessary for carrying out and operating interceptions allowed by law," according to an English translation of the press release. The 39-year-old was detained at Le Bourget airport north of Paris at 8 p.m. local time on Saturday after disembarking from a private jet. To avoid pretrial detention, Durov has been ordered to pay a €5 million bail, but he is barred from leaving the country and must rep

Cybersecurity researchers have uncovered a never-before-seen dropper that serves as a conduit to launch next-stage malware with the ultimate goal of infecting Windows systems with information stealers and loaders. "This memory-only dropper decrypts and executes a PowerShell-based downloader," Google-owned Mandiant said . "This PowerShell-based downloader is being tracked as PEAKLIGHT." Some of the malware strains distributed using this technique are Lumma Stealer , Hijack Loader (aka DOILoader, IDAT Loader, or SHADOWLADDER), and CryptBot , all of which are advertised under the malware-as-a-service (SaaS) model. The starting point of the attack chain is a Windows shortcut (LNK) file that's downloaded via drive-by download techniques -- e.g., when users look up a movie on search engines. It's worth pointing out that the LNK files are distributed within ZIP archives that are disguised as pirated movies. The LNK file connects to a content delivery network

Want to know what's the latest and greatest in SecOps for 2024? Gartner's recently released Hype Cycle for Security Operations report takes important steps to organize and mature the domain of Continuous Threat Exposure Management, aka CTEM. Three categories within this domain are included in this year's report: Threat Exposure Management, Exposure Assessment Platforms (EAP), and Adversarial Exposure Validation (AEV). These category definitions are aimed at providing some structure to the evolving landscape of exposure management technologies. Pentera, listed as a sample vendor in the newly defined AEV category, is playing a pivotal role in increasing the adoption of CTEM, with a focus on security validation. Following is our take on the CTEM related product categories and what they mean for enterprise security leaders. The Industry is Maturing CTEM, coined by Gartner in 2022, presents a structural approach for continuously assessing, prioritizing, validating, and remediating expo

Over a million domains are susceptible to takeover by malicious actors by means of what has been called a Sitting Ducks attack. The powerful attack vector, which exploits weaknesses in the domain name system (DNS), is being exploited by over a dozen Russian-nexus cybercriminal actors to stealthily hijack domains, a joint analysis published by Infoblox and Eclypsium has revealed. "In a Sitting Ducks attack, the actor hijacks a currently registered domain at an authoritative DNS service or web hosting provider without accessing the true owner's account at either the DNS provider or registrar," the researchers said. "Sitting Ducks is easier to perform, more likely to succeed, and harder to detect than other well-publicized domain hijacking attack vectors, such as dangling CNAMEs ." Once a domain has been taken over by the threat actor, it could be used for all kinds of nefarious activities, including serving malware and conducting spams, while abusing the

Meta Platforms on Wednesday said it took steps to remove around 63,000 Instagram accounts in Nigeria that were found to target people with financial sextortion scams. "These included a smaller coordinated network of around 2,500 accounts that we were able to link to a group of around 20 individuals," the company said . "They targeted primarily adult men in the U.S. and used fake accounts to mask their identities." In cases where some of these accounts attempted to target minors, Meta said it reported them to the National Center for Missing and Exploited Children (NCMEC). Separately, Meta said it also removed 7,200 assets, including 1,300 Facebook accounts, 200 Facebook Pages and 5,700 Facebook Groups, based in Nigeria that were used to organize, recruit and train new scammers. "Their efforts included offering to sell scripts and guides to use when scamming people, and sharing links to collections of photos to use when populating fake accounts," it sai

Google said it's adding new security warnings when downloading potentially suspicious and malicious files via its Chrome web browser. "We have replaced our previous warning messages with more detailed ones that convey more nuance about the nature of the danger and can help users make more informed decisions," Jasika Bawa, Lily Chen, and Daniel Rubery from the Chrome Security team said . To that end, the search giant is introducing a two-tier download warning taxonomy based on verdicts provided by Google Safe Browsing: Suspicious files and Dangerous files. Each category comes with its own iconography, color, and text to distinguish them from one another and help users make an informed choice. Google is also adding what's called automatic deep scans for users who have opted-in to the Enhanced Protection mode of Safe Browsing in Chrome so that they don't have to be prompted each time to send the files to Safe Browsing for deep scanning before opening them. In

A zero-day security flaw in Telegram's mobile app for Android called EvilVideo made it possible for attackers to malicious files disguised as harmless-looking videos. The exploit appeared for sale for an unknown price in an underground forum on June 6, 2024, ESET said. Following responsible disclosure on June 26, the issue was addressed by Telegram in version 10.14.5 released on July 11. "Attackers could share malicious Android payloads via Telegram channels, groups, and chat, and make them appear as multimedia files," security researcher Lukáš Štefanko said in a report. It's believed that the payload is concocted using Telegram's application programming interface ( API ), which allows for programmatic uploads of multimedia files to chats and channels. In doing so, it enables an attacker to camouflage a malicious APK file as a 30-second video.  Users who click on the video are displayed an actual warning message stating the video cannot be played and urges t

In today's digital age, passwords serve as the keys to our most sensitive information, from social media accounts to banking and business systems. This immense power brings with it significant responsibility—and vulnerability. Most people don't realize their credentials have been compromised until the damage is done. Imagine waking up to drained bank accounts, stolen identities, or a company's reputation in tatters. This isn't just a hypothetical scenario – it's the harsh reality faced by countless individuals and organizations every day. Recent data reveals that compromised credentials are the single biggest attack vector in 2024. That means stolen passwords, not exotic malware or zero-day exploits, are the most common way hackers breach systems and wreak havoc. To help you navigate this critical issue, we invite you to join our exclusive webinar, " Compromised Credentials in 2024: What to Know About the World's #1 Attack Vector. " What You'

The Cyber Police of Ukraine has  arrested  three individuals on suspicion of hijacking more than 100 million emails and Instagram accounts from users across the world. The suspects, aged between 20 and 40, are said to be part of an organized criminal group living in different parts of the country. If convicted, they face up to 15 years in prison. The accounts, authorities said, were taken over by carrying out brute-force attacks, which employ trial-and-error methods to guess login credentials. The group operated under the direction of a leader, who distributed the hacking tasks to other members. The cybercrime group subsequently monetized their ill-gotten credentials by putting them up for sale on dark web forums. Other threat actors who purchased the information used the compromised accounts to conduct a variety of  fraudulent schemes , including those in which scammers reach out to the victim's friends to urgently transfer money to their bank account. "You can protect

Epic Games has reached a $520 million settlement with the U.S. Federal Trade Commission (FTC) over allegations that the  Fortnite  creator violated online privacy laws for children and tricked users into making unintended purchases in the video game. To that end, the company will pay a record $275 million monetary penalty for breaching the Children's Online Privacy Protection Act ( COPPA ) by collecting the personal information of Fortnite players under the age of 13 without seeking permission from their parents. It will also pay $245 million to reimburse customers who were deceived by its  dark pattern  tricks to make accidental purchases as well as for allowing children to rack up unauthorized charges through in-game content purchases without requiring any parental or card holder action or consent. "Epic Games possessed actual knowledge that it collected personal information from children, including their names, email addresses, and identifiers used to keep track of pla

The FBI is investigating the massive hack of Gawker Media. Reports indicate that FBI agents met with Gawker Media CEO Nick Denton on Monday following the hacking incident, which was claimed by a group called Gnosis. The Gawker website was paralyzed, temporarily forcing the gossip site to stop publishing. Hackers managed to access over 100,000 passwords and emails from the 1.3 million registered users. The site was forced to stop publishing on Sunday and sent emails to all registered users, urging them to change their passwords. According to reports, Gawker Media CEO Nick Denton admitted, "We're deeply embarrassed by this breach." Tips to Keep Your Passwords Safe Online Don't Use the Same Password for Everything Using one password for all your accounts is unsafe. If a hacker gets your password for one account, they can access all your online identities. Use Different Passwords for Different Accounts Create and use strong, unique passwords for your online banking, blogging, socia

Google has introduced a new security feature in its search engine to flag more web pages that might have been compromised by hackers. This new feature expands Google's long-standing program that marks websites hosting malicious software with a "This site may harm your computer" warning. Now, a new notation, "This site may be compromised," will indicate pages that may not be malicious but show signs that the site might not be fully controlled by its legitimate owner. This often happens when spammers add invisible links or redirects to unrelated websites, such as pharmacy sites. Additionally, Google will identify sites that have had phishing pages added by hackers. According to the Anti-Phishing Working Group, between 75% and 80% of phishing sites are legitimate sites that have been hacked and seeded with phishing kits to mimic trusted e-commerce and banking sites. It remains to be seen if Google can speed up the process of re-vetting sites flagged as compromised after th

Americans are nearly as likely to be victimized by Internet-based crime as by other forms of nonviolent theft. This perception emerges from a recent survey on crimes committed against individuals and their families. According to a Gallup Poll released Monday, 11% of American adults reported that they or a household member were victims of a computer or Internet crime on their home computers in the past year. This marks an increase from the previous seven years, where the percentage ranged between 6% and 8%. Gallup notes: "At 11 percent, computer/Internet-based crime is edging closer in reported frequency to the most common traditional forms of crime involving nonviolent theft of personal property and vandalism. Further, the increase is an exception in the overall crime picture, in that Americans' victimization reports have been fairly steady over the past several years. Not only has the overall percentage of Americans experiencing any type of crime been fairly flat, but Ameri

The Australian police have arrested a 33-year-old man accused of hacking into nearly 100 online accounts. The Australian Federal Police's high-tech crime unit has been monitoring the suspect since last September. This surveillance began when a local telecom company alerted the authorities to suspicious activity within its network. The man allegedly hacked into private and business Internet accounts, downloading data and engaging in other fraudulent activities. The suspect was arrested yesterday, and police confiscated his computer equipment. He now faces charges related to computer intrusion, including unauthorized access, modification, or impairment with intent to commit a serious offense. Neil Gaughan, the national manager of high-tech crime operations and assistant commissioner, stated that this arrest serves as a reminder for people to protect their online safety. "Anyone can be targeted by criminals online; it's important to be aware of the risks and take appropriate act

When Ben Franklin famously wrote, "An ounce of prevention is worth a pound of cure," he wasn't thinking about cybercrime. Yet, in today's world of phishing, shoulder-surfing, and spyware, his advice is more relevant than ever. Unfortunately, some people will take advantage of any opportunity to rip you off. Just as you take precautions when handling cash, you should be vigilant when using credit or debit cards, whether in person or online. Tips for Protecting Your Account Information and Avoiding Payment Card Scams Prevent Online Intrusions Use updated anti-virus and anti-spyware software. Only download information from trusted sites, and don't click on pop-up windows or suspicious links in emails. These can be tricks to install spyware, which can record your keystrokes to steal account or other confidential information. Use Secure Websites When purchasing items online, look for safety symbols like the padlock icon in the browser's status bar, an "s" after "http" in the U

Criminals are posing as IT support staff, calling unsuspecting U.K. internet users to push rogue antivirus software. GetSafeOnline.org reports this as part of their Internet safety week campaign. These scam operations often involve up to 400 people using sales techniques and social engineering to deceive victims. The goal is to obtain credit card information through the sale of rogue antivirus software or gain remote access to the victim's system for future use. Typically, the scam begins with an unexpected call. The caller, pretending to be an IT helpdesk technician, builds rapport with the victim, presenting themselves as trustworthy by using personal information available online. The victim is then questioned about computer problems like slow email or internet browsing. Once the victim admits to an issue, the caller exaggerates the problem and offers a solution for a small fee. The caller might say, "For a small fee, we can install something to fix your system and clean it co

Attackers are targeting people searching for last-minute Halloween costume ideas, reported CyberDefender on Oct. 29. The Internet security vendor, along with other firms like Blue Coat and BitDefender, warned users about the dangers of searching online for Halloween-related topics. "Popular search terms have always been a target for cyber-criminals," said Achal Khetarpal, director of CyberDefender Research Labs. CyberDefender identified a fake anti-virus Trojan downloader infecting pages related to Halloween costume searches. When users visit these pages, the fake anti-virus installer hijacks the user's web browser and initiates a malicious process, making the PC sluggish and exposing personal data. One form of this attack, identified by Panda Labs, displays a fake video player page and prompts users to download a codec to play the video. "Popular search terms reflect current user interests, making them lucrative targets," Khetarpal explained. Criminals create p

Canada released its Cybersecurity Strategy this month, emphasizing the immense challenge of protecting government and corporate computer systems. "There is no simple way to detect, identify, and recover from attackers who cannot be seen or heard, who leave no physical evidence behind them, and who hide their tracks through a complex web of compromised computers." The $90 million (Canadian) strategy focuses on three main areas: Secure government systems : The government will implement the necessary structures, tools, and personnel to fulfill its cybersecurity obligations. Create partnerships to secure non-governmental systems : In cooperation with provincial and territorial governments and the private sector, the government will support initiatives to enhance Canada's cyber resiliency, particularly in critical infrastructure sectors. Help Canadians be secure online : The government will provide Canadians with the information they need to protect themselves and their fami