Multiple companies and experts have found evidence linking the massive Bybit cryptocurrency heist to North Korean hackers. It came to light over the weekend that hackers targeted the cryptocurrency exchange Bybit, managing to steal roughly 400,000 Ethereum (ETH and stETH) - worth nearly $1.5 billion - in what is considered the biggest-ever cryptocurrency heist. The funds were taken from an offline wallet belonging to Bybit. READ MORE...
Up to 100,000 victims of human trafficking could be held in compounds in Myanmar, Thai police are warning, forced to operate round-the-clock cybercrime campaigns via workstations and call centers set up there. Thai Police General Thatchai Pitaneelaboot, director of the Anti-Human Trafficking Center, told the Guardian that tens of thousands of kidnapped people are being held in captivity and forced to work the scams, which are run by 30 to 40 Chinese criminal gangs. READ MORE...
Apple has pulled Advanced Data Protection, a feature that provides end-to-end encrypted data storage through iCloud, from the United Kingdom following a fight with the British government over law enforcement access. Starting Friday, U.K. users who attempt to access the feature on their phones or computers will be denied. Users who already had Advanced Data Protection turned on will be able to continue using it for now, but they will eventually be forced to disable it. READ MORE...
Hundreds of freelance software developers, ranging from junior developers to highly experienced professionals, have been targeted and infected with North Korean malware over the past year, according to a new report from ESET. The victims, mostly associated with cryptocurrency and decentralized finance projects and English speakers, were targeted with fake job opportunities as part of a widespread campaign tracked as DeceptiveDevelopment. READ MORE...
An Android malware app called SpyLend has been downloaded over 100,000 times from Google Play, where it masqueraded as a financial tool but became a predatory loan app for those in India. The app falls under a group of malicious Android applications called "SpyLoan," which pretend to be legitimate financial tools or loan services but instead steal data from devices for use in predatory lending. READ MORE...
Account takeover (ATO) is one of the most prevalent attack types, Proofpoint says that in 2024, 99% of the customer tenants the company monitors were hit with at least one account takeover attempt, and 62% of the customers experienced at least one that was successful. "We have thousands of direct integrations with key cloud services such as Microsoft Entra ID, O365, Okta and Google Workspace as well as tens-of-millions of monitored user accounts," the company's threat researchers explained. READ MORE...
Healthcare is one of the sectors that has the most sensitive information about us. At the same time it's one of the worst at keeping them secret. Because of its access and storage of our personal health information (PHI) and other personally identifiable information (PII), the healthcare sector should be one of the most secure ones, but due to lack of funding and other resources, it is not. READ MORE...