E Hacking News
18,039 FOLLOWERS
News on Cyber Attacks, Security Breaches, Malware, Cyber Crime, Data Breach, Mobile Security, Vulnerabilities, Exploits, Penetration Testing Tools, and other similar relevant issues. E Hacking News is recognized as one of the leading Information Security news portals.
E Hacking News
8h ago
AI has become almost ubiquitous in software development, as a GitHub survey shows, 92 per cent of developers in the United States use artificial intelligence as part of their everyday coding. This has led many individuals to participate in what is termed “shadow AI,” which involves leveraging the technology without the knowledge or approval of their organization’s Information Technology department and/or Chief Information Security Officer (CISO).
This has increased their productivity. In light of this, it should not come as a surprise to learn that motivated employees will seek ..read more
E Hacking News
8h ago
The arrest of Cameron John Wagenius, a U.S. Army communications specialist, has unveiled potential connections to a significant data breach targeting India’s state-owned telecom provider, BSNL. The breach highlights the global reach of cybercrime networks and raises concerns about the security of sensitive data across continents.
Wagenius, stationed in South Korea, was apprehended on December 20, 2023, for allegedly selling hacked data from U.S. telecom companies. According to cybersecurity experts, he may also be the individual behind the alias “kiberphant0m” on a dark web mar ..read more
E Hacking News
8h ago
Security teams have always needed to adapt to change, but 2025 is poised to bring unique challenges, driven by advancements in artificial intelligence (AI), sophisticated cyber threats, and evolving regulatory mandates. Chief Information Security Officers (CISOs) face a rapidly shifting landscape that requires innovative strategies to mitigate risks and ensure compliance.
The integration of AI-enabled features into products is accelerating, with large language models (LLMs) introducing new vulnerabilities that attackers may exploit. As vendors increasingly rely on these foundational m ..read more
E Hacking News
8h ago
According to the latest study published this week, a new variant of the info-stealing malware known as "Banshee" has been targeting macOS users' passwords, cryptocurrency wallets, browser credentials, and other data for at least the past four months.
Check Point researchers discovered that the latest version targets anyone using a Mac and can be downloaded mostly through malicious GitHub uploads, but also through other websites (GitHub's policies prohibit malware, but this does not mean there is no malware on GitHub).
This latest Banshee malware often disguises itself as the Te ..read more
E Hacking News
8h ago
The global average cost of a data breach soared to nearly $4.9 million in 2024, marking a 10% increase compared to the previous year, according to a report by IBM.
In late October, UnitedHealth disclosed that a significant cyberattack on its Change Healthcare subsidiary earlier in 2024 might have exposed the data of 100 million individuals. This incident is regarded as the largest healthcare data breach ever reported to federal regulators, as first reported by Healthcare Dive.
Earlier that month, the company revealed the breach had led to a financial impact of $2.5 billion over the n ..read more
E Hacking News
1d ago
In the cybercrime world, Initial Access Brokers (IABs) are essential for facilitating attacks. These specific hackers break into company systems, steal login credentials, and then sell access to other criminals who use it to launch their own attacks. They essentially act as locksmiths for hackers, making it easy for those willing to pay to get into systems.
What Exactly Do IABs Do?
IABs function as a business where they sell access to corporate systems stolen from their organizations on dark markets, either private forums or Telegram channels. The credentials offered include the most ..read more
E Hacking News
1d ago
Medusind, a major provider of billing and revenue management services for healthcare organizations, recently disclosed a data breach that compromised sensitive information of over 360,000 individuals. The breach, which occurred in December 2023, was detected more than a year ago but is only now being reported publicly.
The Miami-based company supports over 6,000 healthcare providers across 12 locations in the U.S. and India, helping them streamline billing processes and enhance revenue generation. According to a notification submitted to the Maine Attorney General’s Office, the ..read more
E Hacking News
1d ago
Major apps worldwide are potentially being exploited by rogue members within the advertising sector to collect sensitive location data extensively, which subsequently is transferred to a location data firm whose subsidiary has previously sold global location data to US law enforcement agencies.
The thousands of apps discovered in hacked files from location data firm Gravy Analytics range from games like Candy Crush to dating apps like Tinder, pregnancy tracking, and religious prayer apps for both Android and iOS. Because much of the data collection occurs through the advertising ..read more
E Hacking News
1d ago
There was a groundbreaking decision by the European Union General Court on Wednesday that the EU Commission will be held liable for damages incurred by a German citizen for not adhering to its own data protection legislation.
As a result of the court's decision that the Commission transferred the citizen's personal data to the United States without adequate safeguards, the citizen received 400 euros ($412) in compensation. During the hearing conducted by the EU General Court, the EU General Court found that the EU had violated its own privacy rules, which are governed by the Ge ..read more
E Hacking News
2d ago
A recent surge in phishing campaigns has revealed attackers leveraging cleverly obfuscated URLs and Microsoft 365 password expiry warnings to trick users into surrendering their credentials. Here's a breakdown of the latest findings:
The phishing emails consistently use subject lines formatted as: “ACTION Required - [Client] Server SecurityID:[random string]”.
The email body prompts recipients to reconfirm their passwords due to expiry, with clickable buttons labeled “Keep [USER EMAIL] Access Active.”
Tactics Employed
- Fake YouTube Links: Attackers embed links starting with seemi ..read more