Ensuring Governance and Control Over Shadow AI
E Hacking News
by Trapti Rajput
8h ago
  AI has become almost ubiquitous in software development, as a GitHub survey shows, 92 per cent of developers in the United States use artificial intelligence as part of their everyday coding. This has led many individuals to participate in what is termed “shadow AI,” which involves leveraging the technology without the knowledge or approval of their organization’s Information Technology department and/or Chief Information Security Officer (CISO).  This has increased their productivity. In light of this, it should not come as a surprise to learn that motivated employees will seek ..read more
Visit website
U.S. soldier linked to BSNL data breach: Arrest reveals cybercrime
E Hacking News
by Dhara Shrivastava
8h ago
  The arrest of Cameron John Wagenius, a U.S. Army communications specialist, has unveiled potential connections to a significant data breach targeting India’s state-owned telecom provider, BSNL. The breach highlights the global reach of cybercrime networks and raises concerns about the security of sensitive data across continents.  Wagenius, stationed in South Korea, was apprehended on December 20, 2023, for allegedly selling hacked data from U.S. telecom companies. According to cybersecurity experts, he may also be the individual behind the alias “kiberphant0m” on a dark web mar ..read more
Visit website
Navigating 2025: Emerging Security Trends and AI Challenges for CISOs
E Hacking News
by Shruti Jain
8h ago
  Security teams have always needed to adapt to change, but 2025 is poised to bring unique challenges, driven by advancements in artificial intelligence (AI), sophisticated cyber threats, and evolving regulatory mandates. Chief Information Security Officers (CISOs) face a rapidly shifting landscape that requires innovative strategies to mitigate risks and ensure compliance. The integration of AI-enabled features into products is accelerating, with large language models (LLMs) introducing new vulnerabilities that attackers may exploit. As vendors increasingly rely on these foundational m ..read more
Visit website
New Version of Banshee Malware Targets macOS Users
E Hacking News
by Viplav Kushwah
8h ago
  According to the latest study published this week, a new variant of the info-stealing malware known as "Banshee" has been targeting macOS users' passwords, cryptocurrency wallets, browser credentials, and other data for at least the past four months. Check Point researchers discovered that the latest version targets anyone using a Mac and can be downloaded mostly through malicious GitHub uploads, but also through other websites (GitHub's policies prohibit malware, but this does not mean there is no malware on GitHub).  This latest Banshee malware often disguises itself as the Te ..read more
Visit website
Cyberattacks and Technology Disruptions: Leading Threats to Business Growth
E Hacking News
by Shruti Jain
8h ago
  The global average cost of a data breach soared to nearly $4.9 million in 2024, marking a 10% increase compared to the previous year, according to a report by IBM. In late October, UnitedHealth disclosed that a significant cyberattack on its Change Healthcare subsidiary earlier in 2024 might have exposed the data of 100 million individuals. This incident is regarded as the largest healthcare data breach ever reported to federal regulators, as first reported by Healthcare Dive. Earlier that month, the company revealed the breach had led to a financial impact of $2.5 billion over the n ..read more
Visit website
How Hackers Sell Access to Corporate Systems Using Stolen Credentials
E Hacking News
by Ridhika Singh
1d ago
  In the cybercrime world, Initial Access Brokers (IABs) are essential for facilitating attacks. These specific hackers break into company systems, steal login credentials, and then sell access to other criminals who use it to launch their own attacks. They essentially act as locksmiths for hackers, making it easy for those willing to pay to get into systems. What Exactly Do IABs Do? IABs function as a business where they sell access to corporate systems stolen from their organizations on dark markets, either private forums or Telegram channels. The credentials offered include the most ..read more
Visit website
Medusind Data Breach Exposes Health and Personal Information of 360,000+ Individuals
E Hacking News
by Dhara Shrivastava
1d ago
  Medusind, a major provider of billing and revenue management services for healthcare organizations, recently disclosed a data breach that compromised sensitive information of over 360,000 individuals. The breach, which occurred in December 2023, was detected more than a year ago but is only now being reported publicly.  The Miami-based company supports over 6,000 healthcare providers across 12 locations in the U.S. and India, helping them streamline billing processes and enhance revenue generation. According to a notification submitted to the Maine Attorney General’s Office, the ..read more
Visit website
Millions of People's 'Intimate' Location Data Compromised in Apparent Hack
E Hacking News
by Viplav Kushwah
1d ago
  Major apps worldwide are potentially being exploited by rogue members within the advertising sector to collect sensitive location data extensively, which subsequently is transferred to a location data firm whose subsidiary has previously sold global location data to US law enforcement agencies.  The thousands of apps discovered in hacked files from location data firm Gravy Analytics range from games like Candy Crush to dating apps like Tinder, pregnancy tracking, and religious prayer apps for both Android and iOS. Because much of the data collection occurs through the advertising ..read more
Visit website
GDPR Violation by EU: A Case of Self-Accountability
E Hacking News
by Trapti Rajput
1d ago
  There was a groundbreaking decision by the European Union General Court on Wednesday that the EU Commission will be held liable for damages incurred by a German citizen for not adhering to its own data protection legislation.  As a result of the court's decision that the Commission transferred the citizen's personal data to the United States without adequate safeguards, the citizen received 400 euros ($412) in compensation. During the hearing conducted by the EU General Court, the EU General Court found that the EU had violated its own privacy rules, which are governed by the Ge ..read more
Visit website
This Phishing Trend is Exploiting YouTube URLs Through O365 Expiry Themes
E Hacking News
by Shruti Jain
2d ago
  A recent surge in phishing campaigns has revealed attackers leveraging cleverly obfuscated URLs and Microsoft 365 password expiry warnings to trick users into surrendering their credentials. Here's a breakdown of the latest findings: The phishing emails consistently use subject lines formatted as: “ACTION Required - [Client] Server SecurityID:[random string]”. The email body prompts recipients to reconfirm their passwords due to expiry, with clickable buttons labeled “Keep [USER EMAIL] Access Active.” Tactics Employed - Fake YouTube Links: Attackers embed links starting with seemi ..read more
Visit website

Follow E Hacking News on FeedSpot

Continue with Google
Continue with Apple
OR