The hackers claimed to have accessed over 100 terabytes of Albania’s geographic information system and population data, although the institute denied that recent census data was compromised.
The Passenger Rail Agency of South Africa (PRASA) reported a loss of 30.6 million rand due to a phishing scam, with only half of the stolen money recovered. Insider threats, such as ghost email accounts, are suspected.
Mastodon users and administrators need to upgrade to the latest version to patch a critical vulnerability (CVE-2024-23832) that allows attackers to take over accounts remotely.
The backdoor, called Activator, employs a unique delivery method that backdoors the victim during the installation process, making it challenging to remove the infection even if the cracked software is removed.
The attackers stole source code and code signing certificates. AnyDesk responded by revoking security certificates, replacing systems, and reassuring customers that it is safe to use the software.
The attackers disguise the email to appear as if it’s from a legitimate brand, using social engineering techniques to lure recipients into clicking on what seems to be an embedded voicemail but is actually a credential harvesting page.
The regulatory fine resulted from complaints by French Uber drivers and a Paris-based civil society organization, highlighting the significance of user rights and privacy concerns.
According to Trustpair, 96% of US companies experienced at least one fraud attempt in the past year, with 83% seeing an increase in cyber fraud. Fraudsters used various tactics such as text messages, fake websites, and CEO/CFO impersonations.
A 22-year-old man from the US, Daniel James Junk, has been sentenced to 72 months in federal prison for his involvement in a fraudulent scheme that led to the theft of millions of dollars through SIM swapping.
A top U.S. banking lobbyist told a Senate panel Thursday there are limits to what financial institutions can do to stop scammers from draining individual banking accounts and called on regulators like the FCC to do more to combat caller ID spoofing.