Scroll co-founder Ye Chen’s X account was hijacked in a sophisticated phishing operation where attackers posed as platform employees to target crypto industry figures.

The compromised account, which commands substantial influence among crypto leaders, began distributing fraudulent messages claiming copyright violations and threatening account restrictions unless users clicked on malicious links within 48 hours.

The hackers transformed Chen’s profile to mimic X’s official branding, updating the bio to reference Twitter and nCino while warning followers about security breaches.

The attackers flooded the feed with reposts from X’s verified accounts to enhance perceived legitimacy, then launched their phishing campaign via direct messages.

Sophisticated Attack Mirrors Growing Pattern

The breach follows established tactics where hackers exploit trusted accounts to distribute malicious links disguised as urgent platform notifications.

Recipients received messages appearing to come from X’s rights management team, complete with fake compliance warnings and time-sensitive appeals processes designed to create panic and bypass security awareness.

Blockchain security researcher Wu Blockchain first identified the compromise and alerted the community to ignore any communications from the account.

The warning emphasized particular concern given Chen’s extensive network of high-profile cryptocurrency executives, developers, and investors who might trust messages from his verified account.

Scroll co-founder @shenhaichen's X account has been hacked and is currently sending phishing private messages impersonating X employees. This account has a large following among prominent figures in the crypto industry; the community and users are advised to be aware of the… pic.twitter.com/ctXk2G0bQm

— Wu Blockchain (@WuBlockchain) January 25, 2026

The attack represents the latest escalation in social media compromises targeting crypto industry leaders, in which hackers increasingly leverage delegated account access and expired domain registrations to bypass security measures, including two-factor authentication.

Industry Faces Relentless Social Engineering Wave

BNB Chain’s official account suffered a similar breach in October when hackers posted fake reward programs with phishing links after Binance co-founder CZ warned followers against clicking suspicious content.

The compromised account promoted fraudulent BSC token distributions, promising early payouts to users who voted on reward dates through malicious URLs designed to drain digital wallets.

Binance co-CEO Yi He’s WeChat account was also hijacked in December to promote meme coin schemes, with attackers conducting a coordinated pump-and-dump operation around the token MUBARA.

Two wallets created hours before the breach accumulated 21.16 million tokens before dumping holdings as retail traders flooded in, netting attackers approximately $55,000 while leaving later buyers exposed to price collapse.

Changpeng Zhao @cz_binance warned that new co-CEO Yi He’s @heyibinance abandoned WeChat account was hacked and used to push a meme coin called MUBARA.#Binance #Memecoins https://t.co/sdyH325OMD

— Cryptonews.com (@cryptonews) December 10, 2025

Among other notable accounts hacked were ZKsync and Matter Labs, which were compromised in May through what the team described as “delegated accounts” with limited posting privileges.

Hackers published false claims about an SEC investigation alongside fake airdrop promotions, triggering a 5% drop in the ZK token price despite a prior 38.5% weekly rally.

The prominent crypto media company, Watcher.Guru also confirmed its account breach in March after fake Ripple-SWIFT partnership claims spread across connected Telegram, Facebook, and Discord channels through automated content bots.

The team suspects the compromise originated from a suspicious link containing unusual query strings shared in their Telegram group weeks earlier.

Record Theft Year Exposes Escalating Threats

The crypto ecosystem witnessed over $3.4 billion stolen in 2025, according to Chainalysis’s 2026 Crypto Crime Report, with North Korean state-backed hackers accounting for a record $2.02 billion across fewer but increasingly sophisticated attacks.

The Democratic People’s Republic of Korea now represents 76% of all service compromises, bringing cumulative DPRK cryptocurrency theft to $6.75 billion since operations began.

Personal wallet compromises surged to 158,000 incidents affecting at least 80,000 unique victims, triple the 54,000 cases recorded in 2022.

Address poisoning scams drove December’s single-largest loss, when one victim transferred $50 million to a fraudulent wallet mimicking their intended destination, while private key leaks resulted in $27.3 million stolen from multi-signature wallets.

Personal Security Breaches Surge Across Platforms

Most recently, Ubuntu developer Alan Pope warned that attackers are hijacking Snap Store publisher accounts by registering expired domains linked to legitimate developers, then pushing malicious updates to previously trusted packages.

The technique exploits automatic update systems and established trust signals, with at least 2 confirmed cases of wallet-stealing malware distributed through seemingly normal applications.

Hackers are exploiting trusted Snap Store packages to steal cryptocurrency by hijacking existing publisher accounts.#Hack #Cryptohttps://t.co/YV5Yoiwb0F

— Cryptonews.com (@cryptonews) January 21, 2026

Given these growing, multifaceted attack vectors, Better Business Bureau officials are warning consumers about phishing campaigns that lock X users out of their accounts and are subsequently used for cryptocurrency promotions.

Kentucky journalist Jennie Rees described receiving direct messages from apparent colleagues requesting contest votes, only to find her account posting fake Audi purchase claims tied to crypto earnings after clicking the malicious link.

The post Hackers Impersonate X Staff Using Compromised Scroll Founder Account appeared first on Cryptonews.

Cryptocurrency hackers are exploiting trusted Linux software to steal digital assets, using a new technique that turns legitimate Snap Store packages into malware.

Rather than creating fresh accounts on the Snap Store, which is operated by Canonical, attackers are now taking over existing publisher accounts, according to a warning from Ubuntu contributor and former Canonical developer Alan Pope.

The method relies on identifying expired web domains and email addresses linked to long-standing Snap Store developers, registering those domains, and then using the recovered access to hijack Snapcraft accounts.

Attackers Turn Legitimate Packages Malicious

Once inside, the attackers push malicious updates to packages that were previously benign, catching users off guard through automatic updates and long-established trust signals.

The Snap Store, like other major package repositories, has long been a target for malware campaigns.

Early efforts were relatively unsophisticated, with scammers publishing fake crypto wallet applications under newly created accounts.

When those attempts became easier to detect, attackers began disguising malicious apps using lookalike characters from other alphabets to evade filters.

According to Pope, the tactic then evolved into a bait-and-switch approach. Attackers would publish harmless software under neutral names such as “lemon-throw” or “alpha-hub,” often posing as simple games. After approval and a period of inactivity, a follow-up update would quietly introduce a fake crypto wallet designed to steal funds.

The latest development raises the stakes. In at least two confirmed cases, attackers took control of expired domains once owned by legitimate Snap publishers and used them to distribute wallet-stealing malware through automatic updates.

A new Snap Store scam campaign abuses expired publisher domains to bypass trust signals and deliver malicious app updates.https://t.co/nWL9HGXACe#Linux #OpenSource

— Linuxiac (@linuxiac) January 19, 2026

The affected applications appeared normal on the surface but were built to harvest wallet recovery phrases and transmit them to attacker-controlled servers.

By the time users noticed suspicious behavior, funds and sensitive data were already compromised.

Canonical has since removed the malicious snaps, but Pope warned that the response highlights deeper weaknesses in the platform’s trust model.

He said domain takeovers undermine publisher longevity as a safety signal and called for additional safeguards, including monitoring domain expirations, enforcing stronger account verification for dormant publishers, and requiring mandatory two-factor authentication.

Security Researcher Warns of Delayed Snap Store Takedowns

Pope also noted delays in removing reported malicious snaps, sometimes stretching over several days.

He advised users to exercise extra caution when installing cryptocurrency wallets on Linux and to consider downloading them directly from official project websites instead of app stores.

To help users assess risk, Pope created SnapScope, a web-based tool that flags snaps as suspicious or malicious before installation.

He also urged developers to keep domain registrations active and secure Snapcraft and email accounts with two-factor authentication.

According to Chainalysis, illicit cryptocurrency addresses received a record $154 billion in 2025, a sharp increase from the year before.

In another case, US prosecutors have charged a 23-year-old Brooklyn resident, Ronald Spektor, with stealing roughly $16 million in cryptocurrency from around 100 Coinbase users through an alleged phishing and social engineering scheme.

The post Hackers Hijack Snap Store Accounts to Push Crypto-Stealing Malware on Linux appeared first on Cryptonews.

DeFi protocol MakinaFi lost 1,299 ETH (~$4.1m) in a breach tied to MEV-style execution, with stolen funds split across two wallets now monitored by analysts. Decentralized finance platform MakinaFi has been hit by a security breach resulting in the loss…

Radware bypassed ChatGPT’s protections to exfiltrate user data and implant a persistent logic into the agent’s long-term memory.

The post ‘ZombieAgent’ Attack Let Researchers Take Over ChatGPT appeared first on SecurityWeek.

Using fake accounts and synthetic data to lure the hackers, the researchers gathered information on their servers.

The post Researchers Trap Scattered Lapsus$ Hunters in Honeypot appeared first on SecurityWeek.

Roughly 30,000 Korean Air employees had their data stolen by hackers in a breach at former subsidiary KC&D.

The post Korean Air Data Compromised in Oracle EBS Hack appeared first on SecurityWeek.

LKQ said the personal information of thousands of individuals was compromised as a result of the hacker attack.

The post Auto Parts Giant LKQ Confirms Oracle EBS Breach appeared first on SecurityWeek.

Heather Morgan, known by her rap persona “Razzlekhan,” could land an 18-month prison sentence after pleading guilty to laundering cryptocurrency linked to the 2016 Bitfinex hack. Prosecutors described her role as pivotal in obscuring stolen bitcoin through complex schemes, despite not being part of the original theft. Her cooperation, and the influence of her husband, […]

“My phone’s been hacked!” These are words you never want to hear or say. Ever. You are not alone in this sentiment.

Our phones have become the central hub of our lives, storing everything from personal and financial information, access to payment apps, files, photos, and contacts. This has made our phones irresistible, prized targets for cyber criminals. And because these devices are always on and always with us, the opportunity for attack is constant. What are the signs that you have been hacked and how can you reclaim your control? This guide walks you through the common indicators of a hacked phone and what steps you can take to protect your data and privacy.

What is phone hacking and how does it work?

Phone hacking is the unauthorized access and control of your smartphone and its data. It can happen to any person and any device, whether it’s an iPhone or an Android. To achieve this, cybercriminals—also called hackers—use various types of malicious software, sometimes called malware, such as:

• Spyware, which secretly tracks your every move
• Adware, which bombards your device with pop-up ads
• Ransomware, which locks your files until you pay a fee 

These attacks are typically motivated by financial gain, such as stealing banking credentials, or by a desire to monitor someone’s personal life. 

The cost of phone hacking to you

Phone hacking isn’t just a technical or convenience issue. It has real and often costly consequences for your personal life, finances, and privacy. Here, we list the kinds of losses you might face with a hacked phone:

• Financial loss: Hackers can access banking apps to drain your accounts, steal credit card information for fraudulent purchases, or use your phone to subscribe to premium services without your consent.
• Identity theft: Cybercriminals can steal personal information from your device, such as your social security number, passwords, and photos—to open new accounts or commit crimes in your name.
• Severe privacy invasion: Through spyware, an attacker can turn on your phone’s camera and microphone to secretly record you, track your location in real-time, and read all your private messages.
• Emotional and reputational damage: The stress of being hacked is significant. A criminal could use your accounts to impersonate you, spread misinformation or damage your relationships with family, friends, and colleagues.

The consequences of a hacked phone go far beyond inconvenience. This is why it is so critical to stay alert for the warning signs of a compromise and know exactly what to do if your phone is hacked.

Common ways hackers gain access to your smartphone

The unfortunate reality is that anyone’s phone can be targeted and successfully hacked. Cybercriminals have developed several sophisticated methods that allow them to remotely take over your device. These tactics are done mainly by surreptitiously installing malicious software or malware, monitoring calls and messages, stealing personal information, or even taking over your various accounts. Here are detailed explanations for each hacking method:

• Malicious apps: Malware can be disguised as legitimate applications, such as games and utility tools, available on unofficial third-party app stores. Once installed, it can steal data, track your location, or install more malware. Always be cautious of apps that ask for permissions that exceed their intended function, such as a calculator app requesting access to your contacts.
• Visiting malicious websites: Visiting a compromised website on your phone could infect it with malware through a drive-by download which automatically installs malicious software, scripts that exploit your phone’s operating system vulnerabilities, or pop-ups or ads that trick you into authorizing a download, often disguised as a software update or a prize notification. 
• Phishing or smishing: You might receive a text message (SMS) or email that appears to be from a trusted source, like your bank or a delivery service. These messages contain links that lead to fake websites designed to trick you into entering your passwords or personal information. A common example is a text claiming there’s a problem with a package delivery, urging you to click a link to reschedule.
• Unsecured public Wi-Fi: When you connect to a free, public Wi-Fi network at a café, airport, or hotel without protection, your data can be vulnerable. Hackers on the same network can intercept the information you send, including passwords and credit card details. Using a virtual private network (VPN) protects you on public networks.
• SIM swapping: This sophisticated scam involves a hacker impersonating you and convincing your mobile carrier to transfer your phone number to a new SIM card they control. Once they have your number, they can intercept calls and texts, including two-factor authentication codes, allowing them to take over your online accounts.
• Juice-jacking: Cybercriminals can modify public USB charging stations to install malware onto your phone while it charges. This technique can steal sensitive data from your phone. It’s always safer to use your own AC power adapter and a wall outlet.
• Outdated operating systems: Hackers actively search for security holes in older versions of iOS and Android. Installing the latest security updates for your phone’s operating system locks the doors to malware as these updates contain critical patches that protect you from newly discovered threats.

12 signs your phone was hacked

To be certain that your phone has been hacked, here are some signs you should consider. Note that these might be signs of a hacked phone, yet not always. 

1. More popups than usual: Phones hit with adware will be bombarded with pop-up ads. Never tap or click on them, as they might take you to pages designed to steal personal information.
2. Data spikes or unknown call charges: A hacker is likely using your phone to transfer data, make purchases, send messages, or make calls via your phone. 
3. Issues with online accounts: Spyware might have stolen your account credentials, then transmitted them to the hacker, leading to credit and debit fraud. In some cases, hackers will change the password and lock out the device owner.
4. Unexpected battery drain: Your phone’s battery dies much faster than usual because hidden malware is constantly running in the background.
5. Sluggish performance: Your device freezes, crashes, or lags significantly as malicious software consumes its processing power and memory.
6. Unfamiliar apps or messages: You discover apps you never installed or see outgoing calls and texts you didn’t make, indicating unauthorized use.
7. Phone overheats while idle: Your device feels unusually warm even when you’re not using it, a sign of malware overworking the processor.
8. Random reboots or shutdowns: The phone restarts on its own, which could be caused by conflicting malicious code or a hacker remotely controlling it.
9. Camera or mic activates unexpectedly: Someone may be spying on you when the camera or microphone indicator light turns on when you aren’t using it.
10. Websites look different: Pages you visit look unusual or frequently redirect you to spammy sites, indicating your web traffic is being hijacked.
11. Unauthorized 2FA requests: You receive notifications for two-factor authentication codes you didn’t request, a strong signal that someone has your password and is trying to access your accounts.
12. Inability to shut down properly: Your phone resists being turned off or fails to shut down completely, as malware may be designed to keep it running. 

If you see several of these signs, it’s crucial to take immediate action to secure your device and data.

Clarifying misconceptions about phone hacking

Ultimately, the biggest factor in security is user behavior. Regardless of whether you use Android or iOS, practising safe habits—like avoiding suspicious links, using strong passwords, and keeping your operating system updated—is the most critical defense against having your phone hacked.

What’s easier to hack: Android or iPhone?

This is a long-standing debate, and the truth is that both platforms can be hacked. Android’s open-source nature and accommodation of third-party sources apps create more potential vulnerabilities. Additionally, security updates can sometimes be delayed depending on the device manufacturer. iPhones, while generally more secure, can be vulnerable if a user jailbreaks the device or falls victim to phishing and other social engineering scams.

Can answering a phone call get you hacked?

Simply answering a phone call cannot install malware on a modern, updated smartphone. The real danger comes from social engineering, where the caller will convince you into taking an action that compromises your security such as giving your personal information or installing something yourself. This is often called vishing or voice phishing.

Can your phone camera be hacked?

Yes, your phone’s camera and microphone can be hacked, a process known as camfecting. This is typically done using spyware hidden in malicious apps disguised as legitimate software that you may have been tricked into installing. Signs of a compromised camera include the indicator light turning on unexpectedly, finding photos or videos in your gallery that you didn’t take, or experiencing unusually high battery drain.

Can a phone be hacked when turned off?

When your phone is completely powered down, its network connections and most of its hardware are inactive, making it impossible to be actively hacked over the internet. However, some modern smartphones have features that remain active even when the device seems off, like the location tracker. Sophisticated, state-level spyware like Pegasus are also theoretically capable of attacking a device’s firmware even while turned off. 

Hacking off a hacker: A step-by-step recovery guide 

Sometimes you are fortunate enough to catch the hacking attempt while it is in progress, such as during a vishing incident. When this happens, you can take these immediate steps to thwart the hacker before, during and after:

• Use call screening and blocking: Enable your carrier’s spam call filtering services and manually block any suspicious numbers that call you.
• Never share one-time codes: Legitimate companies will never call you to ask for a password, PIN, or two-factor authentication (2FA) code. Treat any such request as a scam.
• Hang up and verify independently: If you receive a suspicious call, hang up immediately. Find the official phone number for the company online and call them directly.

Discovering that your phone has been hacked can be alarming, but acting quickly can help minimize the damage and restore your privacy. Here are the actions to take to regain control and protect your personal information:

1. Back up essential data: Before taking any action, save your irreplaceable data such as photos, contacts, and important documents to a cloud service or computer. Do not back up applications or system data, as these may be infected.
2. Disconnect immediately: The first step is to restart your phone in Safe Mode (for Android) or Recovery Mode (for iPhone). This cuts off its connection to Wi-Fi and cellular networks, preventing the hacker from sending or receiving more data.
3. Run a security scan: Use a trusted mobile security app, like McAfee Mobile Security to scan your device. It’s designed to find and remove malware that may be hiding on your phone.
4. Delete suspicious apps and files: Manually go through your applications and delete anything you don’t remember installing or that looks unfamiliar. Check your downloads folder for suspicious files and delete those as well.
5. Clear browser cache and data: Malicious code could be stored in your browser’s cache. Go into your browser settings and clear all history, cookies, and cached data to remove lingering threats.
6. Change your passwords: From a separate, uninfected device, change the passwords for your critical accounts, including email, banking, and social media. Use a password manager to create and store strong, unique passwords for each account. Enable 2FA where possible for added security. 
7. Secure your accounts: Review recent activity on your online accounts for any unauthorized transactions or messages. Have your bank accounts frozen and request new cards and credentials.
8. Update your operating system: Check for and install the latest OS update for your device. These updates often contain critical security patches that can fix the vulnerability the hacker exploited in the first place.
9. Perform a full shutdown when needed, disable always-on location features if you’re concerned.
10. Perform a factory reset: If the issues persist, a factory reset is your most effective —and last—option. Once you have backed up files, resetting is a straightforward process and will completely remove any lingering malware.
11. Verify backups before restoring: After cleaning your device or a factory reset, be cautious when restoring data. Ensure your backup is from a date before the hacking occurred to avoid reinfecting your phone. Restore only essential data and manually reinstall apps only from official app stores.
12. Notify your contacts and authorities: Let your contacts know your phone was hacked so they can be wary of strange messages from your number. If you suspect identity theft or financial fraud, report it to the relevant authorities and your financial institutions immediately.

Future-proof your phone from hacks

• Set a SIM PIN: Add a personal identification number to your SIM card through your phone’s settings. This prevents a fraudster from using your SIM in another device to execute a SIM swap attack.
• Enable automatic security updates: Ensure your phone is set to automatically download and install OS updates. These patches often fix critical security vulnerabilities that hackers actively exploit.
• Use encrypted DNS: Enable the Private DNS feature on Android or an equivalent app on iOS to encrypt your web traffic lookups. This prevents eavesdroppers on public Wi-Fi from seeing which websites you visit.
• Disable developer options and USB debugging: These settings are for app developers and can create security backdoors if left on. Turn them off in your phone’s settings unless you have a specific need for them.

Protective measures to take in the first place

Applying security measures the moment you bring home your brand new phone helps to keep your phone from getting hacked in the first place. It only takes a few minutes. Follow these tips to find yourself much safer from the start:  

1. Install trusted security software immediately. You’ve adopted this good habit on your desktops and laptops. Your phones? Not so much. Online protection software gives you the first line of defense against attacks, and more.
2. Go with a VPN. Make a public network safe by deploying a virtual private network, which serves as your Wi-Fi hotspot.  It will encrypt your data to keep you safe from advertisers and prying eyes.
3. Use a password manager. Strong, unique passwords offer another primary line of defense. Try a password manager that can create and safely store them. 
4. Avoid public charging stations. Look into a portable power pack that you can charge up ahead of time or run on AA batteries. They’re pretty inexpensive and are a safer alternative to public charging stations.  
5. Keep your eyes on your phone. Preventing the actual theft of your phone is important. This is a good case for password or PIN protecting your phone, and turning on device tracking. In case it is stolen, Apple and Google provide a step-by-step guide for remotely wiping devices.  
6. Stick with trusted app stores. Stick with legitimate app stores like Google Play and Apple’s App Store, which vet apps to ensure they are safe.
7. Keep an eye on app permissions. Check what permissions your apps are asking for. Both iPhone and Android users can allow or revoke app permission.
8. Update your phone’s operating system. Keeping your phone’s operating system up to date can fix vulnerabilities that hackers rely on to pull off attacks—it’s another tried and true method to keep your phone safe and performing well.

Advanced ways to block hackers from your phone

• Enable a SIM Card PIN: Set up a PIN for your SIM card to prevent hackers from using it in another phone for a SIM swap attack, which requires the PIN upon restart.
• Use an eSIM if possible: An embedded SIM (eSIM) cannot be physically removed from your phone, making it difficult for criminals to execute a fraudulent SIM swap.
• Enforce encrypted DNS: Configure your phone to use DNS-over-HTTPS (DoH), which encrypts your DNS queries, preventing eavesdroppers on public Wi-Fi from seeing which websites you visit.
• Deploy a hardware security key: For the ultimate 2FA protection, a physical key (like a YubiKey) for sensitive accounts makes it nearly impossible for hackers to log in without it.
• Disable USB debugging and developer mode: Unless you are an app developer, keep these advanced Android features off to close potential backdoors that malware could exploit.
• Turn off unused wireless radios: Manually disable Wi-Fi, Bluetooth, and NFC when you aren’t using them to reduce your phone’s attack surface and prevent unauthorized connections.

Stay proactive with mobile security

Protecting your phone from hackers doesn’t have to be overwhelming. By remaining vigilant for the warning signs, keeping your software updated, and using trusted security tools, you can significantly reduce your risk of getting your phone infiltrated. Think of your digital security as an ongoing practice, not a one-time fix. 

Mobile security solutions like McAfee Mobile Security are specifically designed to scan your device for malware, spyware, and other malicious code. Key features to look for in a quality security app include real-time antivirus protection, web protection to block dangerous websites, and privacy monitoring to check which apps have access to your personal data. McAfee Mobile Security also offers award-winning antivirus, real-time malware scanning to stop malicious apps before they can cause harm. The included Secure VPN encrypts your connection, making public Wi-Fi safe for browsing and banking. With features like Identity Monitoring to alert you if your details are found on the dark web and Safe Browsing to block risky websites, you’re protected from multiple angles. 

Be very cautious of fake anti-hack apps; these could be scams that can install malware themselves. To be safe, always download security software from reputable providers through official channels like the Google Play Store or Apple’s App Store.

The post How to Know If Your Phone Has Been Hacked appeared first on McAfee Blog.

Today I will tell you Zxing org Wifi Password Hack or How to Connect WIFI Without a Password 2021, this process is ...

Read more

The post Zxing org Wifi Password Hack appeared first on HackNos.

In this article, We are going Hiddeneye Install in Termux, Hidden eye is the Most advanced tool For Phishing Pages, Hidden eye ...

Read more

The post Hiddeneye Install in Termux appeared first on HackNos.

<!--[if gte mso 9]> <![endif]--><!--[if gte mso 9]> Normal 0 false false false EN-US X-NONE X-NONE <![endif]--><!--[if gte mso 9]>

Yes, everyone knows Shodan (and who does not know, and wants to hack, should know). I’m not sure if Shodan Hacks is a good name, but I like it. It also reminds me of the Google Hacks I wrote about yesterday. Similar principle of operation only on

The term “Google Hacking“ certainly does not mean hacking Google company. It means that you can do specially selected queries for the popular Google search engine, which allow you to find information useful for analyzing the security of other websites. With the help of these queries,

The post Undetected e.04: TomNomNom – Hacking things back together appeared first on Detectify Blog.

By Kim Crawley

The annual Verizon Data Breach Investigations Report is a wealth of valuable information about the state of cybersecurity today.

Of course, data breaches remain one of the biggest problems in cybersecurity. Many of the worst breaches expose financial data, authentication credentials, and sensitive legal and medical information. In the wrong hands, this data can help cybercriminals access organizations’ and individuals’ most sensitive data and valuable networks.

Ransomware that targets enterprises is also growing. In fact, ransomware incidents are up 13 percent from the previous year, a larger increase than the previous five years combined. Another data breach vulnerability trend is an increase in human exploitation, whether by phishing, stolen credentials or user errors.

The DBIR is a massive report that resulted from Verizon analyzing a large number of data breaches, which they’ve also verified directly for authenticity. Here’s how Verizon determines which breaches to include:

“The incident must have at least seven enumerations (e.g., threat actor variety, threat action category, variety of integrity loss, et al.) across 34 fields or be a DDoS attack. Exceptions are given to confirmed data breaches with less than seven enumerations. The incident must have at least one known VERIS threat action category (hacking, malware, etc.).”

Verizon acknowledges that many data breaches still go undetected. Nonetheless, as organizations improve their systems for detecting indications of compromise (IOCs), there’s a lot of useful data to be analyzed.

Here are five key findings:

1. Web application “hacking” and denial of service attacks are the most common actions that threat actors perform in order to unlawfully access sensitive data in networks. For the sake of the report, hacking is defined as “attempts to intentionally access or harm information assets without (or exceeding) authorization by circumventing or thwarting logical security mechanisms.”
2. Seventy percent of breaches involve web application hacking, 45 percent involve denial of service, 15 percent involve backdoor malware, 15 percent involve ransomware and 10 percent involve email.
3. Malicious access to credentials led to just under 50 percent of breaches, phishing in a bit under 20 percent and vulnerability exploits about 10 percent.
4. Data breaches are mainly caused by external threat actors, but internal threat actors are still a significant risk, too. About 80 percent of threat actors are external to the targeted organization, and 20 percent are internal—an organization’s own employees, contractors and other insiders.
5. Even though internal threat actors conduct fewer attacks, internal attacks expose the most records and therefore lead to more destructive data breaches. External threat actor breaches expose a median of 30,000 records, internal threat actor breaches expose a median of 375,000 records, and threat actors with a partnership relationship (often in the supply chain) expose a median of 187,500 records.

Whenever organizations are testing to see how vulnerable they are to a data breach, it’s important to simulate internal, external and supply chain attacks. Web application pentesting is also more important than ever. As DBIR makes clear, it’s critical that every organization test for unauthorized credential exploitation and phishing attacks, too.

Thank you Verizon for helping our industry better understand data breach threats! For more information about how Synack can help organizations prevent data breaches, get in touch here.

The post Five Big Takeaways from Verizon’s 2022 Data Breach Investigations Report appeared first on Synack.

Check out the article here.

Rackspace has been confirmed that the Play group was responsible for the December cyberattack. Hackers hacked the company’s email account. This was achieved using a zero-day exploit.

There is a high probability that the exploit was linked to a vulnerability under CVE-2022-41080. According to an investigation conducted by the same company, the hackers managed to get access to the e-mails and other confidential information, but no evidence was found that they were involved in its distribution.

It also remains a mystery as to whether Rackspace paid a ransom for the information for the cybercriminals. It should be noted that the report was followed by a report from IS company Crowd Strike, which shed light on the new attack used by the Play group. The technique is called OWASRF and is being used to cyberattack Exchange servers for which patches that fix the CVE 2022 41040 or CVE 2022 41083 vulnerability are not applied. Experts say the sequential application of CVE 2022-410800 and CSVE-2021-41082 allows hackers to remotely execute arbitrary code by ignoring OWA Outlook Web Access blocking rules.

Download now!

“SECURE PHONE”

• Let’s create a phone using ANDROID OS as an example
• With protection against network traffic interception;
• With notification about substitution of the base station (BS);
• By choosing open source firmware or removing built-in backdoors (yes, yes, they’re present in almost every firmware!);
• By encrypting it and making it resistant to forensics;
• Discuss backup and recovery methods, as well as encryption for secure storage;
• Talking about antiviruses for Android: are they useful and which one to choose?
• We will highlight services of automatic caller’s number detection, as well as services of automatic call recording of GSM standard and messengers;
• Figuring out the safest messengers of the 3 dominant types (federated, centralized, and p2p);
• Protecting sim cards, types of root and frameworks to change OS function on the fly;
• Using VPN for smartphone;
• Protecting the phone’s DNS from spoofing;
• Using firewalls for Android;
• By protecting your smartphone from being tapped by third-party applications;
• Safely deleting files, with a clear understanding of why you can’t give your phone to repair or sell it without first scrubbing it.

“HACK PHONE”

• Phone as a pentester tool that is always on hand
• Phone as a bootable flash drive for hacking and administering Windows;
• Phone as a BAD UASB tool to deliver a payload;
• Net Hunter and its installation types, directly on the phone, or as an element of Smartphone firmware;

Testing router security via Smartphone;

Setting up and optimizing Termux to work with root rights and pentester frameworks for “underhand” testing

Download now!

Description:

How we can help you save money and your reputation?

We’ll tell and show you by real examples:

Why simple and repeated passwords are dangerous

Who needs your data and why

The pitfalls of public wifi

How bank cards are stolen

Pros and cons of dual authentication

How to easily access your phone

What smart homes and assistants keep quiet about

Also, let’s talk about topics:

• Digital Hygiene
• Antivirus, VPN and other protection
• Online extortion
• Surveillance of intelligence services and not only
• Who needs your intimate photos
• Online porn, dangers and precautions