US govt says Americans lost record $12.5 billion to fraud in 2024 

The U.S. Federal Trade Commission (FTC) said today that Americans lost a record $12.5 billion to fraud last year, a 25% increase over the previous year. 

Source: https://www.bleepingcomputer.com/news/security/us-govt-says-americans-lost-record-125-billion-to-fraud-in-2024/
 

US Hasn’t Determined Who Was Behind Cyberattack That Caused Outage on Musk’s X 

U.S. officials have not determined who was behind an apparent cyberattack on the social media site X that limited access to the platform for thousands of users, according to a Trump administration official familiar with the ongoing investigation into the matter. 

Source: https://www.securityweek.com/us-hasnt-determined-who-was-behind-cyberattack-that-caused-outage-on-musks-x/
  

Data breach at Japanese telecom giant NTT hits 18,000 companies 

Japanese telecommunication services provider NTT Communications Corporation (NTT) is warning almost 18,000 corporate customers that their information was compromised during a cybersecurity incident. 

Source: https://www.bleepingcomputer.com/news/security/data-breach-at-japanese-telecom-giant-ntt-hits-18-000-companies/
  

CISA: Medusa ransomware hit over 300 critical infrastructure orgs 

CISA says the Medusa ransomware operation has impacted over 300 organizations in critical infrastructure sectors in the United States until last month. 

Source: https://www.bleepingcomputer.com/news/security/cisa-medusa-ransomware-hit-over-300-critical-infrastructure-orgs/
  

Trump Coins Used as Lure in Malware Campaign 

Binance is being spoofed in an email campaign that uses ‘up to 2000’ free TRUMP Coins as a lure leading to the installation of the ConnectWise RAT, and remote takeover of the victim’s computer, according to a Flash Alert issued by Cofense Intelligence. 

Source: https://www.securityweek.com/trump-coins-used-as-lure-in-malware-campaign/
  

US seizes $23 million in crypto linked to LastPass breaches 

U.S. authorities have seized over $23 million in cryptocurrency linked to the theft of $150 million from a Ripple crypto wallet in January 2024. Investigators believe hackers who breached LastPass in 2022 were behind the attack. 

Source: https://www.bleepingcomputer.com/news/security/us-seizes-23-million-in-crypto-stolen-via-password-manager-breach/
  

Trump Administration Halts Funding for Two Cybersecurity Efforts, Including One for Elections 

The Trump administration has cut millions of dollars in federal funding from two cybersecurity initiatives, including one dedicated to helping state and local election officials. 

Source: https://www.securityweek.com/trump-administration-halts-funding-for-two-cybersecurity-efforts-including-one-for-elections/
  

New North Korean Android spyware slips onto Google Play 

A new Android spyware named ‘KoSpy’ is linked to North Korean threat actors who have infiltrated Google Play and third-party app store APKPure through at least five malicious apps. 

Source: https://www.bleepingcomputer.com/news/security/new-north-korean-android-spyware-slips-onto-google-play/
  

North Korean Lazarus hackers infect hundreds via npm packages 

Six malicious packages have been identified on npm (Node package manager) linked to the notorious North Korean hacking group Lazarus. 

Source: https://www.bleepingcomputer.com/news/security/north-korean-lazarus-hackers-infect-hundreds-via-npm-packages/
  

PowerSchool previously hacked in August, months before data breach 

PowerSchool has published a long-awaited CrowdStrike investigation into its massive December 2024 data breach, which determined that the company was previously hacked over 4 months earlier, in August, and then again in September. 

Source: https://www.bleepingcomputer.com/news/security/powerschool-previously-hacked-in-august-months-before-data-breach/  
   
  

 

  

Smarttech247