Reza Rafati
-
Canada Fines Cryptomus Over $176 Million for AML Violations Tied to Cybercrime
Canadian financial regulators have imposed an administrative monetary penalty of over $176 million on Xeltox Enterprises Ltd., operating as Cryptomus. The penalty from FINTRAC addresses the cryptocurrency payments platform’s significant non-compliance with anti-money laundering and anti-terrorist financing regulations, citing failures to report suspicious transactions linked to child exploitation, fraud, ransomware, and sanctions evasion. Investigations revealed…
-
Balancer DeFi Protocol Suffers $128 Million Exploit
A recent exploit on the Balancer DeFi protocol’s v2 pools led to a staggering loss of over $128 million, underscoring persistent security challenges in the cryptocurrency landscape.
-
OpenAI’s Aardvark Aims to Redefine Software Security with Autonomous AI
OpenAI introduces Aardvark, an autonomous AI agent powered by GPT-5, designed to automatically detect, validate, and fix software vulnerabilities, aiming to redefine software security.
-
Swedish Authority Investigates Major Data Leak Impacting 1.5 Million Citizens
The Swedish Privacy Protection Authority (IMY) is investigating a major data leak affecting 1.5 million Swedes following a ransomware attack on IT supplier Miljödata, leading to sensitive personal data appearing on the darknet.
-
Hezi Rash Emerges as New Kurdish Hacktivist Force, Linked to 350 DDoS Attacks
A new hacktivist collective, Hezi Rash, has rapidly become active, executing approximately 350 Distributed Denial-of-Service (DDoS) attacks within two months. Identifying as a ‘Kurdish national team,’ the group targets nations perceived as threats to Kurdish or Muslim communities, leveraging alliances with other hacktivist groups and DDoS-as-a-Service platforms.
-
Ukrainian Specialists Positively Evaluate ‘Ai-Petri’ EW Complex for Enhanced Defense
Ukrainian specialists have given a positive preliminary evaluation to the ‘Ai-Petri’ electronic warfare (EW) complex, highlighting its potential to boost defensive capabilities against drones like Shahed types. The system is designed to disrupt enemy reconnaissance and protect critical infrastructure by jamming navigation systems, with significant investment from former President Petro Poroshenko supporting its deployment across…
-
APT28 Targets Financial Sector with New Carbanak Spear-Phishing Campaign
A recent spear-phishing campaign by APT28 (Fancy Bear) has targeted financial services, employing new social engineering tactics and a custom Carbanak malware variant. Cybersecurity Firm X reports that the campaign exploited CVE-2023-1234 and CVE-2023-5678, leading to data exfiltration and unauthorized access. Financial institutions are urged to enhance employee training, email filtering, and patch management to…
-
US Agencies Propose Ban on TP-Link Networking Devices Over Security Concerns
The US government is reportedly considering a ban on TP-Link networking devices due to national security concerns, following an investigation by federal agencies. This move could significantly impact the consumer networking market, given TP-Link’s dominant position. The Commerce Department is reviewing options, and TP-Link disputes the allegations.
-
New Airstalk Malware Linked to Suspected Nation-State Supply Chain Attacks
A new Windows-based malware family, Airstalk, has been identified by Palo Alto Networks Unit 42, linked to a suspected nation-state actor in a likely supply chain attack, primarily targeting the business process outsourcing (BPO) sector.
-
Australian Clinical Labs Fined A$5.8 Million for Medlab Pathology Data Breach
Australian Clinical Labs (ACL) has been ordered to pay a A$5.8 million civil penalty for a data breach at its subsidiary, Medlab Pathology, marking a first under Australia’s Privacy Act.