Latest news with #Com
&w=3840&q=100)
Business Standard
5 days ago
- Business
- Business Standard
Hackers posed as IT staff to steal Salesforce data from firms: Google
A hacking group has been impersonating IT personnel to break into companies' Salesforce tools, using the access for data theft and extortion, according to a new report from Google's threat intelligence group. The hackers, which have links to a loosely affiliated group of hackers largely based in the US, UK and Western Europe called the Com, successfully breached the networks of at least 20 companies in the US and Europe, Google said. They operate by calling up employees and pretending to be IT support personnel, convincing them to provide sensitive credentials and using that to steal Salesforce data, Google said in the report published Wednesday. In some cases, the hacker was able to fool an employee into connecting a malicious app to their organisation's Salesforce portal, allowing the hacker to steal Salesforce data. Some victims didn't receive an extortion demand in exchange for the deletion of the data until months after it was stolen, according to the report. The hackers relied on manipulating its victims, not any vulnerability in Salesforce tools, Google said. 'There's no indication the issue described stems from any vulnerability inherent to our services,' a Salesforce spokesperson said in an email. 'Attacks like voice phishing are targeted social engineering scams designed to exploit gaps in individual users' cybersecurity awareness and best practices.' In a March blog post, the company noted that threat actors had been using social engineering techniques to break into its customers' Salesforce accounts, and it provided guidance to protect against such attacks. Google's report comes as a string of retailers have been hacked in recent months. Marks & Spencer Group Plc is facing a £300 million ($406 million) hit to operating profit this year due to a ransomware attack in April. Fellow British grocer Co-op Group disclosed shortly afterward that it too was the victim of a cyberattack. Adidas AG and Victoria's Secret & Co., Cartier and North Face have also disclosed cybersecurity incidents in recent weeks. Google's report didn't identify specific victims. 'While we've seen this group target retail, they have also targeted other industries and we do not have enough information to definitively link this group to the recent hacks in the US and UK more broadly,' said Austin Larsen, principal threat analyst at Google Threat Analyst Group. The hacking group used infrastructure and methods previously used by members of the Com, Google said. Members of the hacking group Scattered Spider, which was accused of a raft of high-profile attacks in recent years, many of which involved impersonating IT staff, have also been linked to the Com, made up mostly of young male SIM-swappers who organized on social media channels to steal cryptocurrency by taking control of victims' phone numbers. Google urged companies to remain vigilant against so-called social engineering attacks. (Only the headline and picture of this report may have been reworked by the Business Standard staff; the rest of the content is auto-generated from a syndicated feed.)
The Hindu
27-05-2025
- Politics
- The Hindu
Manonmaniam Sundaranar University cancels exam after question paper leak
The Manonmaniam Sundaranar University administration found itself in a troublesome situation on Tuesday (May 27, 2025) when a question paper intended for third-year B. Com students was leaked at one of its affiliated colleges and subsequently circulated among students. The examination to be held on Tuesday was cancelled and will now be conducted before May 31. Sources in MSU said that a minimum of two senior professors are usually asked to set question papers for each undergraduate subject, and one of the papers is selected by the Controller of Examinations to be sent to a Chennai-based press for printing. After the printing is completed, it would be sent to the principals of the affiliated colleges, as they are the Chief Superintendents of Examinations, five days in advance. After being set by the professors, the sixth-semester Industrial Law question paper, meant for B. Com third-year students, was printed in the press and shared with the principals of the affiliated colleges one week ago. When the Controller of Examinations, MSU, U. Balasubramanian received information at around 11 p.m. on Monday (May 26) that the said question paper was leaked from an affiliated college, he discussed the development with Vice-Chancellor N. Chandrasekar, who immediately asked the Controller of Examination to cancel the exam on Tuesday and postpone it. He also asked the Controller of Examinations to file a complaint with the police for a formal inquiry to identify the person responsible for the leak. 'I was informed about this development this (Tuesday) morning, and the colleges were asked not to conduct the Industrial Law examination on Tuesday. Moreover, the Secretary of Higher Education was also alerted about this issue. We have planned to conduct this examination before May 31 by setting three sets of fresh question papers. Meanwhile, the procedures for filing the complaint with the police have been initiated,' said J. Sacratees, Registrar, MSU. Sources further said the culprit could be from one of the colleges and might have leaked the question paper with the sole motive of embarrassing the administration. 'Since the question papers would be under their custody for at least five days until the packet is opened on the morning of the examination, the police should investigate and expose the truth,' the sources added.
Yahoo
30-04-2025
- Yahoo
Leaders of global online extortion and exploitation group 764 charged
By AJ Vicens DETROIT (Reuters) - Two men alleged to have played key roles in the virulent online exploitation network known as 764 have been arrested and charged, and face potential life sentences in prison, the Department of Justice said. Leonidas Varagiannis, 21, and Prasan Nepal, 20, allegedly led a core subgroup of 764 known as '764 Inferno,' which targeted vulnerable people, including children, with tactics designed to induce self-harm, the DOJ said in a statement on Tuesday. The pair were also involved in making and distributing child sexual abuse material, which was combined with other 'gore and violent material to create digital 'Lorebooks,'" according to the DOJ, which were then traded among group members and treated as currency to recruit new members or maintain status within the network. Nepal, known as 'Trippy,' was arrested on April 22 in North Carolina. Varagiannis, known as 'War,' is a U.S. citizen living in Greece. He was arrested there on Monday. The U.S. Attorney's Office in Washington, D.C., did not immediately respond to a request for comment about Varagiannis' extradition. A federal public defender for Nepal did not immediately respond to a request for comment. An attorney for Varagiannis could not be located. The two men allegedly conspired with and directed at least half a dozen other people involved with the malicious activity, according to an FBI affidavit. The FBI warned of a sharp increase in 764 activity in a March 6 public service announcement. The DOJ refers to 764 as a 'nihilistic violent extremist" network. 764 is one of a number of online-based cybercrime networks within a broader network known as 'the Com,' which includes violent and cybercriminal activity. Allison Nixon, chief research officer for cybersecurity company Unit 221B, told Reuters that Varagiannis and Nepal are 'major actors,' and that their arrests are a positive development. 'Com-related crime waves are driven by a small number of highly prolific actors,' Nixon said. 'Arrests really are a winning strategy. Love to see it.'
Reuters
30-04-2025
- Reuters
Leaders of global online extortion and exploitation group 764 charged
DETROIT, April 30 (Reuters) - Two men alleged to have played key roles in the virulent online exploitation network known as 764 have been arrested and charged, and face potential life sentences in prison, the Department of Justice said. Leonidas Varagiannis, 21, and Prasan Nepal, 20, allegedly led a core subgroup of 764 known as '764 Inferno,' which targeted vulnerable people, including children, with tactics designed to induce self-harm, the DOJ said in a statement on Tuesday. The pair were also involved in making and distributing child sexual abuse material, which was combined with other 'gore and violent material to create digital 'Lorebooks,'" according to the DOJ, which were then traded among group members and treated as currency to recruit new members or maintain status within the network. Nepal, known as 'Trippy,' was arrested on April 22 in North Carolina. Varagiannis, known as 'War,' is a U.S. citizen living in Greece. He was arrested there on Monday. The U.S. Attorney's Office in Washington, D.C., did not immediately respond to a request for comment about Varagiannis' extradition. A federal public defender for Nepal did not immediately respond to a request for comment. An attorney for Varagiannis could not be located. The two men allegedly conspired with and directed at least half a dozen other people involved with the malicious activity, according to an FBI affidavit. The FBI warned of a sharp increase in 764 activity in a March 6 public service announcement. The DOJ refers to 764 as a 'nihilistic violent extremist" network. 764 is one of a number of online-based cybercrime networks within a broader network known as 'the Com,' which includes violent and cybercriminal activity. Allison Nixon, chief research officer for cybersecurity company Unit 221B, told Reuters that Varagiannis and Nepal are 'major actors,' and that their arrests are a positive development. 'Com-related crime waves are driven by a small number of highly prolific actors,' Nixon said. 'Arrests really are a winning strategy. Love to see it.'
Yahoo
08-04-2025
- Business
- Yahoo
Commvault Systems (NASDAQ:CVLT) Is Doing The Right Things To Multiply Its Share Price
If we want to find a stock that could multiply over the long term, what are the underlying trends we should look for? In a perfect world, we'd like to see a company investing more capital into its business and ideally the returns earned from that capital are also increasing. Ultimately, this demonstrates that it's a business that is reinvesting profits at increasing rates of return. With that in mind, we've noticed some promising trends at Commvault Systems (NASDAQ:CVLT) so let's look a bit deeper. Trump has pledged to "unleash" American oil and gas and these 15 US stocks have developments that are poised to benefit. For those that aren't sure what ROCE is, it measures the amount of pre-tax profits a company can generate from the capital employed in its business. The formula for this calculation on Commvault Systems is: Return on Capital Employed = Earnings Before Interest and Tax (EBIT) ÷ (Total Assets - Current Liabilities) 0.16 = US$84m ÷ (US$1.0b - US$512m) (Based on the trailing twelve months to December 2024). So, Commvault Systems has an ROCE of 16%. On its own, that's a standard return, however it's much better than the 9.2% generated by the Software industry. View our latest analysis for Commvault Systems In the above chart we have measured Commvault Systems' prior ROCE against its prior performance, but the future is arguably more important. If you'd like to see what analysts are forecasting going forward, you should check out our free analyst report for Commvault Systems . Commvault Systems has not disappointed with their ROCE growth. Looking at the data, we can see that even though capital employed in the business has remained relatively flat, the ROCE generated has risen by 1,197% over the last five years. So it's likely that the business is now reaping the full benefits of its past investments, since the capital employed hasn't changed considerably. The company is doing well in that sense, and it's worth investigating what the management team has planned for long term growth prospects. On a side note, we noticed that the improvement in ROCE appears to be partly fueled by an increase in current liabilities. Essentially the business now has suppliers or short-term creditors funding about 50% of its operations, which isn't ideal. And with current liabilities at those levels, that's pretty high. As discussed above, Commvault Systems appears to be getting more proficient at generating returns since capital employed has remained flat but earnings (before interest and tax) are up. Since the stock has returned a staggering 246% to shareholders over the last five years, it looks like investors are recognizing these changes. In light of that, we think it's worth looking further into this stock because if Commvault Systems can keep these trends up, it could have a bright future ahead. Commvault Systems does come with some risks though, we found 3 warning signs in our investment analysis, and 1 of those doesn't sit too well with us... While Commvault Systems isn't earning the highest return, check out this free list of companies that are earning high returns on equity with solid balance sheets. Have feedback on this article? Concerned about the content? Get in touch with us directly. Alternatively, email editorial-team (at) article by Simply Wall St is general in nature. We provide commentary based on historical data and analyst forecasts only using an unbiased methodology and our articles are not intended to be financial advice. It does not constitute a recommendation to buy or sell any stock, and does not take account of your objectives, or your financial situation. We aim to bring you long-term focused analysis driven by fundamental data. Note that our analysis may not factor in the latest price-sensitive company announcements or qualitative material. Simply Wall St has no position in any stocks mentioned. Sign in to access your portfolio
