Security Affairs

JANUARY 2, 2022

The Twitter account of NASA Director Parimal Kopardekar (@nasapk) was hacked by the Powerful Greek Army group. The Twitter account of the NASA Director and Sr Technologist for Air Transporation Sytem Mr. Parimal Kopardekar ( @nasapk ) was hacked by the Powerful Greek Army group. NASA Director account hacked by PGA!

Accountability 145

Accountability Hacking Banking Government 145

Security Affairs

DECEMBER 26, 2023

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. pic.twitter.com/6uHMDcNhTC — Dominic Alvieri (@AlvieriD) December 26, 2023 The group published images of stolen documents as proof of the hack. Abdali Hospital provides care to patients in numerous specialties.

Ransomware 143

Ransomware Hacking Manufacturing Healthcare 143

Security Affairs

OCTOBER 9, 2023

pic.twitter.com/YJavUu53v3 — vx-underground (@vxunderground) October 7, 2023 BleepingComputer was able to verify with the help of the popular malware researcher Michael Gillespie that that source code is legitimate and is related to the first version of the ransomware that was employed in 2020.

Cybercrime 143

Cybercrime Ransomware DDOS Encryption 143

Security Affairs

NOVEMBER 25, 2023

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. According to the advisory, the threat actors have exploited Zerologon ( CVE-2020-1472 ) in Microsoft’s Netlogon Remote Protocol in phishing attempts. Energy China [link] TL;DR That's huuuge!

Ransomware 144

Ransomware Hacking Engineering Manufacturing 144

Security Affairs

NOVEMBER 29, 2023

The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London. The Rhysida ransomware group claimed to have hacked King Edward VII’s Hospital in London and added it to the list of victims on its Tor leak site. King Edward VII’s Hospital in London has been breached by Rhysida Ransomware.

Ransomware 143

Ransomware Hacking Manufacturing Healthcare 143

Security Affairs

DECEMBER 4, 2021

. “The FBI has identified, as of early November 2021 that Cuba ransomware actors have compromised at least 49 entities in five critical infrastructure sectors, including but not limited to the financial, government, healthcare, manufacturing, and information technology sectors.” SecurityAffairs – hacking, ransomware).

Ransomware 145

Ransomware Hacking Malware Encryption 145

Security Affairs

DECEMBER 11, 2024

has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. Tianfeng worked at Sichuan Silence Information Technology Co.,

Firewall 84

Firewall Hacking Malware Passwords 84

Security Affairs

APRIL 20, 2022

Synesis Surveillance System – Anonymous claims to have hacked the Synesis and Kipod surveillance systems. According to DDoSecrets, data was gathered in August 2020. One of the most active hacking crew, the Network Battalion 65, also claimed to have hacked another Russian bank, JSC Bank PSCB. GB in size.

Hacking 143

Hacking Banking Surveillance Engineering 143

Security Affairs

SEPTEMBER 19, 2021

A Pakistani national has been sentenced to 12 years of prison in the US for his role in a hacking scheme against the telecom giant AT&T. “Later in the conspiracy, Fahd had the bribed employees install custom malware and hacking tools that allowed him to unlock phones remotely from Pakistan. ” Pierluigi Paganini.

Hacking 143

Hacking Malware Cybercrime Information Security 143

Krebs on Security

APRIL 20, 2023

Mandiant concluded that the 3CX attack was orchestrated by the North Korean state-sponsored hacking group known as Lazarus , a determination that was independently reached earlier by researchers at Kaspersky Lab and Elastic Security. Microsoft Corp.

Malware 322

Malware Software Technology Accountability 322

Security Affairs

OCTOBER 16, 2022

According to Zimbra users, the vulnerability is actively exploited since early September 2020. SecurityAffairs – hacking, Zimbra). The post Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug appeared first on Security Affairs. a user wrote on the Zimbra forum. Pierluigi Paganini.

Hacking 143

Hacking Antivirus Telecommunications Engineering 143

Krebs on Security

NOVEMBER 16, 2023

In that breach, which occurred in October 2020, a hacker using the handle “Ransom Man” threatened to publish patient psychotherapy notes if Vastaamo did not pay a six-figure ransom demand. By that time, Kivimäki was no longer in Finland, but the Finnish government nevertheless charged Kivimäki in absentia with the Vastaamo hack.

Cybercrime 250

Cybercrime Hacking Data breaches Banking 250

Krebs on Security

MAY 22, 2023

pw has been registered and abandoned by several parties since 2014, but the most recent registration data available through DomainTools.com shows it was registered in March 2020 to someone in Krasnodar, Russia with the email address edgard011012@gmail.com. In May 2020, Zipper told another Lolzteam member that quot[.]pw

Scams 284

Scams DDOS Cryptocurrency Accountability 284

Security Affairs

FEBRUARY 16, 2024

Cisco addressed the flaw in May 2020. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – Hacking, Known Exploited Vulnerabilities catalog) “An attacker could target an NTLM client such as Outlook with an NTLM credentials-leaking type vulnerability.

Authentication 142

Authentication Hacking Cybersecurity Risk 142

Security Affairs

NOVEMBER 25, 2024

He will allege that Russian state-aligned hacking groups have executed at least nine cyberattacks against NATO nations, targeting critical infrastructure. In September 2024, the FBI, CISA, and NSA linked threat actors from Russia’s GRU Unit 29155 to global cyber operations since at least 2020.

Cyber Attacks 123

Cyber Attacks Government Hacking Cyber threats 123

Security Affairs

JULY 28, 2021

A joint report published by US, UK, and Australian cyber security agencies warns of the top routinely exploited vulnerabilities in 2020. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S.

VPN 144

VPN Cybersecurity Hacking Technology 144

Security Affairs

JANUARY 12, 2022

CVE-2020-5902 F5 Big-IP CVE-2020-14882 Oracle WebLogic CVE-2021-26855 Microsoft Exchange (Note: this vulnerability is frequently observed used in conjunction with CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065). Some of the hacking campaigns that were publicly attributed to Russian state-sponsored APT actors by U.S.

Malware 144

Malware Cyber threats Government Hacking 144

Security Affairs

JUNE 21, 2024

French information security agency ANSSI reported that Russia-linked threat actor Nobelium is behind a series of cyber attacks that targeted French diplomatic entities. The French information security agency ANSSI reported that Russia-linked APT Nobelium targeted French diplomatic entities.

Phishing 139

Phishing Accountability Information Security Cyber Attacks 139

Daniel Miessler

MAY 19, 2021

Internal actors moved significantly towards External in 2020. Top actions in breaches were: phishing (social), use of stolen credentials (hacking), other, ransomware (malware), pretexting (social), misconfiguration (error), misdelivery (error), brute force (hacking), C2 (malware), and backdoor (malware).

Data breaches 192

Data breaches Social Engineering Ransomware Phishing 192

Security Affairs

OCTOBER 1, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS, ImageMagick and Linux Kernel vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. CVE-2020-15415 is an OS command injection vulnerability in DrayTek Multiple Vigor Routers.

IoT 134

IoT Hacking Cybersecurity Risk 134

Security Affairs

DECEMBER 2, 2021

The fifth issue added to the list of actively exploited vulnerabilities is the CVE-2020-11261 Improper Input Validation flaw that impacts multiple Qualcomm chipsets. There are indications that CVE-2020-11261 may be under limited, targeted exploitation” reads a note added to the January security bulletin last week.

Software 145

Software Authentication Hacking Cybersecurity 145

Security Affairs

OCTOBER 23, 2024

The SEC fined Unisys, Avaya, Check Point, and Mimecast for misleading disclosures about the impact of the SolarWinds Orion hack. The US Securities and Exchange Commission (SEC) charged four companies, Unisys, Avaya, Check Point, and Mimecast for misleading public disclosures related to the supply chain attack on SolarWinds.

Hacking 123

Hacking Risk Cybersecurity Government 123

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. On or about June 25, 2020, Matveev and his LockBit coconspirators targeted a law enforcement agency in Passaic County, New Jersey. The attacks hit law enforcement agencies in Washington, D.C.

Ransomware 126

Ransomware Healthcare Hacking Malware 126

Krebs on Security

OCTOBER 8, 2020

There’s an old adage in information security: “Every company gets penetration tested, whether or not they pay someone for the pleasure.” ” Many organizations that do hire professionals to test their network security posture unfortunately tend to focus on fixing vulnerabilities hackers could use to break in.

Cybercrime 338

Cybercrime VPN Malware Ransomware 338

Security Affairs

JUNE 27, 2024

Roundcube Webmail CVE-2020-13965 (CVSS score of 6.1) Roundcube addressed the flaw in June 2020, and PoC code was released shortly thereafter. Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, CISA) is a cross-site scripting (XSS) issue. and 1.3.12.

Hacking 131

Hacking Cybersecurity Risk Information Security 131

Security Affairs

JANUARY 10, 2024

Raoult and two other co-conspirators were charged with having hacked into protected computers of corporate entities and for the theft of stolen proprietary information. According to the indictment, Raoult was a participant in the notorious hacking group “ShinyHunters.” He sold hacked data. No more hacking.

Identity Theft 134

Identity Theft Hacking Cryptocurrency Advertising 134

Schneier on Security

JUNE 8, 2021

The report observed that “in operational testing, the [Department of Defense] routinely found mission-critical cyber vulnerabilities in systems that were under development, yet program officials GAO met with believed their systems were secure and discounted some test results as unrealistic.”

Software 363

Software Cybersecurity Backups Manufacturing 363

Security Affairs

SEPTEMBER 25, 2024

As of the 2020 census, Arkansas City has a population of 11,974. Arkansas City has notified the relevant authorities, Homeland Security and FBI agents are investigating the incident. In November 2023, the Daixin Team group claimed to have hacked the North Texas Municipal Water District (US) and threatened to leak the stolen data.

Hacking 138

Hacking Cyber Attacks Ransomware Cybercrime 138

Security Affairs

SEPTEMBER 19, 2024

CVE-2020-14644 vulnerability (CVSS score of 9.8) The flaw was disclosed by the researcher SandboxEscaper in June, and Microsoft addressed it in the same month with the release of Patch Tuesday security updates. CVE-2020-0618 vulnerability (CVSS score of 7.8) The flaw affects 12.2.1.3.0 and 12.2.1.4.0

Hacking 138

Hacking Cybersecurity Risk Information Security 138

Security Affairs

SEPTEMBER 12, 2023

Below is the list of affected versions: Product Track Affected Versions Platform Acrobat DC Continuous 23.003.20284 and earlier versions Windows & macOS Acrobat Reader DC Continuous 23.003.20284 and earlier versions Windows & macOS      Acrobat 2020 Classic 2020           20.005.30516 (Mac) 20.005.30514 (Win)and earlier versions Windows & (..)

Hacking 139

Hacking Software Information Security 139

Security Affairs

FEBRUARY 2, 2024

.” In June 2021, researchers from Avast warned of the rapid growth of the DirtyMoe botnet ( PurpleFox , Perkiler , and NuggetPhantom ), which passed from 10,000 infected systems in 2020 to more than 100,000 in the first half of 2021. Experts defined DirtyMoe as a complex malware that has been designed as a modular system.

Malware 141

Malware Internet Internet DDOS 141

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. and its allies for hacking activities in July. Wall Street Journal reported.

Mobile 121

Mobile Telecommunications Data breaches Hacking 121

Security Affairs

NOVEMBER 22, 2021

” said Demetrius Comes, GoDaddy’s Chief Information Security Officer. This isn’t the first data breach suffered by GoDaddy, in May 2020 the company revealed attackers have compromised users’ web hosting account credentials. SecurityAffairs – hacking, data breach). Pierluigi Paganini.

Data breaches 144

Data breaches Passwords Accountability Information Security 144

Malwarebytes

NOVEMBER 1, 2023

The Securities and Exchange Commission (SEC) has announced charges against software company SolarWinds Corporation and its chief information security officer (CISO), Timothy G. Brown, for “fraud and internal control failures relating to allegedly known cybersecurity risks and vulnerabilities.”

CISO 138

CISO Risk Software Cybersecurity 138

Security Affairs

SEPTEMBER 6, 2024

The FBI, CISA, and NSA linked threat actors from Russia’s GRU Unit 29155 to global cyber operations since at least 2020. Since 2020, the unit has expanded into offensive cyber operations aimed at espionage, reputational harm, and data destruction. These operations include espionage, sabotage, and reputational damage.

Healthcare 142

Healthcare Government Financial Services IoT 142

Security Affairs

DECEMBER 24, 2023

Video game publisher Ubisoft is investigating reports of an alleged data breach after popular researchers shared evidence of the hack. In October 2020, the Egregor ransomware gang hit the game developer Crytek and leaked files allegedly stolen from Ubisoft.

Data breaches 142

Data breaches Hacking Mobile Ransomware 142

Security Affairs

JUNE 17, 2024

Two men, Thomas Pavey (aka “Dopenugget”) and Raheim Hamilton (aka “Sydney” and “Zero Angel”), have been charged in federal court in Chicago for operating the dark web marketplace “ Empire Market ” from 2018 to 2020. currency on AlphaBay before starting Empire Market.

Marketing 137

Marketing Cryptocurrency DDOS Scams 137