Security Affairs

NOVEMBER 9, 2024

The vulnerabilities impact the Mazda Connect Connectivity Master Unit (CMU) system installed in multiple car models, including the Mazda 3 model year 2014-2021. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Mazda Connect) ” reads the advisory.

Hacking 132

Hacking Firmware Software Manufacturing 132

Security Affairs

JUNE 20, 2024

A China-linked cyber espionage group has compromised telecom operators in an Asian country since at least 2021. The Symantec Threat Hunter Team reported that an alleged China-linked APT group has infiltrated several telecom operators in a single, unnamed, Asian country at least since 2021.

DNS 138

DNS Malware Media Encryption 138

Security Affairs

APRIL 13, 2022

The Apache Software Foundation urges organizations to address a vulnerability, tracked as CVE-2021-31805, affecting Struts versions ranging 2.0.0 SecurityAffairs – hacking, Apache). The post CVE-2021-31805 RCE bug in Apache Struts was finally patched appeared first on Security Affairs. To nominate, please visit:?

Software 145

Software Hacking Cybersecurity Information Security 145

Security Affairs

MARCH 2, 2024

Department of Justice (DoJ) charged Iranian national Alireza Shafie Nasab (39) for multi-year hacking campaign targeting U.S. According to DoJ, from at least in or about 2016 through or about April 2021, Nasab and other co-conspirators carried out a coordinated multi-year campaign to breach computers worldwide. ” concludes DoJ.

Hacking 139

Hacking Identity Theft Social Engineering Accountability 139

Security Affairs

APRIL 21, 2022

.” The security firm responsibly shared its findings with MediaTek and Qualcomm and helped them to fix it. MediaTek tracked the ALAC flaws as CVE-2021-0674 and CVE-2021-0675, while Qualcomm tracked it as CVE-2021-30351. Both chipset makers addressed the issues in December 2021. To nominate, please visit:?

Hacking 143

Hacking Media Malware Cybersecurity 143

Security Affairs

JANUARY 19, 2024

China-linked group UNC3886 has been exploiting vCenter Server zero-day vulnerability CVE-2023-34048 since at least late 2021. Mandiant researchers reported that China-linked APT group UNC3886 has been exploiting vCenter Server zero-day vulnerability CVE-2023-34048 since at least late 2021. ” concludes the report.

Firewall 135

Firewall Accountability Malware Authentication 135

Security Affairs

SEPTEMBER 10, 2023

Recently the Rhysida ransomware group made the headlines because it announced the hack of Prospect Medical Holdings and the theft of sensitive information from the organization. Margaret’s Health announced it is partly closing operations at its hospitals due to a 2021 ransomware attack that impacted its payment system.

Hacking 144

Hacking Ransomware Healthcare Cyber Attacks 144

Security Affairs

JULY 12, 2022

Microsoft experts believe that the AiTM phishing campaign was used to target more than 10,000 organizations since September 2021. SecurityAffairs – hacking, AiTM phishing). The post Large-scale AiTM phishing campaign targeted +10,000 orgs since 2021? appeared first on Security Affairs. Pierluigi Paganini.

Phishing 144

Phishing Authentication Social Engineering Passwords 144

Security Affairs

SEPTEMBER 30, 2023

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Motel One ) The post ALPHV/BlackCat ransomware gang hacked the hotel chain Motel One appeared first on Security Affairs. the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Hacking 141

Hacking Ransomware Manufacturing Media 141

Krebs on Security

FEBRUARY 22, 2024

A new data leak that appears to have come from one of China’s top private cybersecurity firms provides a rare glimpse into the commercial side of China’s many state-sponsored hacking groups. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government 302

Government Hacking Cyber threats Mobile 302

Security Affairs

DECEMBER 15, 2023

The Snatch ransomware group announced it had hacked the food giant Kraft Heinz, the company is investigating the claims. The Snatch ransomware group claims to have hacked Kraft Heinz in August and on December 14, it added the company to the list of victims on its leak site.

Hacking 136

Hacking Ransomware Computers and Electronics Marketing 136

Security Affairs

SEPTEMBER 24, 2023

The Alphv ransomware group claims to have hacked Clarion, the global manufacturer of audio and video equipment for cars and other vehicles. On September 23, the group announced the hack of the company and the theft of sensitive data, including partners’ documents. Clarion Japan is the Japanese subsidiary of Clarion Co.,

Manufacturing 142

Manufacturing Hacking Data breaches Ransomware 142

Security Affairs

JANUARY 8, 2024

BlackCat/ALPHV ransomware gang has been active since November 2021, the list of its victims is long and includes industrial explosives manufacturer SOLAR INDUSTRIES INDIA , the US defense contractor NJVC , gas pipeline Creos Luxembourg S.A. , the fashion giant Moncler , the Swissport , NCR , and Western Digital.

Hacking 144

Hacking Ransomware Data breaches Manufacturing 144

Security Affairs

MAY 22, 2024

According to the researchers, the malware campaign targeting MS Exchange Server has been active since at least 2021. The threat actors exploited the ProxyShell vulnerabilities ( CVE-2021-34473 , CVE-2021-34523 , and CVE-2021-31207 ) in Microsoft Exchange Server to inject an info stealer.

Malware 140

Malware Accountability Technology Internet 140

Security Affairs

JULY 8, 2024

Threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. The Cybernews researchers reported that threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. RockYou2021 had 8.4 billion passwords from various internet data leaks.

Passwords 134

Passwords Data breaches Hacking Accountability 134

Krebs on Security

MARCH 7, 2022

In 2020, researchers from Athens University School of Information Sciences and Technology in Greece showed (PDF) how ransomware-as-a-service offerings might one day be executed through smart contracts. Before that, Jeffrey Ladish , an information security consultant based in Oakland, Calif., ” Stern wrote.

Ransomware 247

Ransomware Cryptocurrency DDOS Scams 247

Security Affairs

MARCH 30, 2024

The seller, who goes online with the moniker MajorNelson, claims that the data was obtained from an unnamed AT&T division by @ ShinyHunters in 2021. It should be noted before anyone hits us with an “aktschually” – the data was stolen in 2021. The archive contains 73.481.539 records. “It It was leaked online today.”

Data breaches 145

Data breaches Telecommunications Cybercrime Hacking 145

Security Affairs

DECEMBER 2, 2024

Russia first blocked Tor in 2021, but at the time the censorship was bypassed via bridges. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, WebTunnel bridges) .” reads the announcement published by Tor Project.

Government 130

Government Internet Internet Hacking 130

CyberSecurity Insiders

MAY 1, 2023

Surprisingly, the analysis conducted by American law firm BakerHostetler found that victims who made ransomware payments increased in the year 2022 compared to 2021. Additionally, the average ransom amount paid last year was recorded as $600,000, up from the $511,000 payment made in 2021.

Data breaches 138

Data breaches Cyber Insurance Insurance Technology 138

Security Affairs

OCTOBER 20, 2023

US CISA added the vulnerability CVE-2021-1435 in Cisco IOS XE to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability CVE-2021-1435 in Cisco IOS XE. ” reads the report published by Cisco Talos.

Authentication 139

Authentication Hacking Accountability Software 139

Security Affairs

JULY 9, 2022

Four of the fixed issues have been rated as a “high” severity, they are CVE-2022-26117, CVE-2021-43072, CVE-2022-30302, and CVE-2021-41031. SecurityAffairs – hacking, Forinet). The post Fortinet addressed multiple vulnerabilities in several products appeared first on Security Affairs. Pierluigi Paganini.

Authentication 144

Authentication Passwords Hacking Accountability 144

Security Affairs

FEBRUARY 15, 2024

The Mirai -based Moobot botnet was first documented by Palo Alto Unit 42 researchers in February 2021, in November 2021, it started exploiting a critical command injection flaw ( CVE-2021-36260 ) in the webserver of several Hikvision products. The US government operation blocked access to the routers by Russian cyberspies.

Firewall 138

Firewall Government Malware Hacking 138

Security Affairs

MAY 23, 2022

Google’s Threat Analysis Group (TAG) researchers discovered three campaigns, between August and October 2021, targeting Android users with five zero-day vulnerabilities. “Seven of the nine 0-days TAG discovered in 2021 fall into this category: developed by commercial providers and sold to and used by government-backed actors. .

Spyware 145

Spyware Surveillance Government Banking 145

Security Affairs

OCTOBER 12, 2024

Since April 2021, Russian state-sponsored hackers have exploited vulnerabilities, including Zimbra’s CVE-2022-27924 for injecting commands to access credentials and emails, and JetBrains TeamCity’s CVE-2023-42793 for arbitrary code execution through an authentication bypass.

Data collection 138

Data collection Authentication Government Hacking 138

Security Affairs

OCTOBER 9, 2023

The HelloKitty gang has been active since January 2021. In November 2021, the US FBI has published a flash alert warning private organizations of the evolution of the HelloKitty ransomware (aka FiveHands). CVE-2021-20016 , CVE-2021-20021 , CVE-2021-20022 , CVE-2021-2002 ) or using compromised credentials.

Cybercrime 142

Cybercrime Ransomware DDOS Encryption 142

Security Affairs

OCTOBER 23, 2024

The SEC fined Unisys, Avaya, Check Point, and Mimecast for misleading disclosures about the impact of the SolarWinds Orion hack. The US Securities and Exchange Commission (SEC) charged four companies, Unisys, Avaya, Check Point, and Mimecast for misleading public disclosures related to the supply chain attack on SolarWinds.

Hacking 117

Hacking Risk Cybersecurity Government 117

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. and its allies for hacking activities in July. Wall Street Journal reported.

Mobile 113

Mobile Telecommunications Data breaches Hacking 113

Security Affairs

APRIL 10, 2024

The seller, who goes online with the moniker MajorNelson, claimed that the data was obtained from an unnamed AT&T division by @ ShinyHunters in 2021. It should be noted before anyone hits us with an “aktschually” – the data was stolen in 2021. The archive contains 73.481.539 records. “It It was leaked online today.”

Data breaches 129

Data breaches Telecommunications Identity Theft Hacking 129

Security Affairs

JANUARY 21, 2024

Admin of the BreachForums hacking forum sentenced to 20 years supervised release Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails VF Corp December data breach impacts 35 million customers China-linked APT UNC3886 exploits VMware zero-day since 2021 Ransomware attacks break records in 2023: the number of victims rose by 128% U.S.

Artificial Intelligence 131

Artificial Intelligence Hacking VPN Firewall 131

Security Affairs

OCTOBER 30, 2023

The man was sentenced for his role in a hacking scheme that led to the theft of approximately $1M worth of cryptocurrency from dozens of victims. Persad and his co-conspirators hacked the email accounts of the victims, hijacked their cell phone numbers, and took over their online cryptocurrency accounts.

Cryptocurrency 138

Cryptocurrency Accountability Hacking Cybercrime 138

Security Affairs

JANUARY 10, 2024

Raoult and two other co-conspirators were charged with having hacked into protected computers of corporate entities and for the theft of stolen proprietary information. According to the indictment, Raoult was a participant in the notorious hacking group “ShinyHunters.” He sold hacked data. No more hacking.

Identity Theft 129

Identity Theft Hacking Cryptocurrency Advertising 129

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. On April 26, 2021, Matveev and his Babuk coconspirators hit the Metropolitan Police Department in Washington, D.C.

Ransomware 120

Ransomware Healthcare Hacking Malware 120

Security Affairs

OCTOBER 30, 2022

The BlackByte ransomware operation has been active since September 2021, in October 2021 researchers from Trustwave’s SpiderLabs released a decryptor that can allow victims of early versions of BlackByte ransomware to restore their files for free. SecurityAffairs – hacking, Asahi Group Holdings ). Pierluigi Paganini.

Manufacturing 142

Manufacturing Ransomware Hacking Data breaches 142

Security Affairs

AUGUST 16, 2024

The 27-year-old Russian national Georgy Kavzharadze (also known as “George,” “TeRorPP,” “Torqovec,” and “PlutuSS”) has been sentenced to over three years in prison for selling financial information, login credentials, and other personal data on the dark web marketplace, Slilpp. in restitution. These credentials were linked to $1.2

Banking 128

Banking Accountability Retail Mobile 128

SecureList

JANUARY 18, 2023

We often see people use work email addresses to register with third-party sites and services, which can be hacked and exposed to a data leak, putting the security of the company that owns the email at risk. Media blackmail: businesses to learn they were hacked from hackers’ public posts with a countdown to publication.

Media 140

Media Social Engineering Ransomware Hacking 140

Security Affairs

MAY 25, 2022

The Cybersecurity & Infrastructure Security Agency (CISA) has added 41 flaws to its Known Exploited Vulnerabilities Catalog, including recently addressed issues in the Android kernel ( CVE-2021-1048 and CVE-2021-0920) and Cisco IOS XR ( CVE-2022-20821 ). SecurityAffairs – hacking, Known Exploited Vulnerabilities Catalog).

Software 145

Software Hacking Cybersecurity Risk 145

Security Affairs

MARCH 27, 2024

The Star Labs team demonstrated the vulnerability at the Pwn2Own Vancouver 2023 hacking competition. Microsoft addressed the remote code execution flaw in SharePoint Server, tracked as CVE-2023-24955 (CVSS Score 7.2), in May 2023. ” reads the advisory published by Microsoft.

Hacking 134

Hacking Authentication Cybersecurity Risk 134