2022 and Hacking - Cyber Security Informer

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

Cyber threat analysts at Silent Push said they recently received reports from a partner organization that identified an aggressive scanning effort against their website using an Internet address previously associated with a campaign by FIN7 , a notorious Russia-based hacking group. co — first came online in February 2023.

Hacking

Hacking Cybercrime Advertising Data breaches

Feds Link $150M Cyberheist to 2022 LastPass Hacks

Krebs on Security

MARCH 7, 2025

In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing…

Password Management

Password Management Hacking Passwords

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

MARCH 14, 2023

men have been charged with hacking into a U.S. The government alleges that on May 7, 2022, Singh used stolen credentials to log into a U.S. On May 12, 2022, KrebsOnSecurity broke the news that hackers had gained access to a DEA portal that taps into 16 different federal law enforcement databases. ” Image: USDOJ.

Hacking

Hacking Government Media Accountability

Why Italy Sells So Much Spyware

Schneier on Security

NOVEMBER 19, 2024

According to an Italian Ministry of Justice document , as of December 2022 law enforcement in the country could rent spyware for €150 a day, regardless of which vendor they used, and without the large acquisition costs which would normally be prohibitive. Italian spyware is cheaper and easier to use, which makes it more widely used.

Spyware

Spyware Marketing Hacking

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking

Hacking Cybercrime Phishing Passwords

Four REvil Ransomware members sentenced for hacking and money laundering

Security Affairs

OCTOBER 27, 2024

Four former members of the REvil ransomware group were sentenced in Russia for hacking and money laundering, marking a rare case of Russian gang members being convicted in the country. The cases have been sent to the Russian Prosecutor General’s Office for consolidation, and all defendants have been held since early 2022.

Ransomware

Ransomware Hacking Malware Cybercrime

Patch Tuesday, November 2022 Election Edition

Krebs on Security

NOVEMBER 8, 2022

Let’s face it: Having “2022 election” in the headline above is probably the only reason anyone might read this story today. CVE-2022-41073 is a zero-day flaw in the Windows Print Spooler , a Windows component that Microsoft has patched mightily over the past year. Today’s patch batch addresses both issues.

Internet

Internet Internet Cyber threats Engineering

US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack

Schneier on Security

APRIL 9, 2024

US Cyber Safety Review Board released a report on the summer 2023 hack of Microsoft Exchange by China. The board was established in early 2022, modeled in spirit after the National Transportation Safety Board. It was a serious attack by the Chinese government that accessed the emails of senior U.S. government officials.

Hacking

Hacking Government Accountability Technology

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Krebs on Security

FEBRUARY 28, 2023

Image: Shutterstock.com Three different cybercriminal groups claimed access to internal networks at communications giant T-Mobile in more than 100 separate incidents throughout 2022, new data suggests. But by the time we got to claims made in the middle of May 2022, completing the rest of the year’s timeline seemed unnecessary.

Mobile

Mobile Phishing Authentication Advertising

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

Alleged Co-Founder of Garantex Arrested in India

Krebs on Security

MARCH 11, 2025

government in 2022 for facilitating tens of billions of dollars in money laundering by transnational criminal and cybercriminal organizations. Treasury Office of Foreign Assets Control in April 2022 for receiving hundreds of millions in criminal proceeds, including funds used to facilitate hacking, ransomware, terrorism and drug trafficking.

Ransomware

Ransomware Cryptocurrency Marketing Government

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

Media coverage understandably focused on GoDaddy’s admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group. GoDaddy has not disclosed the source of the breach in December 2022 that led to malware on some customer websites. A U2F device made by Yubikey.

Hacking

Hacking Social Engineering Phishing Scams

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

According to recent figures from the managed security firm Reliaquest , QakBot is by far the most prevalent malware “loader” — malicious software used to secure access to a hacked network and help drop additional malware payloads. Today’s operation is not the first time the U.S.

Hacking

Hacking Malware Ransomware Government

US Cyber Command Operations During the 2022 Midterm Elections

Schneier on Security

JANUARY 25, 2023

Paul Nakasone, broadly discussed that first organization’s offensive cyber operations during the runup to the 2022 midterm elections. The head of both US Cyber Command and the NSA, Gen. “We understood how foreign adversaries utilize infrastructure throughout the world.

Hacking

Hacking Cybersecurity

U.S. Offered $10M for Hacker Just Arrested by Russia

Krebs on Security

DECEMBER 4, 2024

In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “ Wazawaka ,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The men were among 14 suspected REvil members rounded up by Russia in the weeks before Russia invaded Ukraine in 2022.

Cybercrime

Cybercrime Ransomware Cryptocurrency Government

Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday

Krebs on Security

SEPTEMBER 14, 2022

Worst in terms of outright scariness is CVE-2022-37969 , which is a “privilege escalation” weakness in the Windows Common Log File System Driver that allows attackers to gain SYSTEM-level privileges on a vulnerable host. .” CVE-2022-32984 is a problem in the deepest recesses of the operating system (the kernel).

Spyware

Spyware Cyber threats Security Defenses Cyber Attacks

Hacked Ring Cams Used to Record Swatting Victims

Krebs on Security

DECEMBER 19, 2022

men have been charged with hacking into the Ring home security cameras of a dozen random people and then “swatting” them — falsely reporting a violent incident at the target’s address to trick local police into responding with force. conspired to hack into Yahoo email accounts belonging to victims in the United States.

Hacking

Hacking Media Passwords Accountability

Red Cross Hack Linked to Iranian Influence Operation?

Krebs on Security

FEBRUARY 16, 2022

The ICRC said the hacked servers contained data relating to the organization’s Restoring Family Links services, which works to reconnect people separated by war, violence, migration and other causes. .” In their online statement about the hack (updated on Feb. Image: Ke-la.com. ” On Jan.

Hacking

Hacking Ransomware Media Accountability

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities.

Retail

Retail Advertising Cryptocurrency Marketing

FBI Seizes BreachForums Website

Schneier on Security

MAY 17, 2024

“The Federal Bureau of Investigation (FBI) is investigating the criminal hacking forums known as BreachForums and Raidforums,” reads a dedicated subdomain on the FBI’s IC3 portal. co and run by pompompurin) operated a similar hacking forum from March 2022 until March 2023. .

Hacking

Hacking Accountability Ransomware Internet

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

10, 2022, the relatively new cybercrime forum Breached featured a bombshell new sales thread: The user database for InfraGard, including names and contact information for tens of thousands of InfraGard members.

Hacking

Hacking Energy and Utilities Cybercrime Accountability

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Security Affairs

JANUARY 15, 2025

At the beginning of the year, and as a positive start for us, and in order to solidify the name of our group in your memory, we are proud to announce our first official operation: Will be published of sensitive data from over 15,000 targets worldwide (both governmental and private sectors) that have been hacked and their data extracted.”

VPN

VPN Passwords Firewall Firmware

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

networks since the summer of 2022. “ Flax Typhoon is a China-linked hacking group that has been active since 2021, it targets critical infrastructure globally, exploiting vulnerabilities for persistent access. . According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. critical infrastructure sectors.“

Cybersecurity

Cybersecurity IoT Hacking Technology

Feds seized $23 million in crypto stolen using keys from LastPass breaches

Security Affairs

MARCH 10, 2025

authorities seized $23M in crypto linked to a $150M Ripple wallet theft, experts believe the incident is linked to the 2022 LastPass breach. authorities seized $23M in crypto tied to a $150M Ripple hack, suspected to have been carried out by hackers from the 2022 LastPass breach. ” reads the complaint. ” However.

Password Management

Password Management Cryptocurrency Passwords Data breaches

Black Basta ransomware gang hit BT Group

Security Affairs

DECEMBER 4, 2024

Black Basta ransomware-as-a-service (RaaS) has been active since April 2022, it impacted several businesses and critical infrastructure entities across North America, Europe, and Australia. Black Basta is a ransomware-as-a-service (RaaS) variant, first identified in April 2022. reads the CSA.

Ransomware

Ransomware Telecommunications Healthcare Insurance

Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison

Security Affairs

NOVEMBER 15, 2024

. “Ilya Lichtenstein was sentenced today to five years in prison for his involvement in a money laundering conspiracy arising from the hack and theft of approximately 120,000 bitcoin from Bitfinex, a global cryptocurrency exchange.” Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex.

Cryptocurrency

Cryptocurrency Hacking Government Accountability

Massive AT&T Hack Exposed ‘Nearly All’ Customer Phone Numbers

Tech Republic Security

JULY 12, 2024

Businesses and individuals with AT&T accounts from May 1, 2022 to October 31, 2022 and on January 2, 2023 will be notified if their data was affected.

Hacking

Hacking Accountability Big data Telecommunications

Chinese national charged for hacking thousands of Sophos firewalls

Security Affairs

DECEMBER 11, 2024

has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. and its employee Guan Tianfeng for hacking U.S. ” The U.S.

Firewall

Firewall Hacking Malware Passwords

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

” Only one of the men sanctioned today is known to have been criminally charged in connection with hacking activity. Secret Service determined that he ran a massive “money mule” scheme, which used phony job offers to trick people into laundering money stolen from hacked small to mid-sized businesses in the United States.

Hacking

Hacking Cybercrime Ransomware Government

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

Security Affairs

OCTOBER 12, 2024

Since April 2021, Russian state-sponsored hackers have exploited vulnerabilities, including Zimbra’s CVE-2022-27924 for injecting commands to access credentials and emails, and JetBrains TeamCity’s CVE-2023-42793 for arbitrary code execution through an authentication bypass.

Data collection

Data collection Authentication Hacking Government

FBI seized the notorious BreachForums hacking forum

Security Affairs

MAY 15, 2024

An international law enforcement operation coordinated by the FBI led to the seizure of the notorious BreachForums hacking forum. The authorities also seized the Telegram page for the hacking forum The website currently displays a message that informs visitors it was seized by law enforcement. In March 2023, U.S.

Hacking

Hacking Cybercrime Information Security

Poland probes Pegasus spyware abuse under the PiS government

Security Affairs

DECEMBER 3, 2024

The news of the hack was reported by the Gazeta Wyborcza daily, and unfortunately, it isn’t the first time that the Pegasus spyware was used in the country. In 2021, the University of Toronto-based Citizen Lab Internet reported that a Polish opposition duo was hacked with NSO spyware.

Spyware

Spyware Government Surveillance Hacking

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Security Affairs

NOVEMBER 21, 2024

The cybercrime group Scattered Spider is suspected of hacking into hundreds of organizations over the past two years, including Twilio , LastPass , DoorDash , and Mailchimp. As this case shows, phishing and hacking has become increasingly sophisticated and can result in enormous losses. ” reads the press release published by DoJ.

Cybercrime

Cybercrime Identity Theft Cryptocurrency Phishing

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

Security Affairs

MARCH 5, 2025

Ransomware group Hunters International claims to have hacked Tata Technologies, threatening to leak 1.4 On October 14, 2022, Tata Power, Indias largest power generation company, announced a cyber attack hit its infrastructure. The gang claims to have breached the corporate network on October 3rd, 2022. TB of stolen data.

Technology

Technology Ransomware Engineering Manufacturing

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. to , and vDOS , a DDoS-for-hire service that was shut down in 2016 after its founders were arrested.

eCommerce

eCommerce Cybercrime Accountability Passwords

Blackbasta group claims to have hacked Atlas, one of the largest US oil distributors

Security Affairs

MAY 21, 2024

The Blackbasta extortion group claims to have hacked Atlas, one of the largest national distributors of fuel in the United States. The gang published a series of documents as proof of the hack, including people’s ID cards, data sheets, payroll payment requesters and a picture of the folder exfiltrated from the victim’s systems.

Hacking

Hacking Ransomware Phishing Malware

Hacking et Cybersécurité Mégapoche pour les Nuls: New French Book on Hacking and CyberSecurity Now Available

Joseph Steinberg

JANUARY 22, 2024

Hacking et Cybersécurité Mégapoche pour les Nuls , a single-volume book containing French versions of the latest editions of both the best selling CyberSecurity for Dummies by Joseph Steinberg, and Hacking For Dummies by Kevin Beaver, is now available to the public.

Hacking

Hacking Cybersecurity Penetration Testing Artificial Intelligence

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 9, 2024, U.S.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

Pro-Russia hackers NoName057 targets Italy again after Zelensky’s visit to the country

Security Affairs

JANUARY 12, 2025

The group NoName57 has been active since March 2022 and has targeted government and critical infrastructure organizations worldwide. In September 2022, Avast researchers observed the group using the Bobik botnet to launch DDoS attacks. NoName057(16) uses multiple tools to carry out their attacks.

DDOS

DDOS Banking Government Marketing

U.S. CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

FEBRUARY 6, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, CISA Known Exploited Vulnerabilities catalog ) is a Remote Code Execution flaw in Microsoft Outlook. CISA orders federal agencies to fix this vulnerability by February 27, 2025.

Firewall

Firewall Hacking Cybersecurity Risk

Pro-Russia group NoName targeted the websites of Italian airports

Security Affairs

DECEMBER 28, 2024

The group NoName57 has been active since March 2022 and has targeted government and critical infrastructure organizations worldwide. In September 2022, Avast researchers observed the group using the Bobik botnet to launch DDoS attacks. NoName057(16) uses multiple tools to carry out their attacks.

DDOS

DDOS Artificial Intelligence Government Cybercrime

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Security Affairs

FEBRUARY 13, 2025

In 2022, the Russian APT used multiple wipers in attacks aimed at Ukraine, including AwfulShred , CaddyWiper , HermeticWiper , Industroyer2 , IsaacWiper , WhisperGate , Prestige , RansomBoggs , and ZeroWipe. On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Telecommunications

Telecommunications DNS Passwords Hacking

Ransomware attack hit Indian multinational Tata Technologies

Security Affairs

FEBRUARY 1, 2025

On October 14, 2022, Tata Power, Indias largest power generationcompany, announced a cyber attack hit its infrastructure. The gang claims to have breached the corporate network on October 3rd, 2022. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, ransomware attack)

Technology

Technology Ransomware Engineering Manufacturing

10 Million Users Compromised in Z-Library Phishing Site Hack

Penetration Testing

JULY 26, 2024

On the popular pirate e-book site Z-Library, or rather its phishing clone Z-lib, created in late 2022, there was a recent data breach affecting nearly 10 million users. On June 27, 2024, the Cybernews... The post 10 Million Users Compromised in Z-Library Phishing Site Hack appeared first on Cybersecurity News.

Phishing

Phishing Hacking Data breaches Cybersecurity

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Feds Link $150M Cyberheist to 2022 LastPass Hacks

Trending Sources

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Why Italy Sells So Much Spyware

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Four REvil Ransomware members sentenced for hacking and money laundering

Patch Tuesday, November 2022 Election Edition

US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack

Hackers Claim They Breached T-Mobile More Than 100 Times in 2022

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Alleged Co-Founder of Garantex Arrested in India

When Low-Tech Hacks Cause High-Impact Breaches

U.S. Hacks QakBot, Quietly Removes Botnet Infections

US Cyber Command Operations During the 2022 Midterm Elections

U.S. Offered $10M for Hacker Just Arrested by Russia

Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday

Hacked Ring Cams Used to Record Swatting Victims

Red Cross Hack Linked to Iranian Influence Operation?

An Interview With the Target & Home Depot Hacker

FBI Seizes BreachForums Website

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Feds seized $23 million in crypto stolen using keys from LastPass breaches

Black Basta ransomware gang hit BT Group

Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison

Massive AT&T Hack Exposed ‘Nearly All’ Customer Phone Numbers

Chinese national charged for hacking thousands of Sophos firewalls

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

FBI seized the notorious BreachForums hacking forum

Poland probes Pegasus spyware abuse under the PiS government

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

Blackbasta group claims to have hacked Atlas, one of the largest US oil distributors

Hacking et Cybersécurité Mégapoche pour les Nuls: New French Book on Hacking and CyberSecurity Now Available

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Pro-Russia hackers NoName057 targets Italy again after Zelensky’s visit to the country

U.S. CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog

Pro-Russia group NoName targeted the websites of Italian airports

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Ransomware attack hit Indian multinational Tata Technologies

10 Million Users Compromised in Z-Library Phishing Site Hack

Stay Connected