2022 and Hacking - Cyber Security Informer

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

Cyber threat analysts at Silent Push said they recently received reports from a partner organization that identified an aggressive scanning effort against their website using an Internet address previously associated with a campaign by FIN7 , a notorious Russia-based hacking group. co — first came online in February 2023.

Hacking

Hacking Cybercrime Advertising Data breaches

Why Italy Sells So Much Spyware

Schneier on Security

NOVEMBER 19, 2024

According to an Italian Ministry of Justice document , as of December 2022 law enforcement in the country could rent spyware for €150 a day, regardless of which vendor they used, and without the large acquisition costs which would normally be prohibitive. Italian spyware is cheaper and easier to use, which makes it more widely used.

Spyware

Spyware Marketing Hacking

Feds Link $150M Cyberheist to 2022 LastPass Hacks

Krebs on Security

MARCH 7, 2025

In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing…

Password Management

Password Management Hacking Passwords

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking

Hacking Cybercrime Phishing Passwords

Four REvil Ransomware members sentenced for hacking and money laundering

Security Affairs

OCTOBER 27, 2024

Four former members of the REvil ransomware group were sentenced in Russia for hacking and money laundering, marking a rare case of Russian gang members being convicted in the country. The cases have been sent to the Russian Prosecutor General’s Office for consolidation, and all defendants have been held since early 2022.

Ransomware

Ransomware Hacking Malware Cybercrime

Patch Tuesday, November 2022 Election Edition

Krebs on Security

NOVEMBER 8, 2022

Let’s face it: Having “2022 election” in the headline above is probably the only reason anyone might read this story today. CVE-2022-41073 is a zero-day flaw in the Windows Print Spooler , a Windows component that Microsoft has patched mightily over the past year. Today’s patch batch addresses both issues.

Internet

Internet Internet Cyber threats Engineering

Subaru Starlink flaw allowed experts to remotely hack cars

Security Affairs

JANUARY 25, 2025

To confirm their findings, the researchers reached out to their friend and asked if they could hack her car. In 2022, some of the members of the above team of experts including the popular cybersecurity expert Sam Curry, discovered another set of vulnerabilities impacting over a dozen car makers. ” added Curry.

Hacking

Hacking Accountability Passwords Authentication

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

Media coverage understandably focused on GoDaddy’s admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group. GoDaddy has not disclosed the source of the breach in December 2022 that led to malware on some customer websites. A U2F device made by Yubikey.

Hacking

Hacking Social Engineering Phishing Scams

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

According to recent figures from the managed security firm Reliaquest , QakBot is by far the most prevalent malware “loader” — malicious software used to secure access to a hacked network and help drop additional malware payloads. Today’s operation is not the first time the U.S.

Hacking

Hacking Malware Ransomware Government

US Cyber Command Operations During the 2022 Midterm Elections

Schneier on Security

JANUARY 25, 2023

Paul Nakasone, broadly discussed that first organization’s offensive cyber operations during the runup to the 2022 midterm elections. The head of both US Cyber Command and the NSA, Gen. “We understood how foreign adversaries utilize infrastructure throughout the world.

Hacking

Hacking Cybersecurity

US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack

Schneier on Security

APRIL 9, 2024

US Cyber Safety Review Board released a report on the summer 2023 hack of Microsoft Exchange by China. The board was established in early 2022, modeled in spirit after the National Transportation Safety Board. It was a serious attack by the Chinese government that accessed the emails of senior U.S. government officials.

Hacking

Hacking Government Accountability Technology

U.S. Offered $10M for Hacker Just Arrested by Russia

Krebs on Security

DECEMBER 4, 2024

In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “ Wazawaka ,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The men were among 14 suspected REvil members rounded up by Russia in the weeks before Russia invaded Ukraine in 2022.

Cybercrime

Cybercrime Ransomware Cryptocurrency Government

Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday

Krebs on Security

SEPTEMBER 14, 2022

Worst in terms of outright scariness is CVE-2022-37969 , which is a “privilege escalation” weakness in the Windows Common Log File System Driver that allows attackers to gain SYSTEM-level privileges on a vulnerable host. .” CVE-2022-32984 is a problem in the deepest recesses of the operating system (the kernel).

Spyware

Spyware Cyber threats Security Defenses Cyber Attacks

Alleged Co-Founder of Garantex Arrested in India

Krebs on Security

MARCH 11, 2025

government in 2022 for facilitating tens of billions of dollars in money laundering by transnational criminal and cybercriminal organizations. Treasury Office of Foreign Assets Control in April 2022 for receiving hundreds of millions in criminal proceeds, including funds used to facilitate hacking, ransomware, terrorism and drug trafficking.

Ransomware

Ransomware Cryptocurrency Marketing Government

Red Cross Hack Linked to Iranian Influence Operation?

Krebs on Security

FEBRUARY 16, 2022

The ICRC said the hacked servers contained data relating to the organization’s Restoring Family Links services, which works to reconnect people separated by war, violence, migration and other causes. .” In their online statement about the hack (updated on Feb. Image: Ke-la.com. ” On Jan.

Hacking

Hacking Ransomware Media Accountability

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities.

Retail

Retail Advertising Cryptocurrency Cybercrime

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

10, 2022, the relatively new cybercrime forum Breached featured a bombshell new sales thread: The user database for InfraGard, including names and contact information for tens of thousands of InfraGard members.

Hacking

Hacking Energy and Utilities Cybercrime Accountability

FBI Seizes BreachForums Website

Schneier on Security

MAY 17, 2024

“The Federal Bureau of Investigation (FBI) is investigating the criminal hacking forums known as BreachForums and Raidforums,” reads a dedicated subdomain on the FBI’s IC3 portal. co and run by pompompurin) operated a similar hacking forum from March 2022 until March 2023. .

Hacking

Hacking Accountability Ransomware Internet

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Security Affairs

JANUARY 15, 2025

At the beginning of the year, and as a positive start for us, and in order to solidify the name of our group in your memory, we are proud to announce our first official operation: Will be published of sensitive data from over 15,000 targets worldwide (both governmental and private sectors) that have been hacked and their data extracted.”

VPN

VPN Passwords Firewall Firmware

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

networks since the summer of 2022. “ Flax Typhoon is a China-linked hacking group that has been active since 2021, it targets critical infrastructure globally, exploiting vulnerabilities for persistent access. . According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. critical infrastructure sectors.“

Cybersecurity

Cybersecurity IoT Hacking Technology

Black Basta ransomware gang hit BT Group

Security Affairs

DECEMBER 4, 2024

Black Basta ransomware-as-a-service (RaaS) has been active since April 2022, it impacted several businesses and critical infrastructure entities across North America, Europe, and Australia. Black Basta is a ransomware-as-a-service (RaaS) variant, first identified in April 2022. reads the CSA.

Ransomware

Ransomware Telecommunications Healthcare Insurance

Massive AT&T Hack Exposed ‘Nearly All’ Customer Phone Numbers

Tech Republic Security

JULY 12, 2024

Businesses and individuals with AT&T accounts from May 1, 2022 to October 31, 2022 and on January 2, 2023 will be notified if their data was affected.

Hacking

Hacking Accountability Big data Telecommunications

Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison

Security Affairs

NOVEMBER 15, 2024

. “Ilya Lichtenstein was sentenced today to five years in prison for his involvement in a money laundering conspiracy arising from the hack and theft of approximately 120,000 bitcoin from Bitfinex, a global cryptocurrency exchange.” Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex.

Cryptocurrency

Cryptocurrency Hacking Government Accountability

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Krebs on Security

FEBRUARY 9, 2023

” Only one of the men sanctioned today is known to have been criminally charged in connection with hacking activity. Secret Service determined that he ran a massive “money mule” scheme, which used phony job offers to trick people into laundering money stolen from hacked small to mid-sized businesses in the United States.

Hacking

Hacking Cybercrime Ransomware Government

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

Security Affairs

OCTOBER 12, 2024

Since April 2021, Russian state-sponsored hackers have exploited vulnerabilities, including Zimbra’s CVE-2022-27924 for injecting commands to access credentials and emails, and JetBrains TeamCity’s CVE-2023-42793 for arbitrary code execution through an authentication bypass.

Data collection

Data collection Authentication Hacking Government

FBI seized the notorious BreachForums hacking forum

Security Affairs

MAY 15, 2024

An international law enforcement operation coordinated by the FBI led to the seizure of the notorious BreachForums hacking forum. The authorities also seized the Telegram page for the hacking forum The website currently displays a message that informs visitors it was seized by law enforcement. In March 2023, U.S.

Hacking

Hacking Cybercrime Information Security

Feds seized $23 million in crypto stolen using keys from LastPass breaches

Security Affairs

MARCH 10, 2025

authorities seized $23M in crypto linked to a $150M Ripple wallet theft, experts believe the incident is linked to the 2022 LastPass breach. authorities seized $23M in crypto tied to a $150M Ripple hack, suspected to have been carried out by hackers from the 2022 LastPass breach. ” reads the complaint. ” However.

Password Management

Password Management Cryptocurrency Passwords Data breaches

Poland probes Pegasus spyware abuse under the PiS government

Security Affairs

DECEMBER 3, 2024

The news of the hack was reported by the Gazeta Wyborcza daily, and unfortunately, it isn’t the first time that the Pegasus spyware was used in the country. In 2021, the University of Toronto-based Citizen Lab Internet reported that a Polish opposition duo was hacked with NSO spyware.

Spyware

Spyware Government Surveillance Hacking

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Security Affairs

NOVEMBER 21, 2024

The cybercrime group Scattered Spider is suspected of hacking into hundreds of organizations over the past two years, including Twilio , LastPass , DoorDash , and Mailchimp. As this case shows, phishing and hacking has become increasingly sophisticated and can result in enormous losses. ” reads the press release published by DoJ.

Cybercrime

Cybercrime Identity Theft Cryptocurrency Phishing

Blackbasta group claims to have hacked Atlas, one of the largest US oil distributors

Security Affairs

MAY 21, 2024

The Blackbasta extortion group claims to have hacked Atlas, one of the largest national distributors of fuel in the United States. The gang published a series of documents as proof of the hack, including people’s ID cards, data sheets, payroll payment requesters and a picture of the folder exfiltrated from the victim’s systems.

Hacking

Hacking Ransomware Phishing Malware

Hacking et Cybersécurité Mégapoche pour les Nuls: New French Book on Hacking and CyberSecurity Now Available

Joseph Steinberg

JANUARY 22, 2024

Hacking et Cybersécurité Mégapoche pour les Nuls , a single-volume book containing French versions of the latest editions of both the best selling CyberSecurity for Dummies by Joseph Steinberg, and Hacking For Dummies by Kevin Beaver, is now available to the public.

Hacking

Hacking Cybersecurity Penetration Testing Artificial Intelligence

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. to , and vDOS , a DDoS-for-hire service that was shut down in 2016 after its founders were arrested.

eCommerce

eCommerce Cybercrime Accountability Passwords

Pro-Russia hackers NoName057 targets Italy again after Zelensky’s visit to the country

Security Affairs

JANUARY 12, 2025

The group NoName57 has been active since March 2022 and has targeted government and critical infrastructure organizations worldwide. In September 2022, Avast researchers observed the group using the Bobik botnet to launch DDoS attacks. NoName057(16) uses multiple tools to carry out their attacks.

DDOS

DDOS Banking Government Marketing

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 9, 2024, U.S.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

U.S. CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

FEBRUARY 6, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, CISA Known Exploited Vulnerabilities catalog ) is a Remote Code Execution flaw in Microsoft Outlook. CISA orders federal agencies to fix this vulnerability by February 27, 2025.

Firewall

Firewall Hacking Cybersecurity Risk

Pro-Russia group NoName targeted the websites of Italian airports

Security Affairs

DECEMBER 28, 2024

The group NoName57 has been active since March 2022 and has targeted government and critical infrastructure organizations worldwide. In September 2022, Avast researchers observed the group using the Bobik botnet to launch DDoS attacks. NoName057(16) uses multiple tools to carry out their attacks.

DDOS

DDOS Artificial Intelligence Government Cybercrime

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Security Affairs

MAY 12, 2024

Black Basta ransomware affiliates have breached over 500 organizations between April 2022 and May 2024, FBI and CISA reported. Black Basta ransomware-as-a-service (RaaS) has been active since April 2022, it impacted several businesses and critical infrastructure entities across North America, Europe, and Australia.

Ransomware

Ransomware Hacking Healthcare Retail

Ransomware attack hit Indian multinational Tata Technologies

Security Affairs

FEBRUARY 1, 2025

On October 14, 2022, Tata Power, Indias largest power generationcompany, announced a cyber attack hit its infrastructure. The gang claims to have breached the corporate network on October 3rd, 2022. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, ransomware attack)

Technology

Technology Ransomware Engineering Manufacturing

10 Million Users Compromised in Z-Library Phishing Site Hack

Penetration Testing

JULY 26, 2024

On the popular pirate e-book site Z-Library, or rather its phishing clone Z-lib, created in late 2022, there was a recent data breach affecting nearly 10 million users. On June 27, 2024, the Cybernews... The post 10 Million Users Compromised in Z-Library Phishing Site Hack appeared first on Cybersecurity News.

Phishing

Phishing Hacking Data breaches Cybersecurity

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Security Affairs

FEBRUARY 13, 2025

In 2022, the Russian APT used multiple wipers in attacks aimed at Ukraine, including AwfulShred , CaddyWiper , HermeticWiper , Industroyer2 , IsaacWiper , WhisperGate , Prestige , RansomBoggs , and ZeroWipe. On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Telecommunications

Telecommunications DNS Passwords Hacking

CNN, Paris Hilton, and Sony TikTok accounts hacked via DMs

Security Affairs

JUNE 5, 2024

Semafor first reported that CNN’s TikTok account had been hacked, forcing the broadcaster to take down its account for several days. In August 2022, Microsoft researchers discovered a high-severity flaw ( CVE-2022-28799 ) in the TikTok Android app, which could have allowed attackers to hijack users’ accounts with a single click.

Accountability

Accountability Hacking Malware Information Security

GUEST ESSAY: Stolen logons, brute force hacking get used the most to breach web, email servers

The Last Watchdog

AUGUST 29, 2022

Related: Damage caused by ‘business logic’ hacking. This is according to Verizon’s latest 2022 Data Breach Investigations Report ( DBIR ). In 2022, 69 percent of personal data and 67 percent of credentials became compromised in a web breach. 2009 DBIR page 17) .

Hacking

Hacking Passwords Password Management Data breaches

Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. On or about May 27, 2022, the man and his Hive coconspirators allegedly hit a nonprofit behavioral healthcare organization in New Jersey. The attacks hit law enforcement agencies in Washington, D.C.

Ransomware

Ransomware Healthcare Hacking Malware

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Why Italy Sells So Much Spyware

Webinars

Trending Sources

Feds Link $150M Cyberheist to 2022 LastPass Hacks

Webinars

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Four REvil Ransomware members sentenced for hacking and money laundering

Patch Tuesday, November 2022 Election Edition

Subaru Starlink flaw allowed experts to remotely hack cars

Feds Charge Five Men in ‘Scattered Spider’ Roundup

When Low-Tech Hacks Cause High-Impact Breaches

U.S. Hacks QakBot, Quietly Removes Botnet Infections

US Cyber Command Operations During the 2022 Midterm Elections

US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack

U.S. Offered $10M for Hacker Just Arrested by Russia

Wormable Flaw, 0days Lead Sept. 2022 Patch Tuesday

Alleged Co-Founder of Garantex Arrested in India

Red Cross Hack Linked to Iranian Influence Operation?

An Interview With the Target & Home Depot Hacker

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

FBI Seizes BreachForums Website

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Black Basta ransomware gang hit BT Group

Massive AT&T Hack Exposed ‘Nearly All’ Customer Phone Numbers

Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison

U.S., U.K. Sanction 7 Men Tied to Trickbot Hacking Group

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

FBI seized the notorious BreachForums hacking forum

Feds seized $23 million in crypto stolen using keys from LastPass breaches

Poland probes Pegasus spyware abuse under the PiS government

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Blackbasta group claims to have hacked Atlas, one of the largest US oil distributors

Hacking et Cybersécurité Mégapoche pour les Nuls: New French Book on Hacking and CyberSecurity Now Available

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

Pro-Russia hackers NoName057 targets Italy again after Zelensky’s visit to the country

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

U.S. CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog

Pro-Russia group NoName targeted the websites of Italian airports

As of May 2024, Black Basta ransomware affiliates hacked over 500 organizations worldwide

Ransomware attack hit Indian multinational Tata Technologies

10 Million Users Compromised in Z-Library Phishing Site Hack

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

CNN, Paris Hilton, and Sony TikTok accounts hacked via DMs

GUEST ESSAY: Stolen logons, brute force hacking get used the most to breach web, email servers

Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

Stay Connected