article thumbnail

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

Cyber threat analysts at Silent Push said they recently received reports from a partner organization that identified an aggressive scanning effort against their website using an Internet address previously associated with a campaign by FIN7 , a notorious Russia-based hacking group. co — first came online in February 2023.

Hacking 230
article thumbnail

Feds Link $150M Cyberheist to 2022 LastPass Hacks

Krebs on Security

In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing…

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

men have been charged with hacking into a U.S. The government alleges that on May 7, 2022, Singh used stolen credentials to log into a U.S. On May 12, 2022, KrebsOnSecurity broke the news that hackers had gained access to a DEA portal that taps into 16 different federal law enforcement databases. ” Image: USDOJ.

Hacking 301
article thumbnail

Why Italy Sells So Much Spyware

Schneier on Security

According to an Italian Ministry of Justice document , as of December 2022 law enforcement in the country could rent spyware for €150 a day, regardless of which vendor they used, and without the large acquisition costs which would normally be prohibitive. Italian spyware is cheaper and easier to use, which makes it more widely used.

Spyware 297
article thumbnail

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking 334
article thumbnail

Four REvil Ransomware members sentenced for hacking and money laundering

Security Affairs

Four former members of the REvil ransomware group were sentenced in Russia for hacking and money laundering, marking a rare case of Russian gang members being convicted in the country. The cases have been sent to the Russian Prosecutor General’s Office for consolidation, and all defendants have been held since early 2022.

article thumbnail

Patch Tuesday, November 2022 Election Edition

Krebs on Security

Let’s face it: Having “2022 election” in the headline above is probably the only reason anyone might read this story today. CVE-2022-41073 is a zero-day flaw in the Windows Print Spooler , a Windows component that Microsoft has patched mightily over the past year. Today’s patch batch addresses both issues.

Internet 250