Security Affairs

JANUARY 15, 2025

released in October 2022. “The build date coded in the last number block also points to the same date range: None of the firewall firmwares examined had been compiled after September 14, 2022.” ” reported Heise Security.

VPN 130

VPN Passwords Firewall Firmware 130

Security Affairs

APRIL 9, 2025

The OCC reviewed email logs since 2022, disabled impacted accounts, and reported the breach to CISA. The confidentiality and integrity of the OCCs information security systems are paramount to fulfilling its mission, said Acting Comptroller of the Currency Rodney E. The breach was confirmed on Feb.

Accountability 123

Accountability Banking Information Security Hacking 123

Security Affairs

JANUARY 4, 2025

networks since the summer of 2022. According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. Treasury sanctioned a Chinese cybersecurity firm, Integrity Tech, for links to cyberattacks by Chinas state-backed Flax Typhoon APT group (also called Ethereal Panda or RedJuliett). critical infrastructure sectors.“

Cybersecurity 123

Cybersecurity IoT Hacking Technology 123

Security Affairs

APRIL 29, 2025

In 2024, Google tracked 75 exploited zero-day vulnerabilities, down from 98 in 2023 but up from 63 in 2022. “Microsoft Windows exploitation continued to increase, climbing from 13 zero-days in 2022, to 16 in 2023, to 22 in 2024.” ” continues the report. ” concludes the report.

Surveillance 104

Surveillance Mobile Software Hacking 104

Security Affairs

MARCH 10, 2025

authorities seized $23M in crypto linked to a $150M Ripple wallet theft, experts believe the incident is linked to the 2022 LastPass breach. authorities seized $23M in crypto tied to a $150M Ripple hack, suspected to have been carried out by hackers from the 2022 LastPass breach. ” reads the complaint. ” However.

Password Management 86

Password Management Cryptocurrency Passwords Data breaches 86

Security Affairs

FEBRUARY 13, 2025

In 2022, the Russian APT used multiple wipers in attacks aimed at Ukraine, including AwfulShred , CaddyWiper , HermeticWiper , Industroyer2 , IsaacWiper , WhisperGate , Prestige , RansomBoggs , and ZeroWipe. On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Telecommunications 107

Telecommunications DNS Passwords Hacking 107

Security Affairs

JULY 30, 2024

A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five app on Google Play, totaling over 32,000 downloads between 2022 and 2024.

Spyware 127

Spyware Malware Mobile Marketing 127

Security Affairs

APRIL 22, 2024

Microsoft reported that the Russia-linked APT28 group (aka “ Forest Blizzard ”, “ Fancybear ” or “ Strontium ” used a previously unknown tool, dubbed GooseEgg, to exploit the Windows Print Spooler flaw CVE-2022-38028. The vulnerability CVE-2022-38028 was reported by the U.S.

Government 143

Government Education Phishing Malware 143

Security Affairs

OCTOBER 27, 2024

The cases have been sent to the Russian Prosecutor General’s Office for consolidation, and all defendants have been held since early 2022. in March 2022. Vasinskyi (aka Profcomserv, Rabotnik, Rabotnik_New, Yarik45, Yaraslav2468, and Affiliate 22) was arrested on October 8, 2021, while he was trying to enter Poland.

Ransomware 143

Ransomware Hacking Malware Cybercrime 143

Security Affairs

JANUARY 12, 2025

The group NoName57 has been active since March 2022 and has targeted government and critical infrastructure organizations worldwide. In September 2022, Avast researchers observed the group using the Bobik botnet to launch DDoS attacks. NoName057(16) uses multiple tools to carry out their attacks.

DDOS 121

DDOS Banking Government Marketing 121

Daniel Miessler

DECEMBER 24, 2022

If you follow Information Security at all you are surely aware of the LastPass breach situation. It started back in August of 2022 as a fairly common breach notification on a blog, but it, unfortunately, turned into more of a blog series.

Password Management 364

Password Management Passwords Encryption Backups 364

Security Affairs

OCTOBER 12, 2024

Since April 2021, Russian state-sponsored hackers have exploited vulnerabilities, including Zimbra’s CVE-2022-27924 for injecting commands to access credentials and emails, and JetBrains TeamCity’s CVE-2023-42793 for arbitrary code execution through an authentication bypass.

Data collection 136

Data collection Authentication Hacking Government 136

Security Affairs

DECEMBER 28, 2024

The group NoName57 has been active since March 2022 and has targeted government and critical infrastructure organizations worldwide. In September 2022, Avast researchers observed the group using the Bobik botnet to launch DDoS attacks. NoName057(16) uses multiple tools to carry out their attacks.

DDOS 125

DDOS Artificial Intelligence Government Cybercrime 125

Security Affairs

FEBRUARY 1, 2025

On October 14, 2022, Tata Power, Indias largest power generationcompany, announced a cyber attack hit its infrastructure. Threat actors hit the company’s information technology (IT) infrastructure. The gang claims to have breached the corporate network on October 3rd, 2022.

Technology 117

Technology Ransomware Engineering Manufacturing 117

Security Affairs

DECEMBER 18, 2024

The APT group targeted an organization in Latin America in 2019 and 2022. While investigating the 2022 attack, the researchers noticed that the victim organization had also suffered a 2019 attack using “Careto2” and “Goreto” frameworks. ” reads the analysis published by Kaspersky.

Cyber Attacks 115

Cyber Attacks Hacking Government Malware 115

Security Affairs

DECEMBER 3, 2024

In June 2022, the controversial Israeli surveillance vendor NSO Group told the European Union lawmakers that its Pegasus spyware was used by at least five countries in the region. “We will not allow the PiS machine to further destroy democracy, lead Poland to the East and sovietise our country,” Karnowski told Reuters.

Spyware 118

Spyware Government Surveillance Hacking 118

Security Affairs

NOVEMBER 13, 2024

The botnet is comprised of two complementary activity clusters, the experts believe it has been active since at least February 2022. In early July and August of 2022, the researchers noticed several Cisco RV320s , DrayTek Vigor routers , and NETGEAR ProSAFEs that were part of the botnet.

VPN 123

VPN Government Malware Manufacturing 123

Security Affairs

OCTOBER 16, 2024

The same admin later launched a chat-based drug sales platform, Tsätti, in 2022, which was taken offline along with Sipulitie. Law enforcement agencies from the United Kingdom, United States, and Ireland participated in the operation that began towards the end of 2022.

Marketing 121

Marketing Cybercrime Scams Hacking 121

Security Affairs

FEBRUARY 6, 2025

is a Remote Code Execution flaw in Microsoft Outlook.

Firewall 123

Firewall Hacking Cybersecurity Risk 123

Krebs on Security

NOVEMBER 4, 2022

” In late September 2022, KrebsOnSecurity warned about the proliferation of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. For example, on October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc.

Scams 287

Scams Artificial Intelligence Cryptocurrency Accountability 287

Security Affairs

APRIL 3, 2025

The operation, which has been ongoing since 2022, identified 1,393 suspects, arrested 79, and seized over 3,000 devices. million users worldwide logged on to the platform between April 2022 and March 2025. The authorities confirmed that some suspects also abused children. The investigation has protected 39 children.

Cryptocurrency 99

Cryptocurrency Cybercrime Hacking Information Security 99

Security Affairs

MARCH 5, 2025

On October 14, 2022, Tata Power, Indias largest power generation company, announced a cyber attack hit its infrastructure. Threat actors hit the companys information technology (IT) infrastructure. The gang claims to have breached the corporate network on October 3rd, 2022. TB of data stored in over 730,000 files.

Technology 107

Technology Ransomware Engineering Manufacturing 107

Krebs on Security

APRIL 27, 2023

This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information. “My team is frustrated by the permissive nature of the platform,” Carbee said. Akiri said he notified the Washington D.C. ”

Banking 338

Banking Government Information Security Authentication 338

Security Affairs

NOVEMBER 2, 2024

Between 2020 and 2022, attackers launched multiple campaigns to exploit zero-day vulnerabilities in publicly accessible network appliances, focusing on WAN-facing services. However, further investigation revealed a complex rootkit, “Cloud Snooper,” and a unique cloud pivoting technique via a misconfigured AWS SSM Agent.

Firmware 121

Firmware Government Firewall Malware 121

Security Affairs

OCTOBER 16, 2024

However, the Brazilian national turned into more complex cybercriminal activities by 2022. The link between Luan’s hacktivism and cybercrime was established due to his bad Operational security (opsec). CrowdStrike’s investigation reveals that USDoD’s leader, Luan BG, has been a hacktivist active since at least 2017.

Data breaches 127

Data breaches Media Cybercrime Accountability 127

Security Affairs

NOVEMBER 15, 2024

In February 2022, Ilya Lichtenstein (35) and his wife, Heather Morgan (32), were arrested for alleged conspiracy to launder $4.5 .” reads the press release published by DoJ. Over 96% of the stolen funds have been recovered, with most remaining unspent, according to defense attorney Samson Enzer and with assistance from Lichtenstein.

Cryptocurrency 106

Cryptocurrency Hacking Government Accountability 106

Security Affairs

APRIL 12, 2025

The cybersecurity firm revealed that attackers exploited known FortiGate flaws like CVE-2022-42475 , CVE-2023-27997 , and CVE-2024-21762 to gain persistent read-only access via a symlink in SSL-VPN language folders. “A threat actor used a known vulnerability to implement read-only access to vulnerable FortiGate devices.

VPN 105

VPN Engineering Hacking Cybersecurity 105

Security Affairs

NOVEMBER 21, 2024

He is accused of stealing at least $800,000 from five victims between August 2022 and March 2023. Urban, known online as “Sosa” and “King Bob,” is linked to the same group that hacked Twilio and other companies in 2022. In January 2024, U.S.

Cybercrime 110

Cybercrime Identity Theft Cryptocurrency Phishing 110

Security Affairs

JANUARY 24, 2025

Lumen experts also mentioned another variant of cd00r, codenamed SEASPY , that was used in a campaign targeting Barracuda Email Security Gateway (ESG) appliances that dates back in 2022. However, there is no evidence that the two campaigns are linked.

Malware 121

Malware VPN Encryption Hacking 121

Security Affairs

OCTOBER 23, 2024

Here, Data Security Posture Management (DSPM) comes into play– an essential solution for addressing evolving data security and privacy requirements. What is Data Security Posture Management? He holds a degree of Computer Science from Iqra University and specializes in Information Security & Data Privacy.

Data privacy 126

Data privacy Unstructured Data Risk Data breaches 126

Security Affairs

OCTOBER 14, 2024

Law enforcement agencies from the United Kingdom, United States, and Ireland participated in the operation that began towards the end of 2022. These are two of the largest and longest-running dark web platforms for the trade of illegal goods, drugs, and cybercrime services.

Marketing 127

Marketing Cybercrime DDOS Cryptocurrency 127

SecureWorld News

DECEMBER 9, 2024

The Chief Information Security Officer (CISO) has become one of the most critical roles in modern organizations. Burnout and job dissatisfaction The State of the CISO 20232024" report reveals a decline in job satisfaction, with only 64% of CISOs satisfied with their rolesa sharp drop from 74% in 2022.

CISO 104

CISO Cyber threats Risk Cybersecurity 104

Security Affairs

APRIL 10, 2025

com , dates to Jan 2022. All versions analyzed used the same Telegram token and chat ID. The researchers noticed that the spam domains rotate frequently to evade detection. The oldest, akirateam[.]com DNS records link domains like servicewrap-go[.]com com to 77980.bodis[.]com com , a known malvertising host. Connections suggest ties to unj[.]digital

eCommerce 128

eCommerce Technology DNS Business Services 128

Krebs on Security

OCTOBER 20, 2022

On October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc. In late September 2022, KrebsOnSecurity warned about the proliferation of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations.

Accountability 318

Accountability Cryptocurrency Scams CISO 318

Krebs on Security

SEPTEMBER 24, 2022

A native of Omsk, Russia, Kloster came into focus after KrebsOnSecurity followed clues from the RSOCKS botnet master’s identity on the cybercrime forums to Kloster’s personal blog , which featured musings on the challenges of running a company that sells “security and anonymity services to customers around the world.”

Cybercrime 251

Cybercrime Data breaches Malware Ransomware 251

Security Affairs

OCTOBER 22, 2024

Bumblebee has been active since March 2022 when it was spotted by Google’s Threat Analysis Group (TAG), experts noticed that cybercriminal groups that were previously using the BazaLoader and IcedID as part of their malware campaigns switched to the Bumblebee loader.

Malware 124

Malware Phishing Ransomware Hacking 124

Krebs on Security

OCTOBER 20, 2023

In an interview with KrebsOnSecurity, Okta’s Deputy Chief Information Security Officer Charlotte Wylie said Okta initially believed that BeyondTrust’s alert on Oct. Maiffret said BeyondTrust followed up with Okta on Oct. 2 was not a result of a breach in its systems. But she said that by Oct.

Social Engineering 355

Social Engineering Engineering Accountability Hacking 355