Krebs on Security

NOVEMBER 4, 2022

” In late September 2022, KrebsOnSecurity warned about the proliferation of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. For example, on October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc.

Scams 272

Scams Artificial Intelligence Cryptocurrency Accountability 272

Krebs on Security

APRIL 27, 2023

This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information. “My team is frustrated by the permissive nature of the platform,” Carbee said. Akiri said he notified the Washington D.C. ”

Banking 332

Banking Government Information Security Authentication 332

Security Affairs

APRIL 25, 2024

CISA added the Windows Print Spooler flaw CVE-2022-38028 to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the CVE-2022-38028 Microsoft Windows Print Spooler Privilege Escalation vulnerability to its Known Exploited Vulnerabilities (KEV) catalog.

Education 141

Education Hacking Government Risk 141

Krebs on Security

OCTOBER 20, 2022

On October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc. In late September 2022, KrebsOnSecurity warned about the proliferation of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations.

Accountability 312

Accountability Cryptocurrency Scams CISO 312

Krebs on Security

OCTOBER 20, 2023

In an interview with KrebsOnSecurity, Okta’s Deputy Chief Information Security Officer Charlotte Wylie said Okta initially believed that BeyondTrust’s alert on Oct. Maiffret said BeyondTrust followed up with Okta on Oct. 2 was not a result of a breach in its systems. But she said that by Oct.

Social Engineering 345

Social Engineering Engineering Accountability Hacking 345

Krebs on Security

SEPTEMBER 24, 2022

A native of Omsk, Russia, Kloster came into focus after KrebsOnSecurity followed clues from the RSOCKS botnet master’s identity on the cybercrime forums to Kloster’s personal blog , which featured musings on the challenges of running a company that sells “security and anonymity services to customers around the world.”

Cybercrime 238

Cybercrime Data breaches Malware Ransomware 238

Krebs on Security

APRIL 20, 2023

3CX hired incident response firm Mandiant , which released a report on Wednesday that said the compromise began in 2022 when a 3CX employee installed a malware-laced software package distributed via an earlier software supply chain compromise that began with a tampered installer for X_TRADER , a software package provided by Trading Technologies.

Malware 319

Malware Software Technology Accountability 319

Security Affairs

MAY 23, 2024

Below is the list of the addressed vulnerabilities: CVE Description CVSS Vector CVE-2024-29822 An unspecified SQL Injection vulnerability in Core server of Ivanti EPM 2022 SU5 and prior allows an unauthenticated attacker within the same network to execute arbitrary code.

Authentication 129

Authentication Hacking Information Security 129

Security Affairs

SEPTEMBER 11, 2024

“Deserialization of untrusted data in the agent portal of Ivanti EPM before 2022 SU6, or the 2024 September update allows a remote unauthenticated attacker to achieve remote code execution.” ” reads the advisory published by the company. High) CVSS:3.0/AV:N/AC:L/PR:N/UI:N/S:U/C:H/I:L/A:N Critical) CVSS:3.0/AV:N/AC:L/PR:H/UI:N/S:C/C:H/I:H/A:H

Software 130

Software Authentication IoT Hacking 130

Schneier on Security

AUGUST 8, 2022

NIST was poised to make final algorithm selections in 2022, with a plan to have a draft standard available for public comment in 2023. Fun fact: Those three algorithms were broken by the Center of Encryption and Information Security, part of the Israeli Defense Force. Cryptanalysis over the competition was brutal.

Encryption 360

Encryption Architecture Engineering Information Security 360

Security Affairs

JUNE 21, 2024

French information security agency ANSSI reported that Russia-linked threat actor Nobelium is behind a series of cyber attacks that targeted French diplomatic entities. The French information security agency ANSSI reported that Russia-linked APT Nobelium targeted French diplomatic entities.

Phishing 133

Phishing Accountability Information Security Cyber Attacks 133

Security Affairs

DECEMBER 4, 2024

Black Basta ransomware-as-a-service (RaaS) has been active since April 2022, it impacted several businesses and critical infrastructure entities across North America, Europe, and Australia. Black Basta is a ransomware-as-a-service (RaaS) variant, first identified in April 2022. reads the CSA.

Ransomware 126

Ransomware Telecommunications Healthcare Insurance 126

Security Affairs

JUNE 27, 2024

in April 2022. Technical details and PoC exploit code are publicly available since August 2022. Linux Kernel Flaw CVE-2022-2586 (CVSS score of 7.8) White hat hackers demonstrated an exploit for this issue during the Pwn2Own Vancouver 2022. is a code injection issue in the Jai-Ext open source project. and 1.3.12.

Hacking 123

Hacking Cybersecurity Risk Information Security 123

Krebs on Security

DECEMBER 19, 2024

The makers of Acunetix, Texas-based application security vendor Invicti Security , confirmed Silent Push’s findings, saying someone had figured out how to crack the free trial version of the software so that it runs without a valid license key. ” Orn advertising Araneida Scanner in Feb. 2023 on the forum Cracked.

Hacking 215

Hacking Cybercrime Advertising Data breaches 215

Security Affairs

JANUARY 15, 2025

released in October 2022. “The build date coded in the last number block also points to the same date range: None of the firewall firmwares examined had been compiled after September 14, 2022.” ” reported Heise Security.

VPN 130

VPN Passwords Firewall Firmware 130

Security Affairs

FEBRUARY 13, 2025

In 2022, the Russian APT used multiple wipers in attacks aimed at Ukraine, including AwfulShred , CaddyWiper , HermeticWiper , Industroyer2 , IsaacWiper , WhisperGate , Prestige , RansomBoggs , and ZeroWipe. On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Telecommunications 107

Telecommunications DNS Passwords Hacking 107

Security Affairs

MAY 21, 2024

Black Basta has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. In November 2022, Sentinel Labs researchers reported having found evidence that links the Black Basta ransomware gang to the financially motivated hacking group FIN7.

Hacking 143

Hacking Ransomware Phishing Malware 143

Krebs on Security

JANUARY 24, 2023

In June 2022, authorities in the United States, Germany, the Netherlands and the United Kingdom announced a joint operation to dismantle the RSOCKS botnet. “Thanks to you, we are now developing in the field of information security and anonymity!,” But that action did not name any defendants. Kloster’s blog enthused. “We

Cybercrime 259

Cybercrime Advertising IoT Malware 259

Security Affairs

DECEMBER 6, 2023

CVE-2022-22071 was included in our May 2022 public bulletin. CVE-2022-22071 was included in our May 2022 public bulletin. Google Threat Analysis Group and Google Project Zero first reported that the CVE-2023-33106, CVE-2023-33107, CVE-2022-22071 and CVE-2023-33063 were actively exploited in targeted attacks.

Surveillance 136

Surveillance Hacking Cybersecurity Risk 136

Security Affairs

JANUARY 23, 2024

The Australian government announced sanctions for a member of the REvil ransomware group for the Medibank hack that occurred in 2022. The man is responsible for the cyber attacks that in 2022 hit the Australian insurance provider Medibank. “ In November 2022, Medibank announced that personal data belonging to around 9.7M

Government 137

Government Insurance Ransomware Hacking 137

Daniel Miessler

SEPTEMBER 12, 2021

It might be that it’s time for a bigger adjustment than ever for 2022. Instead, start with the purpose of the project and the output you want it to produce for a defined audience, and then look at the data, and then the list. In doing the first two, be willing to completely reconsider the list. A reframing.

Software 364

Software Information Security 364

Krebs on Security

JULY 21, 2023

A review of the executives pages published by the 2022 list of Fortune 100 companies found only four — BestBuy , Cigna , Coca-Cola , and Walmart — that listed a Chief Security Officer (CSO) or Chief Information Security Officer (CISO) in their highest corporate ranks.

CSO 232

CSO CISO Insurance Risk 232

Security Affairs

MAY 15, 2024

From March 2022 until March 2023, a separate version of BreachForums (hosted at breached.vc/.to/.co) The BreachForums hacking forum was launched in 2022 after the law enforcement authorities seized RaidForums as a result of Operation TOURNIQUET. According to the statement published by law enforcement on the site breachforums.ic3.gov

Hacking 135

Hacking Cybercrime Information Security 135

Security Affairs

JUNE 5, 2024

In August 2022, Microsoft researchers discovered a high-severity flaw ( CVE-2022-28799 ) in the TikTok Android app, which could have allowed attackers to hijack users’ accounts with a single click. Microsoft reported the issue to TikTok in February 2022, and the company quickly addressed it.

Accountability 134

Accountability Hacking Malware Information Security 134

Security Affairs

JANUARY 4, 2025

networks since the summer of 2022. According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. Treasury sanctioned a Chinese cybersecurity firm, Integrity Tech, for links to cyberattacks by Chinas state-backed Flax Typhoon APT group (also called Ethereal Panda or RedJuliett). critical infrastructure sectors.“

Cybersecurity 123

Cybersecurity IoT Hacking Technology 123

Security Affairs

JANUARY 30, 2024

in August 2022. “This vulnerability was introduced in glibc 2.37 (in August 2022) by the following commit: [link] and was also backported to glibc 2.36 because this commit was a fix for another, minor vulnerability in __vsyslog_internal() (CVE-2022-39046, an “uninitialized memory [read] from the heap”).”

Hacking 138

Hacking Software Information Security 138

Security Affairs

NOVEMBER 20, 2023

3 On or about November 18, 2022, the man launched a credential stuffing attack on the Betting Website and gained access to approximately 60,000 accounts. According to court documents, on November 18, 2022, Garrison launched the attack against the betting site, obtaining access to approximately 60,000 user accounts.

Accountability 139

Accountability Hacking Passwords Cybercrime 139

Daniel Miessler

JUNE 28, 2022

1/10 — Dave Kennedy (@HackingDave) June 17, 2022. We have brand new candidates lacking "hands on" experience coming into the workforce and finding it extremely difficult to find a job. One can absolutely argue that it isn’t Mangacorn’s responsibility to fix this, but that’s the problem isn’t it?

Cybersecurity 364

Cybersecurity Government Information Security 364

Security Affairs

MARCH 7, 2024

The figure marks a 22% surge in reported losses compared to 2022. In 2023, the FBI IC3 received a record number of complaints, totaling 880,418, which represents a nearly 10% increase in complaints received compared to 2022. billion in 2022 to $4.57 billion in 2023. billion in 2023 (+38%). billion in losses.

Cybercrime 140

Cybercrime Internet Internet Scams 140

Security Affairs

MARCH 10, 2025

authorities seized $23M in crypto linked to a $150M Ripple wallet theft, experts believe the incident is linked to the 2022 LastPass breach. authorities seized $23M in crypto tied to a $150M Ripple hack, suspected to have been carried out by hackers from the 2022 LastPass breach. ” reads the complaint. ” However.

Password Management 64

Password Management Cryptocurrency Passwords Data breaches 64

Security Affairs

APRIL 9, 2024

BatCloak is a fully undetectable (FUD) malware obfuscation engine used by threat actors to stealthily deliver their malware since September 2022. After the repository containing the open-source tool was taken down in September 2022, it has since been cloned and modified by other threat actors.

Engineering 133

Engineering Malware Phishing Hacking 133

Security Affairs

OCTOBER 4, 2023

action in network access logs presence of /setup/setupadministrator.action in an exception message in atlassian-confluence-security.log in the Confluence home directory In September 2022, threat actors were observed targeting unpatched Atlassian Confluence servers as part of an ongoing crypto mining campaign.

Software 142

Software Accountability Authentication Internet 142

Krebs on Security

DECEMBER 1, 2022

“Our team quickly triaged the report and determined the risk to partners to be minimal,” said Patrick Beggs , ConnectWise’s chief information security officer. But the company said there is no reason to believe the phishers they warned about are exploiting any of the issues reported by Pyle.

Phishing 286

Phishing Architecture Passwords Accountability 286

Security Affairs

OCTOBER 27, 2024

The cases have been sent to the Russian Prosecutor General’s Office for consolidation, and all defendants have been held since early 2022. in March 2022. Vasinskyi (aka Profcomserv, Rabotnik, Rabotnik_New, Yarik45, Yaraslav2468, and Affiliate 22) was arrested on October 8, 2021, while he was trying to enter Poland.

Ransomware 143

Ransomware Hacking Malware Cybercrime 143

Security Affairs

JANUARY 12, 2025

The group NoName57 has been active since March 2022 and has targeted government and critical infrastructure organizations worldwide. In September 2022, Avast researchers observed the group using the Bobik botnet to launch DDoS attacks. NoName057(16) uses multiple tools to carry out their attacks.

DDOS 121

DDOS Banking Government Marketing 121

Krebs on Security

NOVEMBER 16, 2023

In November 2022, Kivimäki was charged with attempting to extort money from the Vastaamo Psychotherapy Center. ” Antti Kurittu is an information security specialist and a former criminal investigator. “This sends an important message: online crime does not pay.

Cybercrime 250

Cybercrime Hacking Data breaches Banking 250

Security Affairs

OCTOBER 12, 2024

Since April 2021, Russian state-sponsored hackers have exploited vulnerabilities, including Zimbra’s CVE-2022-27924 for injecting commands to access credentials and emails, and JetBrains TeamCity’s CVE-2023-42793 for arbitrary code execution through an authentication bypass.

Data collection 136

Data collection Authentication Government Hacking 136