Schneier on Security

DECEMBER 22, 2023

Ben Rothke chose A Hacker’s Mind as “the best information security book of 2023.”

Information Security 236

Information Security 236

Security Affairs

APRIL 13, 2025

In 2023, Loretto Hospital experienced another data security incident. On January 19, 2023, a former employee misappropriated security camera footage of a limited number of patients and posted it on Facebook. The exposed information consisted of security camera footage of a small number of patients.

Data breaches 129

Data breaches Unstructured Data Identity Theft Healthcare 129

Security Affairs

APRIL 29, 2025

Google tracked 75 zero-day flaws exploited in 2024, down from 98 in 2023, according to its Threat Intelligence Group’s latest analysis. In 2024, Google tracked 75 exploited zero-day vulnerabilities, down from 98 in 2023 but up from 63 in 2022. In 2023, 37% of zero-day vulnerabilities targeted enterprise products.”

Surveillance 105

Surveillance Mobile Software Hacking 105

Schneier on Security

SEPTEMBER 20, 2023

million in 2023, with more than 750,000 of those positions in the U.S. And this is nothing that can be fixed by a newbie taking a six-month information security boot camp. […] Most entry-level roles tend to be quite specific, focused on one part of the profession, and are not generalist roles.

Cybersecurity 338

Cybersecurity Engineering CISO Architecture 338

Security Affairs

MAY 22, 2024

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. In 2023, OmniVision employed 2,200 people and had an annual revenue of $1.4 In 2023, the imaging sensors manufacturer was the victim of a Cactus ransomware attack. OmniVision Technologies Inc.

Data breaches 135

Data breaches Ransomware Manufacturing Encryption 135

Security Affairs

OCTOBER 16, 2024

. “Finnish customs has closed the web servers of the Sipulitie marketplace, which has been operating on the Tor network since 2023, in cooperation with the Swedish police, and confiscated their contents. The darknet market has been active since February 2023, it was used by criminals to sell narcotics anonymously.

Marketing 122

Marketing Cybercrime Scams Hacking 122

Security Affairs

MARCH 10, 2025

In 2023, Loretto Hospital experienced another data security incident. On January 19, 2023, a former employee misappropriated security camera footage of a limited number of patients and posted it on Facebook. The exposed information consisted of security camera footage of a small number of patients.

Hacking 117

Hacking Healthcare Backups Ransomware 117

Security Affairs

JULY 5, 2024

The New York Times revealed that OpenAI suffered a security breach in 2023, but the company says source code and customer data were not compromised. OpenAI suffered a security breach in 2023, the New York Times reported.

Artificial Intelligence 144

Artificial Intelligence Technology Risk Hacking 144

SecureList

MARCH 12, 2024

Profile of participants and applications We collected the data from a sample of the application security assessment projects our team completed in 2021–2023. Recommendations provided in these rankings are general in nature and based on information security best practices standards and guidelines, such as OWASP and NIST.

Passwords 140

Passwords Authentication Architecture Risk 140

Security Affairs

DECEMBER 19, 2024

Fortinet warns of a patched FortiWLM vulnerability that could allow admin access and sensitive information disclosure. Fortinet warned of a now-patched Wireless LAN Manager (FortiWLM) vulnerability, tracked as CVE-2023-34990 (CVSS score of 9.6), that could lead to admin access and sensitive information disclosure. through 8.6.5

Wireless 106

Wireless Authentication Healthcare Education 106

Security Affairs

NOVEMBER 18, 2024

In 2023, the carrier disclosed two data breaches , one in January and another in May. In May 2023, T-Mobile threat actors had access to the personal information of hundreds of customers starting in late February 2023. The security breach impacted a limited number of customers, only 836 individuals.

Mobile 114

Mobile Telecommunications Data breaches Hacking 114

Security Affairs

APRIL 9, 2025

The confidentiality and integrity of the OCCs information security systems are paramount to fulfilling its mission, said Acting Comptroller of the Currency Rodney E. security team the day before had notified OCC about unusual network behavior, according to the draft letter.” The review process is still ongoing. OCC on Feb.

Accountability 124

Accountability Banking Information Security Hacking 124

Security Affairs

JANUARY 4, 2025

According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. The botnet has been active since at least May 2020, reaching its peak with 60,000 compromised devices in June 2023. and European entities, exploiting VPNs and RDPs, including a California-based organization’s servers.

Cybersecurity 124

Cybersecurity IoT Hacking Technology 124

Security Affairs

DECEMBER 17, 2024

In March 2023, Lumen Black Lotus Labs researchers uncovered a sophisticated campaign called HiatusRAT that infected over 100 edge networking devices globally. Starting in mid-June through August 2023, Black Lotus Labs observed multiple newly compiled versions of the HiatusRAT malware discovered in the wild.

Architecture 109

Architecture Internet Internet Malware 109

Security Affairs

FEBRUARY 13, 2025

Microsoft discovered that the subgroup exploited at least eight known vulnerabilities on network perimeters of small office/home office (SOHO) and enterprise networks: JBOSS (exact CVE is unknown) Microsoft Exchange ( CVE-2021-34473 ) Zimbra Collaboration ( CVE-2022-41352 ) OpenFire ( CVE-2023-32315 ) JetBrains TeamCity ( CVE-2023-42793 ) Microsoft (..)

Telecommunications 108

Telecommunications DNS Passwords Hacking 108

Krebs on Security

AUGUST 27, 2024

” Those third-party reports came in late June 2024 from Michael Horka , senior lead information security engineer at Black Lotus Labs , the security research arm of Lumen Technologies , which operates one of the global Internet’s largest backbones. victims and one non-U.S. ”

Internet 331

Internet Internet Technology Engineering 331

Security Affairs

NOVEMBER 13, 2024

In May 2023, Microsoft reported that the Volt Typhoon APT infiltrated critical infrastructure organizations in the U.S. In December 2023, the Black Lotus Labs team at Lumen Technologies linked a small office/home office (SOHO) router botnet, tracked as KV-Botnet to the operations of China-linked threat actor Volt Typhoon.

VPN 124

VPN Government Malware Manufacturing 124

Malwarebytes

NOVEMBER 12, 2024

All the company’s social media accounts haven’t been updated since 2023 at the latest. In 2023, cybercriminals put up information belonging to as many as seven million 23andMe customers for sale on criminal forums following a credential stuffing attack against the genomics company.

Insurance 145

Insurance Accountability Risk Data breaches 145

Security Affairs

JANUARY 31, 2025

In October 2024, VMware warned customers of the availability of a proof-of-concept (PoC) exploit code for another authentication bypass vulnerability, tracked as CVE-2023-34051 , in VMware Aria Operations for Logs (formerly known as vRealize Log Insight). The vulnerability CVE-2023-34051 (CVSS score 8.1)

Authentication 107

Authentication Hacking Cybersecurity Information Security 107

Security Affairs

JUNE 7, 2024

The campaign seems to have been active since at least October 2023, it initially targeted a limited number of customers/organizations but recently became widespread. Akamai researchers observed a Chinese threat actor exploiting two old remote code execution vulnerabilities, tracked as CVE-2018-20062 and CVE-2019-9082 , in ThinkPHP.

Passwords 138

Passwords Hacking Information Security 138

Security Affairs

FEBRUARY 26, 2025

Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS and Palo Alto PAN-OS vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.

Authentication 102

Authentication Hacking Cybersecurity Risk 102

Security Affairs

FEBRUARY 4, 2025

Netgear addressed two critical vulnerabilities, internally tracked as PSV-2023-0039 and PSV-2021-0117 , impacting multiple WiFi router models and urged customers to install the latest firmware. Netgear disclosed two critical flaws impacting multiple WiFi router models and urges customers to address them. ” reads the advisory.

Firmware 110

Firmware Authentication Hacking Information Security 110

Security Affairs

DECEMBER 23, 2024

The decision stems from a March 2023 investigation and aligns with the EDPB’s guidance on AI-driven services and personal data processing. ” reads the press release published by Italy’s Garante.

Artificial Intelligence 108

Artificial Intelligence Data collection Data breaches Hacking 108

Security Affairs

OCTOBER 12, 2024

Since April 2021, Russian state-sponsored hackers have exploited vulnerabilities, including Zimbra’s CVE-2022-27924 for injecting commands to access credentials and emails, and JetBrains TeamCity’s CVE-2023-42793 for arbitrary code execution through an authentication bypass.

Data collection 137

Data collection Authentication Hacking Government 137

Security Affairs

OCTOBER 14, 2024

The Bohemia marketplace ceased operations in late 2023 due to service disruptions, while its members suspected an exit scams of a rogue developer. At the time of its shut down, Bohemia hosted 82,000 daily ads and handled around 67,000 transactions monthly, with a turnover of €12 million in September 2023 alone.

Marketing 127

Marketing Cybercrime DDOS Cryptocurrency 127

SecureWorld News

NOVEMBER 14, 2024

Compared to 2023, healthcare providers are facing a higher frequency of ransomware incidents, impacting their ability to deliver essential services and protect sensitive patient data. As of the first three quarters of 2024, there were already 264 ransomware incidents affecting healthcare providers—nearly matching all of 2023's figures.

Healthcare 119

Healthcare Ransomware Identity Theft Data breaches 119

Security Affairs

FEBRUARY 27, 2025

Belgian authorities are investigating Chinese hackers for breaching its State Security Service (VSSE), stealing 10% of emails from 2021 to May 2023. The Belgian federal prosecutor’s office is probing a possible security breach on its State Security Service (VSSE) by China-linked threat actors.

Malware 72

Malware Hacking Government Phishing 72

Security Affairs

DECEMBER 3, 2024

The ‘Bootkitty’ Linux UEFI bootkit exploits the LogoFAIL flaws (CVE-2023-40238) to target systems using vulnerable firmware. Researchers from firmware security firm Binarly now report that Bootkitty Linux UEFI bootkit exploits the LogoFAIL flaw CVE-2023-40238 to compromise systems running on vulnerable firmware.

Firmware 107

Firmware Manufacturing Malware Authentication 107

Security Affairs

JANUARY 3, 2025

Richmond University Medical Center has confirmed that a ransomware attack in May 2023 affected 670,000 individuals. New York’s Richmond University Medical Center confirmed a May 2023 ransomware attack impacted 674,033 individuals. In May 2023, RUMC suffered a ransomware attack that caused a multi-week disruption.

Data breaches 77

Data breaches Ransomware Insurance Healthcare 77

Security Affairs

NOVEMBER 29, 2024

Matveyev faces charges under Russian law for creating programs designed to destroy, block, modify, or copy data, or bypass computer security measures. In May 2023, the US Justice Department charged Russian national Mikhail Pavlovich Matveev for his alleged role in multiple ransomware attacks.

Ransomware 119

Ransomware Healthcare Hacking Malware 119

Security Affairs

FEBRUARY 19, 2025

Introduced in December 2014 (OpenSSH 6.8p1), this flaw remained active, with FreeBSD enabling VerifyHostKeyDNS by default from 2013 to 2023, increasing exposure. Introduced in August 2023 (before OpenSSH 9.5p1), the attack can be mitigated on servers using LoginGraceTime, MaxStartups, and PerSourcePenalties settings.

Authentication 123

Authentication System Administration DNS Hacking 123

Security Affairs

DECEMBER 3, 2024

The former head of Poland’s internal security service was arrested Monday and brought before parliament to testify about prior government use of spyware against hundreds of individuals. In March 2023, Reuters reported that the phone of an opposition-linked Polish mayor was infected with the Pegasus spyware.

Spyware 119

Spyware Government Surveillance Hacking 119

Security Affairs

APRIL 28, 2025

The experts noted that this campaign resembled another one the team monitored in December 2023, which sent fake security alerts to WordPress users. The emails warned of a supposed ‘Remote Code Execution (RCE)’ vulnerability, CVE-2023-45124, and urged users to install a fake patch allegedly from the WordPress team.

Phishing 91

Phishing Accountability DDOS Hacking 91

Security Affairs

MARCH 12, 2025

CVE-2025-26633 (CVSS 7.0): An improper neutralization flaw in Microsoft Management Console that lets unauthorized attackers bypass security features locally. ESET researchers, who discovered the vulnerability CVE-2025-24983, reported that the zero-day has been exploited since March 2023.

DNS 109

DNS Hacking Information Security 109

Security Affairs

NOVEMBER 21, 2024

appeared in the threat landscape in May 2023. Microsoft reported that RansomHub was observed being deployed in post-compromise activity by the threat actor tracked as Manatee Tempest following initial access by Mustard Tempest via FakeUpdates / Socgholish infections. Experts believe RansomHub is a rebrand of the Knight ransomware.

Government 144

Government Hacking Ransomware Insurance 144

Security Affairs

NOVEMBER 26, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the Array Networks AG and vxAG ArrayOS flaw CVE-2023-28461 (CVSS score: 9.8)

VPN 112

VPN Authentication Hacking Risk 112

SecureList

FEBRUARY 20, 2025

The number of high-severity incidents decreased by 34% compared to 2023. Human-driven targeted attacks accounted for 43% of high-severity incidents 74% more than in 2023 and 43% more than in 2022. Users are still the weakest link, making Security Awareness training an important focus for corporate information security planning.

Social Engineering 101

Social Engineering Phishing Government Threat Detection 101