2023 and Information Security - Cyber Security Informer

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

NOVEMBER 11, 2024

Amazon disclosed a data breach exposing employee data, with information allegedly stolen in the May 2023 MOVEit attacks. Amazon disclosed a data breach that exposed employee information after data was allegedly stolen during the May 2023 MOVEit attacks. Amazon was compromised in May, 2023 via a MoveIT 0day exploit.

Data breaches

Data breaches Hacking Ransomware Technology

2023 Anna Jaques Hospital data breach impacted over 310,000 people

Security Affairs

DECEMBER 8, 2024

On December 25, 2023, a ransomware attack hit the Anna Jaques Hospital. The hospital revealed that the security breach exposed sensitive health data for over 316,000 patients. In 2023, upon discovering the cyber attack, the Anna Jaques Hospital took the impacted systems down and launched an investigation into the security breach.

Data breaches

Data breaches Insurance Healthcare Ransomware

Cyber Security Expert Joseph Steinberg To Continue Serving On Newsweek Expert Forum In 2023

Joseph Steinberg

JANUARY 10, 2023

Cyber Security Expert, Joseph Steinberg, who joined Newsweek’s Expert Forum in 2021, will continue serving as a member of the premier news organization’s council in 2023. A prolific inventor of cybersecurity technology, Steinberg is also cited in over 500 US patent filings. JosephSteinberg.com.

Artificial Intelligence

Artificial Intelligence CISO Technology Cybersecurity

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

The makers of Acunetix, Texas-based application security vendor Invicti Security , confirmed Silent Push’s findings, saying someone had figured out how to crack the free trial version of the software so that it runs without a valid license key. According to an August 2023 report (PDF) from the U.S. Image: Ke-la.com.

Hacking

Hacking Cybercrime Advertising Data breaches

Incident response analyst report 2023

SecureList

MAY 14, 2024

Incident response analyst report 2023 As an information security company, our services include incident response and investigation, and malware analysis. Our annual Incident Response Report presents anonymized statistics on the cyberattacks we investigated in 2023. Read the full 2023 Incident Response Report (PDF).

Ransomware

Ransomware Passwords Authentication Government

Ben Rothke’s Review of A Hacker’s Mind

Schneier on Security

DECEMBER 22, 2023

Ben Rothke chose A Hacker’s Mind as “the best information security book of 2023.”

Information Security

News Alert: Silent Signal discovers a critical vulnerability in IBM i System – CVE-2023-30990

The Last Watchdog

JULY 7, 2023

Budapest, Hungary, July 07, 2023 — Silent Signal, a leading technology provider of state-of-the-art ethical hacking services and solutions, discovered and reported a vulnerability to IBM, that has been confirmed and identified under CVE-2023-30990. Read more about how to secure your IBM i Servers to meet compliance requirements.

Architecture

Architecture Hacking Media Government

2023 FBI Internet Crime Report reported cybercrime losses reached $12.5 billion in 2023

Security Affairs

MARCH 7, 2024

The FBI Internet Crime Complaint Center (IC3) 2023 report states that reported cybercrime losses reached $12.5 billion in 2023. The 2023 Internet Crime Report published the FBI’s Internet Crime Complaint Center (IC3) reveals that reported cybercrime losses reached $12.5 billion in 2023. billion in 2023 (+38%).

Cybercrime

Cybercrime Internet Internet Scams

Experts found multiple flaws in Mercedes-Benz infotainment system

Security Affairs

JANUARY 21, 2025

.” Below is the list of flaws discovered by the researchers: CVE-2024-37602 CVE-2024-37600 CVE-2024-37603 CVE-2024-37601 CVE-2023-34406 CVE-2023-34397 CVE-2023-34398 CVE-2023-34399 CVE-2023-34400 CVE-2023-34401 CVE-2023-34402 CVE-2023-34403 CVE-2023-34404 The details for each of the above flaws will be published here: [link].

Software

Software Architecture Media Engineering

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Security Affairs

MARCH 10, 2025

In 2023, Loretto Hospital experienced another data security incident. On January 19, 2023, a former employee misappropriated security camera footage of a limited number of patients and posted it on Facebook. The exposed information consisted of security camera footage of a small number of patients.

Hacking

Hacking Healthcare Backups Ransomware

On the Cybersecurity Jobs Shortage

Schneier on Security

SEPTEMBER 20, 2023

million in 2023, with more than 750,000 of those positions in the U.S. And this is nothing that can be fixed by a newbie taking a six-month information security boot camp. […] Most entry-level roles tend to be quite specific, focused on one part of the profession, and are not generalist roles.

Cybersecurity

Cybersecurity CISO Engineering Architecture

Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467

Security Affairs

JANUARY 12, 2024

Researchers published a proof-of-concept (PoC) code for the recently disclosed critical flaw CVE-2023-51467 in the Apache OfBiz. Researchers from cybersecurity firm VulnCheck have created a proof-of-concept (PoC) exploit code for the recently disclosed critical flaw CVE-2023-51467 (CVSS score: 9.8) in the Apache OfBiz.

Authentication

Authentication Software Passwords Hacking

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

Security Affairs

MAY 22, 2024

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. In 2023, OmniVision employed 2,200 people and had an annual revenue of $1.4 In 2023, the imaging sensors manufacturer was the victim of a Cactus ransomware attack. OmniVision Technologies Inc.

Data breaches

Data breaches Ransomware Manufacturing Encryption

Finnish Customs dismantled the dark web drugs market Sipulitie

Security Affairs

OCTOBER 16, 2024

. “Finnish customs has closed the web servers of the Sipulitie marketplace, which has been operating on the Tor network since 2023, in cooperation with the Swedish police, and confiscated their contents. The darknet market has been active since February 2023, it was used by criminals to sell narcotics anonymously.

Marketing

Marketing Cybercrime Scams Hacking

Hackers stole OpenAI secrets in a 2023 security breach

Security Affairs

JULY 5, 2024

The New York Times revealed that OpenAI suffered a security breach in 2023, but the company says source code and customer data were not compromised. OpenAI suffered a security breach in 2023, the New York Times reported.

Artificial Intelligence

Artificial Intelligence Technology Risk Hacking

Top 10 web application vulnerabilities in 2021–2023

SecureList

MARCH 12, 2024

Profile of participants and applications We collected the data from a sample of the application security assessment projects our team completed in 2021–2023. Recommendations provided in these rankings are general in nature and based on information security best practices standards and guidelines, such as OWASP and NIST.

Passwords

Passwords Authentication Architecture Risk

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Security Affairs

MARCH 28, 2024

Google’s Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively exploited zero-day vulnerabilities in 2023. In 2023, Google (TAG) and Mandiant discovered 29 out of 97 vulnerabilities exploited in the wild. ” continues the report.

Government

Government Surveillance Ransomware Cybercrime

Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM

Security Affairs

DECEMBER 19, 2024

Fortinet warns of a patched FortiWLM vulnerability that could allow admin access and sensitive information disclosure. Fortinet warned of a now-patched Wireless LAN Manager (FortiWLM) vulnerability, tracked as CVE-2023-34990 (CVSS score of 9.6), that could lead to admin access and sensitive information disclosure. through 8.6.5

Wireless

Wireless Authentication Healthcare Education

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

In 2023, the carrier disclosed two data breaches , one in January and another in May. In May 2023, T-Mobile threat actors had access to the personal information of hundreds of customers starting in late February 2023. The security breach impacted a limited number of customers, only 836 individuals.

Mobile

Mobile Telecommunications Data breaches Hacking

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Krebs on Security

AUGUST 27, 2024

” Those third-party reports came in late June 2024 from Michael Horka , senior lead information security engineer at Black Lotus Labs , the security research arm of Lumen Technologies , which operates one of the global Internet’s largest backbones. victims and one non-U.S. ”

Internet

Internet Internet Technology Engineering

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. The botnet has been active since at least May 2020, reaching its peak with 60,000 compromised devices in June 2023. and European entities, exploiting VPNs and RDPs, including a California-based organization’s servers.

Cybersecurity

Cybersecurity IoT Hacking Technology

China’s Volt Typhoon botnet has re-emerged

Security Affairs

NOVEMBER 13, 2024

In May 2023, Microsoft reported that the Volt Typhoon APT infiltrated critical infrastructure organizations in the U.S. In December 2023, the Black Lotus Labs team at Lumen Technologies linked a small office/home office (SOHO) router botnet, tracked as KV-Botnet to the operations of China-linked threat actor Volt Typhoon.

VPN

VPN Government Malware Manufacturing

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Security Affairs

FEBRUARY 13, 2025

Microsoft discovered that the subgroup exploited at least eight known vulnerabilities on network perimeters of small office/home office (SOHO) and enterprise networks: JBOSS (exact CVE is unknown) Microsoft Exchange ( CVE-2021-34473 ) Zimbra Collaboration ( CVE-2022-41352 ) OpenFire ( CVE-2023-32315 ) JetBrains TeamCity ( CVE-2023-42793 ) Microsoft (..)

Telecommunications

Telecommunications DNS Passwords Hacking

DNA testing company vanishes along with its customers’ genetic data

Malwarebytes

NOVEMBER 12, 2024

All the company’s social media accounts haven’t been updated since 2023 at the latest. In 2023, cybercriminals put up information belonging to as many as seven million 23andMe customers for sale on criminal forums following a credential stuffing attack against the genomics company.

Insurance

Insurance Accountability Risk Data breaches

Broadcom fixed information disclosure flaws in VMware Aria Operations

Security Affairs

JANUARY 31, 2025

In October 2024, VMware warned customers of the availability of a proof-of-concept (PoC) exploit code for another authentication bypass vulnerability, tracked as CVE-2023-34051 , in VMware Aria Operations for Logs (formerly known as vRealize Log Insight). The vulnerability CVE-2023-34051 (CVSS score 8.1)

Authentication

Authentication Hacking Cybersecurity Information Security

China-linked threat actors stole 10% of Belgian State Security Service (VSSE)’s staff emails

Security Affairs

FEBRUARY 27, 2025

Belgian authorities are investigating Chinese hackers for breaching its State Security Service (VSSE), stealing 10% of emails from 2021 to May 2023. The Belgian federal prosecutor’s office is probing a possible security breach on its State Security Service (VSSE) by China-linked threat actors.

Malware

Malware Hacking Government Phishing

Chinese threat actor exploits old ThinkPHP flaws since October 2023

Security Affairs

JUNE 7, 2024

The campaign seems to have been active since at least October 2023, it initially targeted a limited number of customers/organizations but recently became widespread. Akamai researchers observed a Chinese threat actor exploiting two old remote code execution vulnerabilities, tracked as CVE-2018-20062 and CVE-2019-9082 , in ThinkPHP.

Passwords

Passwords Hacking Information Security

U.S. CISA adds Microsoft Partner Center and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

FEBRUARY 26, 2025

Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS and Palo Alto PAN-OS vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.

Authentication

Authentication Hacking Cybersecurity Risk

Italy’s data protection watchdog fined OpenAI €15 million over ChatGPT’s data management violations

Security Affairs

DECEMBER 23, 2024

The decision stems from a March 2023 investigation and aligns with the EDPB’s guidance on AI-driven services and personal data processing. ” reads the press release published by Italy’s Garante.

Artificial Intelligence

Artificial Intelligence Data collection Data breaches Hacking

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

Security Affairs

OCTOBER 12, 2024

Since April 2021, Russian state-sponsored hackers have exploited vulnerabilities, including Zimbra’s CVE-2022-27924 for injecting commands to access credentials and emails, and JetBrains TeamCity’s CVE-2023-42793 for arbitrary code execution through an authentication bypass.

Data collection

Data collection Authentication Hacking Government

Netgear urges users to upgrade two flaws impacting WiFi router models

Security Affairs

FEBRUARY 4, 2025

Netgear addressed two critical vulnerabilities, internally tracked as PSV-2023-0039 and PSV-2021-0117 , impacting multiple WiFi router models and urged customers to install the latest firmware. Netgear disclosed two critical flaws impacting multiple WiFi router models and urges customers to address them. ” reads the advisory.

Firmware

Firmware Authentication Hacking Information Security

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

Security Affairs

OCTOBER 14, 2024

The Bohemia marketplace ceased operations in late 2023 due to service disruptions, while its members suspected an exit scams of a rogue developer. At the time of its shut down, Bohemia hosted 82,000 daily ads and handled around 67,000 transactions monthly, with a turnover of €12 million in September 2023 alone.

Marketing

Marketing Cybercrime DDOS Cryptocurrency

Microsoft Patch Tuesday security updates for March 2025 fix six actively exploited zero-days

Security Affairs

MARCH 12, 2025

CVE-2025-26633 (CVSS 7.0): An improper neutralization flaw in Microsoft Management Console that lets unauthorized attackers bypass security features locally. ESET researchers, who discovered the vulnerability CVE-2025-24983, reported that the zero-day has been exploited since March 2023.

DNS

DNS Hacking Information Security

Healthcare Now Third-Most Targeted Industry for Ransomware

SecureWorld News

NOVEMBER 14, 2024

Compared to 2023, healthcare providers are facing a higher frequency of ransomware incidents, impacting their ability to deliver essential services and protect sensitive patient data. As of the first three quarters of 2024, there were already 264 ransomware incidents affecting healthcare providers—nearly matching all of 2023's figures.

Healthcare

Healthcare Ransomware Identity Theft Data breaches

Ross Anderson

Schneier on Security

MARCH 31, 2024

Of course it was before 2008, when we created the Security and Human Behavior workshop. It was well before 2001, when we created the Workshop on Economics and Information Security. Most recently was last June, at SHB 2023 , in Pittsburgh. I can’t remember when I first met Ross. I will see about posting it.)

Surveillance

Surveillance Engineering Encryption Government

BootKitty Linux UEFI bootkit spotted exploiting LogoFAIL flaws

Security Affairs

DECEMBER 3, 2024

The ‘Bootkitty’ Linux UEFI bootkit exploits the LogoFAIL flaws (CVE-2023-40238) to target systems using vulnerable firmware. Researchers from firmware security firm Binarly now report that Bootkitty Linux UEFI bootkit exploits the LogoFAIL flaw CVE-2023-40238 to compromise systems running on vulnerable firmware.

Firmware

Firmware Manufacturing Malware Authentication

Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

Security Affairs

NOVEMBER 29, 2024

Matveyev faces charges under Russian law for creating programs designed to destroy, block, modify, or copy data, or bypass computer security measures. In May 2023, the US Justice Department charged Russian national Mikhail Pavlovich Matveev for his alleged role in multiple ransomware attacks.

Ransomware

Ransomware Healthcare Hacking Malware

Richmond University Medical Center data breach impacted 674,033 individuals

Security Affairs

JANUARY 3, 2025

Richmond University Medical Center has confirmed that a ransomware attack in May 2023 affected 670,000 individuals. New York’s Richmond University Medical Center confirmed a May 2023 ransomware attack impacted 674,033 individuals. In May 2023, RUMC suffered a ransomware attack that caused a multi-week disruption.

Data breaches

Data breaches Ransomware Insurance Healthcare

OpenSSH bugs allows Man-in-the-Middle and DoS Attacks

Security Affairs

FEBRUARY 19, 2025

Introduced in December 2014 (OpenSSH 6.8p1), this flaw remained active, with FreeBSD enabling VerifyHostKeyDNS by default from 2013 to 2023, increasing exposure. Introduced in August 2023 (before OpenSSH 9.5p1), the attack can be mitigated on servers using LoginGraceTime, MaxStartups, and PerSourcePenalties settings.

Authentication

Authentication System Administration DNS Hacking

Poland probes Pegasus spyware abuse under the PiS government

Security Affairs

DECEMBER 3, 2024

The former head of Poland’s internal security service was arrested Monday and brought before parliament to testify about prior government use of spyware against hundreds of individuals. In March 2023, Reuters reported that the phone of an opposition-linked Polish mayor was infected with the Pegasus spyware.

Spyware

Spyware Government Surveillance Hacking

Medusa Ransomware targeted over 40 organizations in 2025

Security Affairs

MARCH 7, 2025

Medusa ransomware has claimed nearly 400 victims since January 2023, with attacks increasing by 42% between 2023 and 2024. The Symantec Threat Hunter Team reported that the Medusa ransomware operators have claimed nearly 400 victims since January 2023. Experts tracked the Medusa ransomware activity as Spearwing.

Ransomware

Ransomware Antivirus Healthcare Encryption

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Security Affairs

NOVEMBER 21, 2024

appeared in the threat landscape in May 2023. Microsoft reported that RansomHub was observed being deployed in post-compromise activity by the threat actor tracked as Manatee Tempest following initial access by Mustard Tempest via FakeUpdates / Socgholish infections. Experts believe RansomHub is a rebrand of the Knight ransomware.

Government

Government Hacking Ransomware Insurance

New Ballista Botnet spreads using TP-Link flaw. Is it an Italian job?

Security Affairs

MARCH 12, 2025

Cato CTRL researchers observed a new botnet, called Ballista botnet, which is exploiting a remote code execution (RCE) vulnerability, tracked as CVE-2023-1389 (CVSS score 8.8), in TP-Link Archer routers. Working exploits for LAN and WAN interface accesses were respectively reported by Team Viettel and Qrious Security.

IoT

IoT Malware Encryption DDOS

U.S. CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

NOVEMBER 26, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the Array Networks AG and vxAG ArrayOS flaw CVE-2023-28461 (CVSS score: 9.8)

VPN

VPN Authentication Hacking Cybersecurity

Amazon discloses employee data breach after May 2023 MOVEit attacks

2023 Anna Jaques Hospital data breach impacted over 310,000 people

Trending Sources

Cyber Security Expert Joseph Steinberg To Continue Serving On Newsweek Expert Forum In 2023

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Incident response analyst report 2023

Ben Rothke’s Review of A Hacker’s Mind

News Alert: Silent Signal discovers a critical vulnerability in IBM i System – CVE-2023-30990

2023 FBI Internet Crime Report reported cybercrime losses reached $12.5 billion in 2023

Experts found multiple flaws in Mercedes-Benz infotainment system

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

On the Cybersecurity Jobs Shortage

Researchers created a PoC for Apache OFBiz flaw CVE-2023-51467

OmniVision disclosed a data breach after the 2023 Cactus ransomware attack

Finnish Customs dismantled the dark web drugs market Sipulitie

Hackers stole OpenAI secrets in a 2023 security breach

Top 10 web application vulnerabilities in 2021–2023

Google: China dominates government exploitation of zero-day vulnerabilities in 2023

Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

China’s Volt Typhoon botnet has re-emerged

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

DNA testing company vanishes along with its customers’ genetic data

Broadcom fixed information disclosure flaws in VMware Aria Operations

China-linked threat actors stole 10% of Belgian State Security Service (VSSE)’s staff emails

Chinese threat actor exploits old ThinkPHP flaws since October 2023

U.S. CISA adds Microsoft Partner Center and Synacor Zimbra Collaboration Suite flaws to its Known Exploited Vulnerabilities catalog

Italy’s data protection watchdog fined OpenAI €15 million over ChatGPT’s data management violations

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

Netgear urges users to upgrade two flaws impacting WiFi router models

Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’

Microsoft Patch Tuesday security updates for March 2025 fix six actively exploited zero-days

Healthcare Now Third-Most Targeted Industry for Ransomware

Ross Anderson

BootKitty Linux UEFI bootkit spotted exploiting LogoFAIL flaws

Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

Richmond University Medical Center data breach impacted 674,033 individuals

OpenSSH bugs allows Man-in-the-Middle and DoS Attacks

Poland probes Pegasus spyware abuse under the PiS government

Medusa Ransomware targeted over 40 organizations in 2025

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

New Ballista Botnet spreads using TP-Link flaw. Is it an Italian job?

U.S. CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog

Stay Connected