Authentication, Encryption and Hacking - Cyber Security Informer

Americans urged to use encrypted messaging after large, ongoing cyberattack

Malwarebytes

DECEMBER 5, 2024

Speaking to Reuters , a senior US official said the attack telecommunications infrastructure was broad and that the hacking was still ongoing. If you plan to follow that advice, but are new to encrypted messaging, make sure to use an app that offers E2EE (End-to-end encryption). You don’t need an expensive app to achieve this.

Encryption

Encryption Identity Theft Media Telecommunications

Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

Security Affairs

NOVEMBER 15, 2024

The Glove Stealer malware exploits a new technique to bypass Chrome’s App-Bound encryption and steal browser cookies. The malware could harvest a huge trove of data from infected systems, including cookies, autofill, cryptocurrency wallets, 2FA authenticators, password managers, and email client information.

Encryption

Encryption Password Management Cryptocurrency Social Engineering

Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket

Security Affairs

JANUARY 15, 2025

The ransomware group Codefinger is using compromised AWS keys to encrypt S3 bucket data using SSE-C, Halcyon researchers warn. The ransomware group Codefinger has been spotted using compromised AWS keys to encrypt data in S3 buckets. The ransomware group Codefinger utilizes an AES-256 encryption key they generate and store locally.

Encryption

Encryption Ransomware Authentication Accountability

MongoDB Offers Field Level Encryption

Schneier on Security

JUNE 26, 2019

MongoDB now has the ability to encrypt data by field : MongoDB calls the new feature Field Level Encryption. It works kind of like end-to-end encrypted messaging, which scrambles data as it moves across the internet, revealing it only to the sender and the recipient. For regular users, not much will be visibly different.

Encryption

Encryption Authentication Passwords Internet

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking

Hacking Cybercrime Phishing Passwords

Three Top Russian Cybercrime Forums Hacked

Krebs on Security

MARCH 4, 2021

Over the past few weeks, three of the longest running and most venerated Russian-language online forums serving thousands of experienced cybercriminals have been hacked. At the top of a 35-page PDF leaked online is a private encryption key allegedly used by Maza administrators. The forum was hacked through the domain registrar.

Cybercrime

Cybercrime Hacking Passwords Accountability

DOGE as a National Cyberattack

Schneier on Security

FEBRUARY 13, 2025

Ron Wyden said his office had learned that the attackers gained privileges that allow them to modify core programs in Treasury Department computers that verify federal payments, access encrypted keys that secure financial transactions, and alter audit logs that record system changes.

Government

Government Artificial Intelligence Banking Software

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

Krebs on Security

AUGUST 6, 2020

Dubner said all customers are required to use multi-factor authentication, and that everyone applying for access to its services undergoes a rigorous vetting process. Hacked or ill-gotten accounts at consumer data brokers have fueled ID theft and identity theft services of various sorts for years.

Accountability

Accountability Identity Theft Hacking Insurance

Bitdefender released a decryptor for the ShrinkLocker ransomware

Security Affairs

NOVEMBER 13, 2024

Bitdefender released a decryptor for the ShrinkLocker ransomware, which modifies BitLocker configurations to encrypt a system’s drives. Unlike modern ransomware it doesn’t rely on sophisticated encryption algorithms and modifies BitLocker configurations to encrypt a system’s drives.

Ransomware

Ransomware Encryption Passwords Backups

Oracle privately notifies Cloud data breach to customers

Security Affairs

APRIL 6, 2025

A threat actor using the moniker rose87168 claimed to possess millions of data lines tied to over 140,000 Oracle Cloud tenants, including encrypted credentials. The hacker has published 10,000 customer records, a file showing Oracle Cloud access, user credentials, and an internal video as proof of the hack. “Oracle Corp.

Data breaches

Data breaches Encryption Hacking Passwords

CISA warns of RESURGE malware exploiting Ivanti flaw

Security Affairs

MARCH 30, 2025

A local authenticated attacker can trigger the vulnerability to escalate privileges. CVE-2025-0283 could allow a local authenticated attacker to escalate privileges. Ivanti addressed a high-severity flaw, tracked as CVE-2025-0283 (CVSS score: 7.0), that allows a local authenticated attacker to escalate privileges.

Malware

Malware Authentication Cybersecurity Encryption

Critical GitHub Enterprise Server Authentication Bypass bug. Fix it now!

Security Affairs

MAY 22, 2024

GitHub addressed a vulnerability in the GitHub Enterprise Server (GHES) that could allow an attacker to bypass authentication. GitHub has rolled out security fixes to address a critical authentication bypass issue, tracked as CVE-2024-4985 (CVSS score: 10.0), in the GitHub Enterprise Server (GHES).

Authentication

Authentication Encryption Hacking Information Security

Chinese national charged for hacking thousands of Sophos firewalls

Security Affairs

DECEMBER 11, 2024

has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. The malware stole data and encrypted files to block remediation attempts.

Firewall

Firewall Hacking Malware Passwords

Q&A: SolarWinds, Mimecast hacks portend intensified third-party, supply-chain compromises

The Last Watchdog

JANUARY 25, 2021

Thanks to a couple of milestone hacks disclosed at the close of 2020 and start of 2021, they will forever be associated with putting supply-chain vulnerabilities on the map. Similarly, the SolarWinds and Mimecast hacks are precursors of increasingly clever and deeply-damaging hacks of the global supply chain sure to come.

Hacking

Hacking B2B Authentication Software

MY TAKE: Agile cryptography is coming, now that ‘attribute-based encryption’ is ready for prime time

The Last Watchdog

MAY 3, 2021

Encryption agility is going to be essential as we move forward with digital transformation. All of the technical innovation cybersecurity vendors are churning out to deal with ever-expanding cyber risks, at the end of the day, come down to protecting encrypted data. Refer: The vital role of basic research.

Encryption

Encryption Retail Digital transformation Authentication

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

FEBRUARY 10, 2020

Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans.

Hacking

Hacking Identity Theft Government Phishing

U.S. CISA adds Microsoft SharePoint flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 23, 2024

“An authenticated attacker with Site Owner permissions can use the vulnerability to inject arbitrary code and execute this code in the context of SharePoint Server.” The security breach exposed low-sensitivity performance monitoring data, including customer usernames, account info, and encrypted internal credentials.

Encryption

Encryption Authentication Cybersecurity Accountability

MY TAKE: Why new tools, tactics are needed to mitigate risks introduced by widespread encryption

The Last Watchdog

FEBRUARY 18, 2020

It was just a few short years ago that the tech sector, led by Google, Mozilla and Microsoft, commenced a big push to increase the use of HTTPS – and its underlying TLS authentication and encryption protocol. Related: Why Google’s HTTPS push is a good thing At the time, just 50 % of Internet traffic used encryption.

Encryption

Encryption Firewall Risk IoT

A Day in the Life of a Prolific Voice Phishing Crew

Krebs on Security

JANUARY 7, 2025

Lookout researchers discovered multiple voice phishing groups were using a new phishing kit that closely mimicked the single sign-on pages for Okta and other authentication providers. That is why I am not worried as we see criminals migrate to various ‘encrypted’ platforms that promise to ignore thepolice. “ Annie.”

Phishing

Phishing Cryptocurrency Accountability Social Engineering

Is India's Aadhaar System Really "Hack-Proof"? Assessing a Publicly Observable Security Posture

Troy Hunt

JANUARY 10, 2018

Which brings us back to Aadhaar and some rather unpleasant headlines of late, particularly the likes of The World's Largest Biometric ID System Keeps Getting Hacked. They claim that they're hack-proof. But claiming the service is "hack-proof", that's something I definitely have an issue with. Can you prove otherwise?

Hacking

Hacking Government Encryption Risk

Protecting Yourself from Identity Theft

Schneier on Security

MAY 6, 2019

Ten years ago, I could have given you all sorts of advice about using encryption, not sending information over email, securing your web connections, and a host of other things -- but most of that doesn't matter anymore. Enable two-factor authentication for all important accounts whenever possible.

Identity Theft

Identity Theft Passwords Password Management Authentication

Best Encryption Software for 2022

eSecurity Planet

AUGUST 4, 2022

It’s been a couple of decades since data tapes delivered by trucks made encryption a standard enterprise cybersecurity practice. Yet even as technology has changed, sending and receiving data remains a major vulnerability, ensuring encryption’s place as a foundational security practice. What is Encryption?

Encryption

Encryption Software Computers and Electronics Technology

Hackers Steal Session Cookies to Bypass Multi-factor Authentication

eSecurity Planet

AUGUST 19, 2022

One new tactic hackers have been using is to steal cookies from current or recent web sessions to bypass multi-factor authentication (MFA). Even cloud infrastructures rely on cookies to authenticate their users. Browsers allow users to maintain authentication, remember passwords and autofill forms. How Hackers Steal Cookies.

Authentication

Authentication Password Management Passwords Malware

GUEST ESSAY: NewsCorp hack shows cyber espionage, squelching of press freedom on the rise

The Last Watchdog

APRIL 5, 2022

As the dust settles following the recently disclosed hack of NewsCorp , important lessons are emerging for the cybersecurity and journalism communities. ’ This firewall even goes as far as to block the latest versions of the encryption service TLS (v1.3) Related: How China challenged Google in Operation Aurora.

Hacking

Hacking Passwords Internet Internet

Authentication is Outdated: A New Approach to Identification

CyberSecurity Insiders

JULY 3, 2021

Identity and user authentication continue to be a concern for IT managers. It’s time to take a closer look at alternative identity management and authentication strategies. With a digital trust ecosystem in place, the user retains control of their credentials while being issued a unique identifier for authentication.

Authentication

Authentication Identity Theft Technology InfoSec

How is information stored in cloud secure from hacks

CyberSecurity Insiders

MAY 14, 2023

So, how is information stored in the cloud secured from hacks? One way to secure information in the cloud is through encryption. Encryption is the process of converting information into a code that only authorized parties can access. Cloud providers implement access controls through authentication and authorization.

Hacking

Hacking Antivirus Firewall Encryption

North Korea-linked APT Moonstone used Qilin ransomware in limited attacks

Security Affairs

MARCH 10, 2025

The group typically employs double extortion, stealing and encrypting victims data, then threatening to expose it unless a ransom is paid. The attackers breached the organization via compromised credentials for a VPN portal that lacked multi-factor authentication (MFA).

Ransomware

Ransomware VPN Healthcare Malware

EDR-as-a-Service makes the headlines in the cybercrime landscape

Security Affairs

APRIL 7, 2025

In Dark Web environments as well as on specialized forums, sellers are posting synthetic ads inviting potential buyers to contact them privately, often via Telegram, Session, and other encrypted messaging apps. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,EDR-as-a-Service)

Cybercrime

Cybercrime Social Engineering Accountability Government

Hacking Kia: Remotely Controlling Cars with Just a License Plate

Hacker's King

NOVEMBER 16, 2024

How the Hack Works Many modern cars, including those from Kia, use telematics systems that connect to mobile apps and cloud-based services for convenience features like remote start or door unlocking. The company is working on updating its software and strengthening encryption to protect against unauthorized access.

Hacking

Hacking Mobile Encryption Authentication

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

The Last Watchdog

APRIL 4, 2022

They are often unaware of the risks they take on, which can include hacking, fraud, phishing, and more. To protect against these attacks, businesses need to implement a wide range of strong API security measures such as authentication, authorization, encryption, and vulnerability scanning.

Hacking

Hacking Penetration Testing Data breaches Authentication

Unnamed Ransomware gang uses a Python script to encrypt VMware ESXi servers

Security Affairs

OCTOBER 5, 2021

An unnamed ransomware gang used a custom Python script to target VMware ESXi and encrypt all the virtual machines hosted on the server. Researchers from Sophos were investigating a ransomware attack when discovered that the attackers employed a Python script to encrypt virtual machines hosted on VMware ESXi servers. Pierluigi Paganini.

Encryption

Encryption Ransomware Passwords Accountability

New Hive ransomware variant is written in Rust and use improved encryption method

Security Affairs

JULY 6, 2022

Hive ransomware operators have improved their file-encrypting module by migrating to Rust language and adopting a more sophisticated encryption method. The most important change in the latest Hive variant is the encryption mechanism it adopts. SecurityAffairs – hacking, Hive ransomware). ” continues Microsoft. .

Encryption

Encryption Ransomware Cybercrime Malware

Strong Authentication – Robust Identity and Access Management Is a Strategic Choice

Security Affairs

JULY 29, 2022

Therefore, strong authentication methods are needed. Therefore, strong authentication methods are needed to improve security without hindering user convenience. What is Strong Authentication? The IAM Security Boundary Strong authentication is a critical component of modern-day identity and access management.

Authentication

Authentication Passwords Data privacy Identity Theft

Quantum Physics is said to make hacking impossible

CyberSecurity Insiders

APRIL 29, 2022

Researchers at the University of Copenhagen’s Department of Mathematical Sciences have developed a new security identification that authenticates whether we are communicating with the right person based on their precise geographical location.

Hacking

Hacking Computers and Electronics Banking Encryption

News alert: SquareX discloses nasty browser-native ransomware that’s undetectable by antivirus

The Last Watchdog

MARCH 28, 2025

Mar 28, 2025, CyberNewswire — From WannaCry to the MGM Resorts Hack, ransomware remains one of the most damaging cyberthreats to plague enterprises. Palo Alto, Calif., Traditionally, the primary target of ransomware has been the victims device.

Antivirus

Antivirus Ransomware Social Engineering Engineering

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

Krebs on Security

SEPTEMBER 22, 2023

This is significant because in November 2022, LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. To automatically populate the appropriate credentials at any website going forward, you simply authenticate to LastPass using your master password.

Passwords

Passwords Encryption Password Management Cryptocurrency

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

Krebs on Security

MARCH 31, 2020

Ueland said after hearing about the escrow.com hack Monday evening he pulled the domain name system (DNS) records for escrow.com and saw they were pointing to an Internet address in Malaysia — 111.90.149[.]49 The attacker also obtained free encryption certificates for escrow.com from Let’s Encrypt.

Phishing

Phishing DNS Social Engineering Accountability

MY TAKE: Fostering Digital Trust – the role of ‘post-quantum crypto’ and ‘crypto agility’ in 2024

The Last Watchdog

DECEMBER 13, 2023

Each time we use a mobile app or website-hosted service, digital certificates and the Public Key Infrastructure ( PKI ) come into play — to assure authentication and encrypt sensitive data transfers. This is a fundamental component of Digital Trust – and the foundation for securing next-gen digital connections.

Encryption

Encryption Technology CISO IoT

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Security Affairs

NOVEMBER 1, 2021

Researchers demonstrated how crooks could hack Diebold Nixdorf’s Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash. An attacker with access to the dispenser controller’s USB port can install an outdated or modified firmware version to bypass the encryption and make cash withdrawals.

Hacking

Hacking Firmware Encryption Manufacturing

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. LastPass disclosed that criminal hackers had compromised encrypted copies of some password vaults, as well as other personal information.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. Multiple security firms soon assigned the hacking group the nickname “ Scattered Spider.” 9, 2024, U.S. technology companies during the summer of 2022.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

Google: Security Keys Neutralized Employee Phishing

Krebs on Security

JULY 23, 2018

Security Keys are inexpensive USB-based devices that offer an alternative approach to two-factor authentication (2FA), which requires the user to log in to a Web site using something they know (the password) and something they have (e.g., “Users might be asked to authenticate using their security key for many different apps/reasons. .

Phishing

Phishing Authentication Mobile Passwords

OMIGOD vulnerabilities expose thousands of Azure users to hack

Security Affairs

SEPTEMBER 15, 2021

Unless a patch is applied, attackers can easily exploit these four vulnerabilities to escalate to root privileges and remotely execute malicious code (for instance, encrypting files for ransom).” With a single packet, an attacker can become root on a remote machine by simply removing the authentication header. It’s that simple.”

Hacking

Hacking Risk Software Encryption

Experts published PoC exploits for Arcserve UDP authentication bypass issue

Security Affairs

JUNE 29, 2023

Data protection firm Arcserve addressed an authentication bypass vulnerability in its Unified Data Protection (UDP) backup software. Data protection vendor Arcserve addressed a high-severity bypass authentication flaw, tracked as CVE-2023-26258, in its Unified Data Protection (UDP) backup software. Arcserve released UDP 9.1

Authentication

Authentication Backups Ransomware Software

Americans urged to use encrypted messaging after large, ongoing cyberattack

Glove Stealer bypasses Chrome’s App-Bound Encryption to steal cookies

Trending Sources

Codefinger ransomware gang uses compromised AWS keys to encrypt S3 bucket

MongoDB Offers Field Level Encryption

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Three Top Russian Cybercrime Forums Hacked

DOGE as a National Cyberattack

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

Bitdefender released a decryptor for the ShrinkLocker ransomware

Oracle privately notifies Cloud data breach to customers

CISA warns of RESURGE malware exploiting Ivanti flaw

Critical GitHub Enterprise Server Authentication Bypass bug. Fix it now!

Chinese national charged for hacking thousands of Sophos firewalls

Q&A: SolarWinds, Mimecast hacks portend intensified third-party, supply-chain compromises

MY TAKE: Agile cryptography is coming, now that ‘attribute-based encryption’ is ready for prime time

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

U.S. CISA adds Microsoft SharePoint flaw to its Known Exploited Vulnerabilities catalog

MY TAKE: Why new tools, tactics are needed to mitigate risks introduced by widespread encryption

A Day in the Life of a Prolific Voice Phishing Crew

Is India's Aadhaar System Really "Hack-Proof"? Assessing a Publicly Observable Security Posture

Protecting Yourself from Identity Theft

Best Encryption Software for 2022

Hackers Steal Session Cookies to Bypass Multi-factor Authentication

GUEST ESSAY: NewsCorp hack shows cyber espionage, squelching of press freedom on the rise

Authentication is Outdated: A New Approach to Identification

How is information stored in cloud secure from hacks

North Korea-linked APT Moonstone used Qilin ransomware in limited attacks

EDR-as-a-Service makes the headlines in the cybercrime landscape

Hacking Kia: Remotely Controlling Cars with Just a License Plate

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

Unnamed Ransomware gang uses a Python script to encrypt VMware ESXi servers

New Hive ransomware variant is written in Rust and use improved encryption method

Strong Authentication – Robust Identity and Access Management Is a Strategic Choice

Quantum Physics is said to make hacking impossible

News alert: SquareX discloses nasty browser-native ransomware that’s undetectable by antivirus

LastPass: ‘Horse Gone Barn Bolted’ is Strong Password

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

MY TAKE: Fostering Digital Trust – the role of ‘post-quantum crypto’ and ‘crypto agility’ in 2024

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Google: Security Keys Neutralized Employee Phishing

OMIGOD vulnerabilities expose thousands of Azure users to hack

Experts published PoC exploits for Arcserve UDP authentication bypass issue

Stay Connected