Cybersecurity, Hacking and Information Security

On the Irish Health Services Executive Hack

Schneier on Security

FEBRUARY 11, 2022

Under-resourced Information Security Managers were not performing their business as usual role (including a NIST-based cybersecurity review of systems) but were working on evaluating security controls for the COVID-19 vaccination system.

Antivirus

Antivirus Hacking Ransomware CISO

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Security Affairs

NOVEMBER 21, 2024

Mexico is investigating a ransomware attack targeting its legal affairs office, as confirmed by the president amidst growing cybersecurity concerns. Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. ” reported the Associated Press.

Government

Government Hacking Ransomware Insurance

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

Treasury Department sanctioned Chinese cybersecurity firm Integrity Tech for its involvement in attacks attributed to the Flax Typhoon group. Treasury sanctioned a Chinese cybersecurity firm, Integrity Tech, for links to cyberattacks by Chinas state-backed Flax Typhoon APT group (also called Ethereal Panda or RedJuliett).

Cybersecurity

Cybersecurity IoT Hacking Technology

Chinese threat actors used two advanced exploit chains to hack Ivanti CSA

Security Affairs

JANUARY 23, 2025

The US governments cybersecurity and law enforcement revealed that Chinese threat actors used at least two sophisticated exploit chains to compromise Ivanti Cloud Service Appliances (CSA). is end-of-life and no longer receives security updates, for this reason, these instances are exposed to hack.

Hacking

Hacking Government Cybersecurity Information Security

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.” and its allies for hacking activities in July.

Hacking

Hacking Internet Internet Government

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

Linus Larsson , the journalist who broke the story, says the hacked material was uploaded to a public server during the second half of September, and it is not known how many people may have gained access to it. “The harsh and unfortunate reality is the security of a number of security companies is s**t,” Arena said.

Hacking

Hacking Ransomware Banking Accountability

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

Krebs on Security

APRIL 15, 2020

The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain. “Information sharing is easy to talk about, and hard to do in practice,” Daniel said.

Cybersecurity

Cybersecurity Cyber threats Government Phishing

BlackLock Ransomware Targeted by Cybersecurity Firm

Security Affairs

MARCH 26, 2025

Cybersecurity experts were able to exploit misconfiguration in vulnerable web-app used by ransomware operators to publish victims data – leading to clearnet IP addresses disclosure related to their network infrastructure behind TOR hidden services (hosting them) and additional service information acquired from server-side.

Ransomware

Ransomware Cybersecurity Healthcare Accountability

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Security Affairs

OCTOBER 23, 2024

The SEC fined Unisys, Avaya, Check Point, and Mimecast for misleading disclosures about the impact of the SolarWinds Orion hack. The US Securities and Exchange Commission (SEC) charged four companies, Unisys, Avaya, Check Point, and Mimecast for misleading public disclosures related to the supply chain attack on SolarWinds.

Hacking

Hacking Risk Cybersecurity Government

Chinese national charged for hacking thousands of Sophos firewalls

Security Affairs

DECEMBER 11, 2024

has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. Tianfeng worked at Sichuan Silence Information Technology Co., based Sophos Ltd.

Firewall

Firewall Hacking Malware Passwords

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

SecureWorld News

DECEMBER 12, 2024

Yet, the recent cybersecurity breach at the beloved doughnut chain highlights critical lessons for organizations of all sizes and industries. Trey Ford, Chief Information Security Officer at Bugcrowd, observed, "This incident may not have been made public if it wasn't for the Form 8-K requirement."

Password Management

Password Management Passwords CISO Cybersecurity

Digital nomads and risk associated with the threat of infiltred employees

Security Affairs

MARCH 4, 2025

In a report, cybersecurity firm Secureworks exposed a tactic employed by the North Korean hacker group known as Nickel Tapestry. Last summer, finally, North Korean hackers allegedly attempted another hiring scheme, this time targeting a well-known cybersecurity company based in the United States.

Risk

Risk Education Scams VPN

Can Cybersecurity Make You a Millionaire?

Hacker's King

OCTOBER 22, 2024

The world of cybersecurity is booming, with digital threats increasing and businesses needing to protect their data. But can cybersecurity make you a millionaire ? As the demand for cybersecurity professionals continues to rise, so do the financial opportunities for those who excel in this domain.

Cybersecurity

Cybersecurity CISO Engineering Education

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

Security Affairs

FEBRUARY 22, 2025

The Bybit hack is the largest cryptocurrency heist ever, surpassing previous ones like Ronin Network ($625M), Poly Network ($611M), and BNB Bridge ($566M). Bybit is Solvent even if this hack loss is not recovered, all of clients assets are 1 to 1 backed, we can cover the loss. billion to an unidentified address. “Almost $1.5

Cryptocurrency

Cryptocurrency Hacking Banking Cybersecurity

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

Joseph Steinberg

JULY 13, 2022

Not all of the elements within Lockdown Mode are completely new – some have been available and enabled by users (including me) for years – but, Lockdown mode does dramatically simplify the process of enabling better security on Apple devices.

Cybersecurity

Cybersecurity Artificial Intelligence Government Social Engineering

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

NOVEMBER 11, 2024

million records containing employee data on the hacking forum BreachForums. Compromised data includes names, contact information, building locations, email addresses, and more. Exposed data did not include Social Security numbers or financial information. Amazon did not disclose the number of impacted employees.

Data breaches

Data breaches Hacking Ransomware Technology

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

Security Affairs

DECEMBER 3, 2024

The investigation into the security breach is still ongoing and the company is remediating the incident with the help of external cybersecurity specialists. “On November 25, 2024, ENGlobal Corporation (the “Company”) became aware of a cybersecurity incident. ” reads the report filed with SEC.

Ransomware

Ransomware Encryption Technology Cybersecurity

Akira ransomware gang used an unsecured webcam to bypass EDR

Security Affairs

MARCH 8, 2025

Cybersecurity researchers at S-RM team discovered a novel attack technique used by the Akira ransomware gang. ” The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate.

Ransomware

Ransomware IoT Encryption Passwords

CISA warns of RESURGE malware exploiting Ivanti flaw

Security Affairs

MARCH 30, 2025

Cybersecurity and Infrastructure Security Agency (CISA) warns of RESURGE malware, targeting a vulnerability in Ivanti Connect Secure (ICS) appliances. Cybersecurity and Infrastructure Security Agency (CISA) published a Malware Analysis Report (MAR) on a new malware called RESURGE. In January, the U.S.

Malware

Malware Authentication Cybersecurity Encryption

U.S. CISA adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 22, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the ScienceLogic SL1 flaw CVE-2024-9537 (CVSS v4 score: 9.3) to its Known Exploited Vulnerabilities (KEV) catalog.

Encryption

Encryption Hacking Accountability Cybersecurity

Cybersecurity Challenges in Cross-Border Data Transfers and Regulatory Compliance Strategies

Security Affairs

MARCH 11, 2025

Cross-border data transfers enable global business but face challenges from varying cybersecurity laws, increasing risks of cyberattacks and data breaches. However, as data moves across multiple jurisdictions, it becomes subject to varying national cybersecurity policies and data protection laws.

Cybersecurity

Cybersecurity Artificial Intelligence Encryption Technology

Russia warns financial sector organizations of IT service provider LANIT compromise

Security Affairs

FEBRUARY 25, 2025

.” NKTsKI recommends organizations to strengthen monitoring of threats and information security events in systems provided by LANIT. LANIT Group (Laboratory of New Information Technologies) is one of Russia’s largest IT service and software providers. ” said U.S.

Telecommunications

Telecommunications Software Technology Healthcare

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

Security Affairs

OCTOBER 12, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Russia) The cyber agencies recommend organizations apply vendor-issued patches for these publicly disclosed vulnerabilities.

Data collection

Data collection Authentication Government Hacking

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Security Affairs

NOVEMBER 6, 2024

Security researcher Rick de Jager demonstrated the vulner ability, called RISK:STATION by cybersecurity firm Midnight Blue, at the Pwn2Own Ireland 2024 hacking contest. Midnight Blue took 3rd at Pwn2Own Ireland 2024 , the team demonstrated five zero-day flaws in routers, printers, security cameras, and NAS devices.

Firmware

Firmware Manufacturing Hacking Media

Sam’s Club Investigates Alleged Cl0p Ransomware Breach

Security Affairs

MARCH 30, 2025

” Ransomware gang Cl0p leaked files from Rackspace Technology and listed ~170 companies allegedly hacked via zero-day vulnerabilities in Cleos file-transfer software. On December 9, reports of active exploitation targeting Cleo file transfer software began circulating among cybersecurity community.

Ransomware

Ransomware Data breaches Software Hacking

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Security Affairs

MARCH 21, 2025

Given Telegrams end-to-end encryption and widespread use, an exploit that bypasses its security could be a game-changer for cyber espionage. Zero-day prices have risen as the level of security of messaging apps and mobile devices becomes harder to hack. The ban does not affect Ukrainian citizens.

Government

Government Surveillance Mobile Hacking

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 3, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cryptocurrency

Cryptocurrency Hacking Phishing Cyber Attacks

U.S. CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

FEBRUARY 6, 2025

Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, CISA Known Exploited Vulnerabilities catalog )

Firewall

Firewall Hacking Cybersecurity Risk

U.S. CISA adds CyberPanel flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

DECEMBER 6, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds CyberPanelflaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA)added the CyberPanelflaw CVE-2024-51378 (CVSS score: 10.0) to its Known Exploited Vulnerabilities (KEV) catalog. and ftp/views.py. .

DNS

DNS Authentication Ransomware Hacking

Texas oilfield supplier Newpark Resources suffered a ransomware attack

Security Affairs

NOVEMBER 8, 2024

Texas oilfield supplier Newpark Resources revealed that a ransomware attack on October 29 disrupted access to some of its information systems and business applications. The company immediately activated its cybersecurity response plan and launched an investigation into the incident with the help of external experts.

Ransomware

Ransomware Manufacturing Malware Hacking

U.S. CISA adds Google Chromium Mojo flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

MARCH 27, 2025

Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium Mojo flaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added a Google Chromium Mojo sandbox escape vulnerability, tracked as CVE-2025-2783 , to its Known Exploited Vulnerabilities (KEV) catalog.

Hacking

Hacking Cybersecurity Risk Information Security

A cyberattack on gambling giant IGT disrupted portions of its IT systems

Security Affairs

NOVEMBER 23, 2024

. “ On November 17, 2024, International Game Technology PLC (the “Company”) became aware that an unauthorized third party gained access to certain of its systems, and the Company has experienced disruptions in portions of its internal information technology systems and applications resulting from this cybersecurity incident.”

Technology

Technology Hacking Ransomware Cybersecurity

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

The two infostealers allowed operators to harvest usernames, passwords, contact info, and crypto-wallets from victims, the threat actors sold this data to criminals for financial theft and hacking. ESET released a free online scanner for Redline and META that can help users detect and remove malware.

Identity Theft

Identity Theft Passwords Malware Banking

Palo Alto Networks warns of potential RCE in PAN-OS management interface

Security Affairs

NOVEMBER 8, 2024

The cybersecurity company has no further details on the vulnerability and said has yet to detect active exploitation. The cybersecurity firm states that it does not have sufficient information about any indicators of compromise.

Firewall

Firewall Authentication Internet Internet

U.S. CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

NOVEMBER 26, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the Array Networks AG and vxAG ArrayOS flaw CVE-2023-28461 (CVSS score: 9.8)

VPN

VPN Authentication Hacking Cybersecurity

U.S. CISA adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

DECEMBER 17, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog. Pierluigi Paganini ( SecurityAffairs hacking, CISA ) CISA orders federal agencies to fix this vulnerability byJanuary 6, 2025. Last week, the U.S.

Hacking

Hacking Cybersecurity Ransomware Risk

Palo Alto Networks confirmed active exploitation of recently disclosed zero-day

Security Affairs

NOVEMBER 16, 2024

The cybersecurity company had no further details on the vulnerability and was not aware of the active exploitation of the flaw. The cybersecurity firm stated that it does not have sufficient information about any indicators of compromise. Base Score: 9.3) 173.239.218[.]251 251 216.73.162[.]* This week, the U.S.

Firewall

Firewall Internet Internet VPN

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 19, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Veeam Backup and Replication vulnerability to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) reads the advisory.

Backups

Backups VPN Ransomware Authentication

Pro-Russia hackers NoName057 targets Italy again after Zelensky’s visit to the country

Security Affairs

JANUARY 12, 2025

Italy should start helping itself, especially in the area of its own cybersecurity.” The experts at the National Cybersecurity Agency (ACN) supported the impacted organizations in mitigating the attacks and restoring functionality. The talks, which lasted about an hour, aimed to strengthen Kyiv’s position.

DDOS

DDOS Banking Government Marketing

Astral Foods, South Africa’s largest poultry producer, lost over $1M due to a cyberattack

Security Affairs

MARCH 25, 2025

“On 16 March 2025, Astral experienced a cybersecurity incident. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Astral) The company confirmed no sensitive data was compromised in the attack.

Retail

Retail Cyber Attacks Ransomware Marketing

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches

Data breaches Cryptocurrency Artificial Intelligence Cybercrime

2024 Cybersecurity Laws & Regulations

eSecurity Planet

SEPTEMBER 21, 2024

Understanding and adhering to cybersecurity regulations is crucial for any organization as cyber threats evolve and become more sophisticated. The landscape of cybersecurity laws and regulations today is set to undergo significant changes, impacting businesses, government entities, and individuals alike.

Cybersecurity

Cybersecurity Computers and Electronics Cyber threats Healthcare

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims. If convicted, the man could face up to 20 years in prison for each wire fraud count, 10 years for each computer hacking charge, and 5 years for conspiracy to commit computer fraud and abuse.

Cybercrime

Cybercrime Ransomware Healthcare Education

Burnout in SOCs: How AI Can Help Analysts Focus on High-Value Tasks

Security Affairs

DECEMBER 5, 2024

SOC analysts, vital to cybersecurity, face burnout due to exhausting workloads, risking their well-being and the effectiveness of organizational defenses. Security Operations Center (SOC) analyst burnout is a very real problem. What we do know, however, is that effective cybersecurity relies on these analysts being happy and healthy.

Artificial Intelligence

Artificial Intelligence Data collection Cybersecurity Risk

On the Irish Health Services Executive Hack

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Trending Sources

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Chinese threat actors used two advanced exploit chains to hack Ivanti CSA

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

COVID-19 Has United Cybersecurity Experts, But Will That Unity Survive the Pandemic?

BlackLock Ransomware Targeted by Cybersecurity Firm

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Chinese national charged for hacking thousands of Sophos firewalls

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

Digital nomads and risk associated with the threat of infiltred employees

Can Cybersecurity Make You a Millionaire?

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

Amazon discloses employee data breach after May 2023 MOVEit attacks

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

Akira ransomware gang used an unsecured webcam to bypass EDR

CISA warns of RESURGE malware exploiting Ivanti flaw

U.S. CISA adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog

Cybersecurity Challenges in Cross-Border Data Transfers and Regulatory Compliance Strategies

Russia warns financial sector organizations of IT service provider LANIT compromise

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Sam’s Club Investigates Alleged Cl0p Ransomware Breach

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

U.S. CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds CyberPanel flaw to its Known Exploited Vulnerabilities catalog

Texas oilfield supplier Newpark Resources suffered a ransomware attack

U.S. CISA adds Google Chromium Mojo flaw to its Known Exploited Vulnerabilities catalog

A cyberattack on gambling giant IGT disrupted portions of its IT systems

International law enforcement operation dismantled RedLine and Meta infostealers

Palo Alto Networks warns of potential RCE in PAN-OS management interface

U.S. CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog

Palo Alto Networks confirmed active exploitation of recently disclosed zero-day

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Pro-Russia hackers NoName057 targets Italy again after Zelensky’s visit to the country

Astral Foods, South Africa’s largest poultry producer, lost over $1M due to a cyberattack

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

2024 Cybersecurity Laws & Regulations

Russian Phobos ransomware operator faces cybercrime charges

Burnout in SOCs: How AI Can Help Analysts Focus on High-Value Tasks

Stay Connected