Cybersecurity, Hacking and Information Security

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Security Affairs

NOVEMBER 21, 2024

Mexico is investigating a ransomware attack targeting its legal affairs office, as confirmed by the president amidst growing cybersecurity concerns. Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. ” reported the Associated Press.

Government

Government Hacking Ransomware Insurance

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

Treasury Department sanctioned Chinese cybersecurity firm Integrity Tech for its involvement in attacks attributed to the Flax Typhoon group. Treasury sanctioned a Chinese cybersecurity firm, Integrity Tech, for links to cyberattacks by Chinas state-backed Flax Typhoon APT group (also called Ethereal Panda or RedJuliett).

Cybersecurity

Cybersecurity IoT Hacking Technology

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

Security Affairs

APRIL 10, 2025

The hacker has published 10,000 customer records, a file showing Oracle Cloud access, user credentials, and an internal video as proof of the hack. The incident has raised serious concerns about the security of Oracles cloud infrastructure and the potential implications for affected customers. .” Oracle Corp. reported Bloomberg.

Hacking

Hacking Data breaches Encryption Passwords

Chinese threat actors used two advanced exploit chains to hack Ivanti CSA

Security Affairs

JANUARY 23, 2025

The US governments cybersecurity and law enforcement revealed that Chinese threat actors used at least two sophisticated exploit chains to compromise Ivanti Cloud Service Appliances (CSA). is end-of-life and no longer receives security updates, for this reason, these instances are exposed to hack.

Hacking

Hacking Government Cybersecurity Information Security

Top 9 Trends In Cybersecurity Careers for 2025

eSecurity Planet

OCTOBER 18, 2024

As they do, they create more security vulnerabilities and inherent business, changing the nature of cybersecurity careers. and the Ponemon Institute, the average security breach cost reached $4.88 with cybersecurity employment growing almost three times, or 267% the national growth rate. According to research by IBM Corp.

Cybersecurity

Cybersecurity Artificial Intelligence Penetration Testing CISO

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.” and its allies for hacking activities in July.

Hacking

Hacking Internet Internet Government

Subaru Starlink flaw allowed experts to remotely hack cars

Security Affairs

JANUARY 25, 2025

To confirm their findings, the researchers reached out to their friend and asked if they could hack her car. In 2022, some of the members of the above team of experts including the popular cybersecurity expert Sam Curry, discovered another set of vulnerabilities impacting over a dozen car makers. ” added Curry.

Hacking

Hacking Accountability Passwords Authentication

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

Linus Larsson , the journalist who broke the story, says the hacked material was uploaded to a public server during the second half of September, and it is not known how many people may have gained access to it. “The harsh and unfortunate reality is the security of a number of security companies is s**t,” Arena said.

Hacking

Hacking Ransomware Banking Accountability

BlackLock Ransomware Targeted by Cybersecurity Firm

Security Affairs

MARCH 26, 2025

Cybersecurity experts were able to exploit misconfiguration in vulnerable web-app used by ransomware operators to publish victims data – leading to clearnet IP addresses disclosure related to their network infrastructure behind TOR hidden services (hosting them) and additional service information acquired from server-side.

Ransomware

Ransomware Cybersecurity Healthcare Accountability

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Security Affairs

OCTOBER 23, 2024

The SEC fined Unisys, Avaya, Check Point, and Mimecast for misleading disclosures about the impact of the SolarWinds Orion hack. The US Securities and Exchange Commission (SEC) charged four companies, Unisys, Avaya, Check Point, and Mimecast for misleading public disclosures related to the supply chain attack on SolarWinds.

Hacking

Hacking Risk Cybersecurity Government

GUEST ESSAY: Marshaling automated cybersecurity tools to defend automated attacks

The Last Watchdog

MARCH 17, 2022

Cybersecurity tools evolve towards leveraging machine learning (ML) and artificial intelligence (AI) at ever deeper levels, and that’s of course a good thing. Related: Business logic hacks plague websites. Related: Business logic hacks plague websites. The larger question: Can cybersecurity be truly automated?

Cybersecurity

Cybersecurity Scams Artificial Intelligence Software

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

SecureWorld News

DECEMBER 12, 2024

Yet, the recent cybersecurity breach at the beloved doughnut chain highlights critical lessons for organizations of all sizes and industries. Trey Ford, Chief Information Security Officer at Bugcrowd, observed, "This incident may not have been made public if it wasn't for the Form 8-K requirement."

Password Management

Password Management Passwords CISO Cybersecurity

Cybersecurity Certifications: The Key to Advancing Your Career in 2025

SecureWorld News

FEBRUARY 27, 2025

As global cybersecurity threats continue to rise, information security professionals must enroll in continuous education and training programs to acquire current knowledge and skills that help organizations thwart these costly risks. Which certification is best for cybersecurity? Let's begin.

Cybersecurity

Cybersecurity Information Security Penetration Testing Backups

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

Security Affairs

FEBRUARY 22, 2025

The Bybit hack is the largest cryptocurrency heist ever, surpassing previous ones like Ronin Network ($625M), Poly Network ($611M), and BNB Bridge ($566M). Bybit is Solvent even if this hack loss is not recovered, all of clients assets are 1 to 1 backed, we can cover the loss. billion to an unidentified address. “Almost $1.5

Cryptocurrency

Cryptocurrency Hacking Banking Cybersecurity

Can Cybersecurity Make You a Millionaire?

Hacker's King

OCTOBER 22, 2024

The world of cybersecurity is booming, with digital threats increasing and businesses needing to protect their data. But can cybersecurity make you a millionaire ? As the demand for cybersecurity professionals continues to rise, so do the financial opportunities for those who excel in this domain.

Cybersecurity

Cybersecurity CISO Engineering Education

EDR-as-a-Service makes the headlines in the cybercrime landscape

Security Affairs

APRIL 7, 2025

Cybercriminals exploit compromised accounts for EDR-as-a-Service (Emergency Data Requests – EDR), targeting major platforms According to a detailed analysis conducted by Meridian Group, an increasingly complex and structured phenomenon, commonly referred to as EDR-as-a-Service, is taking hold in the cybersecurity landscape.

Cybercrime

Cybercrime Social Engineering Accountability Government

The US Treasury’s OCC disclosed an undetected major email breach for over a year

Security Affairs

APRIL 9, 2025

The cybersecurity incident involved unauthorized access to emails via a compromised admin account. The confidentiality and integrity of the OCCs information security systems are paramount to fulfilling its mission, said Acting Comptroller of the Currency Rodney E. The breach was confirmed on Feb.

Accountability

Accountability Banking Information Security Hacking

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

Joseph Steinberg

JULY 13, 2022

Not all of the elements within Lockdown Mode are completely new – some have been available and enabled by users (including me) for years – but, Lockdown mode does dramatically simplify the process of enabling better security on Apple devices.

Cybersecurity

Cybersecurity Artificial Intelligence Government Social Engineering

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

NOVEMBER 11, 2024

million records containing employee data on the hacking forum BreachForums. Compromised data includes names, contact information, building locations, email addresses, and more. Exposed data did not include Social Security numbers or financial information. Amazon did not disclose the number of impacted employees.

Data breaches

Data breaches Hacking Ransomware Technology

Oracle privately notifies Cloud data breach to customers

Security Affairs

APRIL 6, 2025

The hacker has published 10,000 customer records, a file showing Oracle Cloud access, user credentials, and an internal video as proof of the hack. The incident has raised serious concerns about the security of Oracles cloud infrastructure and the potential implications for affected customers. Oracle has since taken the server offline.

Data breaches

Data breaches Encryption Hacking Passwords

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

Security Affairs

DECEMBER 3, 2024

The investigation into the security breach is still ongoing and the company is remediating the incident with the help of external cybersecurity specialists. “On November 25, 2024, ENGlobal Corporation (the “Company”) became aware of a cybersecurity incident. ” reads the report filed with SEC.

Ransomware

Ransomware Encryption Technology Cybersecurity

U.S. CISA adds Google Chromium Mojo flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

MARCH 27, 2025

Cybersecurity and Infrastructure Security Agency (CISA) adds Google Chromium Mojo flaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added a Google Chromium Mojo sandbox escape vulnerability, tracked as CVE-2025-2783 , to its Known Exploited Vulnerabilities (KEV) catalog.

Hacking

Hacking Cybersecurity Risk Information Security

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches

Data breaches Cybercrime Cyber Insurance Marketing

Digital nomads and risk associated with the threat of infiltred employees

Security Affairs

MARCH 4, 2025

In a report, cybersecurity firm Secureworks exposed a tactic employed by the North Korean hacker group known as Nickel Tapestry. Last summer, finally, North Korean hackers allegedly attempted another hiring scheme, this time targeting a well-known cybersecurity company based in the United States.

Risk

Risk Education Scams VPN

U.S. CISA adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 22, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the ScienceLogic SL1 flaw CVE-2024-9537 (CVSS v4 score: 9.3) to its Known Exploited Vulnerabilities (KEV) catalog.

Encryption

Encryption Hacking Accountability Cybersecurity

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Security Affairs

NOVEMBER 6, 2024

Security researcher Rick de Jager demonstrated the vulner ability, called RISK:STATION by cybersecurity firm Midnight Blue, at the Pwn2Own Ireland 2024 hacking contest. Midnight Blue took 3rd at Pwn2Own Ireland 2024 , the team demonstrated five zero-day flaws in routers, printers, security cameras, and NAS devices.

Firmware

Firmware Manufacturing Hacking Media

Russia warns financial sector organizations of IT service provider LANIT compromise

Security Affairs

FEBRUARY 25, 2025

.” NKTsKI recommends organizations to strengthen monitoring of threats and information security events in systems provided by LANIT. LANIT Group (Laboratory of New Information Technologies) is one of Russia’s largest IT service and software providers. ” said U.S.

Telecommunications

Telecommunications Software Technology Healthcare

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

Security Affairs

OCTOBER 12, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Russia) The cyber agencies recommend organizations apply vendor-issued patches for these publicly disclosed vulnerabilities.

Data collection

Data collection Authentication Hacking Government

CISA warns of RESURGE malware exploiting Ivanti flaw

Security Affairs

MARCH 30, 2025

Cybersecurity and Infrastructure Security Agency (CISA) warns of RESURGE malware, targeting a vulnerability in Ivanti Connect Secure (ICS) appliances. Cybersecurity and Infrastructure Security Agency (CISA) published a Malware Analysis Report (MAR) on a new malware called RESURGE. In January, the U.S.

Malware

Malware Authentication Cybersecurity Encryption

U.S. CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

FEBRUARY 6, 2025

Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, CISA Known Exploited Vulnerabilities catalog )

Firewall

Firewall Hacking Cybersecurity Risk

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Security Affairs

MARCH 21, 2025

Given Telegrams end-to-end encryption and widespread use, an exploit that bypasses its security could be a game-changer for cyber espionage. Zero-day prices have risen as the level of security of messaging apps and mobile devices becomes harder to hack. The ban does not affect Ukrainian citizens.

Government

Government Surveillance Mobile Hacking

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

NOVEMBER 3, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cryptocurrency

Cryptocurrency Hacking Phishing Cyber Attacks

U.S. CISA adds CyberPanel flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

DECEMBER 6, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds CyberPanelflaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA)added the CyberPanelflaw CVE-2024-51378 (CVSS score: 10.0) to its Known Exploited Vulnerabilities (KEV) catalog. and ftp/views.py. .

DNS

DNS Authentication Ransomware Hacking

Sam’s Club Investigates Alleged Cl0p Ransomware Breach

Security Affairs

MARCH 30, 2025

” Ransomware gang Cl0p leaked files from Rackspace Technology and listed ~170 companies allegedly hacked via zero-day vulnerabilities in Cleos file-transfer software. On December 9, reports of active exploitation targeting Cleo file transfer software began circulating among cybersecurity community.

Ransomware

Ransomware Data breaches Software Hacking

Texas oilfield supplier Newpark Resources suffered a ransomware attack

Security Affairs

NOVEMBER 8, 2024

Texas oilfield supplier Newpark Resources revealed that a ransomware attack on October 29 disrupted access to some of its information systems and business applications. The company immediately activated its cybersecurity response plan and launched an investigation into the incident with the help of external experts.

Ransomware

Ransomware Manufacturing Malware Hacking

A cyberattack on gambling giant IGT disrupted portions of its IT systems

Security Affairs

NOVEMBER 23, 2024

. “ On November 17, 2024, International Game Technology PLC (the “Company”) became aware that an unauthorized third party gained access to certain of its systems, and the Company has experienced disruptions in portions of its internal information technology systems and applications resulting from this cybersecurity incident.”

Technology

Technology Hacking Ransomware Cybersecurity

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

The two infostealers allowed operators to harvest usernames, passwords, contact info, and crypto-wallets from victims, the threat actors sold this data to criminals for financial theft and hacking. ESET released a free online scanner for Redline and META that can help users detect and remove malware.

Identity Theft

Identity Theft Passwords Malware Banking

Palo Alto Networks warns of potential RCE in PAN-OS management interface

Security Affairs

NOVEMBER 8, 2024

The cybersecurity company has no further details on the vulnerability and said has yet to detect active exploitation. The cybersecurity firm states that it does not have sufficient information about any indicators of compromise.

Firewall

Firewall Authentication Internet Internet

U.S. CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

NOVEMBER 26, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the Array Networks AG and vxAG ArrayOS flaw CVE-2023-28461 (CVSS score: 9.8)

VPN

VPN Authentication Hacking Cybersecurity

Palo Alto Networks confirmed active exploitation of recently disclosed zero-day

Security Affairs

NOVEMBER 16, 2024

The cybersecurity company had no further details on the vulnerability and was not aware of the active exploitation of the flaw. The cybersecurity firm stated that it does not have sufficient information about any indicators of compromise. Base Score: 9.3) 173.239.218[.]251 251 216.73.162[.]* This week, the U.S.

Firewall

Firewall Internet Internet VPN

U.S. CISA adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

DECEMBER 17, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog. Pierluigi Paganini ( SecurityAffairs hacking, CISA ) CISA orders federal agencies to fix this vulnerability byJanuary 6, 2025. Last week, the U.S.

Hacking

Hacking Cybersecurity Ransomware Risk

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 19, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Veeam Backup and Replication vulnerability to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the Veeam Backup and Replication flaw CVE-2024-40711 (CVSS score of 9.8) reads the advisory.

Backups

Backups VPN Ransomware Authentication

Pro-Russia hackers NoName057 targets Italy again after Zelensky’s visit to the country

Security Affairs

JANUARY 12, 2025

Italy should start helping itself, especially in the area of its own cybersecurity.” The experts at the National Cybersecurity Agency (ACN) supported the impacted organizations in mitigating the attacks and restoring functionality. The talks, which lasted about an hour, aimed to strengthen Kyiv’s position.

DDOS

DDOS Banking Government Marketing

Akira ransomware gang used an unsecured webcam to bypass EDR

Security Affairs

MARCH 8, 2025

Cybersecurity researchers at S-RM team discovered a novel attack technique used by the Akira ransomware gang. ” The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate.

Ransomware

Ransomware IoT Encryption Passwords

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Trending Sources

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

Chinese threat actors used two advanced exploit chains to hack Ivanti CSA

Top 9 Trends In Cybersecurity Careers for 2025

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Subaru Starlink flaw allowed experts to remotely hack cars

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

BlackLock Ransomware Targeted by Cybersecurity Firm

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

GUEST ESSAY: Marshaling automated cybersecurity tools to defend automated attacks

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

Cybersecurity Certifications: The Key to Advancing Your Career in 2025

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

Can Cybersecurity Make You a Millionaire?

EDR-as-a-Service makes the headlines in the cybercrime landscape

The US Treasury’s OCC disclosed an undetected major email breach for over a year

Will iPhone’s New “Lockdown Mode” Create Dangerous Overconfidence In Apple’s CyberSecurity Capabilities?

Amazon discloses employee data breach after May 2023 MOVEit attacks

Oracle privately notifies Cloud data breach to customers

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

U.S. CISA adds Google Chromium Mojo flaw to its Known Exploited Vulnerabilities catalog

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Digital nomads and risk associated with the threat of infiltred employees

U.S. CISA adds ScienceLogic SL1 flaw to its Known Exploited Vulnerabilities catalog

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Russia warns financial sector organizations of IT service provider LANIT compromise

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

CISA warns of RESURGE malware exploiting Ivanti flaw

U.S. CISA adds Microsoft Outlook, Sophos XG Firewall, and other flaws to its Known Exploited Vulnerabilities catalog

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Security Affairs newsletter Round 496 by Pierluigi Paganini – INTERNATIONAL EDITION

U.S. CISA adds CyberPanel flaw to its Known Exploited Vulnerabilities catalog

Sam’s Club Investigates Alleged Cl0p Ransomware Breach

Texas oilfield supplier Newpark Resources suffered a ransomware attack

A cyberattack on gambling giant IGT disrupted portions of its IT systems

International law enforcement operation dismantled RedLine and Meta infostealers

Palo Alto Networks warns of potential RCE in PAN-OS management interface

U.S. CISA adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog

Palo Alto Networks confirmed active exploitation of recently disclosed zero-day

U.S. CISA adds Microsoft Windows Kernel-Mode Driver and Adobe ColdFusion flaws to its Known Exploited Vulnerabilities catalog

U.S. CISA adds Veeam Backup and Replication flaw to its Known Exploited Vulnerabilities catalog

Pro-Russia hackers NoName057 targets Italy again after Zelensky’s visit to the country

Akira ransomware gang used an unsecured webcam to bypass EDR

Stay Connected