Schneier on Security

SEPTEMBER 24, 2020

The hackers also have created malware disguised as Android applications, the reports said. Both are popular messaging tools in Iran. It looks like the standard technique of getting the victim to open a document or application.

Government 276

Government Hacking Mobile Encryption 276

Security Affairs

DECEMBER 3, 2024

Poland probes Pegasus spyware abuse under the PiS government; ex-security chief Piotr Pogonowski arrested to testify before parliament. Poland’s government has been investigating the alleged misuse of Pegasus spyware by the previous administration and arrested the former head of Poland’s internal security service Piotr Pogonowski.

Spyware 117

Spyware Government Surveillance Hacking 117

Security Affairs

OCTOBER 13, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Over 300,000!

Malware 121

Malware DDOS Cryptocurrency Education 121

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. The US government’s Consumer Financial Protection Bureau (CFPB) advises employees to avoid using cellphones for work after China-linked APT group Salt Typhoon hackers breached major telecom providers.

Hacking 129

Hacking Internet Internet Government 129

Schneier on Security

SEPTEMBER 1, 2020

government partners, CISA, Treasury, FBI, and USCYBERCOM identified malware and indicators of compromise (IOCs) used by the North Korean government in an automated teller machine (ATM) cash-out scheme­ -- referred to by the U.S. Government as "FASTCash 2.0: Cyber Command (USCYBERCOM). Working with U.S. Working with U.S.

Hacking 264

Hacking Banking Government Malware 264

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. Qakbot/Qbot was once again the top malware loader observed in the wild in the first six months of 2023.

Hacking 308

Hacking Malware Ransomware Government 308

Krebs on Security

DECEMBER 16, 2020

13, cyber incident response firm FireEye published a detailed writeup on the malware infrastructure used in the SolarWinds compromise, presenting evidence that the Orion software was first compromised back in March 2020. FireEye said hacked networks were seen communicating with a malicious domain name — avsvmcloud[.]com

Hacking 362

Hacking Malware Software Cybercrime 362

Krebs on Security

MAY 17, 2022

government employees and contractors have been issued a secure smart ID card that enables physical access to buildings and controlled spaces, and provides access to government computer networks and systems at the cardholder’s appropriate security level. government smart cards. government smart cards.

Malware 355

Malware Government Internet Internet 355

Krebs on Security

DECEMBER 4, 2024

government indicted Matveev as a top ransomware purveyor a year later, offering $10 million for information leading to his arrest. Last week, the Russian government reportedly arrested Matveev and charged him with creating malware used to extort companies. government’s “Wanted” poster for him.

Cybercrime 230

Cybercrime Ransomware Cryptocurrency Government 230

Schneier on Security

MAY 5, 2020

Interesting story of malware hidden in Google Apps. This particular campaign is tied to the government of Vietnam.

Malware 260

Malware Spyware Phishing Government 260

Schneier on Security

MARCH 21, 2023

The New York Times is reporting that a US citizen’s phone was hacked by the Predator spyware. The simultaneous tapping of the target’s phone by the national intelligence service and the way she was hacked indicate that the spy service and whoever implanted the spyware, known as Predator, were working hand in hand.

Spyware 256

Spyware Hacking Government Technology 256

Security Affairs

MARCH 21, 2025

The company exclusively sells exploits to the Russian government and local firms. In September 2024, Ukraines National Coordination Centre for Cybersecurity (NCCC) banned the Telegram messaging app on government agencies, military, and critical infrastructure, due to national security concerns. continues the announcement.

Government 144

Government Surveillance Mobile Hacking 144

Security Affairs

DECEMBER 11, 2024

has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. The malware stole data and encrypted files to block remediation attempts.

Firewall 75

Firewall Hacking Malware Passwords 75

Security Boulevard

NOVEMBER 6, 2024

The post Schneider Electric Confirms Ransom Hack — Hellcat Demands French Bread as ‘Joke’ appeared first on Security Boulevard. That’s a lot of pain: $125,000 ransom seems small—but why do the scrotes want it paid in baguettes?

Hacking 125

Hacking Cryptocurrency Data privacy Risk 125

Krebs on Security

OCTOBER 28, 2020

The Gunnebo Group is a Swedish multinational company that provides physical security to a variety of customers globally, including banks, government agencies, airports, casinos, jewelry stores, tax agencies and even nuclear power plants. In some cases, this allows the intruders to profit even if their malware somehow fails to do its job.

Hacking 358

Hacking Ransomware Banking Accountability 358

Krebs on Security

NOVEMBER 14, 2024

But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities.

Retail 254

Retail Advertising Cryptocurrency Marketing 254

The Last Watchdog

DECEMBER 20, 2021

Killware is a type of malware deployed to cause physical harm: contaminate community water supplies, exploit and obstruct networks used by hospitals and healthcare facilities, jam air traffic control networks, contaminate gasoline supplies, and, in some instances, deliberately cause death where and when it is least expected.

Malware 256

Malware Phishing Technology Ransomware 256

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. io , and rdp[.]sh. gg , an e-commerce platform that caters to the same clientele as Sellix.

eCommerce 202

eCommerce Cybercrime Accountability Passwords 202

Security Affairs

JANUARY 19, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 63

Malware Artificial Intelligence DNS Ransomware 63

Joseph Steinberg

DECEMBER 14, 2020

government instructed all of its civilian agencies to immediately shut off various popular network and system management products being exploited as part of an ongoing cyberattack. The post US Orders Rare Emergency System Shut-Downs After Severe CyberSecurity Breach Hits Government And Businesses appeared first on Joseph Steinberg.

Government 246

Government Cybersecurity Software Engineering 246

Krebs on Security

FEBRUARY 9, 2023

companies and government entities. ” Only one of the men sanctioned today is known to have been criminally charged in connection with hacking activity. federal investigators say was the precursor to the Trickbot malware. A New Jersey grand jury indicted Kovalev in 2012 after an investigation by the U.S. The Forbes.ru

Hacking 235

Hacking Cybercrime Ransomware Government 235

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches 115

Data breaches Cryptocurrency Artificial Intelligence Cybercrime 115

Security Affairs

MARCH 2, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape.

Malware 62

Malware Architecture IoT Ransomware 62

Schneier on Security

APRIL 8, 2021

This seems to have been exploited by “Western government operatives actively conducting a counterterrorism operation”: The exploits, which went back to early 2020 and used never-before-seen techniques, were “watering hole” attacks that used infected websites to deliver malware to visitors.

Government 272

Government Hacking Malware Cybersecurity 272

Schneier on Security

OCTOBER 17, 2023

This doesn’t stop organizations and governments from using it. Like any internet voting system, it has inherent security vulnerabilities: if there are malicious insiders, they can corrupt the vote count; and if thousands of voters’ computers are hacked by malware, the malware can change votes as they are transmitted.

Malware 357

Malware Internet Internet Government 357

Security Affairs

NOVEMBER 19, 2024

Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims. Ptitsyn and his conspirators used a ransomware-as-a-service (RaaS) model to distribute their malware to a network of affiliates. Barron for the District of Maryland.

Cybercrime 114

Cybercrime Ransomware Healthcare Education 114

Krebs on Security

APRIL 18, 2023

For the past seven years, a malware-based proxy service known as “ Faceless ” has sold anonymity to countless cybercriminals. The proxy lookup page inside the malware-based anonymity service Faceless. Image: spur.us. as a media sharing device on a local network that was somehow exposed to the Internet.

Malware 292

Malware Passwords Accountability Advertising 292

Security Affairs

MARCH 27, 2025

Cybercriminals are exploiting the popularity of DeepSeek by using fake sponsored Google ads to distribute malware. While DeepSeek is rising in popularity, threat actors are attempting to exploit it by using fake sponsored Google ads to distribute malware, Malwarebytes researchers warn. ” reads the alert published by Malwarebytes.

Malware 67

Malware Data collection Advertising Media 67

Krebs on Security

NOVEMBER 5, 2024

Bloomberg first reported Moucka’s alleged ties to the Snowflake hacks on Monday. On May 2, 2024, Judische claimed on the fraud-focused Telegram channel Star Chat that they had hacked Santander Bank , one of the first known Snowflake victims. government agencies and first responders. “Negotiate a deal in Telegram.”

Cybercrime 274

Cybercrime Mobile Media Hacking 274

Security Affairs

MARCH 20, 2025

The archive contains a fake PDF report and DarkTortilla malware, which acts as a launcher for the Dark Crystal RAT ( DCRat ). The Ukrainian government experts noticed that some messages were sent from compromised contacts to increase trust. In March 2025, threat actors distributed archived messages through Signal.

Computers and Electronics 107

Computers and Electronics Telecommunications Malware Surveillance 107

Security Affairs

FEBRUARY 26, 2025

A Ghostwriter campaign using a new variant of PicassoLoader targets opposition activists in Belarus, and Ukrainian military and government organizations. SentinelLABS observed a new Ghostwriter campaign targeting Belarusian opposition activists and Ukrainian military and government entities with a new variant of PicassoLoader.

Government 67

Government Cyber threats Malware Phishing 67

Security Affairs

NOVEMBER 2, 2024

Sophos, with the help of other cybersecurity firms, government, and law enforcement agencies investigated the cyber attacks and attributed them multiple China-linked APT groups, such as Volt Typhoon , APT31 and APT41 / Winnti. Researchers observed the attackers monitoring network communications and stealing credentials from the victims.

Firmware 120

Firmware Government Firewall Malware 120

Security Affairs

AUGUST 13, 2024

CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. The Computer Emergency Response Team of Ukraine (CERT-UA) has warned of a new phishing campaign targeting organizations in the country, including government entities.

Government 137

Government Phishing Malware Banking 137

Security Affairs

DECEMBER 26, 2024

Japan Airlines confirmed that its systems were not infected with malware and no customer data was leaked. ” Chief Cabinet Secretary Yoshimasa Hayashi, the top government spokesman, said at a press conference. .” ” Chief Cabinet Secretary Yoshimasa Hayashi, the top government spokesman, said at a press conference.

Cyber Attacks 120

Cyber Attacks DDOS Government Hacking 120

Security Affairs

DECEMBER 22, 2024

The ransomware gang and its affiliates targeted hospitals, schools, nonprofit organizations, critical infrastructure, and government and law-enforcement agencies. Panev and other developers were tasked to create and maintain the malware and infrastructure, while affiliates executed attacks and extorted ransoms, splitting the proceeds.

Ransomware 118

Ransomware Small Business Antivirus Malware 118

Security Affairs

AUGUST 18, 2024

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Malware 129

Malware Social Engineering Ransomware Government 129

Schneier on Security

SEPTEMBER 1, 2021

Citizen Lab is reporting on two zero-click iMessage exploits, in spyware sold by the cyberweapons arms manufacturer NSO Group to the Bahraini government. The victim receives a text message, and then they are hacked. More on this here.

Spyware 331

Spyware Manufacturing Government Hacking 331