Hacking - Cyber Security Informer

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based dot-gov emails get hacked.

Hacking

Hacking Accountability Government Social Engineering

Hacking Digital License Plates

Schneier on Security

DECEMBER 17, 2024

Not everything needs to be digital and “smart.” ” License plates, for example : Josep Rodriguez, a researcher at security firm IOActive, has revealed a technique to jailbreak digital license plates sold by Reviver, the leading vendor of those plates in the US with 65,000 plates already sold.

Firmware

Firmware Hacking Software

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

Krebs on Security

FEBRUARY 26, 2025

government officials searched online for non-extradition countries and for an answer to the question “can hacking be treason?” Days after he apparently finished communicating with Country-1s military intelligence service, Wagenius Googled, ‘can hacking be treason.'” million customers.

Hacking

Hacking Government Identity Theft Accountability

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Microsoft Takes Legal Action Against AI “Hacking as a Service” Scheme

Schneier on Security

JANUARY 13, 2025

Not sure this will matter in the end, but it’s a positive move : Microsoft is accusing three individuals of running a “hacking-as-a-service” scheme that was designed to allow the creation of harmful and illicit content using the company’s platform for AI-generated content.

Hacking

Hacking Authentication Accountability

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

Cyber threat analysts at Silent Push said they recently received reports from a partner organization that identified an aggressive scanning effort against their website using an Internet address previously associated with a campaign by FIN7 , a notorious Russia-based hacking group. co — first came online in February 2023.

Hacking

Hacking Cybercrime Advertising Data breaches

CVE-2024-50387: Critical QNAP Flaw Exploited in Hacking Contest, Patch Now!

Penetration Testing

OCTOBER 30, 2024

In a thrilling showdown at the recent Pwn2Own Ireland 2024 hacking competition, white hat hackers YingMuo (@YingMuo), in collaboration with the DEVCORE Internship Program, successfully exploited a critical zero-day vulnerability... The post CVE-2024-50387: Critical QNAP Flaw Exploited in Hacking Contest, Patch Now!

Hacking

Hacking Cybersecurity

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Security Affairs

NOVEMBER 21, 2024

Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. Today they are going to send me a report on the supposed hacking.” This is not the first time Mexico’s presidential office has been targeted in a hack involving sensitive information.

Government

Government Hacking Ransomware Insurance

Spyware Maker NSO Group Found Liable for Hacking WhatsApp

Schneier on Security

DECEMBER 24, 2024

A judge has found that NSO Group, maker of the Pegasus spyware, has violated the US Computer Fraud and Abuse Act by hacking WhatsApp in order to spy on people using it. Jon Penney and I wrote a legal paper on the case.

Spyware

Spyware Hacking

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

Security Affairs

APRIL 10, 2025

The hacker has published 10,000 customer records, a file showing Oracle Cloud access, user credentials, and an internal video as proof of the hack. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, Oracle)

Hacking

Hacking Data breaches Encryption Passwords

Four REvil Ransomware members sentenced for hacking and money laundering

Security Affairs

OCTOBER 27, 2024

Four former members of the REvil ransomware group were sentenced in Russia for hacking and money laundering, marking a rare case of Russian gang members being convicted in the country. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, REvil ransomware gang )

Ransomware

Ransomware Hacking Malware Cybercrime

Chinese threat actors used two advanced exploit chains to hack Ivanti CSA

Security Affairs

JANUARY 23, 2025

is end-of-life and no longer receives security updates, for this reason, these instances are exposed to hack. The advisory details hacking activities exploiting the mentioned vulnerabilities. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,CISA)

Hacking

Hacking Government Cybersecurity Information Security

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Security Affairs

MARCH 10, 2025

Another American hospital falls victim to a ransomware attack; the RansomHouse gang announced the hack of Loretto Hospital in Chicago.” ” The RansomHouse gang announced the hack of Loretto Hospital in Chicago, the groups claims to have stolen 1.5TB of sensitive data.

Hacking

Hacking Healthcare Backups Ransomware

Subaru Starlink flaw allowed experts to remotely hack cars

Security Affairs

JANUARY 25, 2025

To confirm their findings, the researchers reached out to their friend and asked if they could hack her car. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Subaru Starlink) Admin panel access exposed vehicle data (e.g., location history, VIN) and customer info (e.g.,

Hacking

Hacking Accountability Passwords Authentication

Mazda Connect flaws allow to hack some Mazda vehicles

Security Affairs

NOVEMBER 9, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Mazda Connect) . “The CMU can then be compromised and “enhanced” to, for example, attempt to compromise any connected device in targeted attacks that can result in DoS, bricking, ransomware, safety compromise, etc.”

Hacking

Hacking Firmware Software Manufacturing

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Security Affairs

FEBRUARY 2, 2025

The hacking campaign targeted 90 users and was disrupted in December, WhatsApp already alerted them of a possible compromise of their devices. WhatsApp linked the hacking campaign to Paragon, an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024.

Spyware

Spyware Hacking Surveillance Malware

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. The hacking campaign, called Salt Typhoon by investigators, hasn’t previously been publicly disclosed and is the latest in a series of incursions that U.S. and its allies for hacking activities in July.

Hacking

Hacking Internet Internet Government

NSO Group Spies on People on Behalf of Governments

Schneier on Security

NOVEMBER 27, 2024

Legal documents released in ongoing US litigation between NSO Group and WhatsApp have revealed for the first time that the Israeli cyberweapons maker and not its government customers is the party that “installs and extracts” information from mobile phones targeted by the company’s hacking software.

Government

Government Spyware Mobile Hacking

Apps That Are Spying on Your Location

Schneier on Security

JANUARY 10, 2025

404 Media is reporting on all the apps that are spying on your location, based on a hack of the location data company Gravy Analytics: The thousands of apps, included in hacked files from location data company Gravy Analytics, include everything from games like Candy Crush to dating apps like Tinder, to pregnancy tracking and religious prayer apps (..)

Data collection

Data collection Advertising Media Hacking

Arguing Against CALEA

Schneier on Security

APRIL 8, 2025

This is the access that the Chinese threat actor Salt Typhoon used to spy on Americans: The Wall Street Journal first reported Friday that a Chinese government hacking group dubbed Salt Typhoon broke into three of the largest U.S.

Telecommunications

Telecommunications Internet Internet Government

More Research Showing AI Breaking the Rules

Schneier on Security

FEBRUARY 24, 2025

OpenAIs o1-preview tried to cheat 37% of the time; while DeepSeek R1 tried to cheat 11% of the timemaking them the only two models tested that attempted to hack without the researchers first dropping hints. While R1 and o1-preview both tried, only the latter managed to hack the game, succeeding in 6% of trials.

Engineering

Engineering Hacking

Bybit Hack: $1.46 Billion Crypto Heist Points to North Korea's Lazarus Group

SecureWorld News

FEBRUARY 26, 2025

Well-known crypto researcher ZachXBT reached the same conclusion as Elliptic, sharing his analysis on X: Lazarus Group just connected the Bybit hack to the Phemex hack directly on-chain commingling funds from the intial theft address for both incidents.

Hacking

Hacking Cryptocurrency Cyber threats Malware

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

MARCH 24, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, ransomware) .” The group uses an ARCrypter ransomware variant, derived from Babuks leaked code , to encrypt files after infiltrating a network.

Ransomware

Ransomware Hacking Social Engineering VPN

FBI Deletes PlugX Malware from Thousands of Computers

Schneier on Security

JANUARY 16, 2025

” Details : To retrieve information from and send commands to the hacked machines, the malware connects to a command-and-control server that is operated by the hacking group. According to a DOJ press release , the FBI was able to delete the Chinese-used PlugX malware from “approximately 4,258 U.S.-based

Malware

Malware Hacking Software

Why Italy Sells So Much Spyware

Schneier on Security

NOVEMBER 19, 2024

As a result, thousands of spyware operations have been carried out by Italian authorities in recent years, according to a report from Riccardo Coluccini, a respected Italian journalist who specializes in covering spyware and hacking. Italian spyware is cheaper and easier to use, which makes it more widely used.

Spyware

Spyware Marketing Hacking

North Korean Hackers Steal $1.5B in Cryptocurrency

Schneier on Security

FEBRUARY 25, 2025

” More : This hack sets a new precedent in crypto security by bypassing a multisig cold wallet without exploiting any smart contract vulnerability. The Bybit hack has shattered long-held assumptions about crypto security. .” The announcement on the Bybit website is almost comical.

Cryptocurrency

Cryptocurrency Social Engineering Hacking Engineering

Journalists and Civil Society Members Using WhatsApp Targeted by Paragon Spyware

Schneier on Security

FEBRUARY 3, 2025

Like other spyware makers, Paragon’s hacking software is used by government clients and WhatsApp said it had not been able to identify the clients who ordered the alleged attacks. ” It is not clear who was behind the attack.

Spyware

Spyware Government Hacking Software

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. police as part of an FBI investigation into the MGM hack. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

Age Verification Using Facial Scans

Schneier on Security

APRIL 17, 2025

” I look forward to all the videos of people hacking this system using various disguises. For Face Scan, the solution our vendor uses operates on-device, which means there is no collection of any biometric information when you scan your face. For ID verification, the scan of your ID is deleted upon verification.”

Hacking

Hacking Media

Perfectl Malware

Schneier on Security

OCTOBER 14, 2024

North Korea is the government we know that hacks cryptocurrency in order to fund its operations. Aqua Security researchers have also observed the malware serving as a backdoor to install other families of malware. Something this complex and impressive implies that a government is behind this. But this feels too complex for that.

Malware

Malware Cryptocurrency Internet Internet

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

FEBRUARY 28, 2025

Intrinsec said its analysis showed Prospero frequently hosts malware operations such as SocGholish and GootLoader , which are spread primarily via fake browser updates on hacked websites and often lay the groundwork for more serious cyber intrusions — including ransomware. A fake browser update page pushing mobile malware.

Malware

Malware Antivirus Software DDOS

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

Security Affairs

OCTOBER 22, 2024

VMware addressed a remote code execution flaw, demonstrated in a Chinese hacking contest, for the second time in two months. During the 2024 Matrix Cup hacking contest in China, zbl & srs of team TZL demonstrated the vulnerability. In September, Broadcom released security updates to the vulnerability CVE-2024-38812.

Hacking

Hacking Government Software Information Security

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

Security Affairs

APRIL 13, 2025

. “During the half-day meeting in Geneva, Wang Lei, a top cyber official with Chinas Ministry of Foreign Affairs, indicated that the infrastructure hacks resulted from the U.S.s “Wang or the other Chinese officials didnt directly state that China was responsible for the hacking, the U.S. ” states the WSJ.

Hacking

Hacking Manufacturing Education Government

Hackers stole millions of dollars from Uganda Central Bank

Security Affairs

NOVEMBER 30, 2024

Financially-motivated threat actors hacked Uganda ‘s central bank system, government officials confirmed this week. “It is true our accounts were hacked into but not to the extent of what is being reported. The police’s Criminal Investigations Department and the Auditor General are investigating the incident.

Banking

Banking Government Accountability Hacking

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

Security Affairs

FEBRUARY 22, 2025

The Bybit hack is the largest cryptocurrency heist ever, surpassing previous ones like Ronin Network ($625M), Poly Network ($611M), and BNB Bridge ($566M). Bybit is Solvent even if this hack loss is not recovered, all of clients assets are 1 to 1 backed, we can cover the loss. billion to an unidentified address.

Cryptocurrency

Cryptocurrency Hacking Banking Cybersecurity

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities.

Retail

Retail Advertising Cryptocurrency Marketing

Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites

Security Affairs

APRIL 22, 2025

Japan s Financial Services Agency (FSA) warns of hundreds of millions in unauthorized trades linked to hacked brokerage accounts. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Japan) from fake websites (phishing sites) disguised as websites of real securities companies.”

Financial Services

Financial Services Passwords Accountability Antivirus

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

“ Flax Typhoon is a China-linked hacking group that has been active since 2021, it targets critical infrastructure globally, exploiting vulnerabilities for persistent access. According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. critical infrastructure sectors.“

Cybersecurity

Cybersecurity IoT Hacking Technology

Silk Typhoon Hackers Indicted

Schneier on Security

MARCH 11, 2025

The indictment against Yin Kecheng, who was previously sanctioned by the Treasury Department in January for his involvement in the Treasury breach, quotes from his communications with a colleague in which he notes his personal preference for hacking American targets and how he’s seeking to ‘break into a big target,’ which he hoped (..)

Government

Government Media Hacking

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

One post last month on the Russian-language hacking forum BHF offered up to $5,000 for each hotel account. This seller claims to help people monetize hacked booking.com partners, apparently by using the stolen credentials to set up fraudulent listings.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

NOVEMBER 11, 2024

million records containing employee data on the hacking forum BreachForums. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, MOVEit) The company said that the data was stolen from a third-party vendor. Amazon did not disclose the number of impacted employees.

Data breaches

Data breaches Hacking Ransomware Technology

WhatsApp fixed a spoofing flaw that could enable Remote Code Execution

Security Affairs

APRIL 8, 2025

The hacking campaign targeted 90 users and was disrupted in December, WhatsApp immediately alerted targeted users of a possible compromise of their devices. The Meta-owned company linked the hacking campaign to Paragon , an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024.

Spyware

Spyware Media Surveillance Hacking

Inside the DemandScience by Pure Incubation Data Breach

Troy Hunt

NOVEMBER 13, 2024

But in all likelihood, there will be more than a handful of domain subscribers who take issue with that volume of people data sitting there in one corpus easily downloadable via a clear web hacking forum.

Data breaches

Data breaches Passwords B2B Technology

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. gg , an e-commerce platform that caters to the same clientele as Sellix.

eCommerce

eCommerce Cybercrime Accountability Passwords

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Security Affairs

NOVEMBER 6, 2024

Security researcher Rick de Jager demonstrated the vulner ability, called RISK:STATION by cybersecurity firm Midnight Blue, at the Pwn2Own Ireland 2024 hacking contest. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Synology)

Firmware

Firmware Manufacturing Hacking Media

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Hacking Digital License Plates

Webinars

Trending Sources

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

Webinars

Microsoft Takes Legal Action Against AI “Hacking as a Service” Scheme

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

CVE-2024-50387: Critical QNAP Flaw Exploited in Hacking Contest, Patch Now!

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Spyware Maker NSO Group Found Liable for Hacking WhatsApp

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

Four REvil Ransomware members sentenced for hacking and money laundering

Chinese threat actors used two advanced exploit chains to hack Ivanti CSA

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Subaru Starlink flaw allowed experts to remotely hack cars

Mazda Connect flaws allow to hack some Mazda vehicles

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

NSO Group Spies on People on Behalf of Governments

Apps That Are Spying on Your Location

Arguing Against CALEA

More Research Showing AI Breaking the Rules

Bybit Hack: $1.46 Billion Crypto Heist Points to North Korea's Lazarus Group

Cloak ransomware group hacked the Virginia Attorney General’s Office

FBI Deletes PlugX Malware from Thousands of Computers

Why Italy Sells So Much Spyware

North Korean Hackers Steal $1.5B in Cryptocurrency

Journalists and Civil Society Members Using WhatsApp Targeted by Paragon Spyware

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Age Verification Using Facial Scans

Perfectl Malware

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

Hackers stole millions of dollars from Uganda Central Bank

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

An Interview With the Target & Home Depot Hacker

Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Silk Typhoon Hackers Indicted

Booking.com Phishers May Leave You With Reservations

Amazon discloses employee data breach after May 2023 MOVEit attacks

WhatsApp fixed a spoofing flaw that could enable Remote Code Execution

Inside the DemandScience by Pure Incubation Data Breach

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Stay Connected