Hacking and Information - Cyber Security Informer

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Hacking

Hacking Accountability Government Social Engineering

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

Krebs on Security

FEBRUARY 26, 2025

government officials searched online for non-extradition countries and for an answer to the question “can hacking be treason?” Among those was AT&T , which disclosed in July that cybercriminals had stolen personal information and phone and text message records for roughly 110 million people nearly all of its customers.

Hacking

Hacking Government Identity Theft Accountability

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey. “We have been playing cat and mouse for a while with these guys,” said Matt Sciberras , chief information security officer at Invicti.

Hacking

Hacking Cybercrime Advertising Data breaches

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

NSO Group Spies on People on Behalf of Governments

Schneier on Security

NOVEMBER 27, 2024

Legal documents released in ongoing US litigation between NSO Group and WhatsApp have revealed for the first time that the Israeli cyberweapons maker and not its government customers is the party that “installs and extracts” information from mobile phones targeted by the company’s hacking software.

Government

Government Spyware Mobile Hacking

DeepSeek database exposed highly sensitive information

Security Affairs

JANUARY 30, 2025

“This database contained a significant volume of chat history, backend data and sensitive information, including log streams, API Secrets, and operational details.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, DeepSeek ) ” concludes the report.

Authentication

Authentication Passwords Hacking Risk

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Security Affairs

NOVEMBER 21, 2024

Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. Today they are going to send me a report on the supposed hacking.” This is not the first time Mexico’s presidential office has been targeted in a hack involving sensitive information.

Government

Government Hacking Ransomware Insurance

PLAYFULGHOST backdoor supports multiple information stealing features

Security Affairs

JANUARY 5, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,malware) Google researchers provided event rules within Google Security Operations to dete ctPLAYFULGHOST activity.

Malware

Malware Encryption Phishing Hacking

Broadcom fixed information disclosure flaws in VMware Aria Operations

Security Affairs

JANUARY 31, 2025

is an information disclosure vulnerability in VMware Aria Operations for Logs.A is an information disclosure vulnerability. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,VMware) CVE-2025-22222 (CVSS score: 7.7)

Authentication

Authentication Hacking Cybersecurity Information Security

8Base ransomware group hacked Croatia’s Port of Rijeka

Security Affairs

DECEMBER 7, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,ransomware) Grabovac pointed out that his organization will not pay the ransom requested by the ransomware gang.

Ransomware

Ransomware Hacking Accountability Cyber Attacks

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

Security Affairs

APRIL 10, 2025

No OCI service has been interrupted or compromised in any way,” Last week, Oracle confirmed a data breach and started informing customers while downplaying the impact of the incident. The hacker has published 10,000 customer records, a file showing Oracle Cloud access, user credentials, and an internal video as proof of the hack.

Hacking

Hacking Data breaches Encryption Passwords

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Security Affairs

MARCH 10, 2025

Another American hospital falls victim to a ransomware attack; the RansomHouse gang announced the hack of Loretto Hospital in Chicago.” ” The RansomHouse gang announced the hack of Loretto Hospital in Chicago, the groups claims to have stolen 1.5TB of sensitive data.

Hacking

Hacking Healthcare Backups Ransomware

FBI Deletes PlugX Malware from Thousands of Computers

Schneier on Security

JANUARY 16, 2025

” Details : To retrieve information from and send commands to the hacked machines, the malware connects to a command-and-control server that is operated by the hacking group. According to a DOJ press release , the FBI was able to delete the Chinese-used PlugX malware from “approximately 4,258 U.S.-based

Malware

Malware Hacking Software

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.” and its allies for hacking activities in July.

Hacking

Hacking Internet Internet Government

Subaru Starlink flaw allowed experts to remotely hack cars

Security Affairs

JANUARY 25, 2025

To confirm their findings, the researchers reached out to their friend and asked if they could hack her car. Additionally, attackers could secretly obtain personal information such as the victims name, phone number, email, and physical address. Admin panel access exposed vehicle data (e.g., name, ZIP, phone, email, billing details).

Hacking

Hacking Accountability Passwords Authentication

Age Verification Using Facial Scans

Schneier on Security

APRIL 17, 2025

“The information shared to power the age verification method is only used for the one-time age verification process and is not stored by Discord or our vendor. For Face Scan, the solution our vendor uses operates on-device, which means there is no collection of any biometric information when you scan your face.

Hacking

Hacking Media

Four REvil Ransomware members sentenced for hacking and money laundering

Security Affairs

OCTOBER 27, 2024

Four former members of the REvil ransomware group were sentenced in Russia for hacking and money laundering, marking a rare case of Russian gang members being convicted in the country. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, REvil ransomware gang )

Ransomware

Ransomware Hacking Malware Cybercrime

Chinese threat actors used two advanced exploit chains to hack Ivanti CSA

Security Affairs

JANUARY 23, 2025

is end-of-life and no longer receives security updates, for this reason, these instances are exposed to hack. The advisory details hacking activities exploiting the mentioned vulnerabilities. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,CISA)

Hacking

Hacking Government Cybersecurity Information Security

Mazda Connect flaws allow to hack some Mazda vehicles

Security Affairs

NOVEMBER 9, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Mazda Connect) . “The CMU can then be compromised and “enhanced” to, for example, attempt to compromise any connected device in targeted attacks that can result in DoS, bricking, ransomware, safety compromise, etc.”

Hacking

Hacking Firmware Software Manufacturing

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Security Affairs

FEBRUARY 2, 2025

The hacking campaign targeted 90 users and was disrupted in December, WhatsApp already alerted them of a possible compromise of their devices. WhatsApp linked the hacking campaign to Paragon, an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024.

Spyware

Spyware Hacking Surveillance Malware

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

MARCH 24, 2025

The breach was detected in February , leading to notifications to the FBI, Virginia State Police, and the Virginia Information Technologies Agency. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, ransomware) Chief Deputy AG Steven Popps called it a sophisticated attack.

Ransomware

Ransomware Hacking Social Engineering VPN

Bybit Hack: $1.46 Billion Crypto Heist Points to North Korea's Lazarus Group

SecureWorld News

FEBRUARY 26, 2025

Well-known crypto researcher ZachXBT reached the same conclusion as Elliptic, sharing his analysis on X: Lazarus Group just connected the Bybit hack to the Phemex hack directly on-chain commingling funds from the intial theft address for both incidents.

Hacking

Hacking Cryptocurrency Cyber threats Malware

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

NOVEMBER 11, 2024

Amazon disclosed a data breach exposing employee data, with information allegedly stolen in the May 2023 MOVEit attacks. Amazon disclosed a data breach that exposed employee information after data was allegedly stolen during the May 2023 MOVEit attacks. million records containing employee data on the hacking forum BreachForums.

Data breaches

Data breaches Hacking Ransomware Technology

Inside the DemandScience by Pure Incubation Data Breach

Troy Hunt

NOVEMBER 13, 2024

I am interested in finding how my information ended up in your database. That last one seems perfectly reasonable, and fortunately, DemandScience does have a link on their website to Do Not Sell My Information : Dammit! So, he asked them: I seem to have found my email in your data breach. If, like me, you're part of the 99.5%

Data breaches

Data breaches Passwords B2B Technology

EDR-as-a-Service makes the headlines in the cybercrime landscape

Security Affairs

APRIL 7, 2025

These falsely obtained credentials enable cyber criminals to successfully mimic a real-world investigation by inducing platform operators to provide extremely sensitive information. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,EDR-as-a-Service)

Cybercrime

Cybercrime Social Engineering Accountability Government

Threat actor says Interbank refused to pay the ransom after a two-week negotiation

Security Affairs

OCTOBER 31, 2024

Peruvian Interbank confirmed a data breach after threat actors accessed its systems and leaked stolen information online. Interbank disclosed a data breach after a threat actor claimed the hack of the organization and leaked stolen data online. Interbank , formally the Banco Internacional del Perú Service Holding S.A.A.

Data breaches

Data breaches Financial Services Hacking Mobile

Attackers could hack smart solar systems and cause serious damages

Security Affairs

FEBRUARY 28, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,smart solar systems)

Hacking

Hacking Passwords Risk Cyber threats

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. police as part of an FBI investigation into the MGM hack. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

The missive bore the name of the hotel and referenced details from their reservation, claiming that booking.com’s anti-fraud system required additional information about the customer before the reservation could be finalized. One post last month on the Russian-language hacking forum BHF offered up to $5,000 for each hotel account.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

What Graykey Can and Can’t Unlock

Schneier on Security

NOVEMBER 26, 2024

The documents do not appear to contain information about what Graykey can access from the public release of iOS 18.1, More information : Meanwhile, Graykey’s performance with Android phones varies, largely due to the diversity of devices and manufacturers. which was released on October 28.

Media

Media Manufacturing Mobile Hacking

Iran and China-linked actors used ChatGPT for preparing attacks

Security Affairs

OCTOBER 11, 2024

Rather than using advanced hacking techniques, they exploited systems with default credentials to compromise target networks. This included working on malware that was still in development, and looking for information on potential targets.” ” continues the report.

Malware

Malware Social Engineering Engineering Hacking

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Security and Exchange Commission (SEC) recently laid down the hammer charging and fining four prominent cybersecurity vendors for making misleading claims in connection with the SolarWinds hack. But the SEC’s latest actions underscore that failing to inform stakeholders about material risks and breaches is not an option.

CISO

CISO CSO Risk Cyber threats

Silk Typhoon Hackers Indicted

Schneier on Security

MARCH 11, 2025

The indictments highlight how, in some cases, the hackers operated with a surprising degree of autonomy, even choosing targets on their own before selling stolen information to Chinese government clients.

Government

Government Media Hacking

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

Security Affairs

APRIL 13, 2025

. “During the half-day meeting in Geneva, Wang Lei, a top cyber official with Chinas Ministry of Foreign Affairs, indicated that the infrastructure hacks resulted from the U.S.s “Wang or the other Chinese officials didnt directly state that China was responsible for the hacking, the U.S. ” states the WSJ.

Hacking

Hacking Manufacturing Education Government

Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites

Security Affairs

APRIL 22, 2025

Japan s Financial Services Agency (FSA) warns of hundreds of millions in unauthorized trades linked to hacked brokerage accounts. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Japan) from fake websites (phishing sites) disguised as websites of real securities companies.”

Financial Services

Financial Services Passwords Accountability Antivirus

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Security Affairs

NOVEMBER 24, 2024

Stolen information offered for sale on the carding website included bank account, credit card, and debit card numbers and associated information for conducting transactions. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter) million in revenue.

Cybercrime

Cybercrime Cryptocurrency Banking Accountability

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

FEBRUARY 28, 2025

Intrinsec said its analysis showed Prospero frequently hosts malware operations such as SocGholish and GootLoader , which are spread primarily via fake browser updates on hacked websites and often lay the groundwork for more serious cyber intrusions — including ransomware. A fake browser update page pushing mobile malware.

Malware

Malware Antivirus Software DDOS

South African telecom provider Cell C disclosed a data breach following a cyberattack

Security Affairs

APRIL 13, 2025

Compromised data includes full names, contact details, ID numbers, banking information, drivers license numbers, medical records and passport details. The company engaged top cybersecurity and forensic experts, informed authorities, and is actively supporting affected stakeholders. The gang claimed the theft of 2 TB of data.

Data breaches

Data breaches Unstructured Data Identity Theft Healthcare

2023 Anna Jaques Hospital data breach impacted over 310,000 people

Security Affairs

DECEMBER 8, 2024

The investigation aimed to determine the extent of the activity, and whether individual personal information, if any, may have been accessed or acquired by an unauthorized third party. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Anna Jaques Hospital)

Data breaches

Data breaches Insurance Healthcare Ransomware

Oracle privately notifies Cloud data breach to customers

Security Affairs

APRIL 6, 2025

Oracle confirms a cloud data breach, quietly informing customers while downplaying the impact of the security breach. Oracle confirms a data breach and started informing customers while downplaying the impact of the incident.

Data breaches

Data breaches Encryption Hacking Passwords

CEO of cybersecurity firm charged with installing malware on hospital systems

Security Affairs

APRIL 26, 2025

Due to precautions in place, the issue was addressed immediately, and no patient information was accessed. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, malware ) .” reads the hospital’s statement. ” St.

Malware

Malware Cybersecurity Healthcare Media

A flaw in the W3 Total Cache plugin exposes hundreds of thousands of WordPress sites to attacks

Security Affairs

JANUARY 19, 2025

A WordPress W3 Total Cache plugin vulnerability could allow attackers to access information from internal services, including metadata on cloud-based apps. The vulnerability allows authenticated attackers with Subscriber access to exploit a missing capability check, leading to information disclosure.

Consumer Services

Consumer Services Authentication Hacking

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Security Affairs

NOVEMBER 6, 2024

Security researcher Rick de Jager demonstrated the vulner ability, called RISK:STATION by cybersecurity firm Midnight Blue, at the Pwn2Own Ireland 2024 hacking contest. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Synology) 10053 or above) Synology Photos 1.6

Firmware

Firmware Manufacturing Hacking Media

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

Security Affairs

DECEMBER 3, 2024

The threat actors had access to the company’s information technology systems and encrypted some of its data files. The preliminary investigation has revealed that a threat actor illegally accessed the Company’s information technology (“IT”) system and encrypted some of its data files.” ” reads the report filed with SEC.

Ransomware

Ransomware Encryption Technology Cybersecurity

The US Treasury’s OCC disclosed an undetected major email breach for over a year

Security Affairs

APRIL 9, 2025

The confidentiality and integrity of the OCCs information security systems are paramount to fulfilling its mission, said Acting Comptroller of the Currency Rodney E. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Office of the Comptroller of the Currency) OCC on Feb.

Accountability

Accountability Banking Information Security Hacking

FBI: Spike in Hacked Police Emails, Fake Subpoenas

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

Webinars

Trending Sources

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Webinars

NSO Group Spies on People on Behalf of Governments

DeepSeek database exposed highly sensitive information

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

PLAYFULGHOST backdoor supports multiple information stealing features

Broadcom fixed information disclosure flaws in VMware Aria Operations

8Base ransomware group hacked Croatia’s Port of Rijeka

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

FBI Deletes PlugX Malware from Thousands of Computers

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Subaru Starlink flaw allowed experts to remotely hack cars

Age Verification Using Facial Scans

Four REvil Ransomware members sentenced for hacking and money laundering

Chinese threat actors used two advanced exploit chains to hack Ivanti CSA

Mazda Connect flaws allow to hack some Mazda vehicles

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Cloak ransomware group hacked the Virginia Attorney General’s Office

Bybit Hack: $1.46 Billion Crypto Heist Points to North Korea's Lazarus Group

Amazon discloses employee data breach after May 2023 MOVEit attacks

Inside the DemandScience by Pure Incubation Data Breach

EDR-as-a-Service makes the headlines in the cybercrime landscape

Threat actor says Interbank refused to pay the ransom after a two-week negotiation

Attackers could hack smart solar systems and cause serious damages

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Booking.com Phishers May Leave You With Reservations

What Graykey Can and Can’t Unlock

Iran and China-linked actors used ChatGPT for preparing attacks

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Silk Typhoon Hackers Indicted

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

South African telecom provider Cell C disclosed a data breach following a cyberattack

2023 Anna Jaques Hospital data breach impacted over 310,000 people

Oracle privately notifies Cloud data breach to customers

CEO of cybersecurity firm charged with installing malware on hospital systems

A flaw in the W3 Total Cache plugin exposes hundreds of thousands of WordPress sites to attacks

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

The US Treasury’s OCC disclosed an undetected major email breach for over a year

Stay Connected