Hacking and Information Security - Cyber Security Informer

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

Cyber threat analysts at Silent Push said they recently received reports from a partner organization that identified an aggressive scanning effort against their website using an Internet address previously associated with a campaign by FIN7 , a notorious Russia-based hacking group. co — first came online in February 2023.

Hacking

Hacking Cybercrime Advertising Data breaches

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Security Affairs

NOVEMBER 21, 2024

Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. Today they are going to send me a report on the supposed hacking.” This is not the first time Mexico’s presidential office has been targeted in a hack involving sensitive information.

Government

Government Hacking Ransomware Insurance

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

Security Affairs

APRIL 10, 2025

The hacker has published 10,000 customer records, a file showing Oracle Cloud access, user credentials, and an internal video as proof of the hack. The incident has raised serious concerns about the security of Oracles cloud infrastructure and the potential implications for affected customers.

Hacking

Hacking Data breaches Encryption Passwords

Four REvil Ransomware members sentenced for hacking and money laundering

Security Affairs

OCTOBER 27, 2024

Four former members of the REvil ransomware group were sentenced in Russia for hacking and money laundering, marking a rare case of Russian gang members being convicted in the country. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, REvil ransomware gang )

Ransomware

Ransomware Hacking Malware Cybercrime

Chinese threat actors used two advanced exploit chains to hack Ivanti CSA

Security Affairs

JANUARY 23, 2025

is end-of-life and no longer receives security updates, for this reason, these instances are exposed to hack. The advisory details hacking activities exploiting the mentioned vulnerabilities. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,CISA)

Hacking

Hacking Government Cybersecurity Information Security

8Base ransomware group hacked Croatia’s Port of Rijeka

Security Affairs

DECEMBER 7, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,ransomware) Grabovac pointed out that his organization will not pay the ransom requested by the ransomware gang.

Ransomware

Ransomware Hacking Accountability Cyber Attacks

FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info

Security Affairs

NOVEMBER 2, 2024

A former Disney World employee hacked servers after being fired, altering prices, adding profanities, and mislabeling allergy info. A former Walt Disney World employee hacked servers after being fired by the company. He is accused of changing prices, adding profanities, and falsely labeling items as allergy-safe.

Hacking

Hacking Risk Cybercrime Information Security

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Security Affairs

MARCH 10, 2025

Another American hospital falls victim to a ransomware attack; the RansomHouse gang announced the hack of Loretto Hospital in Chicago.” ” The RansomHouse gang announced the hack of Loretto Hospital in Chicago, the groups claims to have stolen 1.5TB of sensitive data.

Hacking

Hacking Healthcare Backups Ransomware

Subaru Starlink flaw allowed experts to remotely hack cars

Security Affairs

JANUARY 25, 2025

To confirm their findings, the researchers reached out to their friend and asked if they could hack her car. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Subaru Starlink) Admin panel access exposed vehicle data (e.g., location history, VIN) and customer info (e.g.,

Hacking

Hacking Accountability Passwords Authentication

Mazda Connect flaws allow to hack some Mazda vehicles

Security Affairs

NOVEMBER 9, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Mazda Connect) . “The CMU can then be compromised and “enhanced” to, for example, attempt to compromise any connected device in targeted attacks that can result in DoS, bricking, ransomware, safety compromise, etc.”

Hacking

Hacking Firmware Software Manufacturing

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Security Affairs

FEBRUARY 2, 2025

The hacking campaign targeted 90 users and was disrupted in December, WhatsApp already alerted them of a possible compromise of their devices. WhatsApp linked the hacking campaign to Paragon, an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024.

Spyware

Spyware Hacking Surveillance Malware

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.” and its allies for hacking activities in July.

Hacking

Hacking Internet Internet Government

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

MARCH 24, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, ransomware) .” The group uses an ARCrypter ransomware variant, derived from Babuks leaked code , to encrypt files after infiltrating a network.

Ransomware

Ransomware Hacking Social Engineering VPN

How a researcher earned $100,000 hacking a Facebook server

Security Affairs

JANUARY 12, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, Facebook) The researchers already received for these issues 32 payrolls for a total of $288,500 but likely will receive more for the other flaws reported.

Hacking

Hacking Media Information Security

HPE is investigating IntelBroker’s claims of the company hack

Security Affairs

JANUARY 20, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,HPE) HPE immediately activated our cyber response protocols, disabled related credentials, and launched an investigation to evaluate the validity of the claims, HPE spokesperson Adam R. Bauer told SecurityWeek.

Hacking

Hacking Cybercrime Data breaches Information Security

Attackers could hack smart solar systems and cause serious damages

Security Affairs

FEBRUARY 28, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,smart solar systems)

Hacking

Hacking Passwords Risk Cyber threats

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

Security Affairs

OCTOBER 22, 2024

VMware addressed a remote code execution flaw, demonstrated in a Chinese hacking contest, for the second time in two months. In September, Broadcom released security updates to the vulnerability CVE-2024-38812. During the 2024 Matrix Cup hacking contest in China, zbl & srs of team TZL demonstrated the vulnerability.

Hacking

Hacking Government Software Information Security

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

Security Affairs

APRIL 13, 2025

. “During the half-day meeting in Geneva, Wang Lei, a top cyber official with Chinas Ministry of Foreign Affairs, indicated that the infrastructure hacks resulted from the U.S.s “Wang or the other Chinese officials didnt directly state that China was responsible for the hacking, the U.S. ” states the WSJ.

Hacking

Hacking Manufacturing Education Government

Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison

Security Affairs

NOVEMBER 15, 2024

“Ilya Lichtenstein was sentenced today to five years in prison for his involvement in a money laundering conspiracy arising from the hack and theft of approximately 120,000 bitcoin from Bitfinex, a global cryptocurrency exchange.” Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex.

Cryptocurrency

Cryptocurrency Hacking Government Accountability

Hackers stole millions of dollars from Uganda Central Bank

Security Affairs

NOVEMBER 30, 2024

Financially-motivated threat actors hacked Uganda ‘s central bank system, government officials confirmed this week. Ugandan officials confirmed on Thursday that the national central bank suffered a security breach by financially-motivated threat actors.

Banking

Banking Government Accountability Hacking

The US Treasury’s OCC disclosed an undetected major email breach for over a year

Security Affairs

APRIL 9, 2025

The confidentiality and integrity of the OCCs information security systems are paramount to fulfilling its mission, said Acting Comptroller of the Currency Rodney E. The threat actors behind the security breach remain unknown, and it’s unclear if the incident is linked to past Treasury attacks by China-linked groups.

Accountability

Accountability Banking Information Security Hacking

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

Security Affairs

FEBRUARY 22, 2025

The Bybit hack is the largest cryptocurrency heist ever, surpassing previous ones like Ronin Network ($625M), Poly Network ($611M), and BNB Bridge ($566M). Bybit is Solvent even if this hack loss is not recovered, all of clients assets are 1 to 1 backed, we can cover the loss. billion to an unidentified address.

Cryptocurrency

Cryptocurrency Hacking Banking Cybersecurity

International Civil Aviation Organization (ICAO) and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists

Security Affairs

FEBRUARY 5, 2025

In the updated statement published by ICAO, the agency said it is actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations. ” reads the statement published by the International Civil Aviation Organization.

Data breaches

Data breaches Information Security Hacking Marketing

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

“ Flax Typhoon is a China-linked hacking group that has been active since 2021, it targets critical infrastructure globally, exploiting vulnerabilities for persistent access. According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. critical infrastructure sectors.“

Cybersecurity

Cybersecurity IoT Hacking Technology

Russia warns financial sector organizations of IT service provider LANIT compromise

Security Affairs

FEBRUARY 25, 2025

” NKTsKI recommends organizations to strengthen monitoring of threats and information security events in systems provided by LANIT. LANIT Group (Laboratory of New Information Technologies) is one of Russia’s largest IT service and software providers. ” said U.S.

Telecommunications

Telecommunications Software Technology Healthcare

Threat actor says Interbank refused to pay the ransom after a two-week negotiation

Security Affairs

OCTOBER 31, 2024

Interbank disclosed a data breach after a threat actor claimed the hack of the organization and leaked stolen data online. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, data breach) Interbank , formally the Banco Internacional del Perú Service Holding S.A.A.

Data breaches

Data breaches Financial Services Hacking Mobile

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

NOVEMBER 11, 2024

million records containing employee data on the hacking forum BreachForums. Compromised data includes names, contact information, building locations, email addresses, and more. Exposed data did not include Social Security numbers or financial information. . Amazon did not disclose the number of impacted employees.

Data breaches

Data breaches Hacking Ransomware Technology

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Security Affairs

OCTOBER 23, 2024

The SEC fined Unisys, Avaya, Check Point, and Mimecast for misleading disclosures about the impact of the SolarWinds Orion hack. The US Securities and Exchange Commission (SEC) charged four companies, Unisys, Avaya, Check Point, and Mimecast for misleading public disclosures related to the supply chain attack on SolarWinds.

Hacking

Hacking Risk Cybersecurity Government

Internet Archive data breach impacted 31M users

Security Affairs

OCTOBER 11, 2024

Starting from Wednesday, the website archive.org was displaying a message informing visitors that it was hacked. Internet Archive hacked. — Brewster Kahle (@brewster_kahle) October 10, 2024 At this time, the website shows a message informing users that “Internet Archive services are temporarily offline.”

Data breaches

Data breaches Internet Internet DDOS

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Security Affairs

MARCH 21, 2025

Zero-day prices have risen as the level of security of messaging apps and mobile devices becomes harder to hack. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,zero-day)

Government

Government Surveillance Mobile Hacking

EDR-as-a-Service makes the headlines in the cybercrime landscape

Security Affairs

APRIL 7, 2025

OPERATIONAL MANUALS AND DECEPTION STRATEGIES As further evidence of the increasing professionalization of this illicit sector, Meridian Group reports the publication of informational content designed to guide the proper use of EDR services, presented as a detailed guide on how to correctly complete and unlawfully submit the requests.

Cybercrime

Cybercrime Social Engineering Accountability Government

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Security Affairs

NOVEMBER 21, 2024

The cybercrime group Scattered Spider is suspected of hacking into hundreds of organizations over the past two years, including Twilio , LastPass , DoorDash , and Mailchimp. As this case shows, phishing and hacking has become increasingly sophisticated and can result in enormous losses. ” reads the press release published by DoJ.

Cybercrime

Cybercrime Identity Theft Cryptocurrency Phishing

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Security Affairs

NOVEMBER 6, 2024

Security researcher Rick de Jager demonstrated the vulner ability, called RISK:STATION by cybersecurity firm Midnight Blue, at the Pwn2Own Ireland 2024 hacking contest. Midnight Blue took 3rd at Pwn2Own Ireland 2024 , the team demonstrated five zero-day flaws in routers, printers, security cameras, and NAS devices.

Firmware

Firmware Manufacturing Hacking Media

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. and its allies for hacking activities in July. Wall Street Journal reported.

Mobile

Mobile Telecommunications Data breaches Hacking

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Security Affairs

JANUARY 15, 2025

At the beginning of the year, and as a positive start for us, and in order to solidify the name of our group in your memory, we are proud to announce our first official operation: Will be published of sensitive data from over 15,000 targets worldwide (both governmental and private sectors) that have been hacked and their data extracted.”

VPN

VPN Passwords Firewall Firmware

WhatsApp fixed a spoofing flaw that could enable Remote Code Execution

Security Affairs

APRIL 8, 2025

The hacking campaign targeted 90 users and was disrupted in December, WhatsApp immediately alerted targeted users of a possible compromise of their devices. The Meta-owned company linked the hacking campaign to Paragon , an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024.

Spyware

Spyware Media Surveillance Hacking

Pwn2Own Ireland 2024 Day 2: participants demonstrated an exploit against Samsung Galaxy S24

Security Affairs

OCTOBER 24, 2024

With the $516,250 earned by participants on the first day of the event , the total payout at the hacking contest organized by Trend Micro’s Zero Day Initiative (ZDI) has already reached nearly $850,000, and there are two more days left. “ Today, we awarded $358,625 – which brings the event total to $847,875. CONFIRMED!!

Hacking

Hacking Information Security

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

SecureWorld News

DECEMBER 12, 2024

The details of the Krispy Kreme hack are still emerging, but the companys Form 8-K filing brought the incident to light, offering a rare glimpse into the challenges businesses face when their systems are compromised. The Krispy Kreme hack is a sobering reminder that no industry is immune to cyber threats.

Password Management

Password Management Passwords CISO Cybersecurity

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims. If convicted, the man could face up to 20 years in prison for each wire fraud count, 10 years for each computer hacking charge, and 5 years for conspiracy to commit computer fraud and abuse.

Cybercrime

Cybercrime Ransomware Healthcare Education

Oracle privately notifies Cloud data breach to customers

Security Affairs

APRIL 6, 2025

The hacker has published 10,000 customer records, a file showing Oracle Cloud access, user credentials, and an internal video as proof of the hack. The incident has raised serious concerns about the security of Oracles cloud infrastructure and the potential implications for affected customers.

Data breaches

Data breaches Encryption Hacking Passwords

Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. The Department of State offered up to $10 million for information that leads to the arrest of the man.

Ransomware

Ransomware Healthcare Hacking Malware

Google fixed the first actively exploited Chrome zero-day since the start of the year

Security Affairs

MARCH 26, 2025

” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, Chrome ) A full list of changes in this build is available in the Log.”

Hacking

Hacking Information Security

Akira ransomware gang used an unsecured webcam to bypass EDR

Security Affairs

MARCH 8, 2025

.” The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. Like other ransomware gangs, the group hasdeveloped a Linux encryptorto target VMware ESXi servers.

Ransomware

Ransomware IoT Encryption Passwords

Sam’s Club Investigates Alleged Cl0p Ransomware Breach

Security Affairs

MARCH 30, 2025

” Ransomware gang Cl0p leaked files from Rackspace Technology and listed ~170 companies allegedly hacked via zero-day vulnerabilities in Cleos file-transfer software. Clop group already targeted enterprise file transfer software in the past, a large-scale hacking campaign exploited vulnerabilities in MOVEit Transfer and GoAnywhere.

Ransomware

Ransomware Data breaches Software Hacking

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Trending Sources

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

Four REvil Ransomware members sentenced for hacking and money laundering

Chinese threat actors used two advanced exploit chains to hack Ivanti CSA

8Base ransomware group hacked Croatia’s Port of Rijeka

FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Subaru Starlink flaw allowed experts to remotely hack cars

Mazda Connect flaws allow to hack some Mazda vehicles

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Cloak ransomware group hacked the Virginia Attorney General’s Office

How a researcher earned $100,000 hacking a Facebook server

HPE is investigating IntelBroker’s claims of the company hack

Attackers could hack smart solar systems and cause serious damages

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison

Hackers stole millions of dollars from Uganda Central Bank

The US Treasury’s OCC disclosed an undetected major email breach for over a year

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

International Civil Aviation Organization (ICAO) and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Russia warns financial sector organizations of IT service provider LANIT compromise

Threat actor says Interbank refused to pay the ransom after a two-week negotiation

Amazon discloses employee data breach after May 2023 MOVEit attacks

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Internet Archive data breach impacted 31M users

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

EDR-as-a-Service makes the headlines in the cybercrime landscape

US DoJ charges five alleged members of the Scattered Spider cybercrime gang

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

WhatsApp fixed a spoofing flaw that could enable Remote Code Execution

Pwn2Own Ireland 2024 Day 2: participants demonstrated an exploit against Samsung Galaxy S24

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

Russian Phobos ransomware operator faces cybercrime charges

Oracle privately notifies Cloud data breach to customers

Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

Google fixed the first actively exploited Chrome zero-day since the start of the year

Akira ransomware gang used an unsecured webcam to bypass EDR

Sam’s Club Investigates Alleged Cl0p Ransomware Breach

Stay Connected