Security Affairs

OCTOBER 27, 2024

Four former members of the REvil ransomware group were sentenced in Russia for hacking and money laundering, marking a rare case of Russian gang members being convicted in the country. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, REvil ransomware gang )

Ransomware 143

Ransomware Hacking Malware Cybercrime 143

Security Affairs

NOVEMBER 2, 2024

A former Disney World employee hacked servers after being fired, altering prices, adding profanities, and mislabeling allergy info. A former Walt Disney World employee hacked servers after being fired by the company. He is accused of changing prices, adding profanities, and falsely labeling items as allergy-safe.

Hacking 140

Hacking Risk Cybercrime Information Security 140

Schneier on Security

FEBRUARY 11, 2022

Under-resourced Information Security Managers were not performing their business as usual role (including a NIST-based cybersecurity review of systems) but were working on evaluating security controls for the COVID-19 vaccination system.

Antivirus 309

Antivirus Hacking Ransomware CISO 309

Security Affairs

MAY 15, 2024

An international law enforcement operation coordinated by the FBI led to the seizure of the notorious BreachForums hacking forum. BreachForums is a cybercrime forum used by threat actors to purchase, sell, and exchange stolen data, including credentials, and personal and financial information. In March 2023, U.S.

Hacking 136

Hacking Cybercrime Information Security 136

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.” and its allies for hacking activities in July.

Hacking 131

Hacking Internet Internet Mobile 131

Security Affairs

NOVEMBER 18, 2024

The Library of Congress discloses the compromise of some of its IT systems, an alleged foreign threat actor hacked their emails. “An unidentified “adversary” hacked into the email system for the Library of Congress, accessing information sent via email between January and September 2024, the Library said.”

Hacking 65

Hacking Government Data breaches Information Security 65

Security Affairs

NOVEMBER 9, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Mazda Connect) . “The CMU can then be compromised and “enhanced” to, for example, attempt to compromise any connected device in targeted attacks that can result in DoS, bricking, ransomware, safety compromise, etc.”

Hacking 130

Hacking Firmware Software Manufacturing 130

Security Affairs

OCTOBER 3, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to its Known Exploited Vulnerabilities catalog in July 2024. According to Sansec, CosmicSting (CVE-2024-34102) is the most severe bug impacting Magento and Adobe Commerce stores in two years, with hacks occurring at a rate of 3 to 5 per hour.

Hacking 138

Hacking Passwords Cybersecurity Cybercrime 138

Security Affairs

OCTOBER 6, 2024

internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.” The hacking campaign, called Salt Typhoon by investigators, hasn’t previously been publicly disclosed and is the latest in a series of incursions that U.S. and its allies for hacking activities in July.

Hacking 145

Hacking Government Internet Internet 145

Security Affairs

JANUARY 26, 2024

Researchers hacked the Tesla infotainment system and found 24 zero-days on day 2 of Pwn2Own Automotive 2024 hacking competition. White hat hackers from the Synacktiv Team ( @Synacktiv ) compromised the Tesla infotainment system on the second day of the Pwn2Own Automotive 2024 hacking competition.

Hacking 138

Hacking Information Security 138

Security Boulevard

OCTOBER 27, 2024

We explore these technological advancements alongside other unusual tech innovations, touching upon security […] The post Internet Archive Hacked, Introducing The AI Toilet Camera appeared first on Shared Security Podcast. The post Internet Archive Hacked, Introducing The AI Toilet Camera appeared first on Security Boulevard.

Internet 69

Internet Internet Hacking Data breaches 69

Security Affairs

SEPTEMBER 30, 2024

The Department of Justice charged a British national for hacking into the systems of five U.S. The Department of Justice charged the British national Robert Westbrook (39) for hacking into the systems of five U.S. From January 2019 to May 2020, the man carried out a hack-to-trade scheme, earning over $3 million in profits.

Hacking 138

Hacking Accountability Passwords Cybercrime 138

Security Affairs

MARCH 21, 2024

Participants earned $732,500 on the first day of the Pwn2Own Vancouver 2024 hacking competition, a team demonstrated a Tesla hack. Participants earned $732,000 on the first day of the Pwn2Own Vancouver 2024 hacking competition for demonstrating 19 unique zero-days, announced Trend Micro’s Zero Day Initiative (ZDI).

Hacking 132

Hacking Engineering Software Information Security 132

Security Affairs

MARCH 4, 2024

The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense claims that it hacked the Russian Ministry of Defense. In November, Ukraine’s intelligence service announced they had hacked Russia’s Federal Air Transport Agency, ‘Rosaviatsia.’ The attack is the result of another complex special cyber operation.

Hacking 141

Hacking Data breaches Encryption Government 141

Security Affairs

MARCH 4, 2024

Leaked data, including a contract between the Navy and Chunghwa Telecom, are available for sale on a dark web hacking forum, Broadcaster TVBS first reported. We have asked the contractor involved to strengthen its information security control to prevent any further incidents.” Threat actors claim they have stolen 1.7

Hacking 141

Hacking Government Cyber threats Cyber Attacks 141

Security Affairs

SEPTEMBER 26, 2024

Researchers discovered critical flaws in Kia’s dealer portal that could allow to hack Kia cars made after 2013 using just their license plate. The token allowed them to access backend dealer APIs, then they successfully extracted sensitive information like the vehicle owner’s name, email, phone number, and other details.

Hacking 141

Hacking Accountability Mobile Internet 141

Security Affairs

SEPTEMBER 16, 2022

According to the New York Times , the threat actors hacked an employee’s Slack account and used it to inform internal personnel that the company had “suffered a data breach” and provided a list of allegedly hacked internal databases. “I SecurityAffairs – hacking, Uber). states the message.

Hacking 144

Hacking Data breaches Engineering Information Security 144

Security Affairs

DECEMBER 26, 2023

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. pic.twitter.com/6uHMDcNhTC — Dominic Alvieri (@AlvieriD) December 26, 2023 The group published images of stolen documents as proof of the hack. Abdali Hospital provides care to patients in numerous specialties.

Ransomware 140

Ransomware Hacking Manufacturing Healthcare 140

Security Affairs

MARCH 13, 2024

Acer Philippines disclosed a data breach after employee data was leaked by a threat actor on a hacking forum. In our commitment to full transparency, we wish to inform you of a recent security incident involving a third-party vendor managing employee attendance data.

Data breaches 139

Data breaches Computers and Electronics Hacking Cybercrime 139

Security Affairs

FEBRUARY 9, 2024

Black Basta ransomware gang claims the hack of the car maker Hyundai Motor Europe and the theft of three terabytes of their data. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Hyundai ) The threat actors claim to have stolen three terabytes of data from the company.

Hacking 143

Hacking Ransomware Data breaches Manufacturing 143

Security Affairs

FEBRUARY 26, 2024

The popular hacker IntelBroker announced that it had hacked the Los Angeles International Airport by exploiting a flaw in one of its CRM systems. The security breach did not impact travelers. Follow me on Twitter: @securityaffairs and Facebook Pierluigi Paganini ( SecurityAffairs – hacking, LA International Airport)

Hacking 138

Hacking Data breaches Cybercrime Information Security 138

Security Affairs

MAY 21, 2024

The Blackbasta extortion group claims to have hacked Atlas, one of the largest national distributors of fuel in the United States. The gang published a series of documents as proof of the hack, including people’s ID cards, data sheets, payroll payment requesters and a picture of the folder exfiltrated from the victim’s systems.

Hacking 143

Hacking Ransomware Phishing Malware 143

Security Affairs

JANUARY 30, 2024

In early January, the Cactus ransomware group claimed to have hacked Coop, one of the largest retail and grocery providers in Sweden. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Schneider Electric)

Ransomware 142

Ransomware Hacking Data breaches Digital transformation 142

Security Affairs

JUNE 24, 2024

Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, ransomware) “We are reaching out to known LockBit victims and encouraging anyone who suspects they were a victim to visit our Internet Crime Complaint Center at ic3.gov.”

Hacking 145

Hacking Banking Ransomware Encryption 145

Security Affairs

FEBRUARY 27, 2023

Data allegedly stolen from the American gaming giant Activision in December security breach were leaked on a cybercrime forum. A threat actor leaked on the Breached hacking forum the data allegedly stolen from the gaming giant Activision in December 2022. Activision was breached December 4th, 2022. ” states the post.

Hacking 98

Hacking Cybercrime Social Engineering Data breaches 98

Security Affairs

JANUARY 4, 2024

The X account of cybersecurity giant Mandiant was hacked, attackers used it to impersonate the Phantom crypto wallet and push a cryptocurrency scam. Crooks hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam.

Scams 134

Scams Cryptocurrency Accountability Hacking 134

SecureList

AUGUST 14, 2023

Another tactic, popular with scammers big and small, phishers included, is hacking websites and placing malicious content on those, rather than registering new domains. Besides tucking a phishing page inside the website they hack, scammers can steal all of the data on the server and completely disrupt the site’s operation.

Phishing 81

Phishing Hacking Banking Scams 81

Security Affairs

NOVEMBER 22, 2023

SiegedSec hacktivists group claimed responsibility for the hack of The Idaho National Laboratory (INL) and leaked stolen human resources data. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, INL) organizations, especially U.S. municipalities.

Hacking 135

Hacking Data breaches Information Security 135

Security Affairs

DECEMBER 7, 2022

The Pwn2Own Toronto 2022 hacking competition has begun, this is the 10th anniversary of the consumer-focused version of the contest. The news of the Samsung Galaxy S22 hack on the first day of Pwn2Own Toronto 2022 made the headlines. SecurityAffairs – hacking, Pwn2Own Toronto 2022). Pierluigi Paganini.

Hacking 98

Hacking Wireless Mobile Data breaches 98

Security Affairs

JUNE 5, 2024

Semafor first reported that CNN’s TikTok account had been hacked, forcing the broadcaster to take down its account for several days. The TikTok spokesperson also added that their security team was recently alerted of malicious actors targeting CNN’s account. .” TikTok spokesperson Alex Haurek told Forbes.

Accountability 135

Accountability Hacking Malware Information Security 135

Security Affairs

NOVEMBER 25, 2023

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Rhysida ransomware) Energy China [link] TL;DR That's huuuge!

Ransomware 143

Ransomware Hacking Engineering Manufacturing 143

Security Affairs

DECEMBER 13, 2022

LockBit ransomware gang hacked the California Department of Finance and threatens to leak data stolen from its systems. On December 12, the California Department of Finance confirmed the security incident with a statement. “The intrusion was proactively identified through coordination with state and federal security partners.

Hacking 143

Hacking Ransomware Technology Cybersecurity 143

Security Affairs

JANUARY 2, 2024

Ukraine’s SBU revealed that Russia-linked threat actors hacked surveillance cameras to spy on air defense forces and critical infrastructure in Kyiv. Ukraine’s SBU announced they shut down two surveillance cameras that were allegedly hacked by the Russian intelligence services to spy on air defense forces and critical infrastructure in Kyiv.

Surveillance 144

Surveillance Hacking Media Software 144

Security Affairs

SEPTEMBER 26, 2023

Sony launched an investigation into an alleged data breach after the RansomedVC group claimed the hack of the company. Sony announced it is investigating allegations of a data breach after the RansomedVC extortion group claimed to have hacked the company and added the company to its Tor leak site. “We

Hacking 131

Hacking Data breaches Ransomware Scams 131

Security Affairs

DECEMBER 15, 2023

The Snatch ransomware group announced it had hacked the food giant Kraft Heinz, the company is investigating the claims. The Snatch ransomware group claims to have hacked Kraft Heinz in August and on December 14, it added the company to the list of victims on its leak site.

Hacking 135

Hacking Ransomware Computers and Electronics Marketing 135

Security Affairs

NOVEMBER 17, 2023

Toyota Financial Services discloses unauthorized activity on systems after the Medusa ransomware gang claimed to have hacked the company. Medusa Toyota has set the deadline for November 26 and has published a sample of the stolen data as proof of the hack.

Financial Services 140

Financial Services Hacking Ransomware Data breaches 140

Security Affairs

MAY 11, 2024

The threat actor IntelBroker announced on the cybercrime forum Breach the hack of the European law enforcement agency Europol. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, cybercrime)

Hacking 126

Hacking Data breaches Cybercrime Cryptocurrency 126