Hacking and Information Security - Cyber Security Informer

On the Irish Health Services Executive Hack

Schneier on Security

FEBRUARY 11, 2022

Under-resourced Information Security Managers were not performing their business as usual role (including a NIST-based cybersecurity review of systems) but were working on evaluating security controls for the COVID-19 vaccination system.

Antivirus

Antivirus Hacking Ransomware CISO

How to Study Ethical Hacking as a Beginner

Tech Republic Security

JUNE 21, 2024

Immersing yourself in best practices for ethical hacking, pen-testing and information security can set you up for a career or better-protected business.

Hacking

Hacking Information Security

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

Linus Larsson , the journalist who broke the story, says the hacked material was uploaded to a public server during the second half of September, and it is not known how many people may have gained access to it. “The harsh and unfortunate reality is the security of a number of security companies is s**t,” Arena said.

Hacking

Hacking Ransomware Banking Accountability

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

Cyber threat analysts at Silent Push said they recently received reports from a partner organization that identified an aggressive scanning effort against their website using an Internet address previously associated with a campaign by FIN7 , a notorious Russia-based hacking group. co — first came online in February 2023.

Hacking

Hacking Cybercrime Advertising Data breaches

8Base ransomware group hacked Croatia’s Port of Rijeka

Security Affairs

DECEMBER 7, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,ransomware) Grabovac pointed out that his organization will not pay the ransom requested by the ransomware gang.

Ransomware

Ransomware Hacking Accountability Cyber Attacks

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Security Affairs

NOVEMBER 21, 2024

Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. Today they are going to send me a report on the supposed hacking.” This is not the first time Mexico’s presidential office has been targeted in a hack involving sensitive information.

Government

Government Hacking Ransomware Insurance

Israel army hacked the communication network of the Beirut Airport control tower

Security Affairs

SEPTEMBER 29, 2024

Israel allegedly hacked Beirut airport ‘s control tower, warning an Iranian plane not to land, forcing it to return to Tehran. The Israeli cyber army on Saturday hacked into the control tower of Beirut Airport, the Rafic Hariri International Airport. We will not allow the transfer of weapons to Hezbollah in any form.

Hacking

Hacking Information Security

Four REvil Ransomware members sentenced for hacking and money laundering

Security Affairs

OCTOBER 27, 2024

Four former members of the REvil ransomware group were sentenced in Russia for hacking and money laundering, marking a rare case of Russian gang members being convicted in the country. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, REvil ransomware gang )

Ransomware

Ransomware Hacking Malware Cybercrime

A British national has been charged for his execution of a hack-to-trade scheme

Security Affairs

SEPTEMBER 30, 2024

The Department of Justice charged a British national for hacking into the systems of five U.S. The Department of Justice charged the British national Robert Westbrook (39) for hacking into the systems of five U.S. From January 2019 to May 2020, the man carried out a hack-to-trade scheme, earning over $3 million in profits.

Hacking

Hacking Accountability Passwords Cybercrime

FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info

Security Affairs

NOVEMBER 2, 2024

A former Disney World employee hacked servers after being fired, altering prices, adding profanities, and mislabeling allergy info. A former Walt Disney World employee hacked servers after being fired by the company. He is accused of changing prices, adding profanities, and falsely labeling items as allergy-safe.

Hacking

Hacking Risk Cybercrime Information Security

Mazda Connect flaws allow to hack some Mazda vehicles

Security Affairs

NOVEMBER 9, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Mazda Connect) . “The CMU can then be compromised and “enhanced” to, for example, attempt to compromise any connected device in targeted attacks that can result in DoS, bricking, ransomware, safety compromise, etc.”

Hacking

Hacking Firmware Software Manufacturing

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.” and its allies for hacking activities in July.

Hacking

Hacking Internet Internet Government

China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems

Security Affairs

OCTOBER 6, 2024

internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.” The hacking campaign, called Salt Typhoon by investigators, hasn’t previously been publicly disclosed and is the latest in a series of incursions that U.S. and its allies for hacking activities in July.

Hacking

Hacking Government Internet Internet

Thousands of Adobe Commerce e-stores hacked by exploiting the CosmicSting bug

Security Affairs

OCTOBER 3, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to its Known Exploited Vulnerabilities catalog in July 2024. According to Sansec, CosmicSting (CVE-2024-34102) is the most severe bug impacting Magento and Adobe Commerce stores in two years, with hacks occurring at a rate of 3 to 5 per hour.

Hacking

Hacking Passwords Cybersecurity Cybercrime

Hacking Kia cars made after 2013 using just their license plate

Security Affairs

SEPTEMBER 26, 2024

Researchers discovered critical flaws in Kia’s dealer portal that could allow to hack Kia cars made after 2013 using just their license plate. The token allowed them to access backend dealer APIs, then they successfully extracted sensitive information like the vehicle owner’s name, email, phone number, and other details.

Hacking

Hacking Accountability Mobile Internet

More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days

Security Affairs

NOVEMBER 21, 2024

Threat actors already hacked thousands of Palo Alto Networks firewalls exploiting recently patched zero-day vulnerabilities. Shadowserver researchers, who are tracking the number of compromised Palo Alto Networks firewalls, reported that approximately 2,000 have been hacked due to a CVE-2024-0012/CVE-2024-9474 campaign.

Firewall

Firewall Hacking VPN Cybersecurity

Hackers Stole Access Tokens from Okta’s Support Unit

Krebs on Security

OCTOBER 20, 2023

In an interview with KrebsOnSecurity, Okta’s Deputy Chief Information Security Officer Charlotte Wylie said Okta initially believed that BeyondTrust’s alert on Oct. The disclosure from Okta comes just weeks after casino giants Caesar’s Entertainment and MGM Resorts were hacked. But she said that by Oct.

Social Engineering

Social Engineering Engineering Accountability Hacking

Chinese national charged for hacking thousands of Sophos firewalls

Security Affairs

DECEMBER 11, 2024

has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. Tianfeng worked at Sichuan Silence Information Technology Co., ” The U.S.

Firewall

Firewall Hacking Malware Passwords

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Security Affairs

AUGUST 16, 2024

The concern is serious enough that Palantir Technologies, who helped identify the security issue, is opting to remove Android devices from its mobile fleet and transition entirely to Apple devices over the next few years.”

Hacking

Hacking Firmware Mobile Penetration Testing

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Krebs on Security

AUGUST 27, 2024

” Those third-party reports came in late June 2024 from Michael Horka , senior lead information security engineer at Black Lotus Labs , the security research arm of Lumen Technologies , which operates one of the global Internet’s largest backbones. victims and one non-U.S. In January 2024, the U.S. ”

Internet

Internet Internet Technology Engineering

New Leak Shows Business Side of China’s APT Menace

Krebs on Security

FEBRUARY 22, 2024

A new data leak that appears to have come from one of China’s top private cybersecurity firms provides a rare glimpse into the commercial side of China’s many state-sponsored hacking groups. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government

Government Hacking Cyber threats Mobile

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. Authorities in the United States, Germany, the Netherlands and the U.K.

Advertising

Advertising Cybercrime System Administration Hacking

Alleged Extortioner of Psychotherapy Patients Faces Trial

Krebs on Security

NOVEMBER 16, 2023

Security experts soon discovered Ransom Man had mistakenly included an entire copy of their home folder, where investigators found many clues pointing to Kivimäki’s involvement. By that time, Kivimäki was no longer in Finland, but the Finnish government nevertheless charged Kivimäki in absentia with the Vastaamo hack.

Cybercrime

Cybercrime Hacking Data breaches Banking

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

JANUARY 24, 2023

First advertised in the cybercrime underground in 2014, RSOCKS was the web-based storefront for hacked computers that were sold as “proxies” to cybercriminals looking for ways to route their Web traffic through someone else’s device. “Thanks to you, we are now developing in the field of information security and anonymity!,”

Cybercrime

Cybercrime Advertising IoT Malware

GUEST ESSAY: Recalibrating critical infrastructure security in the wake of evolving threats

The Last Watchdog

APRIL 30, 2024

The recent Unitronics hack , in which attackers took control over a Pennsylvania water authority and other entities, is a good example. Related: France hit by major DDoS attack The Unitronics hack was particularly effective given the nature of the target. in different industries, including energy, manufacturing, and healthcare.

Penetration Testing

Penetration Testing CISO Unstructured Data Technology

Hackers stole millions of dollars from Uganda Central Bank

Security Affairs

NOVEMBER 30, 2024

Financially-motivated threat actors hacked Uganda ‘s central bank system, government officials confirmed this week. Ugandan officials confirmed on Thursday that the national central bank suffered a security breach by financially-motivated threat actors.

Banking

Banking Government Accountability Hacking

Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison

Security Affairs

NOVEMBER 15, 2024

“Ilya Lichtenstein was sentenced today to five years in prison for his involvement in a money laundering conspiracy arising from the hack and theft of approximately 120,000 bitcoin from Bitfinex, a global cryptocurrency exchange.” Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex.

Cryptocurrency

Cryptocurrency Hacking Government Accountability

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

Security Affairs

OCTOBER 22, 2024

VMware addressed a remote code execution flaw, demonstrated in a Chinese hacking contest, for the second time in two months. In September, Broadcom released security updates to the vulnerability CVE-2024-38812. During the 2024 Matrix Cup hacking contest in China, zbl & srs of team TZL demonstrated the vulnerability.

Hacking

Hacking Government Software Information Security

3CX Breach Was a Double Supply Chain Compromise

Krebs on Security

APRIL 20, 2023

Mandiant concluded that the 3CX attack was orchestrated by the North Korean state-sponsored hacking group known as Lazarus , a determination that was independently reached earlier by researchers at Kaspersky Lab and Elastic Security.

Malware

Malware Software Technology Accountability

Did Israel infiltrate Lebanese telecoms networks?

Security Affairs

SEPTEMBER 24, 2024

Israel has been sending text messages, recordings, and hacking radio networks to warn Lebanese citizens to evacuate certain areas. Israel has been sending text messages, recordings, and hacking radio networks to warn Lebanese citizens to evacuate certain areas in the country, likely due to an imminent full-scale strike. Ibrahim said.

Hacking

Hacking Spyware Mobile Media

Hackers can take over Ecovacs home robots to spy on their owners

Security Affairs

AUGUST 24, 2024

Recently, researchers warned vacuum and lawn mower robots made by Ecovacs could be hacked to spy on their owners, the company will fix it. Additionally, once an Ecovacs robot is compromised, it can potentially be used to hack other nearby Ecovacs robots. The two researchers also identified several other issues with Ecovacs devices.

Hacking

Hacking Authentication Accountability Information Security

Mozilla issued an urgent Firefox update to fix an actively exploited flaw

Security Affairs

OCTOBER 10, 2024

In March, Mozilla addressed two Firefox zero-day vulnerabilities, respectively tracked as CVE-2024-29944 and CVE-2024-29943 , which were exploited during the Pwn2Own Vancouver 2024 hacking competition. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Mozilla)

Hacking

Hacking Information Security

North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence

Security Affairs

OCTOBER 1, 2024

“Researchers from Mandiant, a Google subsidiary, uncovered and analyzed a cyberattack by the North Korean hacking group Kimsuky targeting Diehl Defence.” A spokesperson for Germany’s Federal Office for Information Security (BSI) confirmed that Kimsuky (aka APT43 ) is conducting a broader cyber campaign targeting Germany.

Manufacturing

Manufacturing Hacking Cyber Attacks Malware

Threat actor says Interbank refused to pay the ransom after a two-week negotiation

Security Affairs

OCTOBER 31, 2024

Interbank disclosed a data breach after a threat actor claimed the hack of the organization and leaked stolen data online. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, data breach) Interbank , formally the Banco Internacional del Perú Service Holding S.A.A.

Data breaches

Data breaches Financial Services Hacking Mobile

Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. The Department of State offered up to $10 million for information that leads to the arrest of the man.

Ransomware

Ransomware Healthcare Hacking Malware

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

NOVEMBER 11, 2024

million records containing employee data on the hacking forum BreachForums. Compromised data includes names, contact information, building locations, email addresses, and more. Exposed data did not include Social Security numbers or financial information. . Amazon did not disclose the number of impacted employees.

Data breaches

Data breaches Hacking Technology Ransomware

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Security Affairs

OCTOBER 23, 2024

The SEC fined Unisys, Avaya, Check Point, and Mimecast for misleading disclosures about the impact of the SolarWinds Orion hack. The US Securities and Exchange Commission (SEC) charged four companies, Unisys, Avaya, Check Point, and Mimecast for misleading public disclosures related to the supply chain attack on SolarWinds.

Hacking

Hacking Risk Cybersecurity Government

Poland probes Pegasus spyware abuse under the PiS government

Security Affairs

DECEMBER 3, 2024

The news of the hack was reported by the Gazeta Wyborcza daily, and unfortunately, it isn’t the first time that the Pegasus spyware was used in the country. In 2021, the University of Toronto-based Citizen Lab Internet reported that a Polish opposition duo was hacked with NSO spyware.

Spyware

Spyware Government Surveillance Hacking

Internet Archive data breach impacted 31M users

Security Affairs

OCTOBER 11, 2024

Starting from Wednesday, the website archive.org was displaying a message informing visitors that it was hacked. Internet Archive hacked. — Brewster Kahle (@brewster_kahle) October 10, 2024 At this time, the website shows a message informing users that “Internet Archive services are temporarily offline.”

Data breaches

Data breaches Internet Internet DDOS

Dutch police breached by a state actor

Security Affairs

OCTOBER 3, 2024

The Dutch government blames a “state actor” for hacking a police system, exposing the contact details of all police officers, according to the justice minister. The incident took place on September 26, 2024, and the police have reported the security breach to the Data Protection Authority.

Data breaches

Data breaches Hacking Government Accountability

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Security Affairs

NOVEMBER 6, 2024

Security researcher Rick de Jager demonstrated the vulner ability, called RISK:STATION by cybersecurity firm Midnight Blue, at the Pwn2Own Ireland 2024 hacking contest. Midnight Blue took 3rd at Pwn2Own Ireland 2024 , the team demonstrated five zero-day flaws in routers, printers, security cameras, and NAS devices.

Firmware

Firmware Manufacturing Hacking Media

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. and its allies for hacking activities in July. Wall Street Journal reported.

Mobile

Mobile Telecommunications Data breaches Hacking

Arkansas City water treatment facility switched to manual operations following a cyberattack

Security Affairs

SEPTEMBER 25, 2024

In the past, we observed multiple attacks against water facilities; in January the Black Basta ransomware gang claimed to have hacked the UK water utility Southern Water, a major player in the UK water industry.

Hacking

Hacking Cyber Attacks Ransomware Cybercrime

Vulnerabilities in Weapons Systems

Schneier on Security

JUNE 8, 2021

The report observed that “in operational testing, the [Department of Defense] routinely found mission-critical cyber vulnerabilities in systems that were under development, yet program officials GAO met with believed their systems were secure and discounted some test results as unrealistic.”

Software

Software Cybersecurity Backups Manufacturing

On the Irish Health Services Executive Hack

How to Study Ethical Hacking as a Beginner

Trending Sources

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

8Base ransomware group hacked Croatia’s Port of Rijeka

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Israel army hacked the communication network of the Beirut Airport control tower

Four REvil Ransomware members sentenced for hacking and money laundering

A British national has been charged for his execution of a hack-to-trade scheme

FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info

Mazda Connect flaws allow to hack some Mazda vehicles

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems

Thousands of Adobe Commerce e-stores hacked by exploiting the CosmicSting bug

Hacking Kia cars made after 2013 using just their license plate

More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days

Hackers Stole Access Tokens from Okta’s Support Unit

Chinese national charged for hacking thousands of Sophos firewalls

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

New Leak Shows Business Side of China’s APT Menace

Meet the Administrators of the RSOCKS Proxy Botnet

Alleged Extortioner of Psychotherapy Patients Faces Trial

Administrator of RSOCKS Proxy Botnet Pleads Guilty

GUEST ESSAY: Recalibrating critical infrastructure security in the wake of evolving threats

Hackers stole millions of dollars from Uganda Central Bank

Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

3CX Breach Was a Double Supply Chain Compromise

Did Israel infiltrate Lebanese telecoms networks?

Hackers can take over Ecovacs home robots to spy on their owners

Mozilla issued an urgent Firefox update to fix an actively exploited flaw

North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence

Threat actor says Interbank refused to pay the ransom after a two-week negotiation

Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

Amazon discloses employee data breach after May 2023 MOVEit attacks

SEC fined 4 companies for misleading disclosures about the impact of the SolarWinds attack

Poland probes Pegasus spyware abuse under the PiS government

Internet Archive data breach impacted 31M users

Dutch police breached by a state actor

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Arkansas City water treatment facility switched to manual operations following a cyberattack

Vulnerabilities in Weapons Systems

Stay Connected