Security Affairs

SEPTEMBER 26, 2021

German Federal Office for Information Security is launching an investigation into the cybersecurity of certain Chinese mobile phones. German Federal Office for Information Security (BSI) is launching an investigation into the cybersecurity of mobile phones of certain Chinese manufacturers. Pierluigi Paganini.

Information Security 116

Information Security Mobile Manufacturing Encryption 116

Security Affairs

NOVEMBER 21, 2024

Threat actors already hacked thousands of Palo Alto Networks firewalls exploiting recently patched zero-day vulnerabilities. Shadowserver researchers, who are tracking the number of compromised Palo Alto Networks firewalls, reported that approximately 2,000 have been hacked due to a CVE-2024-0012/CVE-2024-9474 campaign.

Firewall 91

Firewall Hacking VPN Cybersecurity 91

Security Affairs

OCTOBER 27, 2024

Four former members of the REvil ransomware group were sentenced in Russia for hacking and money laundering, marking a rare case of Russian gang members being convicted in the country. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, REvil ransomware gang )

Ransomware 143

Ransomware Hacking Malware Cybercrime 143

Schneier on Security

FEBRUARY 11, 2022

Under-resourced Information Security Managers were not performing their business as usual role (including a NIST-based cybersecurity review of systems) but were working on evaluating security controls for the COVID-19 vaccination system.

Antivirus 312

Antivirus Hacking Ransomware CISO 312

Security Affairs

MAY 15, 2024

An international law enforcement operation coordinated by the FBI led to the seizure of the notorious BreachForums hacking forum. BreachForums is a cybercrime forum used by threat actors to purchase, sell, and exchange stolen data, including credentials, and personal and financial information. In March 2023, U.S.

Hacking 135

Hacking Cybercrime Information Security 135

Security Affairs

NOVEMBER 2, 2024

A former Disney World employee hacked servers after being fired, altering prices, adding profanities, and mislabeling allergy info. A former Walt Disney World employee hacked servers after being fired by the company. He is accused of changing prices, adding profanities, and falsely labeling items as allergy-safe.

Hacking 140

Hacking Risk Cybercrime Information Security 140

Security Affairs

SEPTEMBER 30, 2024

The Department of Justice charged a British national for hacking into the systems of five U.S. The Department of Justice charged the British national Robert Westbrook (39) for hacking into the systems of five U.S. From January 2019 to May 2020, the man carried out a hack-to-trade scheme, earning over $3 million in profits.

Hacking 137

Hacking Accountability Passwords Cybercrime 137

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.” and its allies for hacking activities in July.

Hacking 130

Hacking Internet Internet Mobile 130

Security Affairs

OCTOBER 6, 2024

internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.” The hacking campaign, called Salt Typhoon by investigators, hasn’t previously been publicly disclosed and is the latest in a series of incursions that U.S. and its allies for hacking activities in July.

Hacking 145

Hacking Government Internet Internet 145

Security Affairs

MARCH 4, 2024

Leaked data, including a contract between the Navy and Chunghwa Telecom, are available for sale on a dark web hacking forum, Broadcaster TVBS first reported. We have asked the contractor involved to strengthen its information security control to prevent any further incidents.” Threat actors claim they have stolen 1.7

Hacking 141

Hacking Government Cyber threats Cyber Attacks 141

Security Affairs

OCTOBER 3, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added the vulnerability to its Known Exploited Vulnerabilities catalog in July 2024. According to Sansec, CosmicSting (CVE-2024-34102) is the most severe bug impacting Magento and Adobe Commerce stores in two years, with hacks occurring at a rate of 3 to 5 per hour.

Hacking 137

Hacking Passwords Cybersecurity Cybercrime 137

Security Affairs

NOVEMBER 9, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Mazda Connect) . “The CMU can then be compromised and “enhanced” to, for example, attempt to compromise any connected device in targeted attacks that can result in DoS, bricking, ransomware, safety compromise, etc.”

Hacking 129

Hacking Firmware Software Manufacturing 129

Security Affairs

JANUARY 26, 2024

Researchers hacked the Tesla infotainment system and found 24 zero-days on day 2 of Pwn2Own Automotive 2024 hacking competition. White hat hackers from the Synacktiv Team ( @Synacktiv ) compromised the Tesla infotainment system on the second day of the Pwn2Own Automotive 2024 hacking competition.

Hacking 138

Hacking Information Security 138

Security Affairs

NOVEMBER 18, 2024

The Library of Congress discloses the compromise of some of its IT systems, an alleged foreign threat actor hacked their emails. “An unidentified “adversary” hacked into the email system for the Library of Congress, accessing information sent via email between January and September 2024, the Library said.”

Hacking 66

Hacking Government Data breaches Information Security 66

Security Affairs

SEPTEMBER 26, 2024

Researchers discovered critical flaws in Kia’s dealer portal that could allow to hack Kia cars made after 2013 using just their license plate. The token allowed them to access backend dealer APIs, then they successfully extracted sensitive information like the vehicle owner’s name, email, phone number, and other details.

Hacking 140

Hacking Accountability Mobile Internet 140

Security Affairs

MARCH 4, 2024

The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense claims that it hacked the Russian Ministry of Defense. In November, Ukraine’s intelligence service announced they had hacked Russia’s Federal Air Transport Agency, ‘Rosaviatsia.’ The attack is the result of another complex special cyber operation.

Hacking 141

Hacking Data breaches Encryption Government 141

Security Boulevard

OCTOBER 27, 2024

We explore these technological advancements alongside other unusual tech innovations, touching upon security […] The post Internet Archive Hacked, Introducing The AI Toilet Camera appeared first on Shared Security Podcast. The post Internet Archive Hacked, Introducing The AI Toilet Camera appeared first on Security Boulevard.

Internet 69

Internet Internet Hacking Data breaches 69

Security Affairs

MARCH 21, 2024

Participants earned $732,500 on the first day of the Pwn2Own Vancouver 2024 hacking competition, a team demonstrated a Tesla hack. Participants earned $732,000 on the first day of the Pwn2Own Vancouver 2024 hacking competition for demonstrating 19 unique zero-days, announced Trend Micro’s Zero Day Initiative (ZDI).

Hacking 131

Hacking Engineering Software Information Security 131

Security Affairs

MARCH 13, 2024

Acer Philippines disclosed a data breach after employee data was leaked by a threat actor on a hacking forum. In our commitment to full transparency, we wish to inform you of a recent security incident involving a third-party vendor managing employee attendance data.

Data breaches 138

Data breaches Computers and Electronics Hacking Cybercrime 138

Security Affairs

SEPTEMBER 16, 2022

According to the New York Times , the threat actors hacked an employee’s Slack account and used it to inform internal personnel that the company had “suffered a data breach” and provided a list of allegedly hacked internal databases. “I SecurityAffairs – hacking, Uber). states the message.

Hacking 144

Hacking Data breaches Engineering Information Security 144

Security Affairs

DECEMBER 26, 2023

The Rhysida ransomware group claimed to have hacked Abdali Hospital, a multi-specialty hospital located in Jordan. pic.twitter.com/6uHMDcNhTC — Dominic Alvieri (@AlvieriD) December 26, 2023 The group published images of stolen documents as proof of the hack. Abdali Hospital provides care to patients in numerous specialties.

Ransomware 139

Ransomware Hacking Manufacturing Healthcare 139

Security Affairs

FEBRUARY 27, 2023

Data allegedly stolen from the American gaming giant Activision in December security breach were leaked on a cybercrime forum. A threat actor leaked on the Breached hacking forum the data allegedly stolen from the gaming giant Activision in December 2022. Activision was breached December 4th, 2022. ” states the post.

Hacking 98

Hacking Cybercrime Social Engineering Data breaches 98

Security Affairs

FEBRUARY 9, 2024

Black Basta ransomware gang claims the hack of the car maker Hyundai Motor Europe and the theft of three terabytes of their data. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Hyundai ) The threat actors claim to have stolen three terabytes of data from the company.

Hacking 143

Hacking Ransomware Data breaches Manufacturing 143

Security Affairs

FEBRUARY 26, 2024

The popular hacker IntelBroker announced that it had hacked the Los Angeles International Airport by exploiting a flaw in one of its CRM systems. The security breach did not impact travelers. Follow me on Twitter: @securityaffairs and Facebook Pierluigi Paganini ( SecurityAffairs – hacking, LA International Airport)

Hacking 137

Hacking Data breaches Cybercrime Information Security 137

Security Affairs

JANUARY 4, 2024

The X account of cybersecurity giant Mandiant was hacked, attackers used it to impersonate the Phantom crypto wallet and push a cryptocurrency scam. Crooks hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam.

Cryptocurrency 133

Cryptocurrency Scams Accountability Hacking 133

Security Affairs

MAY 21, 2024

The Blackbasta extortion group claims to have hacked Atlas, one of the largest national distributors of fuel in the United States. The gang published a series of documents as proof of the hack, including people’s ID cards, data sheets, payroll payment requesters and a picture of the folder exfiltrated from the victim’s systems.

Hacking 143

Hacking Ransomware Phishing Malware 143

Security Affairs

JANUARY 30, 2024

In early January, the Cactus ransomware group claimed to have hacked Coop, one of the largest retail and grocery providers in Sweden. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Schneider Electric)

Ransomware 141

Ransomware Hacking Data breaches Digital transformation 141

Security Affairs

JUNE 5, 2024

Semafor first reported that CNN’s TikTok account had been hacked, forcing the broadcaster to take down its account for several days. The TikTok spokesperson also added that their security team was recently alerted of malicious actors targeting CNN’s account. .” TikTok spokesperson Alex Haurek told Forbes.

Accountability 134

Accountability Hacking Malware Information Security 134

Security Affairs

JUNE 24, 2024

Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, ransomware) “We are reaching out to known LockBit victims and encouraging anyone who suspects they were a victim to visit our Internet Crime Complaint Center at ic3.gov.”

Hacking 145

Hacking Banking Ransomware Encryption 145

Security Affairs

MARCH 2, 2024

Department of Justice (DoJ) charged Iranian national Alireza Shafie Nasab (39) for multi-year hacking campaign targeting U.S. sensitive information and critical infrastructure. Our National Security Cyber Section remains focused on disputing these cross-border hacking schemes and holding those responsible to account.”

Hacking 138

Hacking Identity Theft Social Engineering Accountability 138

SecureList

AUGUST 14, 2023

Another tactic, popular with scammers big and small, phishers included, is hacking websites and placing malicious content on those, rather than registering new domains. Besides tucking a phishing page inside the website they hack, scammers can steal all of the data on the server and completely disrupt the site’s operation.

Phishing 81

Phishing Hacking Banking Scams 81

Security Affairs

NOVEMBER 22, 2023

SiegedSec hacktivists group claimed responsibility for the hack of The Idaho National Laboratory (INL) and leaked stolen human resources data. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, INL) organizations, especially U.S. municipalities.

Hacking 134

Hacking Data breaches Information Security 134

Security Affairs

DECEMBER 7, 2022

The Pwn2Own Toronto 2022 hacking competition has begun, this is the 10th anniversary of the consumer-focused version of the contest. The news of the Samsung Galaxy S22 hack on the first day of Pwn2Own Toronto 2022 made the headlines. SecurityAffairs – hacking, Pwn2Own Toronto 2022). Pierluigi Paganini.

Hacking 98

Hacking Wireless Mobile Data breaches 98

Security Affairs

NOVEMBER 25, 2023

The Rhysida ransomware group claimed to have hacked the Chinese state-owned energy conglomerate China Energy Engineering Corporation. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Rhysida ransomware) Energy China [link] TL;DR That's huuuge!

Ransomware 142

Ransomware Hacking Engineering Manufacturing 142

Security Affairs

MAY 11, 2024

The threat actor IntelBroker announced on the cybercrime forum Breach the hack of the European law enforcement agency Europol. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, cybercrime)

Hacking 126

Hacking Data breaches Cybercrime Cryptocurrency 126

Security Affairs

DECEMBER 12, 2023

The Ukrainian government’s military intelligence service announced the hack of the Russian Federal Taxation Service (FNS). The military intelligence service said that the hack was the result of a successful special operation on the territory of Russia. . ” concludes the statement.

Hacking 135

Hacking Cyber Attacks Backups Government 135

Security Affairs

NOVEMBER 27, 2023

Ukraine’s intelligence service announced the hack of the Russian Federal Air Transport Agency, ‘Rosaviatsia.’ ’ Ukraine’s intelligence service announced they have hacked Russia’s Federal Air Transport Agency, ‘Rosaviatsia.’ ” reads the announcement. ” reads the announcement.

Hacking 140

Hacking Engineering Government Manufacturing 140