Hacking and Information Security - Cyber Security Informer

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

Cyber threat analysts at Silent Push said they recently received reports from a partner organization that identified an aggressive scanning effort against their website using an Internet address previously associated with a campaign by FIN7 , a notorious Russia-based hacking group. co — first came online in February 2023.

Hacking

Hacking Cybercrime Advertising Data breaches

Rhysida Ransomware gang claims the hack of the Government of Peru

Security Affairs

MAY 3, 2025

The Rhysida Ransomware gang claims the hack of the Government of Peru, the gang breached Gob.pe, the Single Digital Platform of the Peruvian State. The Rhysida ransomware gang claims responsibility for hacking the Government of Peru, breaching Gob.pe, which is the country’s official digital platform.

Government

Government Ransomware Hacking Manufacturing

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Security Affairs

NOVEMBER 21, 2024

Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. Today they are going to send me a report on the supposed hacking.” This is not the first time Mexico’s presidential office has been targeted in a hack involving sensitive information.

Government

Government Hacking Ransomware Insurance

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Four REvil Ransomware members sentenced for hacking and money laundering

Security Affairs

OCTOBER 27, 2024

Four former members of the REvil ransomware group were sentenced in Russia for hacking and money laundering, marking a rare case of Russian gang members being convicted in the country. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, REvil ransomware gang )

Ransomware

Ransomware Hacking Malware Cybercrime

Chinese threat actors used two advanced exploit chains to hack Ivanti CSA

Security Affairs

JANUARY 23, 2025

is end-of-life and no longer receives security updates, for this reason, these instances are exposed to hack. The advisory details hacking activities exploiting the mentioned vulnerabilities. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,CISA)

Hacking

Hacking Government Cybersecurity Information Security

8Base ransomware group hacked Croatia’s Port of Rijeka

Security Affairs

DECEMBER 7, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,ransomware) Grabovac pointed out that his organization will not pay the ransom requested by the ransomware gang.

Ransomware

Ransomware Hacking Accountability Cyber Attacks

FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info

Security Affairs

NOVEMBER 2, 2024

A former Disney World employee hacked servers after being fired, altering prices, adding profanities, and mislabeling allergy info. A former Walt Disney World employee hacked servers after being fired by the company. He is accused of changing prices, adding profanities, and falsely labeling items as allergy-safe.

Hacking

Hacking Risk Cybercrime Information Security

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Security Affairs

MARCH 10, 2025

Another American hospital falls victim to a ransomware attack; the RansomHouse gang announced the hack of Loretto Hospital in Chicago.” ” The RansomHouse gang announced the hack of Loretto Hospital in Chicago, the groups claims to have stolen 1.5TB of sensitive data.

Hacking

Hacking Healthcare Backups Ransomware

Subaru Starlink flaw allowed experts to remotely hack cars

Security Affairs

JANUARY 25, 2025

To confirm their findings, the researchers reached out to their friend and asked if they could hack her car. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Subaru Starlink) Admin panel access exposed vehicle data (e.g., location history, VIN) and customer info (e.g.,

Hacking

Hacking Accountability Passwords Authentication

Mazda Connect flaws allow to hack some Mazda vehicles

Security Affairs

NOVEMBER 9, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Mazda Connect) . “The CMU can then be compromised and “enhanced” to, for example, attempt to compromise any connected device in targeted attacks that can result in DoS, bricking, ransomware, safety compromise, etc.”

Hacking

Hacking Firmware Software Manufacturing

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Security Affairs

FEBRUARY 2, 2025

The hacking campaign targeted 90 users and was disrupted in December, WhatsApp already alerted them of a possible compromise of their devices. WhatsApp linked the hacking campaign to Paragon, an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024.

Spyware

Spyware Hacking Surveillance Malware

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.” and its allies for hacking activities in July.

Hacking

Hacking Internet Internet Government

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

Security Affairs

APRIL 10, 2025

The hacker has published 10,000 customer records, a file showing Oracle Cloud access, user credentials, and an internal video as proof of the hack. The incident has raised serious concerns about the security of Oracles cloud infrastructure and the potential implications for affected customers.

Hacking

Hacking Data breaches Encryption Passwords

How a researcher earned $100,000 hacking a Facebook server

Security Affairs

JANUARY 12, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, Facebook) The researchers already received for these issues 32 payrolls for a total of $288,500 but likely will receive more for the other flaws reported.

Hacking

Hacking Media Information Security

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

MARCH 24, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, ransomware) .” The group uses an ARCrypter ransomware variant, derived from Babuks leaked code , to encrypt files after infiltrating a network.

Ransomware

Ransomware Hacking Social Engineering VPN

Attackers could hack smart solar systems and cause serious damages

Security Affairs

FEBRUARY 28, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,smart solar systems)

Hacking

Hacking Passwords Risk Cyber threats

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

Security Affairs

OCTOBER 22, 2024

VMware addressed a remote code execution flaw, demonstrated in a Chinese hacking contest, for the second time in two months. In September, Broadcom released security updates to the vulnerability CVE-2024-38812. During the 2024 Matrix Cup hacking contest in China, zbl & srs of team TZL demonstrated the vulnerability.

Hacking

Hacking Government Software Information Security

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

Security Affairs

APRIL 13, 2025

. “During the half-day meeting in Geneva, Wang Lei, a top cyber official with Chinas Ministry of Foreign Affairs, indicated that the infrastructure hacks resulted from the U.S.s “Wang or the other Chinese officials didnt directly state that China was responsible for the hacking, the U.S. ” states the WSJ.

Hacking

Hacking Manufacturing Education Government

Hackers stole millions of dollars from Uganda Central Bank

Security Affairs

NOVEMBER 30, 2024

Financially-motivated threat actors hacked Uganda ‘s central bank system, government officials confirmed this week. Ugandan officials confirmed on Thursday that the national central bank suffered a security breach by financially-motivated threat actors.

Banking

Banking Government Accountability Hacking

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

Security Affairs

FEBRUARY 22, 2025

The Bybit hack is the largest cryptocurrency heist ever, surpassing previous ones like Ronin Network ($625M), Poly Network ($611M), and BNB Bridge ($566M). Bybit is Solvent even if this hack loss is not recovered, all of clients assets are 1 to 1 backed, we can cover the loss. billion to an unidentified address.

Cryptocurrency

Cryptocurrency Hacking Banking Cybersecurity

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

“ Flax Typhoon is a China-linked hacking group that has been active since 2021, it targets critical infrastructure globally, exploiting vulnerabilities for persistent access. According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. critical infrastructure sectors.“

Cybersecurity

Cybersecurity IoT Hacking Technology

Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites

Security Affairs

APRIL 22, 2025

Japan s Financial Services Agency (FSA) warns of hundreds of millions in unauthorized trades linked to hacked brokerage accounts. from fake websites (phishing sites) disguised as websites of real securities companies.” ” reads the FSA’s alert.

Financial Services

Financial Services Passwords Accountability Antivirus

Sansec uncovered a supply chain attack via 21 backdoored Magento extensions

Security Affairs

MAY 5, 2025

Sansec researchers reported that multiple vendors were hacked in a coordinated supply chain attack, the experts discovered that a backdoor was hidden in 21 applications. “This hack is called a Supply Chain Attack, which is one of the worst types. Meetanshi claims no tampering but confirms their server was hacked.

eCommerce

eCommerce Hacking Authentication Software

Russia warns financial sector organizations of IT service provider LANIT compromise

Security Affairs

FEBRUARY 25, 2025

” NKTsKI recommends organizations to strengthen monitoring of threats and information security events in systems provided by LANIT. LANIT Group (Laboratory of New Information Technologies) is one of Russia’s largest IT service and software providers. ” said U.S.

Telecommunications

Telecommunications Software Technology Healthcare

Threat actor says Interbank refused to pay the ransom after a two-week negotiation

Security Affairs

OCTOBER 31, 2024

Interbank disclosed a data breach after a threat actor claimed the hack of the organization and leaked stolen data online. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, data breach) Interbank , formally the Banco Internacional del Perú Service Holding S.A.A.

Data breaches

Data breaches Financial Services Hacking Mobile

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

NOVEMBER 11, 2024

million records containing employee data on the hacking forum BreachForums. Compromised data includes names, contact information, building locations, email addresses, and more. Exposed data did not include Social Security numbers or financial information. . Amazon did not disclose the number of impacted employees.

Data breaches

Data breaches Hacking Ransomware Technology

Internet Archive data breach impacted 31M users

Security Affairs

OCTOBER 11, 2024

Starting from Wednesday, the website archive.org was displaying a message informing visitors that it was hacked. Internet Archive hacked. — Brewster Kahle (@brewster_kahle) October 10, 2024 At this time, the website shows a message informing users that “Internet Archive services are temporarily offline.”

Data breaches

Data breaches Internet Internet DDOS

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Security Affairs

NOVEMBER 6, 2024

Security researcher Rick de Jager demonstrated the vulner ability, called RISK:STATION by cybersecurity firm Midnight Blue, at the Pwn2Own Ireland 2024 hacking contest. Midnight Blue took 3rd at Pwn2Own Ireland 2024 , the team demonstrated five zero-day flaws in routers, printers, security cameras, and NAS devices.

Firmware

Firmware Manufacturing Hacking Media

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. and its allies for hacking activities in July. Wall Street Journal reported.

Mobile

Mobile Telecommunications Data breaches Hacking

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Security Affairs

JANUARY 15, 2025

At the beginning of the year, and as a positive start for us, and in order to solidify the name of our group in your memory, we are proud to announce our first official operation: Will be published of sensitive data from over 15,000 targets worldwide (both governmental and private sectors) that have been hacked and their data extracted.”

VPN

VPN Passwords Firewall Firmware

The US Treasury’s OCC disclosed an undetected major email breach for over a year

Security Affairs

APRIL 9, 2025

The confidentiality and integrity of the OCCs information security systems are paramount to fulfilling its mission, said Acting Comptroller of the Currency Rodney E. The threat actors behind the security breach remain unknown, and it’s unclear if the incident is linked to past Treasury attacks by China-linked groups.

Accountability

Accountability Banking Information Security Hacking

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

SecureWorld News

DECEMBER 12, 2024

The details of the Krispy Kreme hack are still emerging, but the companys Form 8-K filing brought the incident to light, offering a rare glimpse into the challenges businesses face when their systems are compromised. The Krispy Kreme hack is a sobering reminder that no industry is immune to cyber threats.

Password Management

Password Management Passwords CISO Cybersecurity

Akira ransomware gang used an unsecured webcam to bypass EDR

Security Affairs

MARCH 8, 2025

.” The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. Like other ransomware gangs, the group hasdeveloped a Linux encryptorto target VMware ESXi servers.

Ransomware

Ransomware IoT Encryption Passwords

WhatsApp fixed a spoofing flaw that could enable Remote Code Execution

Security Affairs

APRIL 8, 2025

The hacking campaign targeted 90 users and was disrupted in December, WhatsApp immediately alerted targeted users of a possible compromise of their devices. The Meta-owned company linked the hacking campaign to Paragon , an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024.

Spyware

Spyware Media Surveillance Hacking

Iran and China-linked actors used ChatGPT for preparing attacks

Security Affairs

OCTOBER 11, 2024

Rather than using advanced hacking techniques, they exploited systems with default credentials to compromise target networks. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, OpenAI)

Malware

Malware Social Engineering Engineering Hacking

Digital nomads and risk associated with the threat of infiltred employees

Security Affairs

MARCH 4, 2025

About the author: Salvatore Lombardo ( X @Slvlombardo ) Electronics engineer and Clusit member, for some time now, espousing the principle of conscious education, he has been writing for several online magazine on information security. He is also the author of the book La Gestione della Cyber Security nella Pubblica Amministrazione.

Risk

Risk Education Scams VPN

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

Security Affairs

OCTOBER 12, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Russia) The cyber agencies recommend organizations apply vendor-issued patches for these publicly disclosed vulnerabilities.

Data collection

Data collection Authentication Hacking Government

CEO of cybersecurity firm charged with installing malware on hospital systems

Security Affairs

APRIL 26, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, malware ) At the time of this writing, the website of the cybersecurity firm Veritaco is unreachable.

Malware

Malware Cybersecurity Healthcare Media

Nigerian man Sentenced to 26+ years in real estate phishing scams

Security Affairs

NOVEMBER 4, 2024

for phishing scams that stole millions by hacking email accounts. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, phishing scams) Nigerian Kolade Ojelade gets 26 years in U.S. for phishing scams that resulted in the compromise of millions of email accounts.

Scams

Scams Phishing Identity Theft Accountability

France’s second-largest telecoms provider Free suffered a cyber attack

Security Affairs

OCTOBER 28, 2024

Recently, many cybercriminals have been creating profiles shortly before sharing information about hacks, attacks, or data leaks in France.” ” “Thus, this information should be taken cautiously until confirmed. . “Additionally, the cybercriminal’s profile was created just yesterday.

Cyber Attacks

Cyber Attacks Telecommunications Data breaches Banking

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

Security Affairs

MARCH 21, 2025

Zero-day prices have risen as the level of security of messaging apps and mobile devices becomes harder to hack. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,zero-day)

Government

Government Surveillance Mobile Hacking

New ‘Bring Your Own Installer (BYOI)’ technique allows to bypass EDR

Security Affairs

MAY 6, 2025

” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,BYOI) . “At the time of Stroz Friedbergs investigation and testing, this option was not enabled by default.”

Ransomware

Ransomware Hacking Information Security

EDR-as-a-Service makes the headlines in the cybercrime landscape

Security Affairs

APRIL 7, 2025

OPERATIONAL MANUALS AND DECEPTION STRATEGIES As further evidence of the increasing professionalization of this illicit sector, Meridian Group reports the publication of informational content designed to guide the proper use of EDR services, presented as a detailed guide on how to correctly complete and unlawfully submit the requests.

Cybercrime

Cybercrime Social Engineering Accountability Government

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

The two infostealers allowed operators to harvest usernames, passwords, contact info, and crypto-wallets from victims, the threat actors sold this data to criminals for financial theft and hacking. Long-term monitoring : Regularly check for unusual account activity to guard against potential identity theft.

Identity Theft

Identity Theft Passwords Malware Banking

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Rhysida Ransomware gang claims the hack of the Government of Peru

Webinars

Trending Sources

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Webinars

Four REvil Ransomware members sentenced for hacking and money laundering

Chinese threat actors used two advanced exploit chains to hack Ivanti CSA

8Base ransomware group hacked Croatia’s Port of Rijeka

FBI arrested former Disney World employee for hacking computer menus and mislabeling allergy info

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Subaru Starlink flaw allowed experts to remotely hack cars

Mazda Connect flaws allow to hack some Mazda vehicles

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

How a researcher earned $100,000 hacking a Facebook server

Cloak ransomware group hacked the Virginia Attorney General’s Office

Attackers could hack smart solar systems and cause serious damages

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

Hackers stole millions of dollars from Uganda Central Bank

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites

Sansec uncovered a supply chain attack via 21 backdoored Magento extensions

Russia warns financial sector organizations of IT service provider LANIT compromise

Threat actor says Interbank refused to pay the ransom after a two-week negotiation

Amazon discloses employee data breach after May 2023 MOVEit attacks

Internet Archive data breach impacted 31M users

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

The US Treasury’s OCC disclosed an undetected major email breach for over a year

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

Akira ransomware gang used an unsecured webcam to bypass EDR

WhatsApp fixed a spoofing flaw that could enable Remote Code Execution

Iran and China-linked actors used ChatGPT for preparing attacks

Digital nomads and risk associated with the threat of infiltred employees

Russia-linked group APT29 is targeting Zimbra and JetBrains TeamCity servers on a large scale

CEO of cybersecurity firm charged with installing malware on hospital systems

Nigerian man Sentenced to 26+ years in real estate phishing scams

France’s second-largest telecoms provider Free suffered a cyber attack

Zero-day broker Operation Zero offers up to $4 million for Telegram exploits

New ‘Bring Your Own Installer (BYOI)’ technique allows to bypass EDR

EDR-as-a-Service makes the headlines in the cybercrime landscape

International law enforcement operation dismantled RedLine and Meta infostealers

Stay Connected