Hacking, Information Security and Internet

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

Cyber threat analysts at Silent Push said they recently received reports from a partner organization that identified an aggressive scanning effort against their website using an Internet address previously associated with a campaign by FIN7 , a notorious Russia-based hacking group. co — first came online in February 2023.

Hacking

Hacking Cybercrime Advertising Data breaches

Internet Archive data breach impacted 31M users

Security Affairs

OCTOBER 11, 2024

The Internet Archive disclosed a data breach, the security incident impacted more than 31 million users of its “The Wayback Machine.” As of September 5, 2024, the Internet Archive held more than 42.1 Starting from Wednesday, the website archive.org was displaying a message informing visitors that it was hacked.

Data breaches

Data breaches Internet Internet DDOS

Internet Archive was breached twice in a month

Security Affairs

OCTOBER 21, 2024

The Internet Archive was breached again, attackers hacked its Zendesk email support platform through stolen GitLab authentication tokens. The Internet Archive was breached via Zendesk, with users receiving warnings about stolen GitLab tokens due to improper token rotation after repeated alerts.

Internet

Internet Internet Data breaches Authentication

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. internet service providers in recent months as part of a cyber espionage campaign code-named Salt Typhoon. and its allies for hacking activities in July. Wall Street Journal reported.

Hacking

Hacking Internet Internet Government

Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites

Security Affairs

APRIL 22, 2025

Japan s Financial Services Agency (FSA) warns of hundreds of millions in unauthorized trades linked to hacked brokerage accounts. Japan s Financial Services Agency (FSA) reported that the damage caused by unauthorized access to and transactions on internet trading services is increasing. ” reads the FSA’s alert.

Financial Services

Financial Services Passwords Accountability Antivirus

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Krebs on Security

AUGUST 27, 2024

Malicious hackers are exploiting a zero-day vulnerability in Versa Director , a software product used by many Internet and IT service providers. In a security advisory published Aug. Researchers believe the activity is linked to Volt Typhoon , a Chinese cyber espionage group focused on infiltrating critical U.S. ”

Internet

Internet Internet Technology Engineering

Arkana Security group claims the hack of US telco provider WideOpenWest (WOW!)

Security Affairs

MARCH 27, 2025

The new ransomware group Arkana Security claims to have hacked US telecom provider WOW!, is a US-based telecommunications company that provides broadband internet, cable TV, and phone services. is known for offering high-speed internet and competitive pricing in markets where it competes with larger providers.

Hacking

Hacking Telecommunications Data breaches Internet

Luxury department store Harrods suffered a cyberattack

Security Affairs

MAY 2, 2025

. “Our seasoned IT security team immediately took proactive steps to keep systems safe and as a result we have restricted internet access at our sites today. ” In response to the attack, the company had “restricted internet access at its sites,” however Harrods’ site remained online.

Retail

Retail Internet Internet Data breaches

France’s second-largest telecoms provider Free suffered a cyber attack

Security Affairs

OCTOBER 28, 2024

French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. that provides voice, video, data, and Internet telecommunications to consumers in France. ” “Thus, this information should be taken cautiously until confirmed. Free S.A.S.

Cyber Attacks

Cyber Attacks Telecommunications Data breaches Banking

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals. In 2019, a Canadian company called Defiant Tech Inc.

Hacking

Hacking Accountability Data breaches Marketing

Tor Project needs 200 WebTunnel bridges more to bypass Russia’ censorship

Security Affairs

DECEMBER 2, 2024

“We are calling on the Tor community and the Internet freedom community to help us scale up WebTunnel bridges. Our goal is to deploy 200 new WebTunnel bridges by the end of this December (2024) to open secure access for users in Russia.” If you’ve ever thought about running a Tor bridge, now is the time.

Government

Government Internet Internet Hacking

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Security Affairs

JANUARY 15, 2025

At the beginning of the year, and as a positive start for us, and in order to solidify the name of our group in your memory, we are proud to announce our first official operation: Will be published of sensitive data from over 15,000 targets worldwide (both governmental and private sectors) that have been hacked and their data extracted.”

VPN

VPN Passwords Firewall Firmware

SonicWall warns of an exploitable SonicOS vulnerability

Security Affairs

JANUARY 8, 2025

8037 or newer The vendor also provided the following mitigation: “To minimize the potential impact of SSLVPN vulnerabilities, please ensure that access is limited to trusted sources, or disable SSLVPN access from the Internet. For more information about disabling firewall SSLVPN access, see: how-can-i-setup-ssl-vpn.”

Firewall

Firewall Firmware VPN Authentication

Palo Alto Networks confirmed active exploitation of recently disclosed zero-day

Security Affairs

NOVEMBER 16, 2024

In particular, we recommend that you ensure that access to the management interface is possible only from trusted internal IPs and not from the Internet. Palo Alto Networks recommended reviewing best practices for securing management access to its devices. . We are actively investigating this activity.” 173.239.218[.]251

Firewall

Firewall Internet Internet VPN

Palo Alto Networks warns of potential RCE in PAN-OS management interface

Security Affairs

NOVEMBER 8, 2024

In particular, we recommend that you ensure that access to the management interface is possible only from trusted internal IPs and not from the Internet. ” Palo Alto Networks recommends reviewing best practices for securing management access to its devices.

Firewall

Firewall Authentication Internet Internet

Microsoft Patch Tuesday security updates for November 2024 fix two actively exploited zero-days

Security Affairs

NOVEMBER 12, 2024

Below are the descriptions for these two vulnerabilities: CVE-2024-43451 : An NTLM Hash Disclosure Spoofing vulnerability in MSHTML allows attackers to extract a user’s NTLMv2 hash via Internet Explorer components in WebBrowser control. Although user interaction is needed, attackers can still exploit this to impersonate the victim.

Internet

Internet Internet Hacking Data breaches

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. and its allies for hacking activities in July. Wall Street Journal reported.

Mobile

Mobile Telecommunications Data breaches Hacking

A 7-Zip bug allows to bypass the Mark of the Web (MotW) feature

Security Affairs

JANUARY 22, 2025

Attackers can exploit a vulnerability, tracked as CVE-2025-0411 , in the free, open-source file archiver software 7-Zip to bypass the Mark of the Web (MotW) Windows security feature. Mark of the Web (MotW) is a security feature in Microsoft Windows that identifies files downloaded from untrusted sources, such as the internet.

Software

Software Internet Internet Hacking

IT Army of Ukraine disrupted internet providers in territories occupied by Russia

Security Affairs

OCTOBER 29, 2023

IT Army of Ukraine hacktivists have temporarily disrupted internet services in some of the territories that have been occupied by Russia. Ukrainian hacktivists belonging to the IT Army of Ukraine group have temporarily disabled internet services in some of the territories that have been occupied by the Russian army.

Internet

Internet Internet Telecommunications DDOS

2023 FBI Internet Crime Report reported cybercrime losses reached $12.5 billion in 2023

Security Affairs

MARCH 7, 2024

The FBI Internet Crime Complaint Center (IC3) 2023 report states that reported cybercrime losses reached $12.5 The 2023 Internet Crime Report published the FBI’s Internet Crime Complaint Center (IC3) reveals that reported cybercrime losses reached $12.5 billion in 2023. billion in 2023. A monetary hold was placed on $538.39

Cybercrime

Cybercrime Internet Internet Scams

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches

Data breaches Cryptocurrency Artificial Intelligence Cybercrime

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

SecureWorld News

DECEMBER 12, 2024

The details of the Krispy Kreme hack are still emerging, but the companys Form 8-K filing brought the incident to light, offering a rare glimpse into the challenges businesses face when their systems are compromised. The attack goes to show that, truly, nothing Internet-connected is sacred."

Password Management

Password Management Passwords CISO Cybersecurity

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

Security Affairs

DECEMBER 17, 2024

The FBI warned of a fresh wave of HiatusRAT malware attacks targeting internet-facing Chinese-branded web cameras and DVRs. In March 2024, threat actors behind this campaign started targeting Internet of Things (IoT) devices in the US, Australia, Canada, New Zealand, and the United Kingdom. ” reads the PIN report.

Architecture

Architecture Internet Internet Malware

ASUS routers with AiCloud vulnerable to auth bypass exploit

Security Affairs

APRIL 18, 2025

It is recommended to (1) Disable AiCloud (2) disable any services that can be accessed from the internet, such as remote access from WAN, port forwarding, DDNS, VPN server, DMZ, port triggering, and FTP.” ” concludes the security advisory.

Firmware

Firmware Authentication Passwords VPN

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

The Last Watchdog

APRIL 4, 2022

They are often unaware of the risks they take on, which can include hacking, fraud, phishing, and more. SMBs and enterprises alike have been struggling with APIs as a mechanism for information security. The fact that there are so many different APIs is the main challenge for enterprises when it comes to API security.

Hacking

Hacking Penetration Testing Data breaches Authentication

Microsoft warns of critical flaw in Canon printer drivers

Security Affairs

APRIL 1, 2025

. “If the product is connected directly to the Internet without using a wired or Wi-Fi router, a third party could potentially execute arbitrary code or the product could be subjected to a Denial-of-Service (DoS) attack.”

Engineering

Engineering Internet Internet Hacking

NSA buys internet browsing records from data brokers without a warrant

Security Affairs

JANUARY 29, 2024

National Security Agency (NSA) admitted to buying internet browsing records from data brokers to monitor Americans’ activity online without a court order. released documents that confirmed the National Security Agency (NSA) buys Americans’ internet browsing records without a court order. Senator Ron Wyden, D-Ore.,

Internet

Internet Internet Surveillance Government

China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems

Security Affairs

OCTOBER 6, 2024

Experts suspect the state-sponsored hackers have gathered extensive internet traffic and potentially compromised sensitive data. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.” and its allies for hacking activities in July.

Hacking

Hacking Government Internet Internet

Critical Fortinet FortiOS bug CVE-2024-21762 potentially impacts 150,000 internet-facing devices

Security Affairs

MARCH 9, 2024

The researchers scanned the Internet for Internet-facing Fortinet FortiOS and FortiProxy secure web gateway systems vulnerable to CVE-2024-21762. ” Follow me on Twitter: @securityaffairs and Facebook Pierluigi Paganini ( SecurityAffairs – hacking, FortiOS)

Internet

Internet Internet VPN Engineering

Russian Phobos ransomware operator faces cybercrime charges

Security Affairs

NOVEMBER 19, 2024

Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims. If convicted, the man could face up to 20 years in prison for each wire fraud count, 10 years for each computer hacking charge, and 5 years for conspiracy to commit computer fraud and abuse.

Cybercrime

Cybercrime Ransomware Healthcare Education

Poland probes Pegasus spyware abuse under the PiS government

Security Affairs

DECEMBER 3, 2024

The news of the hack was reported by the Gazeta Wyborcza daily, and unfortunately, it isn’t the first time that the Pegasus spyware was used in the country. In 2021, the University of Toronto-based Citizen Lab Internet reported that a Polish opposition duo was hacked with NSO spyware.

Spyware

Spyware Government Surveillance Hacking

South African telecom provider Cell C disclosed a data breach following a cyberattack

Security Affairs

APRIL 13, 2025

The company founded in 2001 offers prepaid and postpaid mobile plans, data bundles and internet services, fiber broadband, roaming and international calling, SIM-only plans and device deals. The exposed information consisted of security camera footage of a small number of patients.

Data breaches

Data breaches Unstructured Data Identity Theft Healthcare

Authorities shut down Crimenetwork, the Germany’s largest crime marketplace

Security Affairs

DECEMBER 4, 2024

Since 2012, Crimenetwork facilitated the sale of illegal goods and services, including drugs, forged documents, hacking tools, and stolen data. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, cybercrime) Source Computerworld.ch

Cybercrime

Cybercrime Cryptocurrency Hacking Internet

Over 20,000 internet-exposed VMware ESXi instances vulnerable to CVE-2024-37085

Security Affairs

AUGUST 1, 2024

Shadowserver researchers reported that over 20,000 internet-exposed VMware ESXi instances are affected by the actively exploited flaw CVE-2024-37085. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, VMware ESXi) ” states Shadowserver.

Internet

Internet Internet Ransomware Authentication

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

Security Affairs

SEPTEMBER 26, 2024

internet service providers (ISPs) as part of a cyber espionage campaign code-named Salt Typhoon. internet service providers in recent months as part of a cyber espionage campaign code-named Salt Typhoon. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.”

Internet

Internet Internet DNS Telecommunications

Over 1,400 CrushFTP internet-facing servers vulnerable to CVE-2024-4040 bug

Security Affairs

APRIL 26, 2024

Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks exploiting recently disclosed CVE-2024-4040 vulnerability. Over 1,400 CrushFTP internet-facing servers are vulnerable to attacks targeting the critical severity vulnerability CVE-2024-4040. CVE-2024-4040 is a CrushFTP VFS sandbox escape vulnerability.

Internet

Internet Internet Software Hacking

LockBit claims the hack of the US Federal Reserve

Security Affairs

JUNE 24, 2024

“We are reaching out to known LockBit victims and encouraging anyone who suspects they were a victim to visit our Internet Crime Complaint Center at ic3.gov.” Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, ransomware)

Hacking

Hacking Banking Ransomware Encryption

Omni Family Health data breach impacts 468,344 individuals

Security Affairs

OCTOBER 18, 2024

“On August 7, 2024, we became aware of claims that information was taken from our systems and posted on the dark web. The dark web is a hidden part of the internet that is not accessible through regular search engines like Google.

Data breaches

Data breaches Healthcare Insurance Engineering

Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack

Security Affairs

JANUARY 15, 2024

Researchers from Bishop Fox used BinaryEdge source data to find SonicWall firewalls with management interfaces exposed to the internet. The experts found that 76% (178,637 of 233,984) of the Internet-facing firewalls are vulnerable to one or both issues. ” reads the advisory published by Bishop Fox.

Firewall

Firewall Hacking Firmware Internet

FortiJump flaw CVE-2024-47575 has been exploited in zero-day attacks since June 2024

Security Affairs

OCTOBER 24, 2024

Mandiant urges organizations that may have their FortiManager exposed to the internet to conduct a forensic investigation. As additional information becomes available through our investigations, Mandiant will update this blog’s attribution assessment.” ” concludes Mandiant. ” concludes Mandiant.

Authentication

Authentication Internet Internet Hacking

Over 91,000 LG smart TVs running webOS are vulnerable to hacking

Security Affairs

APRIL 9, 2024

.” The researchers pointed out that despite the vulnerable service is intended for LAN access only, querying Shodan they identified over 91,000 devices that expose the service to the Internet. Most of the Internet-facing devices are in South Korea, Hong Kong, the U.S., Sweden, and Finland. running on OLED55CXPUA webOS 6.3.3-442

Hacking

Hacking Internet Internet Authentication

A ransomware attack hit the Micronesian state of Yap, causing the health system network to go down.

Security Affairs

MARCH 16, 2025

As a result, the Department now doesnt have internet connectivity, and all computers are returned off to prevent further damage. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,ransomware attack) In response, the whole network was taken offline.

Ransomware

Ransomware Government Internet Internet

Ukrainian military intelligence service hacked the Russian Federal Taxation Service

Security Affairs

DECEMBER 12, 2023

The Ukrainian government’s military intelligence service announced the hack of the Russian Federal Taxation Service (FNS). The military intelligence service said that the hack was the result of a successful special operation on the territory of Russia. At the same time, the Russian IT company Office.ed-it.ru,

Hacking

Hacking Cyber Attacks Backups Government

Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM

Security Affairs

DECEMBER 19, 2024

. “While we found it to be popular with State, Local, and Education (SLED) and healthcare focused customers, luckily the internet exposure is fairly limited to around 15 instances.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,FortiWLM)

Wireless

Wireless Authentication Healthcare Education

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Internet Archive data breach impacted 31M users

Webinars

Trending Sources

Internet Archive was breached twice in a month

Webinars

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Arkana Security group claims the hack of US telco provider WideOpenWest (WOW!)

Luxury department store Harrods suffered a cyberattack

France’s second-largest telecoms provider Free suffered a cyber attack

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Tor Project needs 200 WebTunnel bridges more to bypass Russia’ censorship

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

SonicWall warns of an exploitable SonicOS vulnerability

Palo Alto Networks confirmed active exploitation of recently disclosed zero-day

Palo Alto Networks warns of potential RCE in PAN-OS management interface

Microsoft Patch Tuesday security updates for November 2024 fix two actively exploited zero-days

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

A 7-Zip bug allows to bypass the Mark of the Web (MotW) feature

IT Army of Ukraine disrupted internet providers in territories occupied by Russia

2023 FBI Internet Crime Report reported cybercrime losses reached $12.5 billion in 2023

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

ASUS routers with AiCloud vulnerable to auth bypass exploit

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

Microsoft warns of critical flaw in Canon printer drivers

NSA buys internet browsing records from data brokers without a warrant

China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems

Critical Fortinet FortiOS bug CVE-2024-21762 potentially impacts 150,000 internet-facing devices

Russian Phobos ransomware operator faces cybercrime charges

Poland probes Pegasus spyware abuse under the PiS government

South African telecom provider Cell C disclosed a data breach following a cyberattack

Authorities shut down Crimenetwork, the Germany’s largest crime marketplace

Over 20,000 internet-exposed VMware ESXi instances vulnerable to CVE-2024-37085

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

Over 1,400 CrushFTP internet-facing servers vulnerable to CVE-2024-4040 bug

LockBit claims the hack of the US Federal Reserve

Omni Family Health data breach impacts 468,344 individuals

Over 178,000 SonicWall next-generation firewalls (NGFW) online exposed to hack

FortiJump flaw CVE-2024-47575 has been exploited in zero-day attacks since June 2024

Over 91,000 LG smart TVs running webOS are vulnerable to hacking

A ransomware attack hit the Micronesian state of Yap, causing the health system network to go down.

Ukrainian military intelligence service hacked the Russian Federal Taxation Service

Fortinet warns about Critical flaw in Wireless LAN Manager FortiWLM

Stay Connected