Hacking, Information Security and Media

8Base ransomware group hacked Croatia’s Port of Rijeka

Security Affairs

DECEMBER 7, 2024

The CEO of the Croatian Port, Duko Grabovac, told local media outlet Novi list that despite threats actors stole some data, the incident had no impact on the operations at the post. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,ransomware)

Ransomware

Ransomware Hacking Accountability Cyber Attacks

New LightSpy spyware variant comes with enhanced data collection features targeting social media platforms

Security Affairs

FEBRUARY 26, 2025

Researchers found an updated LightSpy spyware with enhanced data collection features targeting social media platforms like Facebook and Instagram. have found an updated version of the LightSpy spyware that supports an expanded set of data collection features to target social media platforms like Facebook and Instagram.

Data collection

Data collection Spyware Media Surveillance

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Security Affairs

FEBRUARY 2, 2025

The hacking campaign targeted 90 users and was disrupted in December, WhatsApp already alerted them of a possible compromise of their devices. WhatsApp linked the hacking campaign to Paragon, an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024.

Spyware

Spyware Hacking Surveillance Malware

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

How a researcher earned $100,000 hacking a Facebook server

Security Affairs

JANUARY 12, 2025

Sadeghipour reported the bug to Meta through the company bug bounty program and the social media giant immediately acknowledged the issue, and addressed it. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, Facebook) ” reported TechCrunch.

Hacking

Hacking Media Information Security

Crazy Evil gang runs over 10 highly specialized social media scams

Security Affairs

FEBRUARY 3, 2025

The Russian-speaking Crazy Evil group runs over 10 social media scams, tricking victims into installing StealC, AMOS, and Angel Drainer malware. Security experts identified six Crazy Evil’s subteams, called AVLAND, TYPED, DELAND, ZOOMLAND, DEFI, and KEVLAND, which are running targeted scams for specific victim profiles. .”

Scams

Scams Media Cryptocurrency Cybercrime

Apple indeed added a feature called “inactivity reboot” in iOS 18.1 that reboots locked devices

Security Affairs

NOVEMBER 12, 2024

404 Media recently reported that law enforcement warned that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them harder to unlock. 404 Media obtained the document from a mobile forensics source and verified it with another source. reported 404 Media. ” reported 404 Media.

Media

Media Wireless Mobile Encryption

WhatsApp fixed a spoofing flaw that could enable Remote Code Execution

Security Affairs

APRIL 8, 2025

Its value stems from WhatsApp’s massive user base and the potential for covert access to private chats, media, and device-level control. The hacking campaign targeted 90 users and was disrupted in December, WhatsApp immediately alerted targeted users of a possible compromise of their devices.

Spyware

Spyware Media Surveillance Hacking

Hackers stole millions of dollars from Uganda Central Bank

Security Affairs

NOVEMBER 30, 2024

Financially-motivated threat actors hacked Uganda ‘s central bank system, government officials confirmed this week. Ugandan officials confirmed on Thursday that the national central bank suffered a security breach by financially-motivated threat actors.

Banking

Banking Government Accountability Hacking

Samsung zero-day flaw actively exploited in the wild

Security Affairs

OCTOBER 22, 2024

Google researchers reported that the vulnerability explained that the issue resides in a driver that provides hardware acceleration for media functions like JPEG decoding and image scaling. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Samsung)

Firmware

Firmware Mobile Spyware Media

EDR-as-a-Service makes the headlines in the cybercrime landscape

Security Affairs

APRIL 7, 2025

OPERATIONAL MANUALS AND DECEPTION STRATEGIES As further evidence of the increasing professionalization of this illicit sector, Meridian Group reports the publication of informational content designed to guide the proper use of EDR services, presented as a detailed guide on how to correctly complete and unlawfully submit the requests.

Cybercrime

Cybercrime Social Engineering Accountability Government

Apple fixed the first actively exploited zero-day of 2025

Security Affairs

JANUARY 27, 2025

The vulnerability is a privilege escalation vulnerability that impacts the Core Media framework. The Apple Core Media framework supports multimedia tasks like playback, recording, and manipulation of audio and video on iOS and macOS devices. “A malicious application may be able to elevate privileges.

Spyware

Spyware Surveillance Media Hacking

CEO of cybersecurity firm charged with installing malware on hospital systems

Security Affairs

APRIL 26, 2025

. “New court documents reveal security cameras captured Bowie wandering around the hospital on August 6, where he tried to get into multiple offices until he stumbled upon two computers. ” reported the media outlet KOCO 5 News. One of those computers was for employees only.”

Malware

Malware Cybersecurity Healthcare Media

Asian media company Nikkei suffered a ransomware attack

Security Affairs

MAY 21, 2022

The media company Nikkei has disclosed a ransomware attack and revealed that the incident might have impacted customer data. The Japanese-based media company Nikkey is focused on the business and financial industry, it is the world’s largest financial newspaper. SecurityAffairs – hacking, Nikkei). Pierluigi Paganini.

Media

Media Ransomware Data breaches Hacking

Canadian authorities arrested alleged Snowflake hacker

Security Affairs

NOVEMBER 5, 2024

Canadian authorities arrested a suspect linked to multiple hacks following a breach of cloud data platform Snowflake earlier this year. “Canadian authorities have arrested a man suspected of being behind a string of hacks involving as many as 165 customers of Snowflake Inc., Charges remain undisclosed.

Unstructured Data

Unstructured Data Media Cybercrime Hacking

iPhones in a law enforcement forensics lab mysteriously rebooted losing their After First Unlock (AFU) state

Security Affairs

NOVEMBER 8, 2024

Law enforcement warns that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them harder to unlock, reported 404 Media. 404 Media obtained the document from a mobile forensics source and verified it with another source. . ” reported 404 Media.

Media

Media Mobile Passwords Hacking

Russian media outlets Telegram channels blocked in European countries

Security Affairs

JANUARY 2, 2025

Some blocked Russian media outlets are RIA Novosti , NTV , Rossiya 1 , and Rossiyskaya Gazeta. “ Restrictions apply to several Russian state-run or controlled media outlets, including RIA Novosti, Izvestia, Rossiya 1, Channel One, NTV, and Rossiyskaya Gazeta.” ” reported the Kyivindependent. ” said Zakharova.

Media

Media Hacking Information Security

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals. In 2019, a Canadian company called Defiant Tech Inc.

Hacking

Hacking Accountability Data breaches Marketing

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Security Affairs

NOVEMBER 6, 2024

Security researcher Rick de Jager demonstrated the vulner ability, called RISK:STATION by cybersecurity firm Midnight Blue, at the Pwn2Own Ireland 2024 hacking contest. Midnight Blue took 3rd at Pwn2Own Ireland 2024 , the team demonstrated five zero-day flaws in routers, printers, security cameras, and NAS devices.

Firmware

Firmware Manufacturing Hacking Media

15 SpyLoan Android apps found on Google Play had over 8 million installs

Security Affairs

NOVEMBER 30, 2024

Some of the malicious apps were promoted through deceptive advertising on social media. “ SpyLoan apps exploit official app stores like Google Play, deceptive branding, and social media ads to appear credible. The researchers reported the apps to Google who notified the developers that their apps violate Google Play policies.

Social Engineering

Social Engineering Media Mobile Scams

Kyiv’s hackers launched an unprecedented cyber attack on Russian state media VGTRK on Putin’s birthday

Security Affairs

OCTOBER 7, 2024

Russian state media VGTRK faced a major cyberattack, which a Ukrainian source claimed was conducted by Kyiv’s hackers. A Ukrainian government source told Reuters that Kyiv’s hackers are behind the cyber attack that disrupted operations at the Russian state media company VGTRK on Putin’s birthday.

Media

Media Cyber Attacks Backups Government

Apple released emergency updates for actively exploited flaws

Security Affairs

APRIL 17, 2025

Processing an audio stream in a maliciously crafted media file may result in code execution. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, iOS users )

Surveillance

Surveillance Media Authentication Hacking

CISA’s 11-Month extension ensures continuity of MITRE’s CVE Program

Security Affairs

APRIL 16, 2025

cybersecurity agency told media [ 1 , 2 ]. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,MITRE) . ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,MITRE)

Government

Government Risk Cybersecurity Media

What threatens corporations in 2023: media blackmail, fake leaks and cloud attacks

SecureList

JANUARY 18, 2023

The media routinely report incidents and leaks of data that end up publicly accessible on the dark web. We often see people use work email addresses to register with third-party sites and services, which can be hacked and exposed to a data leak, putting the security of the company that owns the email at risk.

Media

Media Social Engineering Ransomware Hacking

Brazil’s Polícia Federal arrested the notorious hacker USDoD

Security Affairs

OCTOBER 16, 2024

“All information related to the cybercriminal has already been handed over to the authorities. Among them, it was possible to identify tax registration, email addresses, registered domains, IP addresses, social media accounts, telephone number and city. The man used of the same email and phrases across social media and forums.

Data breaches

Data breaches Media Cybercrime Accountability

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 13, 2024

The Mexican Drug Cartels Want You Casio: Notice of Partial Service Outage and Information Leak Caused by Ransomware Attack He founded a “startup” to access sanctioned Russian websites: the cyber police of Khmelnytskyi region exposed the hacker Hacked ‘AI Girlfriend’ Data Shows Prompts Describing Child Sexual Abuse Malware Over 300,000!

Data breaches

Data breaches Cryptocurrency Artificial Intelligence Cybercrime

Iran and China-linked actors used ChatGPT for preparing attacks

Security Affairs

OCTOBER 11, 2024

Rather than using advanced hacking techniques, they exploited systems with default credentials to compromise target networks. The group used the chatbot to receive support in Android malware development and to create a scraper for the social media platform Instagram.

Malware

Malware Social Engineering Engineering Hacking

New LightSpy spyware version targets iPhones with destructive capabilities

Security Affairs

NOVEMBER 1, 2024

LightSpy can steal files from multiple popular applications like Telegram, QQ, and WeChat, as well as personal documents and media stored on the device. Destructive plugin: capable of deleting media files from the device PushMessage 1.0.0 Destructive plugin: capable of deleting media files from the device PushMessage 1.0.0

Spyware

Spyware Media Malware Hacking

WhatsApp introduces Advanced Chat Privacy to protect sensitive communications

Security Affairs

APRIL 24, 2025

The feature blocks chat exports, auto-media downloads, and the use of messages in AI features, ensuring conversations stay private and within the app. “When the setting is on, you can block others from exporting chats, auto-downloading media to their phone, and using messages for AI features. .”

Media

Media Encryption Hacking Accountability

International law enforcement operation dismantled RedLine and Meta infostealers

Security Affairs

OCTOBER 29, 2024

The two infostealers allowed operators to harvest usernames, passwords, contact info, and crypto-wallets from victims, the threat actors sold this data to criminals for financial theft and hacking. Use a password manager : Simplifies managing strong, unique passwords across accounts.

Identity Theft

Identity Theft Passwords Malware Banking

Google fixed actively exploited kernel zero-day flaw

Security Affairs

FEBRUARY 3, 2025

“In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming.”

Media

Media Authentication Hacking Accountability

Hacking firm I-Soon data leak revealed Chinese gov hacking capabilities

Security Affairs

FEBRUARY 26, 2024

Recently the leak of a collection of files apparently stolen from the Chinese government hacking contractor, I-Soon, exposed Chinese hacking capabilities. Recently someone has leaked on GitHub [ 1 , 2 ] a collection of files apparently stolen from the Chinese hacking firm, I-Soon.

Hacking

Hacking Government Marketing Spyware

Experts hacked a fully patched iOS 15 running on iPhone 13 at China’s Tianfu Cup hacking contest

Security Affairs

OCTOBER 17, 2021

million at the Tianfu Cup hacking contest by finding vulnerabilities in popular software. The Tianfu Cup is the most important hacking contest held in China, this year white hat hackers earned $1.88 SecurityAffairs – hacking, Tianfu Cup 2021). White hat hackers earned $1.88 Million on a total bonus of up to $1.5

Hacking

Hacking Software Media Information Security

A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine

Security Affairs

NOVEMBER 10, 2024

” reads the statement “Their attacks mainly consist of hacking of civilian targets or distributed denial of service (DDoS) attacks targeting government agencies’ websites.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, South Korea)

DDOS

DDOS Government Cyber threats Hacking

Serbian student activist’s phone hacked using Cellebrite zero-day exploit

Security Affairs

MARCH 3, 2025

In the Linux kernel, the following vulnerability has been resolved: media: uvcvideo: Skip parsing frames of type UVC_VS_UNDEFINED in uvc_parse_format This can lead to out of bounds writes since frames of this type were not taken into account when calculating the size of the frames buffer in uvc_parse_streaming. reads the advisory.

Hacking

Hacking Spyware Technology Surveillance

Hacktivists hacked an Irish water utility and interrupted the water supply

Security Affairs

DECEMBER 9, 2023

Threat actors hacked a small water utility in Ireland and interrupted the water supply for two days. According to the Irish media , the residents of the Binghamstown/Drum were without their water supply on Thursday and Friday. ” Mr Walsh announced that the water facility is currently improving their security systems.

Hacking

Hacking Firewall Cyber Attacks Media

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Security Affairs

FEBRUARY 2, 2025

A joint law enforcement operation led to the seizure of 39 domains tied to a Pakistan-based HeartSender cybercrime group (aka Saim Raza and Manipulators Team) known for selling hacking and fraud tools. Employees inadvertently exposed their ties through social media.

Cybercrime

Cybercrime Advertising Phishing Hacking

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

OCTOBER 20, 2024

CISA adds Fortinet products and Ivanti CSA bugs to its Known Exploited Vulnerabilities catalog Nation-state actor exploited three Ivanti CSA zero-days Dutch police dismantled dual dark web market ‘Bohemia/Cannabia’ macOS HM Surf flaw in TCC allows bypass Safari privacy settings Iran-linked actors target critical infrastructure organizations (..)

Data breaches

Data breaches Cybercrime Cyber Insurance Marketing

Anonymous #OpRussia Thousands of sites hacked, data leaks and more

Security Affairs

MARCH 5, 2022

Anonymous announced to have hacked more than 2,500 websites linked to the Russian and Belarusian governments, state-owned media outlets spreading disinformation, Russian private organizations, banks, hospitals, airports. SecurityAffairs – hacking, Anonymous). Follow me on Twitter: @securityaffairs and Facebook.

Hacking

Hacking Government Banking Media

Black Basta ransomware gang hacked Hyundai Motor Europe

Security Affairs

FEBRUARY 9, 2024

Black Basta ransomware gang claims the hack of the car maker Hyundai Motor Europe and the theft of three terabytes of their data. In December 2019, German media reported that hackers suspected to be members of the Vietnam-linked APT Ocean Lotus ( APT32 ) group breached the networks of the car manufacturers BMW and Hyundai.

Hacking

Hacking Ransomware Data breaches Manufacturing

There is a Serious Lack of Corporate Responsibility During Breach Disclosures

Troy Hunt

MARCH 19, 2020

Recently, a collection of data allegedly taken from the [your service] was sent to me and I believe there’s a high likelihood your site was indeed hacked. The data consists of an extensive number of records containing personal information. Could someone responsible for information security please get in touch with me.

Data breaches

Data breaches Media Hacking Passwords

Crooks hacked Mandiant X account to push cryptocurrency scam

Security Affairs

JANUARY 4, 2024

The X account of cybersecurity giant Mandiant was hacked, attackers used it to impersonate the Phantom crypto wallet and push a cryptocurrency scam. Crooks hacked the X account of cybersecurity firm Mandiant and used it to impersonate the Phantom crypto platform and share a cryptocurrency scam. “Sorry, change password please.”

Cryptocurrency

Cryptocurrency Scams Accountability Hacking

Chinese threat actors use Quad7 botnet in password-spray attacks

Security Affairs

NOVEMBER 3, 2024

Some of these clusters specifically target Axentra media servers, Ruckus wireless routers and Zyxel VPN appliances. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Quad7 botnet) ” concludes Microsoft.

Passwords

Passwords Wireless VPN Accountability

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

Security Affairs

MAY 1, 2025

The financially-motivated group targeted organizations in the media, tourism, finance, insurance, manufacturing, energy, telecommunications, biotechnology and retail sectors. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,malware)

Malware

Malware Phishing Telecommunications Retail

Apple iOS 18.0.1 and iPadOS 18.0.1 fix media session and passwords bugs

Security Affairs

OCTOBER 4, 2024

Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, iOS ) Apple is not aware of attack in the wild exploiting the above vulnerabilities.

Passwords

Passwords Media Hacking Mobile

8Base ransomware group hacked Croatia’s Port of Rijeka

New LightSpy spyware variant comes with enhanced data collection features targeting social media platforms

Webinars

Trending Sources

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Webinars

How a researcher earned $100,000 hacking a Facebook server

Crazy Evil gang runs over 10 highly specialized social media scams

Apple indeed added a feature called “inactivity reboot” in iOS 18.1 that reboots locked devices

WhatsApp fixed a spoofing flaw that could enable Remote Code Execution

Hackers stole millions of dollars from Uganda Central Bank

Samsung zero-day flaw actively exploited in the wild

EDR-as-a-Service makes the headlines in the cybercrime landscape

Apple fixed the first actively exploited zero-day of 2025

CEO of cybersecurity firm charged with installing malware on hospital systems

Asian media company Nikkei suffered a ransomware attack

Canadian authorities arrested alleged Snowflake hacker

iPhones in a law enforcement forensics lab mysteriously rebooted losing their After First Unlock (AFU) state

Russian media outlets Telegram channels blocked in European countries

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

15 SpyLoan Android apps found on Google Play had over 8 million installs

Kyiv’s hackers launched an unprecedented cyber attack on Russian state media VGTRK on Putin’s birthday

Apple released emergency updates for actively exploited flaws

CISA’s 11-Month extension ensures continuity of MITRE’s CVE Program

What threatens corporations in 2023: media blackmail, fake leaks and cloud attacks

Brazil’s Polícia Federal arrested the notorious hacker USDoD

Security Affairs newsletter Round 493 by Pierluigi Paganini – INTERNATIONAL EDITION

Iran and China-linked actors used ChatGPT for preparing attacks

New LightSpy spyware version targets iPhones with destructive capabilities

WhatsApp introduces Advanced Chat Privacy to protect sensitive communications

International law enforcement operation dismantled RedLine and Meta infostealers

Google fixed actively exploited kernel zero-day flaw

Hacking firm I-Soon data leak revealed Chinese gov hacking capabilities

Experts hacked a fully patched iOS 15 running on iPhone 13 at China’s Tianfu Cup hacking contest

A surge in Pro-Russia cyberattacks after decision to monitor North Korean Troops in Ukraine

Serbian student activist’s phone hacked using Cellebrite zero-day exploit

Hacktivists hacked an Irish water utility and interrupted the water supply

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Security Affairs newsletter Round 494 by Pierluigi Paganini – INTERNATIONAL EDITION

Anonymous #OpRussia Thousands of sites hacked, data leaks and more

Black Basta ransomware gang hacked Hyundai Motor Europe

There is a Serious Lack of Corporate Responsibility During Breach Disclosures

Crooks hacked Mandiant X account to push cryptocurrency scam

Chinese threat actors use Quad7 botnet in password-spray attacks

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

Apple iOS 18.0.1 and iPadOS 18.0.1 fix media session and passwords bugs

Stay Connected