Schneier on Security

OCTOBER 21, 2020

This advisory provides Common Vulnerabilities and Exposures (CVEs) known to be recently leveraged, or scanned-for, by Chinese state-sponsored cyber actors to enable successful hacking operations against a multitude of victim networks.

Hacking 331

Hacking Government Internet Internet 331

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. internet service providers in recent months as part of a cyber espionage campaign code-named Salt Typhoon. and its allies for hacking activities in July. Wall Street Journal reported.

Hacking 130

Hacking Internet Internet Mobile 130

Schneier on Security

AUGUST 20, 2024

This is yet another insecure Internet-of-things story , this one about wireless gear shifters for bicycles. These gear shifters are used in big-money professional bicycle races like the Tour de France, which provides an incentive to actually implement this attack. Research paper. Another news story. Slashdot thread.

Wireless 301

Wireless Hacking Internet Internet 301

Schneier on Security

SEPTEMBER 29, 2020

As expected, IoT devices are filled with vulnerabilities : As a thought experiment, Martin Hron, a researcher at security company Avast, reverse engineered one of the older coffee makers to see what kinds of hacks he could do with it. After just a week of effort, the unqualified answer was: quite a lot.

Hacking 363

Hacking IoT Engineering Internet 363

Krebs on Security

FEBRUARY 28, 2025

Intrinsec said its analysis showed Prospero frequently hosts malware operations such as SocGholish and GootLoader , which are spread primarily via fake browser updates on hacked websites and often lay the groundwork for more serious cyber intrusions — including ransomware. A fake browser update page pushing mobile malware.

Malware 226

Malware Antivirus Software DDOS 226

Schneier on Security

OCTOBER 14, 2024

It gets installed by exploiting more than 20,000 common misconfigurations, a capability that may make millions of machines connected to the Internet potential targets, researchers from Aqua Security said. North Korea is the government we know that hacks cryptocurrency in order to fund its operations.

Malware 265

Malware Cryptocurrency Internet Internet 265

Krebs on Security

MARCH 5, 2021

On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange. The web shell gives the attackers administrative access to the victim’s computer servers.

Hacking 364

Hacking Software Government Internet 364

Adam Levin

DECEMBER 30, 2020

Hackers are using internet-connected home devices to livestream “swatting” attacks, according to the FBI. In the latest wave of attacks, hackers are using credential stuffing, where credentials from previously compromised accounts are used to gain access to internet-enabled smart home devices. “As

IoT 300

IoT Hacking Internet Internet 300

Schneier on Security

DECEMBER 5, 2023

Before the internet, putting someone under surveillance was expensive and time-consuming. Surveillance has become the business model of the internet, and there’s no reasonable way for us to opt out of it. Spying is another matter.

Surveillance 361

Surveillance Internet Internet Government 361

Krebs on Security

MARCH 28, 2021

The group looks for attacks on Exchange systems using a combination of active Internet scans and “honeypots” — systems left vulnerable to attack so that defenders can study what attackers are doing to the devices and how. Further reading: A Basic Timeline of the Exchange Mass-Hack. At Least 30,000 U.S.

Hacking 363

Hacking Cybercrime DNS Internet 363

Schneier on Security

MARCH 10, 2021

Nick Weaver has an excellent post on the Microsoft Exchange hack: The investigative journalist Brian Krebs has produced a handy timeline of events and a few things stand out from the chronology. 2, at which point the attacker simply sought to compromise almost every vulnerable Exchange server on the Internet. 5 and another on Jan.

Hacking 363

Hacking Internet Internet Ransomware 363

Krebs on Security

AUGUST 28, 2020

But this also means when a Sendgrid customer account gets hacked and used to send malware or phishing scams, the threat is particularly acute because a large number of organizations allow email from Sendgrid’s systems to sail through their spam-filtering systems.

Accountability 360

Accountability Hacking Authentication Marketing 360

Troy Hunt

JULY 13, 2021

It feels like the very early days of the web where everything was a bit of a kludge we hacked together but we made things work and it turned into something amazing. Lastly, this might seem painful right now (and frankly, it is), but it's also a very exciting time in IoT.

Internet 359

Internet Internet IoT Firmware 359

Schneier on Security

MARCH 5, 2024

Consumer Reports has analyzed a bunch of popular Internet-connected video doorbells. Their security is terrible.

Internet 343

Internet Internet Encryption Hacking 343

Krebs on Security

JULY 22, 2020

The New York Times last week ran an interview with several young men who claimed to have had direct contact with those involved in last week’s epic hack against Twitter. ” Twice in the past year, the OGUsers forum was hacked , and both times its database of usernames, email addresses and private messages was leaked online.

Hacking 321

Hacking Accountability Scams Media 321

The Last Watchdog

AUGUST 3, 2024

So, Martin taught herself ethical hacking skills and then founded Black Girls Hack to guide others down the trail she blazed. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be. As Black Hat USA 2024 rolls into high gear next week, BGH is thriving.

Hacking 246

Hacking Internet Internet Software 246

Krebs on Security

AUGUST 29, 2023

Working with law enforcement partners in France, Germany, Latvia, the Netherlands, Romania and the United Kingdom, the DOJ said it was able to seize more than 50 Internet servers tied to the malware network, and nearly $9 million in ill-gotten cryptocurrency from QakBot’s cybercriminal overlords.

Hacking 298

Hacking Malware Ransomware Government 298

Krebs on Security

DECEMBER 13, 2022

In November 2021, KrebsOnSecurity detailed how Pompompurin abused a vulnerability in an FBI online portal designed to share information with state and local law enforcement authorities, and how that access was used to blast out thousands of hoax email messages — all sent from an FBI email and Internet address.

Hacking 363

Hacking Energy and Utilities Cybercrime Accountability 363

Krebs on Security

MARCH 14, 2023

men have been charged with hacking into a U.S. The complaint doesn’t specify which agency portal was hacked, but it does state that the portal included access to law enforcement databases that track narcotics seizures in the United States. federal government portal without authorization.

Hacking 291

Hacking Government Media Accountability 291

Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. police as part of an FBI investigation into the MGM hack. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft 240

Identity Theft Phishing Cryptocurrency Accountability 240

Krebs on Security

FEBRUARY 26, 2023

Media coverage understandably focused on GoDaddy’s admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group. Thus, the second factor cannot be phished, either over the phone or Internet.

Hacking 315

Hacking Social Engineering Phishing Scams 315

Krebs on Security

NOVEMBER 12, 2024

Any one of these bugs could be used to install malware if an authenticated user connects to a malicious or hacked SQL database server. For a more detailed breakdown of today’s patches from Microsoft, check out the SANS Internet Storm Center’s list.

Authentication 246

Authentication Engineering Malware Passwords 246

The Last Watchdog

APRIL 5, 2022

As the dust settles following the recently disclosed hack of NewsCorp , important lessons are emerging for the cybersecurity and journalism communities. China has enclosed its national internet servers within what is colloquially called ‘the Great Firewall.’ Related: How China challenged Google in Operation Aurora.

Hacking 243

Hacking Passwords Internet Internet 243

Schneier on Security

MAY 17, 2024

The seizure messages include ways to contact the FBI about the seizure, including an email, a Telegram account, a TOX account, and a dedicated page hosted on the FBI’s Internet Crime Complaint Center (IC3). co and run by pompompurin) operated a similar hacking forum from March 2022 until March 2023. . ”

Hacking 314

Hacking Accountability Ransomware Internet 314

Krebs on Security

NOVEMBER 14, 2024

But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities.

Retail 242

Retail Advertising Cryptocurrency Marketing 242

Krebs on Security

NOVEMBER 1, 2024

According to the market share website statista.com , booking.com is by far the Internet’s busiest travel service, with nearly 550 million visits in September. One post last month on the Russian-language hacking forum BHF offered up to $5,000 for each hotel account.

Phishing 249

Phishing Accountability Artificial Intelligence Cybercrime 249

Schneier on Security

MARCH 30, 2023

Now this is interesting: Thousands of pages of secret documents reveal how Vulkan’s engineers have worked for Russian military and intelligence agencies to support hacking operations, train operatives before attacks on national infrastructure, spread disinformation and control sections of the internet.

Engineering 327

Engineering Internet Internet Hacking 327

Security Affairs

NOVEMBER 14, 2024

“This flaw allows an unauthenticated attacker to inject arbitrary shell commands through crafted HTTP GET requests, affecting over 61,000 devices on the Internet.” The experts observed roughly 1,100 Internet-facing devices potentially vulnerable to this issue., .” reads the post published by Netsecfish.

DNS 115

DNS Internet Internet Hacking 115

Security Affairs

OCTOBER 28, 2024

French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. that provides voice, video, data, and Internet telecommunications to consumers in France. Free S.A.S. is a French telecommunications company, subsidiary of Iliad S.A.

Cyber Attacks 126

Cyber Attacks Telecommunications Data breaches Banking 126

Krebs on Security

SEPTEMBER 1, 2021

based Internet address for more than a decade — simply vanished. Like other anonymity networks marketed largely on cybercrime forums online, VIP72 routes its customers’ traffic through computers that have been hacked and seeded with malicious software. The domain Vip72[.]org Image: Google Translate via Archive.org.

Malware 329

Malware Cybercrime Internet Internet 329

Security Affairs

DECEMBER 2, 2024

“We are calling on the Tor community and the Internet freedom community to help us scale up WebTunnel bridges. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, WebTunnel bridges) If you’ve ever thought about running a Tor bridge, now is the time.

Government 128

Government Internet Internet Hacking 128

Security Affairs

JANUARY 8, 2025

8037 or newer The vendor also provided the following mitigation: “To minimize the potential impact of SSLVPN vulnerabilities, please ensure that access is limited to trusted sources, or disable SSLVPN access from the Internet. hardware firewalls: SonicOS 6.5.5.1-6n 6n or newer Gen 6 / 6.5 NSv firewalls: SonicOS 6.5.4.v-21s-RC2457

Firewall 115

Firewall Firmware VPN Authentication 115

Security Affairs

JANUARY 15, 2025

At the beginning of the year, and as a positive start for us, and in order to solidify the name of our group in your memory, we are proud to announce our first official operation: Will be published of sensitive data from over 15,000 targets worldwide (both governmental and private sectors) that have been hacked and their data extracted.”

VPN 130

VPN Passwords Firewall Firmware 130

Security Affairs

NOVEMBER 16, 2024

In particular, we recommend that you ensure that access to the management interface is possible only from trusted internal IPs and not from the Internet. In particular, we recommend that you immediately ensure that access to the management interface is possible only from trusted internal IPs and not from the Internet. 173.239.218[.]251

Firewall 127

Firewall Internet Internet VPN 127

Security Affairs

NOVEMBER 8, 2024

In particular, we recommend that you ensure that access to the management interface is possible only from trusted internal IPs and not from the Internet. Cortex Xpanse and Cortex XSIAM customers using the ASM module can investigate internet-exposed instances by reviewing alerts from the Firewall Admin Login attack surface rule.

Firewall 116

Firewall Authentication Internet Internet 116

Security Affairs

NOVEMBER 12, 2024

Below are the descriptions for these two vulnerabilities: CVE-2024-43451 : An NTLM Hash Disclosure Spoofing vulnerability in MSHTML allows attackers to extract a user’s NTLMv2 hash via Internet Explorer components in WebBrowser control. Although user interaction is needed, attackers can still exploit this to impersonate the victim.

Internet 128

Internet Internet Hacking Data breaches 128

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. and its allies for hacking activities in July. Wall Street Journal reported.

Mobile 113

Mobile Telecommunications Data breaches Hacking 113