Hacking, Internet and Technology - Cyber Security Informer

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Hacking

Hacking Accountability Government Social Engineering

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey. But a review of this Araneida nickname on the cybercrime forums shows they have been active in the criminal hacking scene since at least 2018.

Hacking

Hacking Cybercrime Advertising Data breaches

Hacked IoT Devices Livestreaming Swatting Attacks: FBI

Adam Levin

DECEMBER 30, 2020

Hackers are using internet-connected home devices to livestream “swatting” attacks, according to the FBI. Offenders often use spoofing technology to anonymize their own phone numbers to make it appear to first responders as if the emergency call is coming from the victim’s phone number.”.

IoT

IoT Hacking Internet Internet

The Internet Enabled Mass Surveillance. AI Will Enable Mass Spying.

Schneier on Security

DECEMBER 5, 2023

Before the internet, putting someone under surveillance was expensive and time-consuming. Surveillance has become the business model of the internet, and there’s no reasonable way for us to opt out of it. The technologies aren’t perfect; some of them are pretty primitive. Spying is another matter. But so do humans.

Surveillance

Surveillance Internet Internet Government

Technology and Policymakers

Schneier on Security

NOVEMBER 14, 2019

Technology is now deeply intertwined with policy. It's all changing fast; technology is literally creating the world we all live in, and policymakers can't keep up. It can be hacked in new ways, giving attackers from criminals and nation states new capabilities to disrupt and harm. Today, it's a crisis.

Technology

Technology Government Artificial Intelligence Marketing

Sendgrid Under Siege from Hacked Accounts

Krebs on Security

AUGUST 28, 2020

But this also means when a Sendgrid customer account gets hacked and used to send malware or phishing scams, the threat is particularly acute because a large number of organizations allow email from Sendgrid’s systems to sail through their spam-filtering systems.

Accountability

Accountability Hacking Authentication Marketing

Hacking Construction Cranes

Schneier on Security

JANUARY 22, 2019

Construction cranes are vulnerable to hacking: In our research and vulnerability discoveries, we found that weaknesses in the controllers can be (easily) taken advantage of to move full-sized machines such as cranes used in construction sites and factories. It wasn't until the arrival of Industry 4.0,

Hacking

Hacking Wireless Internet Internet

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

“This is the most significant technological and financial operation ever led by the Department of Justice against a botnet,” said Martin Estrada , the U.S. attorney for the Southern District of California, at a press conference this morning in Los Angeles. ” The DOJ said it also recovered more than 6.5

Hacking

Hacking Malware Ransomware Government

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

technology firm, confirmed receipt of USDoD’s message but asked to remain anonymous for this story. That InfraGard member, who is head of security at a major U.S. This is a developing story. Updates will be noted here with timestamps.

Hacking

Hacking Energy and Utilities Cybercrime Accountability

G7 Comes Out in Favor of Encryption Backdoors

Schneier on Security

APRIL 23, 2019

Some G7 countries highlight the importance of not prohibiting, limiting, or weakening encryption; There is a weird belief amongst policy makers that hacking an encryption system's key management system is fundamentally different than hacking the system's encryption algorithm.

Encryption

Encryption Internet Internet Hacking

GUEST ESSAY: NewsCorp hack shows cyber espionage, squelching of press freedom on the rise

The Last Watchdog

APRIL 5, 2022

As the dust settles following the recently disclosed hack of NewsCorp , important lessons are emerging for the cybersecurity and journalism communities. China has enclosed its national internet servers within what is colloquially called ‘the Great Firewall.’ Related: How China challenged Google in Operation Aurora.

Hacking

Hacking Passwords Internet Internet

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities. Image: U.S.

Retail

Retail Advertising Cryptocurrency Marketing

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Krebs on Security

AUGUST 27, 2024

Malicious hackers are exploiting a zero-day vulnerability in Versa Director , a software product used by many Internet and IT service providers. Researchers believe the activity is linked to Volt Typhoon , a Chinese cyber espionage group focused on infiltrating critical U.S. In a security advisory published Aug. victims and one non-U.S.

Internet

Internet Internet Technology Engineering

France’s second-largest telecoms provider Free suffered a cyber attack

Security Affairs

OCTOBER 28, 2024

French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. that provides voice, video, data, and Internet telecommunications to consumers in France. Free S.A.S. is a French telecommunications company, subsidiary of Iliad S.A.

Cyber Attacks

Cyber Attacks Telecommunications Data breaches Banking

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Related: Technology and justice systems The U.S. Security and Exchange Commission (SEC) recently laid down the hammer charging and fining four prominent cybersecurity vendors for making misleading claims in connection with the SolarWinds hack. SEC investigators gathered evidence that Unisys Corp.,

CISO

CISO CSO Risk Cyber threats

This Simple Hack Could Tank Your Business

Adam Levin

JULY 24, 2020

Barely a day goes by without news of an elite hacking team creating a more stealth exploit– malware , elaborate spear-phishing attacks, trojans, and a killer array of ransomware that can take factories and other organizations offline, or even hobble entire cities. Cyberattacks are constantly getting more sophisticated.

Hacking

Hacking Phishing Risk Accountability

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

Security Affairs

JANUARY 18, 2025

Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned Chinese firm Sichuan Juxinhe Network Technology Co., telecommunication and internet service providers. government systems, including the recent targeting of Treasurys information technology (IT) systems, as well as sensitive U.S. national security.”

Cybersecurity

Cybersecurity Telecommunications Government Healthcare

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

FEBRUARY 10, 2020

Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. dubbed the “China Initiative Conference.”

Hacking

Hacking Identity Theft Government Phishing

The CrowdStrike Outage and Market-Driven Brittleness

Schneier on Security

JULY 25, 2024

Friday’s massive internet outage, caused by a mid-sized tech company called CrowdStrike, disrupted major airlines, hospitals, and banks. The catastrophe is yet another reminder of how brittle global internet infrastructure is. Compare the internet with ecological systems. Nearly 7,000 flights were canceled.

Marketing

Marketing Software Internet Internet

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. The homepage of Stark Industries Solutions.

DDOS

DDOS Internet Internet Government

On the Catastrophic Risk of AI

Schneier on Security

JUNE 1, 2023

Talking about those systems, I said: Now, add into this mix the risks that arise from new and dangerous technologies such as the internet or AI or synthetic biology. Here, misaligned incentives and hacking can have catastrophic consequences for society. Or molecular nanotechnology, or nuclear weapons.

Risk

Risk Artificial Intelligence Technology Internet

MY TAKE: The role of semiconductors in bringing the ‘Internet of Everything’ into full fruition

The Last Watchdog

DECEMBER 11, 2022

The Internet of Everything ( IoE ) is on the near horizon. For instance, very visibly over the past decade, Internet of Things ( IoT ) computing devices and sensors have become embedded everywhere. For instance, very visibly over the past decade, Internet of Things ( IoT ) computing devices and sensors have become embedded everywhere.

Internet

Internet Internet Energy and Utilities IoT

Security in a World of Physically Capable Computers

Schneier on Security

OCTOBER 12, 2018

Stories like the recent Facebook hack , the Equifax hack and the hacking of government agencies are remarkable for how unremarkable they really are. As a result, we are stuck with hackable internet protocols, computers that are riddled with vulnerabilities and networks that are easily penetrated.

Government

Government Internet Internet Marketing

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. and its allies for hacking activities in July. Wall Street Journal reported.

Mobile

Mobile Telecommunications Data breaches Hacking

Polish Space Agency POLSA disconnected its network following a cyberattack

Security Affairs

MARCH 5, 2025

The Polish space agency POLSA announced it has disconnected its network from the internet following a cyberattack. The Polish space agency POLSA was forced to disconnect its network from the internet in response to a cyberattack. To secure data after the breach, POLSA’s network was immediately disconnected from the internet.

Internet

Internet Internet Ransomware Technology

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Meanwhile, while business logic hacks, supply chain holes, and cyber extortion continue to loom large. Attackers arent hacking in theyre logging in. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be. The drivers are intensifying.

Cyber threats

Cyber threats CISO IoT Phishing

Space and defense tech maker Exail Technologies exposes database access

Security Affairs

SEPTEMBER 21, 2023

Exail Technologies, a high-tech manufacturer whose clients include the US Coast Guard, exposed sensitive company data that could’ve enabled attackers to access its databases. The publicly accessible.env file, hosted on the exail.com website, was exposed to the internet, meaning that anyone could have accessed it.

Technology

Technology Internet Internet Manufacturing

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

Security Affairs

JANUARY 18, 2025

Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned Chinese firm Sichuan Juxinhe Network Technology Co., telecommunication and internet service providers. government systems, including the recent targeting of Treasurys information technology (IT) systems, as well as sensitive U.S. national security.”

Cybersecurity

Cybersecurity Telecommunications Government Healthcare

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] Bloom’s recommendation came to Biderman via Trevor Sykes, then chief technology officer for Ashley Madison parent firm Avid Life Media (ALM). pleaded guilty to running LeakedSource[.]com

Hacking

Hacking Accountability Data breaches Marketing

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

The Last Watchdog

APRIL 4, 2022

They are often unaware of the risks they take on, which can include hacking, fraud, phishing, and more. This can be compounded by certain enterprises using the Internet of Things (IoT) that don’t have good security. Related: Using employees as human sensors. Storing authentication credentials for the API is a significant issue.

Hacking

Hacking Penetration Testing Data breaches Authentication

When Accounts are "Hacked" Due to Poor Passwords, Victims Must Share the Blame

Troy Hunt

NOVEMBER 7, 2018

It's just another day on the internet when the news is full of headlines about accounts being hacked. The second story was about a number of verified Twitter accounts having been "hacked" and then leveraged in Bitcoin scams.

Passwords

Passwords Accountability Hacking Education

T-Mobile detected network intrusion attempts and blocked them

Security Affairs

NOVEMBER 28, 2024

broadband providers , including Verizon, AT&T, and Lumen Technologies, potentially accessing systems for lawful wiretapping and other data. Experts suspect the state-sponsored hackers have gathered extensive internet traffic and potentially compromised sensitive data. and its allies for hacking activities in July.

Mobile

Mobile Telecommunications Government Internet

China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems

Security Affairs

OCTOBER 6, 2024

broadband providers, including Verizon, AT&T, and Lumen Technologies, potentially accessing systems for lawful wiretapping and other data. Experts suspect the state-sponsored hackers have gathered extensive internet traffic and potentially compromised sensitive data. and its allies for hacking activities in July.

Hacking

Hacking Government Internet Internet

AIs as Computer Hackers

Schneier on Security

FEBRUARY 2, 2023

If you’re into this sort of thing, it’s pretty much the most fun you can possibly have on the Internet without committing multiple felonies. The researchers have since commercialized the technology, which is now busily defending networks for customers like the U.S. People train for months. Winning is a big deal. Department of Defense.

Artificial Intelligence

Artificial Intelligence Technology Software Hacking

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

The Last Watchdog

MARCH 4, 2019

Related: We’re in the midst of ‘cyber Pearl Harbor’ Peel back the layers of just about any sophisticated, multi-staged network breach and you’ll invariably find memory hacking at the core. Virsec is a leading innovator of memory protection technologies. Here’s what I took away from our discussion: Transient hacks.

Hacking

Hacking Energy and Utilities System Administration Accountability

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

SecureWorld News

DECEMBER 12, 2024

The details of the Krispy Kreme hack are still emerging, but the companys Form 8-K filing brought the incident to light, offering a rare glimpse into the challenges businesses face when their systems are compromised. The attack goes to show that, truly, nothing Internet-connected is sacred."

Password Management

Password Management Passwords CISO Cybersecurity

LW ROUNDTABLE: CrowdStrike outage reveals long road ahead to achieve digital resiliency

The Last Watchdog

JULY 25, 2024

Last week, CrowdStrike, one of the cybersecurity industry’s most reputable solution providers, inadvertently caused more disruption across the Internet than all the threat actors active online at the time. SolarWinds redux In many ways, CrowdStrike was a repeat of the SolarWinds supply chain hack.

Technology

Technology Ransomware Software Cyber Attacks

Americans urged to use encrypted messaging after large, ongoing cyberattack

Malwarebytes

DECEMBER 5, 2024

Speaking to Reuters , a senior US official said the attack telecommunications infrastructure was broad and that the hacking was still ongoing. During transit the message remains encrypted the entire time it is moving across the internet. What that means is only the person sending it and the person receiving it can read it.

Encryption

Encryption Identity Theft Media Telecommunications

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

broadband providers, including Verizon, AT&T, and Lumen Technologies, potentially accessing systems for lawful wiretapping and other data. Experts suspect the state-sponsored hackers have gathered extensive internet traffic and potentially compromised sensitive data. The security breach poses a major national security risk.

Government

Government Telecommunications Surveillance Risk

The Life Cycle of a Breached Database

Krebs on Security

JULY 29, 2021

Our continued reliance on passwords for authentication has contributed to one toxic data spill or hack after another. And as the phishing examples above demonstrate, many of today’s phishing scams use elements from hacked databases to make their lures more convincing. TARGETED PHISHING. Urgency should be a giant red flag.

Passwords

Passwords Password Management Phishing Scams

MY TAKE: How decentralizing IoT could help save the planet — by driving decarbonization

The Last Watchdog

DECEMBER 17, 2023

The Internet of Things ( IoT ) is on the threshold of ascending to become the Internet of Everything ( IoE.) Yet IoE, at this nascent stage, holds much promise to tilt us towards a utopia where technology helps to resolve our planet’s most intractable problems. Very well said! I’ll keep watch and keep reporting.

IoT

IoT Internet Internet Technology

Internet Safety Rules Checklist [MUST READ]

SecureBlitz

FEBRUARY 22, 2024

Here’s the internet safety rules checklist. As technology and life online take over, protecting ourselves and our information on the internet and social media has become more critical than ever. Wouldn’t a checklist […] The post Internet Safety Rules Checklist [MUST READ] appeared first on SecureBlitz Cybersecurity.

Internet

Internet Internet Media Data breaches

Planet WGS-804HPT Industrial Switch flaws could be chained to achieve remote code execution

Security Affairs

JANUARY 19, 2025

Critical flaws in WGS-804HPT switches could be chained to gain remote code execution on Planet Technology’s industrial devices. Planet Technology has released firmware version 1.305b241111 to address these issues. This switch family is equipped with a web service and SNMP management interface. ” concludes the report. .

Firmware

Firmware IoT Wireless Surveillance

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Trending Sources

Hacked IoT Devices Livestreaming Swatting Attacks: FBI

The Internet Enabled Mass Surveillance. AI Will Enable Mass Spying.

Technology and Policymakers

Sendgrid Under Siege from Hacked Accounts

Hacking Construction Cranes

Feds Charge Five Men in ‘Scattered Spider’ Roundup

U.S. Hacks QakBot, Quietly Removes Botnet Infections

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

G7 Comes Out in Favor of Encryption Backdoors

GUEST ESSAY: NewsCorp hack shows cyber espionage, squelching of press freedom on the rise

An Interview With the Target & Home Depot Hacker

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

France’s second-largest telecoms provider Free suffered a cyber attack

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

This Simple Hack Could Tank Your Business

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

The CrowdStrike Outage and Market-Driven Brittleness

Stark Industries Solutions: An Iron Hammer in the Cloud

On the Catastrophic Risk of AI

MY TAKE: The role of semiconductors in bringing the ‘Internet of Everything’ into full fruition

Security in a World of Physically Capable Computers

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Polish Space Agency POLSA disconnected its network following a cyberattack

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

Space and defense tech maker Exail Technologies exposes database access

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

When Accounts are "Hacked" Due to Poor Passwords, Victims Must Share the Blame

T-Mobile detected network intrusion attempts and blocked them

China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems

AIs as Computer Hackers

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

LW ROUNDTABLE: CrowdStrike outage reveals long road ahead to achieve digital resiliency

Americans urged to use encrypted messaging after large, ongoing cyberattack

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

The Life Cycle of a Breached Database

MY TAKE: How decentralizing IoT could help save the planet — by driving decarbonization

Internet Safety Rules Checklist [MUST READ]

Planet WGS-804HPT Industrial Switch flaws could be chained to achieve remote code execution

Stay Connected