Hacking and Technology - Cyber Security Informer

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Hacking

Hacking Accountability Government Social Engineering

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey. But a review of this Araneida nickname on the cybercrime forums shows they have been active in the criminal hacking scene since at least 2018.

Hacking

Hacking Cybercrime Advertising Data breaches

Ransomware attack hit Indian multinational Tata Technologies

Security Affairs

FEBRUARY 1, 2025

Indian multinational technology company Tata Technologies suspended some IT services following a ransomware attack. Indian multinational Tata Technologies , a Tata Motors subsidiary, suspended some IT services following a ransomware attack. Threat actors hit the company’s information technology (IT) infrastructure.

Technology

Technology Ransomware Engineering Manufacturing

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

When AIs Start Hacking

Schneier on Security

APRIL 26, 2021

Hacking is as old as humanity. To date, hacking has exclusively been a human activity. After hacking humanity, AI systems will then hack other AI systems, and humans will be little more than collateral damage. Okay, maybe this is a bit of hyperbole, but it requires no far-future science fiction technology.

Hacking

Hacking Artificial Intelligence Government Engineering

Hacking Automobile Keyless Entry Systems

Schneier on Security

OCTOBER 17, 2022

Suspected members of a European car-theft ring have been arrested : The criminals targeted vehicles with keyless entry and start systems, exploiting the technology to get into the car and drive away. The article doesn’t say how the hacking tool got installed into cars.

Hacking

Hacking Manufacturing Marketing Software

Account Hijacking Site OGUsers Hacked, Again

Krebs on Security

DECEMBER 2, 2020

For at least the third time in its existence, OGUsers — a forum overrun with people looking to buy, sell and trade access to compromised social media accounts — has been hacked. OGUsers was hacked at least twice previously, in May 2019 and again in March 2020. called Disco Payments. ”

Accountability

Accountability Hacking Scams Media

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

Security Affairs

MARCH 5, 2025

Ransomware group Hunters International claims to have hacked Tata Technologies, threatening to leak 1.4 The Hunters International ransomware group claimed to have breached the Indian multinational technology company Tata Technologies, a Tata Motors subsidiary. TB of stolen data. The group claims the theft of 1.4

Technology

Technology Ransomware Engineering Manufacturing

The Rise of Cyber Espionage: UAV and C-UAV Technologies as Targets

Security Affairs

FEBRUARY 13, 2025

Researchers at cybersecurity firm Resecurity detected a rise in cyberattacks targeting UAV and counter-UAV technologies. Resecurity identified an increase in malicious cyber activity targeting UAV and counter-UAV (C-UAV/C-UAS) technologies.

Technology

Technology Surveillance Manufacturing Cyber threats

U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise

Krebs on Security

DECEMBER 14, 2020

But Reuters reports the supply chain attack on SolarWinds is connected to a broad campaign that also involved the recently disclosed hack at FireEye , wherein hackers gained access to a slew of proprietary tools the company uses to help customers find security weaknesses in their computers and networks. The compromises at the U.S. ”

Hacking

Hacking Antivirus Software Accountability

US Citizen Hacked by Spyware

Schneier on Security

MARCH 21, 2023

The New York Times is reporting that a US citizen’s phone was hacked by the Predator spyware. The disclosure is the first known case of an American citizen being targeted in a European Union country by the advanced snooping technology, the use of which has been the subject of a widening scandal in Greece.

Spyware

Spyware Hacking Government Technology

Sendgrid Under Siege from Hacked Accounts

Krebs on Security

AUGUST 28, 2020

But this also means when a Sendgrid customer account gets hacked and used to send malware or phishing scams, the threat is particularly acute because a large number of organizations allow email from Sendgrid’s systems to sail through their spam-filtering systems.

Accountability

Accountability Hacking Authentication Marketing

A Basic Timeline of the Exchange Mass-Hack

Krebs on Security

MARCH 8, 2021

Here’s a brief timeline of what we know leading up to last week’s mass-hack, when hundreds of thousands of Microsoft Exchange Server systems got compromised and seeded with a powerful backdoor Trojan horse program. When did Microsoft find out about attacks on previously unknown vulnerabilities in Exchange? .”

Hacking

Hacking Technology Software

Discord Admins Hacked by Malicious Bookmarks

Krebs on Security

MAY 30, 2023

A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser bookmark. On May 9, MetrixCoin reported that its Discord server was hacked, with fake airdrop details pushed to all users.

Hacking

Hacking Accountability Scams Cryptocurrency

Deloitte denied its systems were hacked by Brain Cipher ransomware group

Security Affairs

DECEMBER 9, 2024

Their ransom notes share stylistic similarities with SenSayQ ransomware, and their TOR websites use similar technologies. Deloitte discovered the hack in March 2017, and according to The Guardian, the attackers may have had access to the company systems since October or November 2016. Deloitte has faced hacking claims twice recently.

Hacking

Hacking Ransomware Accountability Architecture

US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack

Schneier on Security

APRIL 9, 2024

US Cyber Safety Review Board released a report on the summer 2023 hack of Microsoft Exchange by China. It was a serious attack by the Chinese government that accessed the emails of senior U.S. government officials. From the executive summary: The Board finds that this intrusion was preventable and should never have occurred.

Hacking

Hacking Government Accountability Technology

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

MARCH 24, 2025

The breach was detected in February , leading to notifications to the FBI, Virginia State Police, and the Virginia Information Technologies Agency. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, ransomware) Chief Deputy AG Steven Popps called it a sophisticated attack.

Ransomware

Ransomware Hacking Social Engineering VPN

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

“This is the most significant technological and financial operation ever led by the Department of Justice against a botnet,” said Martin Estrada , the U.S. attorney for the Southern District of California, at a press conference this morning in Los Angeles. ” The DOJ said it also recovered more than 6.5

Hacking

Hacking Malware Ransomware Government

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

technology firm, confirmed receipt of USDoD’s message but asked to remain anonymous for this story. That InfraGard member, who is head of security at a major U.S.

Hacking

Hacking Energy and Utilities Cybercrime Accountability

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

Linus Larsson , the journalist who broke the story, says the hacked material was uploaded to a public server during the second half of September, and it is not known how many people may have gained access to it.

Hacking

Hacking Ransomware Banking Accountability

Inside the DemandScience by Pure Incubation Data Breach

Troy Hunt

NOVEMBER 13, 2024

But in all likelihood, there will be more than a handful of domain subscribers who take issue with that volume of people data sitting there in one corpus easily downloadable via a clear web hacking forum.

Data breaches

Data breaches Passwords B2B Technology

What’s most interesting about the Florida water system hack? That we heard about it at all.

Krebs on Security

FEBRUARY 10, 2021

Many facilities have not separated operational technology (the bits that control the switches and levers) from safety systems that might detect and alert on intrusions or potentially dangerous changes. “There’s no business case for hacking these types of systems. Information sharing is broken.”

Hacking

Hacking Media Cybersecurity Ransomware

A cyberattack on gambling giant IGT disrupted portions of its IT systems

Security Affairs

NOVEMBER 23, 2024

International Game Technology (IGT) detected a cyberattack on November 17, the company promptly started its incident response procedures. International Game Technology PLC (IGT), formerly Gtech S.p.A. is a multinational gambling company that produces slot machines and other gambling technology. and Lottomatica S.p.A.,

Technology

Technology Hacking Ransomware Cybersecurity

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

Security Affairs

APRIL 13, 2025

. “During the half-day meeting in Geneva, Wang Lei, a top cyber official with Chinas Ministry of Foreign Affairs, indicated that the infrastructure hacks resulted from the U.S.s “Wang or the other Chinese officials didnt directly state that China was responsible for the hacking, the U.S. ” states the WSJ.

Hacking

Hacking Manufacturing Education Government

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Related: Technology and justice systems The U.S. Security and Exchange Commission (SEC) recently laid down the hammer charging and fining four prominent cybersecurity vendors for making misleading claims in connection with the SolarWinds hack. SEC investigators gathered evidence that Unisys Corp.,

CISO

CISO CSO Risk Cyber threats

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

“Today, the Department of the Treasurys Office of Foreign Assets Control (OFAC) sanctioned Integrity Technology Group, Incorporated (Integrity Tech), a Beijing-based cybersecurity company, for its role in multiple computer intrusion incidents against U.S. According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S.

Cybersecurity

Cybersecurity IoT Hacking Technology

AkiraBot: AI-Powered spam bot evades CAPTCHA to target 80,000+ websites

Security Affairs

APRIL 10, 2025

As the tool evolved, the targeting expanded to include websites built using GoDaddy and Wix, as well as generic website contact forms, which includes websites built using Squarespace, and likely other technologies.” ” reads the report published by SentinelOne. ” SentinelLab concludes.

eCommerce

eCommerce Technology DNS Business Services

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

NOVEMBER 11, 2024

million records containing employee data on the hacking forum BreachForums. The multinational technology company confirmed that it has patched the vulnerability explored by the threat actors in the attack. The company said that the data was stolen from a third-party vendor. Amazon did not disclose the number of impacted employees.

Data breaches

Data breaches Hacking Ransomware Technology

Why your vote can’t be “hacked,” with Cait Conley of CISA (Lock and Code S05E23)

Malwarebytes

NOVEMBER 4, 2024

Elections in the United States rely on a dizzying number of technologies. But there’s an even broader category of election interference that is of particular interest to this podcast, and that’s cybersecurity.

Hacking

Hacking Cybersecurity Government Ransomware

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

DevHub is a platform designed for developers to access resources, tools, and APIs to build and integrate applications with Cisco’s technologies. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, data breach)

Cybercrime

Cybercrime Data breaches Technology Banking

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] Bloom’s recommendation came to Biderman via Trevor Sykes, then chief technology officer for Ashley Madison parent firm Avid Life Media (ALM). pleaded guilty to running LeakedSource[.]com

Hacking

Hacking Accountability Data breaches Marketing

The Legal Risks of Security Research

Schneier on Security

OCTOBER 30, 2020

” From a summary : Such risk extends beyond anti-hacking laws, implicating copyright law and anti-circumvention provisions (DMCA §1201), electronic privacy law (ECPA), and cryptography export controls, as well as broader legal areas such as contract and trade secret law. Comprehensive, and well worth reading.

Risk

Risk Technology Hacking

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

Security Affairs

JANUARY 18, 2025

Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned Chinese firm Sichuan Juxinhe Network Technology Co., The US Treasurys OFAC also sanctionedYin Kecheng, a Shanghai-based cyber actor who was involved with the recent hack of the Department of the Treasury’s network. critical infrastructure.”

Cybersecurity

Cybersecurity Telecommunications Government Healthcare

Serbian student activist’s phone hacked using Cellebrite zero-day exploit

Security Affairs

MARCH 3, 2025

” Earlier this week, the Israeli company Cellebrite announced that it is suspending the provision of its technology to Serbia due to reports of abuse by local police. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, spyware) added Donncha Cearbhaill.

Hacking

Hacking Spyware Technology Surveillance

Thai police arrested Chinese hackers involved in SMS blaster attacks

Security Affairs

NOVEMBER 25, 2024

“This “SMS blasting” attack relies on using technology that impersonates cellular base stations and is capable of transmitting thousands of messages to devices within a close geographical radius.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, SMS blaster)

Mobile

Mobile Scams Technology Telecommunications

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

Security Affairs

DECEMBER 3, 2024

The threat actors had access to the company’s information technology systems and encrypted some of its data files. The preliminary investigation has revealed that a threat actor illegally accessed the Company’s information technology (“IT”) system and encrypted some of its data files.” ” reads the report filed with SEC.

Ransomware

Ransomware Encryption Technology Cybersecurity

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

The Last Watchdog

OCTOBER 23, 2024

As small businesses increasingly depend on digital technologies to operate and grow, the risks associated with cyber threats also escalate. LastPass reports that 80% of all hacking-related breaches leveraged either stolen and/or weak passwords. Cary, NC, Oct.

Small Business

Small Business Data breaches Backups Passwords

From Notifications to Deepfakes: How Human Behaviour Is Shifting and What It Means for Cybersecurity

Jane Frankland

JANUARY 19, 2025

For us in cyber, how do we navigate these new digital threats especially when we layer in the rise of AI and deepfake technologies, and the stakes grow even higher? Deepfake Technology Amplifying Risks: The evolution and democratisation of deepfake technology have blurred the line between reality and fabrication.

Cybersecurity

Cybersecurity Technology Scams Risk

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities. Image: U.S.

Retail

Retail Advertising Cryptocurrency Cybercrime

Bluetooth Flaw Allows Remote Unlocking of Digital Locks

Schneier on Security

MAY 20, 2022

Although Khan demonstrated the hack on a 2021 Tesla Model Y, NCC Group said any smart locks using BLE technology, including residential smart locks, could be unlocked in the same way.

Technology

Technology Authentication Hacking

National Security Risks of Late-Stage Capitalism

Schneier on Security

MARCH 1, 2021

The hack gave the attackers access to the computer networks of some 18,000 of SolarWinds’s customers, including US government agencies such as the Homeland Security Department and State Department, American nuclear research labs, government contractors, IT companies and nongovernmental agencies around the world.

Risk

Risk Government Marketing Software

Booklist Review of A Hacker’s Mind

Schneier on Security

JANUARY 14, 2023

Booklist reviews A Hacker’s Mind : Author and public-interest security technologist Schneier ( Data and Goliath , 2015) defines a “hack” as an activity allowed by a system “that subverts the rules or norms of the system […] at the expense of someone else affected by the system.” The book will be published on February 7.

Hacking

Hacking Technology

The Proliferation of Zero-days

Schneier on Security

SEPTEMBER 24, 2021

The MIT Technology Review is reporting that 2021 is a blockbuster year for zero-day exploits: One contributing factor in the higher rate of reported zero-days is the rapid global proliferation of hacking tools. At the top of the food chain are the government-sponsored hackers.

Hacking

Hacking Government Ransomware Technology

Russia warns financial sector organizations of IT service provider LANIT compromise

Security Affairs

FEBRUARY 25, 2025

LANIT Group (Laboratory of New Information Technologies) is one of Russia’s largest IT service and software providers. Treasury sanctioned LANIT due to its role in facilitating Russias acquisition of technology and equipment for its war machine. In May 2024, U.S. ” said U.S. ” said U.S.

Telecommunications

Telecommunications Software Technology Healthcare

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Webinars

Trending Sources

Ransomware attack hit Indian multinational Tata Technologies

Webinars

When AIs Start Hacking

Hacking Automobile Keyless Entry Systems

Account Hijacking Site OGUsers Hacked, Again

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

The Rise of Cyber Espionage: UAV and C-UAV Technologies as Targets

U.S. Treasury, Commerce Depts. Hacked Through SolarWinds Compromise

US Citizen Hacked by Spyware

Sendgrid Under Siege from Hacked Accounts

A Basic Timeline of the Exchange Mass-Hack

Discord Admins Hacked by Malicious Bookmarks

Deloitte denied its systems were hacked by Brain Cipher ransomware group

US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack

Cloak ransomware group hacked the Virginia Attorney General’s Office

U.S. Hacks QakBot, Quietly Removes Botnet Infections

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Inside the DemandScience by Pure Incubation Data Breach

What’s most interesting about the Florida water system hack? That we heard about it at all.

A cyberattack on gambling giant IGT disrupted portions of its IT systems

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

AkiraBot: AI-Powered spam bot evades CAPTCHA to target 80,000+ websites

Amazon discloses employee data breach after May 2023 MOVEit attacks

Why your vote can’t be “hacked,” with Cait Conley of CISA (Lock and Code S05E23)

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

The Legal Risks of Security Research

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

Serbian student activist’s phone hacked using Cellebrite zero-day exploit

Thai police arrested Chinese hackers involved in SMS blaster attacks

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

From Notifications to Deepfakes: How Human Behaviour Is Shifting and What It Means for Cybersecurity

An Interview With the Target & Home Depot Hacker

Bluetooth Flaw Allows Remote Unlocking of Digital Locks

National Security Risks of Late-Stage Capitalism

Booklist Review of A Hacker’s Mind

The Proliferation of Zero-days

Russia warns financial sector organizations of IT service provider LANIT compromise

Stay Connected