Hacking and Technology - Cyber Security Informer

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Hacking

Hacking Accountability Government Social Engineering

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey. But a review of this Araneida nickname on the cybercrime forums shows they have been active in the criminal hacking scene since at least 2018.

Hacking

Hacking Cybercrime Advertising Data breaches

Ransomware attack hit Indian multinational Tata Technologies

Security Affairs

FEBRUARY 1, 2025

Indian multinational technology company Tata Technologies suspended some IT services following a ransomware attack. Indian multinational Tata Technologies , a Tata Motors subsidiary, suspended some IT services following a ransomware attack. Threat actors hit the company’s information technology (IT) infrastructure.

Technology

Technology Ransomware Engineering Manufacturing

When AIs Start Hacking

Schneier on Security

APRIL 26, 2021

Hacking is as old as humanity. To date, hacking has exclusively been a human activity. After hacking humanity, AI systems will then hack other AI systems, and humans will be little more than collateral damage. Okay, maybe this is a bit of hyperbole, but it requires no far-future science fiction technology.

Hacking

Hacking Artificial Intelligence Government Engineering

Hacking Automobile Keyless Entry Systems

Schneier on Security

OCTOBER 17, 2022

Suspected members of a European car-theft ring have been arrested : The criminals targeted vehicles with keyless entry and start systems, exploiting the technology to get into the car and drive away. The article doesn’t say how the hacking tool got installed into cars.

Hacking

Hacking Manufacturing Marketing Software

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

Security Affairs

MARCH 5, 2025

Ransomware group Hunters International claims to have hacked Tata Technologies, threatening to leak 1.4 The Hunters International ransomware group claimed to have breached the Indian multinational technology company Tata Technologies, a Tata Motors subsidiary. TB of stolen data. The group claims the theft of 1.4

Technology

Technology Ransomware Engineering Manufacturing

Account Hijacking Site OGUsers Hacked, Again

Krebs on Security

DECEMBER 2, 2020

For at least the third time in its existence, OGUsers — a forum overrun with people looking to buy, sell and trade access to compromised social media accounts — has been hacked. OGUsers was hacked at least twice previously, in May 2019 and again in March 2020. called Disco Payments. ”

Accountability

Accountability Hacking Scams Media

Accellion Supply Chain Hack

Schneier on Security

MARCH 23, 2021

A vulnerability in the Accellion file-transfer program is being used by criminal groups to hack networks worldwide. There’s much in the article about when Accellion knew about the vulnerability, when it alerted its customers, and when it patched its software. Despite having a patch available on Dec. CISA alert.

Hacking

Hacking Banking Technology Software

Hacked IoT Devices Livestreaming Swatting Attacks: FBI

Adam Levin

DECEMBER 30, 2020

Offenders often use spoofing technology to anonymize their own phone numbers to make it appear to first responders as if the emergency call is coming from the victim’s phone number.”. The post Hacked IoT Devices Livestreaming Swatting Attacks: FBI appeared first on Adam Levin.

IoT

IoT Hacking Internet Internet

US Citizen Hacked by Spyware

Schneier on Security

MARCH 21, 2023

The New York Times is reporting that a US citizen’s phone was hacked by the Predator spyware. The disclosure is the first known case of an American citizen being targeted in a European Union country by the advanced snooping technology, the use of which has been the subject of a widening scandal in Greece.

Spyware

Spyware Hacking Government Technology

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

MARCH 24, 2025

The breach was detected in February , leading to notifications to the FBI, Virginia State Police, and the Virginia Information Technologies Agency. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, ransomware) Chief Deputy AG Steven Popps called it a sophisticated attack.

Ransomware

Ransomware Hacking Social Engineering VPN

Sendgrid Under Siege from Hacked Accounts

Krebs on Security

AUGUST 28, 2020

But this also means when a Sendgrid customer account gets hacked and used to send malware or phishing scams, the threat is particularly acute because a large number of organizations allow email from Sendgrid’s systems to sail through their spam-filtering systems.

Accountability

Accountability Hacking Authentication Marketing

US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack

Schneier on Security

APRIL 9, 2024

US Cyber Safety Review Board released a report on the summer 2023 hack of Microsoft Exchange by China. It was a serious attack by the Chinese government that accessed the emails of senior U.S. government officials. From the executive summary: The Board finds that this intrusion was preventable and should never have occurred.

Hacking

Hacking Government Accountability Technology

A Basic Timeline of the Exchange Mass-Hack

Krebs on Security

MARCH 8, 2021

Here’s a brief timeline of what we know leading up to last week’s mass-hack, when hundreds of thousands of Microsoft Exchange Server systems got compromised and seeded with a powerful backdoor Trojan horse program. When did Microsoft find out about attacks on previously unknown vulnerabilities in Exchange? .”

Hacking

Hacking Technology Software

Discord Admins Hacked by Malicious Bookmarks

Krebs on Security

MAY 30, 2023

A number of Discord communities focused on cryptocurrency have been hacked this past month after their administrators were tricked into running malicious Javascript code disguised as a Web browser bookmark. On May 9, MetrixCoin reported that its Discord server was hacked, with fake airdrop details pushed to all users.

Hacking

Hacking Accountability Scams Cryptocurrency

Deloitte denied its systems were hacked by Brain Cipher ransomware group

Security Affairs

DECEMBER 9, 2024

Their ransom notes share stylistic similarities with SenSayQ ransomware, and their TOR websites use similar technologies. Deloitte discovered the hack in March 2017, and according to The Guardian, the attackers may have had access to the company systems since October or November 2016. Deloitte has faced hacking claims twice recently.

Hacking

Hacking Ransomware Accountability Architecture

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

“This is the most significant technological and financial operation ever led by the Department of Justice against a botnet,” said Martin Estrada , the U.S. attorney for the Southern District of California, at a press conference this morning in Los Angeles. ” The DOJ said it also recovered more than 6.5

Hacking

Hacking Malware Ransomware Government

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

technology firm, confirmed receipt of USDoD’s message but asked to remain anonymous for this story. That InfraGard member, who is head of security at a major U.S.

Hacking

Hacking Energy and Utilities Cybercrime Accountability

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

Linus Larsson , the journalist who broke the story, says the hacked material was uploaded to a public server during the second half of September, and it is not known how many people may have gained access to it.

Hacking

Hacking Ransomware Banking Accountability

What’s most interesting about the Florida water system hack? That we heard about it at all.

Krebs on Security

FEBRUARY 10, 2021

Many facilities have not separated operational technology (the bits that control the switches and levers) from safety systems that might detect and alert on intrusions or potentially dangerous changes. “There’s no business case for hacking these types of systems. Information sharing is broken.”

Hacking

Hacking Media Cybersecurity Ransomware

Chinese national charged for hacking thousands of Sophos firewalls

Security Affairs

DECEMBER 11, 2024

has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. Tianfeng worked at Sichuan Silence Information Technology Co., based Sophos Ltd.

Firewall

Firewall Hacking Malware Passwords

A cyberattack on gambling giant IGT disrupted portions of its IT systems

Security Affairs

NOVEMBER 23, 2024

International Game Technology (IGT) detected a cyberattack on November 17, the company promptly started its incident response procedures. International Game Technology PLC (IGT), formerly Gtech S.p.A. is a multinational gambling company that produces slot machines and other gambling technology. and Lottomatica S.p.A.,

Technology

Technology Hacking Ransomware Cybersecurity

Inside the DemandScience by Pure Incubation Data Breach

Troy Hunt

NOVEMBER 13, 2024

But in all likelihood, there will be more than a handful of domain subscribers who take issue with that volume of people data sitting there in one corpus easily downloadable via a clear web hacking forum.

Data breaches

Data breaches Passwords B2B Technology

GUEST ESSAY: NewsCorp hack shows cyber espionage, squelching of press freedom on the rise

The Last Watchdog

APRIL 5, 2022

As the dust settles following the recently disclosed hack of NewsCorp , important lessons are emerging for the cybersecurity and journalism communities. MFA can be challenging to implement for some organizations from a technology or cost perspective or due to user pushback. Related: How China challenged Google in Operation Aurora.

Hacking

Hacking Passwords Internet Internet

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

“Today, the Department of the Treasurys Office of Foreign Assets Control (OFAC) sanctioned Integrity Technology Group, Incorporated (Integrity Tech), a Beijing-based cybersecurity company, for its role in multiple computer intrusion incidents against U.S. According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S.

Cybersecurity

Cybersecurity IoT Hacking Technology

Why your vote can’t be “hacked,” with Cait Conley of CISA (Lock and Code S05E23)

Malwarebytes

NOVEMBER 4, 2024

Elections in the United States rely on a dizzying number of technologies. But there’s an even broader category of election interference that is of particular interest to this podcast, and that’s cybersecurity.

Hacking

Hacking Cybersecurity Government Ransomware

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

NOVEMBER 11, 2024

million records containing employee data on the hacking forum BreachForums. The multinational technology company confirmed that it has patched the vulnerability explored by the threat actors in the attack. The company said that the data was stolen from a third-party vendor. Amazon did not disclose the number of impacted employees.

Data breaches

Data breaches Hacking Ransomware Technology

The Legal Risks of Security Research

Schneier on Security

OCTOBER 30, 2020

” From a summary : Such risk extends beyond anti-hacking laws, implicating copyright law and anti-circumvention provisions (DMCA §1201), electronic privacy law (ECPA), and cryptography export controls, as well as broader legal areas such as contract and trade secret law. Comprehensive, and well worth reading.

Risk

Risk Technology Hacking

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

DevHub is a platform designed for developers to access resources, tools, and APIs to build and integrate applications with Cisco’s technologies. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, data breach)

Cybercrime

Cybercrime Data breaches Technology Banking

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

Security Affairs

JANUARY 18, 2025

Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned Chinese firm Sichuan Juxinhe Network Technology Co., The US Treasurys OFAC also sanctionedYin Kecheng, a Shanghai-based cyber actor who was involved with the recent hack of the Department of the Treasury’s network. critical infrastructure.”

Cybersecurity

Cybersecurity Telecommunications Government Healthcare

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

The Last Watchdog

OCTOBER 23, 2024

As small businesses increasingly depend on digital technologies to operate and grow, the risks associated with cyber threats also escalate. LastPass reports that 80% of all hacking-related breaches leveraged either stolen and/or weak passwords. Cary, NC, Oct.

Small Business

Small Business Data breaches Backups Passwords

Introducing the DEF CON 32 Hackers' Almanack

Adam Shostack

MARCH 26, 2025

Every year, thousands of hackers converge in Las Vegas for a joyous, crazy exploration of the edges of technology otherwise fondly called Hacker Summer Camp. They include many communities with different perspectives, all with a core commitment to hacking and exploration.

Data breaches

Data breaches Passwords Technology Hacking

From Notifications to Deepfakes: How Human Behaviour Is Shifting and What It Means for Cybersecurity

Jane Frankland

JANUARY 19, 2025

For us in cyber, how do we navigate these new digital threats especially when we layer in the rise of AI and deepfake technologies, and the stakes grow even higher? Deepfake Technology Amplifying Risks: The evolution and democratisation of deepfake technology have blurred the line between reality and fabrication.

Cybersecurity

Cybersecurity Technology Scams Risk

Thai police arrested Chinese hackers involved in SMS blaster attacks

Security Affairs

NOVEMBER 25, 2024

“This “SMS blasting” attack relies on using technology that impersonates cellular base stations and is capable of transmitting thousands of messages to devices within a close geographical radius.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, SMS blaster)

Mobile

Mobile Scams Technology Telecommunications

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

Security Affairs

DECEMBER 3, 2024

The threat actors had access to the company’s information technology systems and encrypted some of its data files. The preliminary investigation has revealed that a threat actor illegally accessed the Company’s information technology (“IT”) system and encrypted some of its data files.” ” reads the report filed with SEC.

Ransomware

Ransomware Encryption Technology Cybersecurity

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities. Image: U.S.

Retail

Retail Advertising Cryptocurrency Marketing

Massive Oracle Cloud Breach: 6M Records Exposed, 140k+ Tenants Risked

eSecurity Planet

MARCH 24, 2025

A sophisticated supply chain hack targeting Oracle Cloud has exfiltrated a staggering 6 million records. The initial access was gained by hacking the login endpoint (login.(region-name).oraclecloud.com), CloudSEKs XVigil uncovered that threat actor rose87168 began selling the stolen data on March 21. region-name).oraclecloud.com),

Risk

Risk Passwords Hacking Encryption

The Proliferation of Zero-days

Schneier on Security

SEPTEMBER 24, 2021

The MIT Technology Review is reporting that 2021 is a blockbuster year for zero-day exploits: One contributing factor in the higher rate of reported zero-days is the rapid global proliferation of hacking tools. At the top of the food chain are the government-sponsored hackers.

Hacking

Hacking Government Ransomware Technology

National Security Risks of Late-Stage Capitalism

Schneier on Security

MARCH 1, 2021

The hack gave the attackers access to the computer networks of some 18,000 of SolarWinds’s customers, including US government agencies such as the Homeland Security Department and State Department, American nuclear research labs, government contractors, IT companies and nongovernmental agencies around the world.

Risk

Risk Government Marketing Software

Bluetooth Flaw Allows Remote Unlocking of Digital Locks

Schneier on Security

MAY 20, 2022

Although Khan demonstrated the hack on a 2021 Tesla Model Y, NCC Group said any smart locks using BLE technology, including residential smart locks, could be unlocked in the same way.

Technology

Technology Authentication Hacking

Booklist Review of A Hacker’s Mind

Schneier on Security

JANUARY 14, 2023

Booklist reviews A Hacker’s Mind : Author and public-interest security technologist Schneier ( Data and Goliath , 2015) defines a “hack” as an activity allowed by a system “that subverts the rules or norms of the system […] at the expense of someone else affected by the system.” The book will be published on February 7.

Hacking

Hacking Technology

Russia warns financial sector organizations of IT service provider LANIT compromise

Security Affairs

FEBRUARY 25, 2025

LANIT Group (Laboratory of New Information Technologies) is one of Russia’s largest IT service and software providers. Treasury sanctioned LANIT due to its role in facilitating Russias acquisition of technology and equipment for its war machine. In May 2024, U.S. ” said U.S. ” said U.S.

Telecommunications

Telecommunications Software Technology Healthcare

FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy

Krebs on Security

JUNE 18, 2020

An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and selling the data on the dark web.

Identity Theft

Identity Theft Healthcare Hacking Technology

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Trending Sources

Ransomware attack hit Indian multinational Tata Technologies

When AIs Start Hacking

Hacking Automobile Keyless Entry Systems

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

Account Hijacking Site OGUsers Hacked, Again

Accellion Supply Chain Hack

Hacked IoT Devices Livestreaming Swatting Attacks: FBI

US Citizen Hacked by Spyware

Cloak ransomware group hacked the Virginia Attorney General’s Office

Sendgrid Under Siege from Hacked Accounts

US Cyber Safety Review Board on the 2023 Microsoft Exchange Hack

A Basic Timeline of the Exchange Mass-Hack

Discord Admins Hacked by Malicious Bookmarks

Deloitte denied its systems were hacked by Brain Cipher ransomware group

U.S. Hacks QakBot, Quietly Removes Botnet Infections

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

What’s most interesting about the Florida water system hack? That we heard about it at all.

Chinese national charged for hacking thousands of Sophos firewalls

A cyberattack on gambling giant IGT disrupted portions of its IT systems

Inside the DemandScience by Pure Incubation Data Breach

GUEST ESSAY: NewsCorp hack shows cyber espionage, squelching of press freedom on the rise

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Why your vote can’t be “hacked,” with Cait Conley of CISA (Lock and Code S05E23)

Amazon discloses employee data breach after May 2023 MOVEit attacks

The Legal Risks of Security Research

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

News alert: INE Security shares cyber hygiene guidance for small- and medium-sized businesses

Introducing the DEF CON 32 Hackers' Almanack

From Notifications to Deepfakes: How Human Behaviour Is Shifting and What It Means for Cybersecurity

Thai police arrested Chinese hackers involved in SMS blaster attacks

Energy industry contractor ENGlobal Corporation discloses a ransomware attack

An Interview With the Target & Home Depot Hacker

Massive Oracle Cloud Breach: 6M Records Exposed, 140k+ Tenants Risked

The Proliferation of Zero-days

National Security Risks of Late-Stage Capitalism

Bluetooth Flaw Allows Remote Unlocking of Digital Locks

Booklist Review of A Hacker’s Mind

Russia warns financial sector organizations of IT service provider LANIT compromise

FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy

Stay Connected