Schneier on Security

NOVEMBER 19, 2024

According to an Italian Ministry of Justice document , as of December 2022 law enforcement in the country could rent spyware for €150 a day, regardless of which vendor they used, and without the large acquisition costs which would normally be prohibitive.

Spyware 288

Spyware Marketing Hacking 288

Krebs on Security

DECEMBER 4, 2024

In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “ Wazawaka ,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The men were among 14 suspected REvil members rounded up by Russia in the weeks before Russia invaded Ukraine in 2022.

Cybercrime 251

Cybercrime Ransomware Cryptocurrency Government 251

Krebs on Security

APRIL 30, 2025

Buchanan was arrested in Spain last year on a warrant from the FBI, which wanted him in connection with a series of SMS-based phishing attacks in the summer of 2022 that led to intrusions at Twilio, LastPass, DoorDash, Mailchimp, and many other tech firms. A Scattered Spider/0Ktapus SMS phishing lure sent to Twilio employees in 2022.

Identity Theft 195

Identity Theft Phishing Cryptocurrency Cybercrime 195

Krebs on Security

OCTOBER 18, 2024

Brazilian authorities reportedly have arrested a 33-year-old man on suspicion of being “ USDoD ,” a prolific cybercriminal who rose to infamy in 2022 after infiltrating the FBI’s InfraGard program and leaking contact information for 80,000 members. population. national infrastructure.

Social Engineering 278

Social Engineering Passwords Cybercrime Mobile 278

Lohrman on Security

DECEMBER 18, 2022

This past year will be remembered as another year of ransomware attacks, data breaches impacting critical infrastructure and, most of all, global cybersecurity impacts from the Russian war with Ukraine.

Data breaches 360

Data breaches Ransomware Cybersecurity 360

Krebs on Security

MARCH 11, 2025

government in 2022 for facilitating tens of billions of dollars in money laundering by transnational criminal and cybercriminal organizations. Treasury Office of Foreign Assets Control in April 2022 for receiving hundreds of millions in criminal proceeds, including funds used to facilitate hacking, ransomware, terrorism and drug trafficking.

Ransomware 278

Ransomware Cryptocurrency Marketing Government 278

The Hacker News

MAY 28, 2025

The Czech Republic on Wednesday formally accused a threat actor associated with the People's Republic of China (PRC) of targeting its Ministry of Foreign Affairs.

Government 110

Government 110

Security Affairs

DECEMBER 4, 2024

Black Basta ransomware-as-a-service (RaaS) has been active since April 2022, it impacted several businesses and critical infrastructure entities across North America, Europe, and Australia. Black Basta is a ransomware-as-a-service (RaaS) variant, first identified in April 2022. reads the CSA.

Ransomware 129

Ransomware Telecommunications Healthcare Insurance 129

Krebs on Security

FEBRUARY 11, 2025

Tenable senior staff research engineer Satnam Narang noted that since 2022, there have been nine elevation of privilege vulnerabilities in this same Windows component — three each year — including one in 2024 that was exploited in the wild as a zero day (CVE-2024-38193).

Artificial Intelligence 213

Artificial Intelligence Engineering Software Internet 213

Security Affairs

JANUARY 15, 2025

released in October 2022. “The build date coded in the last number block also points to the same date range: None of the firewall firmwares examined had been compiled after September 14, 2022.” The analysis of the configuration files revealed that all the FortiOS versions in the data set were older than version 7.2.2,

VPN 133

VPN Passwords Firewall Firmware 133

Krebs on Security

JUNE 15, 2024

. — and charged him with stealing at least $800,000 from five victims between August 2022 and March 2023. Urban allegedly went by the nicknames “ Sosa ” and “ King Bob, ” and is believed to be part of the same crew that hacked Twilio and a slew of other companies in 2022.

Hacking 344

Hacking Cybercrime Phishing Passwords 344

Krebs on Security

NOVEMBER 14, 2024

Izvestia reports that Peter Vrublevsky is currently living in Switzerland, where he reportedly fled in 2022 after being “arrested in absentia” in Russia on charges of running a violent group that could be hired via Telegram to conduct a range of physical attacks in real life, including firebombings and muggings.

Retail 275

Retail Advertising Cryptocurrency Cybercrime 275

Krebs on Security

NOVEMBER 21, 2024

In August 2022, multiple security firms gained access to the server that was receiving data from that Telegram bot, which on several occasions leaked the Telegram ID and handle of its developer, who used the nickname “ Joeleoli.” The group then used their access to Twilio to attack at least 163 of its customers.

Identity Theft 269

Identity Theft Phishing Cryptocurrency Accountability 269

Security Affairs

OCTOBER 19, 2024

The researchers pointed out that despite IE’s end of support in June 2022, the vulnerability still impacted certain Windows applications. Microsoft ended its support for IE in June 2022. The threat actors compromised a Korean online ad agency server, injecting vulnerability code into ad content scripts.

Internet 143

Internet Internet Engineering Malware 143

Digital Shadows

MARCH 17, 2025

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. CVE-2022-40684: Admin Control over VPN Infrastructure What is CVE-2022-40684? Rated CVSS 9.8,

VPN 133

VPN Authentication Ransomware Risk 133

Krebs on Security

DECEMBER 10, 2024

.” Tyler Reguly at the security firm Fortra had a slightly different 2024 patch tally for Microsoft, at 1,088 vulnerabilities, which he said was surprisingly similar to the 1,063 vulnerabilities resolved in 2023 and the 1,119 vulnerabilities resolved in 2022.

Engineering 254

Engineering Authentication Software Ransomware 254

Security Affairs

MARCH 10, 2025

authorities seized $23M in crypto linked to a $150M Ripple wallet theft, experts believe the incident is linked to the 2022 LastPass breach. authorities seized $23M in crypto tied to a $150M Ripple hack, suspected to have been carried out by hackers from the 2022 LastPass breach. ” reads the complaint. ” However.

Password Management 90

Password Management Cryptocurrency Passwords Data breaches 90

Krebs on Security

DECEMBER 19, 2024

A search in the threat intelligence platform Intel 471 shows a user by the name Araneida promoted the scanner on two cybercrime forums since 2022, including Breached and Nulled. In 2022, Araneida told fellow Breached members they could be reached on Discord at the username “ Ornie#9811.” 2023 on the forum Cracked.

Hacking 249

Hacking Cybercrime Advertising Data breaches 249

Schneier on Security

DECEMBER 22, 2022

It seems that researchers just realized how serious it was (and is): Like EternalBlue, CVE-2022-37958, as the latest vulnerability is tracked, allows attackers to execute malicious code with no authentication required. Microsoft fixed CVE-2022-37958 in September during its monthly Patch Tuesday rollout of security fixes.

Authentication 71

Authentication 71

Security Affairs

FEBRUARY 13, 2025

In 2022, the Russian APT used multiple wipers in attacks aimed at Ukraine, including AwfulShred , CaddyWiper , HermeticWiper , Industroyer2 , IsaacWiper , WhisperGate , Prestige , RansomBoggs , and ZeroWipe. On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Telecommunications 111

Telecommunications DNS Hacking Passwords 111

Security Affairs

JANUARY 4, 2025

networks since the summer of 2022. According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. Treasury sanctioned a Chinese cybersecurity firm, Integrity Tech, for links to cyberattacks by Chinas state-backed Flax Typhoon APT group (also called Ethereal Panda or RedJuliett). critical infrastructure sectors.“

Cybersecurity 126

Cybersecurity IoT Hacking Technology 126

Krebs on Security

JANUARY 25, 2023

23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer’s full credit report — armed with nothing more than a person’s name, address, date of birth, and Social Security number. 9, 2022 and Dec.

Cybercrime 340

Cybercrime Web Fraud Data breaches 340

Schneier on Security

DECEMBER 21, 2023

This is one of the most significant cyberattacks since Russia invaded in February 2022. They’re linked to the Russian military, so it’s unclear whether the attack was government directed or freelance.

Government 306

Government Hacking 306

Krebs on Security

OCTOBER 23, 2023

4, 2022 story here about the emergence of “violence-as-a-service” offerings, where random people from the Internet hire themselves out to perform a variety of local, physical attacks, including firebombing a home, “bricking” windows, slashing tires, or performing a drive-by shooting at someone’s residence.

Internet 331

Internet Internet 331

Security Boulevard

NOVEMBER 15, 2024

A report from the Five Eyes cybersecurity alliance, released by the CISA, highlights the majority of the most exploited vulnerabilities last year were initially zero-day flaws, a significant increase compared to 2022 when less than half of the top vulnerabilities were zero-day exploits.

Cybersecurity 129

Cybersecurity Cyber threats 129

Penetration Testing

MAY 14, 2025

First spotted in 2022 and actively developed ever since, DarkCloud Stealer has reemerged with a sophisticated new variant The post DarkCloud Stealer Returns: AutoIt-Powered Malware Strikes with New Stealth Tactics appeared first on Daily CyberSecurity.

Malware 112

Malware Cybersecurity Phishing 112

Krebs on Security

JANUARY 30, 2024

technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.

Social Engineering 359

Social Engineering Mobile Cybercrime Passwords 359

Krebs on Security

MARCH 17, 2023

The forum’s administrator “ Pompompurin ” has been a thorn in the side of the FBI for years, and BreachForums is widely considered a reincarnation of RaidForums , a remarkably similar crime forum that the FBI infiltrated and dismantled in 2022. In April 2022, U.S. Image: News 12 Westchester.

Data breaches 357

Data breaches Cybercrime Insurance Internet 357

Security Affairs

JANUARY 12, 2025

The group NoName57 has been active since March 2022 and has targeted government and critical infrastructure organizations worldwide. In September 2022, Avast researchers observed the group using the Bobik botnet to launch DDoS attacks. NoName057(16) uses multiple tools to carry out their attacks.

DDOS 125

DDOS Banking Government Marketing 125

Krebs on Security

FEBRUARY 1, 2024

Three Americans were charged this week with stealing more than $400 million in a November 2022 SIM-swapping attack. 11-12, 2022. 11-12, 2022. 11, 2022 after they SIM-swapped an AT&T customer by impersonating them at a retail store using a fake ID. 11, 2022 local time, and continuing until the 12th of November.

Cryptocurrency 315

Cryptocurrency Ransomware Retail Government 315

Schneier on Security

MAY 17, 2024

co and run by pompompurin) operated a similar hacking forum from March 2022 until March 2023. Raidforums (hosted at raidforums.com and run by Omnipotent) was the predecessor hacking forum to both version of BreachForums and ran from early 2015 until February 2022.”

Hacking 310

Hacking Accountability Ransomware Internet 310

Security Affairs

OCTOBER 27, 2024

The cases have been sent to the Russian Prosecutor General’s Office for consolidation, and all defendants have been held since early 2022. in March 2022. Vasinskyi (aka Profcomserv, Rabotnik, Rabotnik_New, Yarik45, Yaraslav2468, and Affiliate 22) was arrested on October 8, 2021, while he was trying to enter Poland.

Ransomware 144

Ransomware Hacking Malware Cybercrime 144

Security Affairs

APRIL 29, 2025

In 2024, Google tracked 75 exploited zero-day vulnerabilities, down from 98 in 2023 but up from 63 in 2022. “Microsoft Windows exploitation continued to increase, climbing from 13 zero-days in 2022, to 16 in 2023, to 22 in 2024.” ” continues the report. ” concludes the report.

Surveillance 111

Surveillance Mobile Software Hacking 111

Security Affairs

DECEMBER 28, 2024

The group NoName57 has been active since March 2022 and has targeted government and critical infrastructure organizations worldwide. In September 2022, Avast researchers observed the group using the Bobik botnet to launch DDoS attacks. NoName057(16) uses multiple tools to carry out their attacks.

DDOS 129

DDOS Artificial Intelligence Government Cybercrime 129