2022 - Cyber Security Informer

Hacktivism and DDOS Attacks Rise Dramatically in 2022

Lohrman on Security

AUGUST 21, 2022

2022 has brought a surge in distributed denial-of-service attacks as well as a dramatic rise in patriotic hacktivism. What’s ahead for these trends as the year continues?

DDOS

Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days

Schneier on Security

NOVEMBER 18, 2024

Zero-day vulnerabilities are more commonly used , according to the Five Eyes: Key Findings In 2023, malicious cyber actors exploited more zero-day vulnerabilities to compromise enterprise networks compared to 2022, allowing them to conduct cyber operations against higher-priority targets.

Cybersecurity

SK Telecom revealed that malware breach began in 2022

Security Affairs

MAY 20, 2025

South Korean mobile network operator SK Telecom revealed that the security breach disclosed in April began in 2022. SK Telecom revealed that the security breach began in 2022, exposing USIM data of 27 million users. A joint probe found the initial infection occurred on June 15, 2022, staying undetected for nearly three years.

Malware

Malware Mobile Data breaches Wireless

Feds Link $150M Cyberheist to 2022 LastPass Hacks

Krebs on Security

MARCH 7, 2025

In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing…

Password Management

Password Management Hacking Passwords

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

August 11, 2022 at 11:00 am PDT, 2:00 pm EDT, 7:00 pm GMT In this webinar, you will learn how to: Outline popular change management models and processes. Organize ERM strategy, operations, and data. Determine impact tangents. Practice change management process with ERM data.

Risk

Location Tracking App for Foreigners in Moscow

Schneier on Security

MAY 28, 2025

Qatar did it in 2022 around the World Cup: “After accepting the terms of these apps, moderators will have complete control of users’ devices,” he continued. “All personal content, the ability to edit it, share it, extract it as well as data from other apps on your device is in their hands.

Mobile

Oops: DanaBot Malware Devs Infected Their Own PCs

Krebs on Security

MAY 22, 2025

Department of Justice unsealed a criminal complaint and indictment from 2022, which said the FBI identified at least 40 affiliates who were paying between $3,000 and $4,000 a month for access to the information stealer platform. Artem Aleksandrovich Kalinkin September 2022 grand jury indictment naming the 16 defendants Today, the U.S.

Malware

Malware Cybercrime Government Banking

Why Italy Sells So Much Spyware

Schneier on Security

NOVEMBER 19, 2024

According to an Italian Ministry of Justice document , as of December 2022 law enforcement in the country could rent spyware for €150 a day, regardless of which vendor they used, and without the large acquisition costs which would normally be prohibitive.

Spyware

Spyware Marketing Hacking

U.S. Offered $10M for Hacker Just Arrested by Russia

Krebs on Security

DECEMBER 4, 2024

In January 2022, KrebsOnSecurity identified a Russian man named Mikhail Matveev as “ Wazawaka ,” a cybercriminal who was deeply involved in the formation and operation of multiple ransomware groups. The men were among 14 suspected REvil members rounded up by Russia in the weeks before Russia invaded Ukraine in 2022.

Cybercrime

Cybercrime Ransomware Cryptocurrency Government

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

March 17, 2022 at 9:30 am PDT, 12:30 pm EDT, 5:30 pm BST DRaaS as the last line of defense. Best practices for choosing a DRaaS solution. Protect yourself and your business. This is an exclusive webinar you won’t want to miss!

Ransomware

2022 Cyber Review: The Year the Ukraine War Shocked the World

Lohrman on Security

DECEMBER 18, 2022

This past year will be remembered as another year of ransomware attacks, data breaches impacting critical infrastructure and, most of all, global cybersecurity impacts from the Russian war with Ukraine.

Data breaches

Data breaches Ransomware Cybersecurity

Alleged ‘Scattered Spider’ Member Extradited to U.S.

Krebs on Security

APRIL 30, 2025

Buchanan was arrested in Spain last year on a warrant from the FBI, which wanted him in connection with a series of SMS-based phishing attacks in the summer of 2022 that led to intrusions at Twilio, LastPass, DoorDash, Mailchimp, and many other tech firms. A Scattered Spider/0Ktapus SMS phishing lure sent to Twilio employees in 2022.

Identity Theft

Identity Theft Phishing Cryptocurrency Cybercrime

Alleged Co-Founder of Garantex Arrested in India

Krebs on Security

MARCH 11, 2025

government in 2022 for facilitating tens of billions of dollars in money laundering by transnational criminal and cybercriminal organizations. Treasury Office of Foreign Assets Control in April 2022 for receiving hundreds of millions in criminal proceeds, including funds used to facilitate hacking, ransomware, terrorism and drug trafficking.

Ransomware

Ransomware Cryptocurrency Marketing Government

Czech Republic Blames China-Linked APT31 Hackers for 2022 Cyberattack

The Hacker News

MAY 28, 2025

The Czech Republic on Wednesday formally accused a threat actor associated with the People's Republic of China (PRC) of targeting its Ministry of Foreign Affairs.

Government

Software Composition Analysis: The New Armor for Your Cybersecurity

Speaker: Blackberry, OSS Consultants, & Revenera

billion in 2022. Software is complex, which makes threats to the software supply chain more real every day. 64% of organizations have been impacted by a software supply chain attack and 60% of data breaches are due to unpatched software vulnerabilities. In the U.S. alone, cyber losses totaled $10.3

Cybersecurity

Microsoft Patch Tuesday, February 2025 Edition

Krebs on Security

FEBRUARY 11, 2025

Tenable senior staff research engineer Satnam Narang noted that since 2022, there have been nine elevation of privilege vulnerabilities in this same Windows component — three each year — including one in 2024 that was exploited in the wild as a zero day (CVE-2024-38193).

Artificial Intelligence

Artificial Intelligence Engineering Software Internet

Black Basta ransomware gang hit BT Group

Security Affairs

DECEMBER 4, 2024

Black Basta ransomware-as-a-service (RaaS) has been active since April 2022, it impacted several businesses and critical infrastructure entities across North America, Europe, and Australia. Black Basta is a ransomware-as-a-service (RaaS) variant, first identified in April 2022. reads the CSA.

Ransomware

Ransomware Telecommunications Healthcare Insurance

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

. — and charged him with stealing at least $800,000 from five victims between August 2022 and March 2023. Urban allegedly went by the nicknames “ Sosa ” and “ King Bob, ” and is believed to be part of the same crew that hacked Twilio and a slew of other companies in 2022.

Hacking

Hacking Phishing Cybercrime Passwords

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

Izvestia reports that Peter Vrublevsky is currently living in Switzerland, where he reportedly fled in 2022 after being “arrested in absentia” in Russia on charges of running a violent group that could be hired via Telegram to conduct a range of physical attacks in real life, including firebombings and muggings.

Retail

Retail Advertising Cryptocurrency Cybercrime

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Speaker: Ronald Eddings, Cybersecurity Expert and Podcaster

Register now for this exclusive webinar on March 24th, 2022 at 9:30 am PDT, 12:30 pm EDT, 5:30 pm GMT Deliver better insights on user access and app utilization that’s needed for better IT management and cost optimization across all SaaS apps.

Risk

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Security Affairs

JANUARY 15, 2025

released in October 2022. “The build date coded in the last number block also points to the same date range: None of the firewall firmwares examined had been compiled after September 14, 2022.” The analysis of the configuration files revealed that all the FortiOS versions in the data set were older than version 7.2.2,

VPN

VPN Passwords Firewall Firmware

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Digital Shadows

MARCH 17, 2025

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. CVE-2022-40684: Admin Control over VPN Infrastructure What is CVE-2022-40684? Rated CVSS 9.8,

VPN

VPN Authentication Ransomware Risk

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

In August 2022, multiple security firms gained access to the server that was receiving data from that Telegram bot, which on several occasions leaked the Telegram ID and handle of its developer, who used the nickname “ Joeleoli.” The group then used their access to Twilio to attack at least 163 of its customers.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

DarkCloud Stealer Returns: AutoIt-Powered Malware Strikes with New Stealth Tactics

Penetration Testing

MAY 14, 2025

First spotted in 2022 and actively developed ever since, DarkCloud Stealer has reemerged with a sophisticated new variant The post DarkCloud Stealer Returns: AutoIt-Powered Malware Strikes with New Stealth Tactics appeared first on Daily CyberSecurity.

Malware

Malware Cybersecurity Phishing

Ransomware Payments Are Down

Schneier on Security

JANUARY 31, 2023

Chainalysis reports that worldwide ransomware payments were down in 2022. million from victims in 2022, down from $765.6 Ransomware attackers extorted at least $456.8 million the year before.

Ransomware

Ransomware Cryptocurrency Cybercrime

Critical Microsoft Code-Execution Vulnerability

Schneier on Security

DECEMBER 22, 2022

It seems that researchers just realized how serious it was (and is): Like EternalBlue, CVE-2022-37958, as the latest vulnerability is tracked, allows attackers to execute malicious code with no authentication required. Microsoft fixed CVE-2022-37958 in September during its monthly Patch Tuesday rollout of security fixes.

Authentication

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

A search in the threat intelligence platform Intel 471 shows a user by the name Araneida promoted the scanner on two cybercrime forums since 2022, including Breached and Nulled. In 2022, Araneida told fellow Breached members they could be reached on Discord at the username “ Ornie#9811.” 2023 on the forum Cracked.

Hacking

Hacking Cybercrime Advertising Data breaches

Feds seized $23 million in crypto stolen using keys from LastPass breaches

Security Affairs

MARCH 10, 2025

authorities seized $23M in crypto linked to a $150M Ripple wallet theft, experts believe the incident is linked to the 2022 LastPass breach. authorities seized $23M in crypto tied to a $150M Ripple hack, suspected to have been carried out by hackers from the 2022 LastPass breach. ” reads the complaint. ” However.

Password Management

Password Management Cryptocurrency Passwords Data breaches

Cyberattack on Ukraine’s Kyivstar Seems to Be Russian Hacktivists

Schneier on Security

DECEMBER 21, 2023

This is one of the most significant cyberattacks since Russia invaded in February 2022. They’re linked to the Russian military, so it’s unclear whether the attack was government directed or freelance.

Government

Government Hacking

Experian Glitch Exposing Credit Files Lasted 47 Days

Krebs on Security

JANUARY 25, 2023

23, 2022, KrebsOnSecurity alerted big-three consumer credit reporting bureau Experian that identity thieves had worked out how to bypass its security and access any consumer’s full credit report — armed with nothing more than a person’s name, address, date of birth, and Social Security number. 9, 2022 and Dec.

Cybercrime

Cybercrime Web Fraud Data breaches

NJ Man Hired Online to Firebomb, Shoot at Homes Gets 13 Years in Prison

Krebs on Security

OCTOBER 23, 2023

4, 2022 story here about the emergence of “violence-as-a-service” offerings, where random people from the Internet hire themselves out to perform a variety of local, physical attacks, including firebombing a home, “bricking” windows, slashing tires, or performing a drive-by shooting at someone’s residence.

Internet

Internet Internet

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

networks since the summer of 2022. According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. Treasury sanctioned a Chinese cybersecurity firm, Integrity Tech, for links to cyberattacks by Chinas state-backed Flax Typhoon APT group (also called Ethereal Panda or RedJuliett). critical infrastructure sectors.“

Cybersecurity

Cybersecurity IoT Hacking Technology

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Security Affairs

FEBRUARY 13, 2025

In 2022, the Russian APT used multiple wipers in attacks aimed at Ukraine, including AwfulShred , CaddyWiper , HermeticWiper , Industroyer2 , IsaacWiper , WhisperGate , Prestige , RansomBoggs , and ZeroWipe. On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Telecommunications

Telecommunications DNS Passwords Hacking

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. 2022 that an intrusion had exposed a “limited number” of Twilio customer accounts through a sophisticated social engineering attack designed to steal employee credentials.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

Feds Charge NY Man as BreachForums Boss “Pompompurin”

Krebs on Security

MARCH 17, 2023

The forum’s administrator “ Pompompurin ” has been a thorn in the side of the FBI for years, and BreachForums is widely considered a reincarnation of RaidForums , a remarkably similar crime forum that the FBI infiltrated and dismantled in 2022. In April 2022, U.S. Image: News 12 Westchester.

Data breaches

Data breaches Cybercrime Insurance Internet

FBI Seizes BreachForums Website

Schneier on Security

MAY 17, 2024

co and run by pompompurin) operated a similar hacking forum from March 2022 until March 2023. Raidforums (hosted at raidforums.com and run by Omnipotent) was the predecessor hacking forum to both version of BreachForums and ran from early 2015 until February 2022.”

Hacking

Hacking Accountability Ransomware Internet

Arrests in $400M SIM-Swap Tied to Heist at FTX?

Krebs on Security

FEBRUARY 1, 2024

Three Americans were charged this week with stealing more than $400 million in a November 2022 SIM-swapping attack. 11-12, 2022. 11-12, 2022. 11, 2022 after they SIM-swapped an AT&T customer by impersonating them at a retail store using a fake ID. 11, 2022 local time, and continuing until the 12th of November.

Cryptocurrency

Cryptocurrency Ransomware Retail Government

Four REvil Ransomware members sentenced for hacking and money laundering

Security Affairs

OCTOBER 27, 2024

The cases have been sent to the Russian Prosecutor General’s Office for consolidation, and all defendants have been held since early 2022. in March 2022. Vasinskyi (aka Profcomserv, Rabotnik, Rabotnik_New, Yarik45, Yaraslav2468, and Affiliate 22) was arrested on October 8, 2021, while he was trying to enter Poland.

Ransomware

Ransomware Hacking Malware Cybercrime

Is Your Computer Part of ‘The Largest Botnet Ever?’

Krebs on Security

MAY 29, 2024

” From 2015 to July 2022, 911 S5 sold access to hundreds of thousands of Microsoft Windows computers daily, as “proxies” that allowed customers to route their Internet traffic through PCs in virtually any country or city around the globe — but predominantly in the United States. The prices page for 911 S5, circa July 2022. $28

VPN

VPN Government Cybercrime Internet

Facebook Is Now Encrypting Links to Prevent URL Stripping

Schneier on Security

JULY 18, 2022

Mozilla introduced support for URL stripping in Firefox 102 , which it launched in June 2022. These parameters have no functionality that is relevant to the user, but sites rely on them to track users across pages and properties.

Encryption

Pro-Russia hackers NoName057 targets Italy again after Zelensky’s visit to the country

Security Affairs

JANUARY 12, 2025

The group NoName57 has been active since March 2022 and has targeted government and critical infrastructure organizations worldwide. In September 2022, Avast researchers observed the group using the Bobik botnet to launch DDoS attacks. NoName057(16) uses multiple tools to carry out their attacks.

DDOS

DDOS Banking Government Marketing

Google Threat Intelligence Group (GTIG) tracked 75 actively exploited zero-day flaws in 2024

Security Affairs

APRIL 29, 2025

In 2024, Google tracked 75 exploited zero-day vulnerabilities, down from 98 in 2023 but up from 63 in 2022. “Microsoft Windows exploitation continued to increase, climbing from 13 zero-days in 2022, to 16 in 2023, to 22 in 2024.” ” continues the report. ” concludes the report.

Surveillance

Surveillance Mobile Software Hacking

Xinbi Telegram Market Tied to $8.4B in Crypto Crime, Romance Scams, North Korea Laundering

The Hacker News

MAY 14, 2025

billion in transactions since 2022, making it the second major black market to be exposed after HuiOne Guarantee. A Chinese-language, Telegram-based marketplace called Xinbi Guarantee has facilitated no less than $8.4

Marketing

Marketing Scams Technology

68k Phishing Victims are Now Searchable in Have I Been Pwned, Courtesy of CERT Poland

Troy Hunt

AUGUST 30, 2023

Data accumulated by the malicious activity spanned from October 2022 until just last week.

Phishing

Phishing Password Management Passwords Banking

Hacktivism and DDOS Attacks Rise Dramatically in 2022

Most of 2023’s Top Exploited Vulnerabilities Were Zero-Days

Trending Sources

SK Telecom revealed that malware breach began in 2022

Feds Link $150M Cyberheist to 2022 LastPass Hacks

Successful Change Management with Enterprise Risk Management

Location Tracking App for Foreigners in Moscow

Oops: DanaBot Malware Devs Infected Their Own PCs

Why Italy Sells So Much Spyware

U.S. Offered $10M for Hacker Just Arrested by Russia

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

2022 Cyber Review: The Year the Ukraine War Shocked the World

Alleged ‘Scattered Spider’ Member Extradited to U.S.

Alleged Co-Founder of Garantex Arrested in India

Czech Republic Blames China-Linked APT31 Hackers for 2022 Cyberattack

Software Composition Analysis: The New Armor for Your Cybersecurity

Microsoft Patch Tuesday, February 2025 Edition

Black Basta ransomware gang hit BT Group

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

An Interview With the Target & Home Depot Hacker

Cover Your SaaS: How to Overcome Security Challenges and Risks For Your Organization

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Threat Spotlight: Credential Theft vs. Admin Control—Two Devastating Paths to VPN Exploitation

Feds Charge Five Men in ‘Scattered Spider’ Roundup

DarkCloud Stealer Returns: AutoIt-Powered Malware Strikes with New Stealth Tactics

Ransomware Payments Are Down

Critical Microsoft Code-Execution Vulnerability

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Feds seized $23 million in crypto stolen using keys from LastPass breaches

Cyberattack on Ukraine’s Kyivstar Seems to Be Russian Hacktivists

Experian Glitch Exposing Credit Files Lasted 47 Days

NJ Man Hired Online to Firebomb, Shoot at Homes Gets 13 Years in Prison

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Feds Charge NY Man as BreachForums Boss “Pompompurin”

FBI Seizes BreachForums Website

Arrests in $400M SIM-Swap Tied to Heist at FTX?

Four REvil Ransomware members sentenced for hacking and money laundering

Is Your Computer Part of ‘The Largest Botnet Ever?’

Facebook Is Now Encrypting Links to Prevent URL Stripping

Pro-Russia hackers NoName057 targets Italy again after Zelensky’s visit to the country

Google Threat Intelligence Group (GTIG) tracked 75 actively exploited zero-day flaws in 2024

Xinbi Telegram Market Tied to $8.4B in Crypto Crime, Romance Scams, North Korea Laundering

68k Phishing Victims are Now Searchable in Have I Been Pwned, Courtesy of CERT Poland

Stay Connected