Krebs on Security

SEPTEMBER 14, 2022

Worst in terms of outright scariness is CVE-2022-37969 , which is a “privilege escalation” weakness in the Windows Common Log File System Driver that allows attackers to gain SYSTEM-level privileges on a vulnerable host. .” CVE-2022-32984 is a problem in the deepest recesses of the operating system (the kernel).

Spyware 240

Spyware Security Defenses Cyber threats Cyber Attacks 240

Security Boulevard

APRIL 22, 2025

Company Overview Founded in 2022 and headquartered in Los Angeles, California, USA, EQTY Lab AG is a technology company focusing on AI governance and security. The post RSAC 2025 Innovation Sandbox | EQTY Lab: Governance Pioneer and Technical Architecture for Building a Trusted AI Ecosystem appeared first on Security Boulevard.

Architecture 94

Architecture Government Cyber Attacks Technology 94

The Hacker News

MAY 28, 2025

In a public statement, the government said it identified China as the culprit behind a malicious campaign targeting one of the unclassified networks of the Czech Ministry of Foreign Affairs. The extent of the breach is presently not

Government 113

Government 113

The Last Watchdog

DECEMBER 16, 2021

REvil and BlackMatter are not “shutting down” due to external pressure from the government and law enforcement agencies. In 2022 we expect to see more aggressive and complex ransomware efforts. In 2022 we expect to see organizations increasingly moving identity management systems into the CISO organization.

CISO 262

CISO Ransomware Risk Authentication 262

Joseph Steinberg

JANUARY 4, 2022

Cyber Security Expert, Joseph Steinberg, who joined Newsweek’s Expert Forum last year, will continue serving as a member throughout 2022. Joseph Steinberg serves as a cyber security expert witness , and as cyber security advisor to both businesses and governments. www.newsweek.com. About Joseph Steinberg. JosephSteinberg.com.

Artificial Intelligence 246

Artificial Intelligence CISO Technology Cybersecurity 246

Krebs on Security

MARCH 27, 2025

Researchers at the security firm Silent Push mapped a network of several dozen phishing domains that spoof the recruitment websites of Ukrainian paramilitary groups, as well as Ukrainian government intelligence sites. The website legiohliberty[.]army army features a carbon copy of the homepage for the Freedom of Russia Legion (a.k.a.

Phishing 244

Phishing Government Engineering Internet 244

Krebs on Security

NOVEMBER 21, 2024

In August 2022, multiple security firms gained access to the server that was receiving data from that Telegram bot, which on several occasions leaked the Telegram ID and handle of its developer, who used the nickname “ Joeleoli.” The group then used their access to Twilio to attack at least 163 of its customers.

Identity Theft 281

Identity Theft Phishing Cryptocurrency Accountability 281

Krebs on Security

MAY 29, 2024

” The arrest coincided with the seizure of the 911 S5 website and supporting infrastructure, which the government says turned computers running various “free VPN” products into Internet traffic relays that facilitated billions of dollars in online fraud and cybercrime. The prices page for 911 S5, circa July 2022. $28

VPN 360

VPN Government Cybercrime Internet 360

Krebs on Security

MAY 15, 2025

.” The feds said Fitzpatrick also joked with his friends about selling data to foreign governments, exhorting one user to “become a foreign asset to china or russia,” and to “sell government secrets.”

Healthcare 234

Healthcare Insurance Data breaches Government 234

Schneier on Security

DECEMBER 21, 2023

They’re linked to the Russian military, so it’s unclear whether the attack was government directed or freelance. This is one of the most significant cyberattacks since Russia invaded in February 2022. The Solntsepek group has taken credit for the attack.

Government 310

Government Hacking 310

Security Affairs

DECEMBER 28, 2024

With the renewed support for Ukraine from the Italian government, this group has resumed targeting certain Italian websites.” ” The group published a list of targets on its Telegram channel, which includes government and institutional websites. NoName057(16) uses multiple tools to carry out their attacks.

DDOS 124

DDOS Artificial Intelligence Government Cybercrime 124

Security Affairs

OCTOBER 19, 2024

The researchers pointed out that despite IE’s end of support in June 2022, the vulnerability still impacted certain Windows applications. Microsoft ended its support for IE in June 2022. Cyber attacks conducted by the APT37 group mainly targeted government, defense, military, and media organizations in South Korea.

Internet 141

Internet Internet Engineering Malware 141

Krebs on Security

NOVEMBER 14, 2024

net that paid people to click on ads for Russian government employment opportunities. Shefel says he stopped selling stolen payment cards after being pushed out of the business, and invested his earnings in a now-defunct Russian search engine called tf[.]org. He also apparently ran a business called click2dad[.]net

Advertising 290

Advertising Retail Cryptocurrency Cybercrime 290

Security Affairs

JANUARY 12, 2025

” On Saturday, January 11, the attacks targeted Italian ministries and government institutions, while on Sunday a new wave of DDoS attacks hit Italian banks and private businesses. The group NoName57 has been active since March 2022 and has targeted government and critical infrastructure organizations worldwide.

DDOS 120

DDOS Banking Government Marketing 120

Krebs on Security

FEBRUARY 4, 2025

In addition, the government seized the domain names for two popular anonymity services that were heavily advertised on Cracked and Nulled and allowed customers to rent virtual servers: StarkRDP[.]io The DOJ said the law enforcement action, dubbed Operation Talent , also seized domains tied to Sellix , Cracked’s payment processor.

eCommerce 233

eCommerce Cybercrime Accountability Hacking 233

Trend Micro

MARCH 17, 2024

Since early 2022, we have been monitoring an APT campaign that targets several government entities worldwide, with a strong focus in Southeast Asia, but also seen targeting Europe, America, and Africa.

Government 145

Government 145

Security Affairs

OCTOBER 12, 2024

Since April 2021, Russian state-sponsored hackers have exploited vulnerabilities, including Zimbra’s CVE-2022-27924 for injecting commands to access credentials and emails, and JetBrains TeamCity’s CVE-2023-42793 for arbitrary code execution through an authentication bypass.

Data collection 135

Data collection Authentication Hacking Government 135

Security Affairs

NOVEMBER 2, 2024

Sophos, with the help of other cybersecurity firms, government, and law enforcement agencies investigated the cyber attacks and attributed them multiple China-linked APT groups, such as Volt Typhoon , APT31 and APT41 / Winnti. The Chinese hackers have also ramped up the use of zero-day vulnerabilities in targeted devices.

Firmware 120

Firmware Government Firewall Malware 120

Security Affairs

JANUARY 23, 2024

The Australian government announced sanctions for a member of the REvil ransomware group for the Medibank hack that occurred in 2022. The Australian government announced sanctions for Aleksandr Gennadievich Ermakov (aka GustaveDore, aiiis_ermak, blade_runner, JimJones), a Russian national who is a member of the REvil ransomware group.

Government 136

Government Insurance Ransomware Hacking 136

Schneier on Security

JANUARY 21, 2022

Key Findings: MY2022, an app mandated for use by all attendees of the 2022 Olympic Games in Beijing, has a simple but devastating flaw where encryption protecting users’ voice audio and file transfers can be trivially sidestepped. Citizen Lab examined the app and found it riddled with security holes.

Surveillance 360

Surveillance Encryption Wireless Government 360

Anton on Security

JUNE 24, 2025

Changes in 2022 and Beyond in Cloud Security” EP153 Kevin Mandia on Cloud Breaches: New Threat Actors, Old Mistakes, and Lessons for All EP109 How Google Does Vulnerability Management: The Not So Secret Secrets! 2023) 20 Years of SIEM (2022) Enjoy! officially!)

Threat Detection 130

Threat Detection CISO Cloud Migration Digital transformation 130

Security Affairs

NOVEMBER 13, 2024

In the most recent campaign, the group targeted organizations in the communications, manufacturing, utility, transportation, construction, maritime, government, information technology, and education sectors. The botnet is comprised of two complementary activity clusters, the experts believe it has been active since at least February 2022.

VPN 121

VPN Government Malware Firewall 121

Krebs on Security

FEBRUARY 1, 2024

Three Americans were charged this week with stealing more than $400 million in a November 2022 SIM-swapping attack. government did not name the victim organization, but there is every indication that the money was stolen from the now-defunct cryptocurrency exchange FTX , which had just filed for bankruptcy on that same day.

Cryptocurrency 330

Cryptocurrency Ransomware Government Retail 330

Krebs on Security

JANUARY 30, 2024

technology companies during the summer of 2022. stole at least $800,000 from at least five victims between August 2022 and March 2023. The government says Urban went by the aliases “ Sosa ” and “ King Bob ,” among others. A graphic depicting how 0ktapus leveraged one victim to attack another.

Social Engineering 362

Social Engineering Cybercrime Mobile Identity Theft 362

Digital Shadows

MARCH 17, 2025

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. CVE-2022-40684: Admin Control over VPN Infrastructure What is CVE-2022-40684? Rated CVSS 9.8,

VPN 133

VPN Authentication Ransomware Risk 133

Security Affairs

NOVEMBER 25, 2024

He is expected to warn about the activity conducted by Russia’s GRU Unit 29155 , which the UK government accuses of conducting several attacks across the UK and Europe. McFadden will also warn of cyber attacks carried out by “unofficial hacktivists ” linked to the Russian government. ” reported BBC.

Cyber Attacks 113

Cyber Attacks Government Hacking Cyber threats 113

Security Affairs

NOVEMBER 16, 2023

Google TAG revealed that threat actors exploited a Zimbra Collaboration Suite zero-day ( CVE-2023-37580 ) to steal emails from governments. The first campaign aimed at a government organization in Greece, threat actors sent emails containing exploit urls to their targets. ” continues the report. .”

Government 139

Government Authentication Phishing Hacking 139

Krebs on Security

AUGUST 29, 2023

government today announced a coordinated crackdown against QakBot , a complex malware family used by multiple cybercrime groups to lay the groundwork for ransomware infections. government has used court orders to remotely disinfect systems compromised with malware. Today’s operation is not the first time the U.S.

Hacking 327

Hacking Malware Ransomware Government 327

Security Affairs

APRIL 29, 2025

In 2024, Google tracked 75 exploited zero-day vulnerabilities, down from 98 in 2023 but up from 63 in 2022. “Microsoft Windows exploitation continued to increase, climbing from 13 zero-days in 2022, to 16 in 2023, to 22 in 2024.” ” continues the report. ” concludes the report. ” concludes the report.

Surveillance 108

Surveillance Mobile Software Hacking 108

Security Affairs

MARCH 10, 2025

authorities seized $23M in crypto linked to a $150M Ripple wallet theft, experts believe the incident is linked to the 2022 LastPass breach. authorities seized $23M in crypto tied to a $150M Ripple hack, suspected to have been carried out by hackers from the 2022 LastPass breach. ” reads the complaint. ” However.

Password Management 86

Password Management Cryptocurrency Passwords Data breaches 86

Security Affairs

APRIL 22, 2024

Microsoft reported that the Russia-linked APT28 group (aka “ Forest Blizzard ”, “ Fancybear ” or “ Strontium ” used a previously unknown tool, dubbed GooseEgg, to exploit the Windows Print Spooler flaw CVE-2022-38028. The vulnerability CVE-2022-38028 was reported by the U.S.

Government 142

Government Education Phishing Hacking 142

Security Affairs

MARCH 28, 2024

Google’s Threat Analysis Group (TAG) and its subsidiary Mandiant reported that in 2023 97 zero-day vulnerabilities were exploited in attacks, while in 2022 the actively exploited zero-day flaws were 62. In 2023, Google (TAG) and Mandiant discovered 29 out of 97 vulnerabilities exploited in the wild. ” continues the report.

Government 138

Government Surveillance Cybercrime Ransomware 138

Krebs on Security

JANUARY 10, 2024

Mora said it’s unclear if the bitcoin address that holds his client’s stolen money is being held by the government or by the anonymous hackers. “The government doesn’t need the crypto as evidence, but in a forfeiture action the money goes to the government,” Rasch said. million cyberheist.

Cryptocurrency 355

Cryptocurrency Government Cybercrime Accountability 355

Security Affairs

DECEMBER 18, 2024

In October 2024, the Russia-linked cyber espionage group APT29 (aka Earth Koshchei, SVR group , Cozy Bear , Nobelium , BlueBravo , Midnight Blizzard , and The Dukes ) used rogue RDP attacks via phishing emails targeting governments, think tanks, and Ukrainian entities to steal data and install malware.

Phishing 107

Phishing Government Firewall VPN 107

Security Affairs

DECEMBER 18, 2024

The APT group targeted an organization in Latin America in 2019 and 2022. While investigating the 2022 attack, the researchers noticed that the victim organization had also suffered a 2019 attack using “Careto2” and “Goreto” frameworks. ” reads the analysis published by Kaspersky.

Cyber Attacks 113

Cyber Attacks Hacking Government Malware 113

Schneier on Security

APRIL 9, 2024

It was a serious attack by the Chinese government that accessed the emails of senior U.S. government officials. The board was established in early 2022, modeled in spirit after the National Transportation Safety Board. US Cyber Safety Review Board released a report on the summer 2023 hack of Microsoft Exchange by China.

Hacking 330

Hacking Government Accountability Technology 330

Security Affairs

NOVEMBER 15, 2024

In February 2022, Ilya Lichtenstein (35) and his wife, Heather Morgan (32), were arrested for alleged conspiracy to launder $4.5 Since the arrest of the couple, the government has seized another approximately $475 million tied to the cyber heist. .” reads the press release published by DoJ.

Cryptocurrency 105

Cryptocurrency Hacking Government Accountability 105