Schneier on Security

NOVEMBER 14, 2022

This is a current list of where and when I am scheduled to speak: I’m speaking at the 24th International Information Security Conference in Madrid, Spain, on November 17, 2022. The list is maintained on this page.

Information Security 232

Information Security 232

Schneier on Security

SEPTEMBER 20, 2023

The number of unfilled jobs leveled off in 2022, and remains at 3.5 And this is nothing that can be fixed by a newbie taking a six-month information security boot camp. […] Most entry-level roles tend to be quite specific, focused on one part of the profession, and are not generalist roles.

Cybersecurity 337

Cybersecurity CISO Engineering Architecture 337

Security Affairs

JANUARY 15, 2025

released in October 2022. “The build date coded in the last number block also points to the same date range: None of the firewall firmwares examined had been compiled after September 14, 2022.” ” reported Heise Security.

VPN 132

VPN Passwords Firewall Firmware 132

Security Affairs

OCTOBER 19, 2024

The researchers pointed out that despite IE’s end of support in June 2022, the vulnerability still impacted certain Windows applications. Microsoft ended its support for IE in June 2022. The threat actors compromised a Korean online ad agency server, injecting vulnerability code into ad content scripts.

Internet 143

Internet Internet Engineering Malware 143

Security Affairs

MARCH 10, 2025

authorities seized $23M in crypto linked to a $150M Ripple wallet theft, experts believe the incident is linked to the 2022 LastPass breach. authorities seized $23M in crypto tied to a $150M Ripple hack, suspected to have been carried out by hackers from the 2022 LastPass breach. ” reads the complaint. ” However.

Password Management 88

Password Management Cryptocurrency Passwords Data breaches 88

Security Affairs

JANUARY 4, 2025

networks since the summer of 2022. According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. Treasury sanctioned a Chinese cybersecurity firm, Integrity Tech, for links to cyberattacks by Chinas state-backed Flax Typhoon APT group (also called Ethereal Panda or RedJuliett). critical infrastructure sectors.“

Cybersecurity 124

Cybersecurity IoT Hacking Technology 124

Security Affairs

FEBRUARY 13, 2025

In 2022, the Russian APT used multiple wipers in attacks aimed at Ukraine, including AwfulShred , CaddyWiper , HermeticWiper , Industroyer2 , IsaacWiper , WhisperGate , Prestige , RansomBoggs , and ZeroWipe. On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Telecommunications 109

Telecommunications DNS Hacking Passwords 109

Security Affairs

JULY 30, 2024

A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five app on Google Play, totaling over 32,000 downloads between 2022 and 2024.

Spyware 128

Spyware Malware Mobile Marketing 128

Security Affairs

APRIL 22, 2024

Microsoft reported that the Russia-linked APT28 group (aka “ Forest Blizzard ”, “ Fancybear ” or “ Strontium ” used a previously unknown tool, dubbed GooseEgg, to exploit the Windows Print Spooler flaw CVE-2022-38028. The vulnerability CVE-2022-38028 was reported by the U.S.

Government 143

Government Education Phishing Hacking 143

Security Affairs

APRIL 9, 2025

The OCC reviewed email logs since 2022, disabled impacted accounts, and reported the breach to CISA. The confidentiality and integrity of the OCCs information security systems are paramount to fulfilling its mission, said Acting Comptroller of the Currency Rodney E. The breach was confirmed on Feb.

Accountability 125

Accountability Banking Information Security Hacking 125

Security Affairs

OCTOBER 27, 2024

The cases have been sent to the Russian Prosecutor General’s Office for consolidation, and all defendants have been held since early 2022. in March 2022. Vasinskyi (aka Profcomserv, Rabotnik, Rabotnik_New, Yarik45, Yaraslav2468, and Affiliate 22) was arrested on October 8, 2021, while he was trying to enter Poland.

Ransomware 143

Ransomware Hacking Malware Cybercrime 143

Security Affairs

JANUARY 12, 2025

The group NoName57 has been active since March 2022 and has targeted government and critical infrastructure organizations worldwide. In September 2022, Avast researchers observed the group using the Bobik botnet to launch DDoS attacks. NoName057(16) uses multiple tools to carry out their attacks.

DDOS 123

DDOS Banking Government Marketing 123

Security Affairs

DECEMBER 18, 2024

The campaign employing the attack technique was previously reported by Black Hills Information Security in 2022. Upon establishing a successful connection, it executes a remote application called AWS Secure Storage Connection Stability Test v24091285697854. ” reads the report published by Trend Micro.

Phishing 108

Phishing Government VPN Firewall 108

Security Affairs

OCTOBER 12, 2024

Since April 2021, Russian state-sponsored hackers have exploited vulnerabilities, including Zimbra’s CVE-2022-27924 for injecting commands to access credentials and emails, and JetBrains TeamCity’s CVE-2023-42793 for arbitrary code execution through an authentication bypass.

Data collection 138

Data collection Authentication Hacking Government 138

Security Affairs

DECEMBER 28, 2024

The group NoName57 has been active since March 2022 and has targeted government and critical infrastructure organizations worldwide. In September 2022, Avast researchers observed the group using the Bobik botnet to launch DDoS attacks. NoName057(16) uses multiple tools to carry out their attacks.

DDOS 127

DDOS Artificial Intelligence Government Cybercrime 127

Daniel Miessler

DECEMBER 24, 2022

If you follow Information Security at all you are surely aware of the LastPass breach situation. It started back in August of 2022 as a fairly common breach notification on a blog, but it, unfortunately, turned into more of a blog series.

Password Management 364

Password Management Passwords Encryption Backups 364

Security Affairs

APRIL 29, 2025

In 2024, Google tracked 75 exploited zero-day vulnerabilities, down from 98 in 2023 but up from 63 in 2022. “Microsoft Windows exploitation continued to increase, climbing from 13 zero-days in 2022, to 16 in 2023, to 22 in 2024.” ” continues the report. ” concludes the report.

Surveillance 110

Surveillance Mobile Software Hacking 110

Security Affairs

FEBRUARY 1, 2025

On October 14, 2022, Tata Power, Indias largest power generationcompany, announced a cyber attack hit its infrastructure. Threat actors hit the company’s information technology (IT) infrastructure. The gang claims to have breached the corporate network on October 3rd, 2022.

Technology 119

Technology Ransomware Engineering Manufacturing 119

Krebs on Security

NOVEMBER 4, 2022

” In late September 2022, KrebsOnSecurity warned about the proliferation of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. For example, on October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc.

Scams 307

Scams Artificial Intelligence Cryptocurrency Accountability 307

Security Affairs

DECEMBER 18, 2024

The APT group targeted an organization in Latin America in 2019 and 2022. While investigating the 2022 attack, the researchers noticed that the victim organization had also suffered a 2019 attack using “Careto2” and “Goreto” frameworks. ” reads the analysis published by Kaspersky.

Cyber Attacks 116

Cyber Attacks Hacking Government Malware 116

Security Affairs

DECEMBER 3, 2024

In June 2022, the controversial Israeli surveillance vendor NSO Group told the European Union lawmakers that its Pegasus spyware was used by at least five countries in the region. “We will not allow the PiS machine to further destroy democracy, lead Poland to the East and sovietise our country,” Karnowski told Reuters.

Spyware 120

Spyware Government Surveillance Hacking 120

Security Affairs

NOVEMBER 13, 2024

The botnet is comprised of two complementary activity clusters, the experts believe it has been active since at least February 2022. In early July and August of 2022, the researchers noticed several Cisco RV320s , DrayTek Vigor routers , and NETGEAR ProSAFEs that were part of the botnet.

VPN 124

VPN Government Malware Manufacturing 124

Security Affairs

OCTOBER 16, 2024

The same admin later launched a chat-based drug sales platform, Tsätti, in 2022, which was taken offline along with Sipulitie. Law enforcement agencies from the United Kingdom, United States, and Ireland participated in the operation that began towards the end of 2022.

Marketing 122

Marketing Cybercrime Scams Hacking 122

Security Affairs

FEBRUARY 6, 2025

is a Remote Code Execution flaw in Microsoft Outlook.

Firewall 124

Firewall Hacking Cybersecurity Risk 124

Security Affairs

MARCH 5, 2025

On October 14, 2022, Tata Power, Indias largest power generation company, announced a cyber attack hit its infrastructure. Threat actors hit the companys information technology (IT) infrastructure. The gang claims to have breached the corporate network on October 3rd, 2022. TB of data stored in over 730,000 files.

Technology 109

Technology Ransomware Engineering Manufacturing 109

Krebs on Security

APRIL 27, 2023

This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information. “My team is frustrated by the permissive nature of the platform,” Carbee said. Akiri said he notified the Washington D.C. ”

Banking 344

Banking Government Information Security Authentication 344

Security Affairs

MAY 6, 2025

” The team at Stroz Friedberg ran the experiment on a Windows Server 2022 machine that had SentinelOne version 23.4.6.223 installed and confirmed that the agent was running properly and showing as online in the management dashboard.

Ransomware 140

Ransomware Hacking Information Security 140

Security Affairs

NOVEMBER 2, 2024

Between 2020 and 2022, attackers launched multiple campaigns to exploit zero-day vulnerabilities in publicly accessible network appliances, focusing on WAN-facing services. However, further investigation revealed a complex rootkit, “Cloud Snooper,” and a unique cloud pivoting technique via a misconfigured AWS SSM Agent.

Firmware 123

Firmware Government Firewall Malware 123

Security Affairs

OCTOBER 16, 2024

However, the Brazilian national turned into more complex cybercriminal activities by 2022. The link between Luan’s hacktivism and cybercrime was established due to his bad Operational security (opsec). CrowdStrike’s investigation reveals that USDoD’s leader, Luan BG, has been a hacktivist active since at least 2017.

Data breaches 128

Data breaches Media Cybercrime Accountability 128

Security Affairs

MAY 24, 2025

The FBI warns that the Silent Ransom Group, active since 2022 and also known as Luna Moth, has targeted U.S. FBI warns Silent Ransom Group has targeted U.S. law firms for 2 years using callback phishing and social engineering extortion tactics. law firms using phishing and social engineering. ” reads the alert issued by the FBI.

Social Engineering 114

Social Engineering Antivirus Phishing Engineering 114

Security Affairs

NOVEMBER 15, 2024

In February 2022, Ilya Lichtenstein (35) and his wife, Heather Morgan (32), were arrested for alleged conspiracy to launder $4.5 .” reads the press release published by DoJ. Over 96% of the stolen funds have been recovered, with most remaining unspent, according to defense attorney Samson Enzer and with assistance from Lichtenstein.

Cryptocurrency 107

Cryptocurrency Hacking Government Accountability 107

Security Affairs

NOVEMBER 21, 2024

He is accused of stealing at least $800,000 from five victims between August 2022 and March 2023. Urban, known online as “Sosa” and “King Bob,” is linked to the same group that hacked Twilio and other companies in 2022. In January 2024, U.S.

Cybercrime 111

Cybercrime Identity Theft Cryptocurrency Phishing 111

Security Affairs

MAY 5, 2025

Sansec identified these backdoors in the following packages which were published between 2019 and 2022.” ” Below are the backdoored extensions that were published between 2019 and 2022. . “Hundreds of stores, including a $40 billion multinational, are running backdoored versions of popular ecommerce software.

eCommerce 96

eCommerce Hacking Authentication Software 96

Security Affairs

APRIL 3, 2025

The operation, which has been ongoing since 2022, identified 1,393 suspects, arrested 79, and seized over 3,000 devices. million users worldwide logged on to the platform between April 2022 and March 2025. The authorities confirmed that some suspects also abused children. The investigation has protected 39 children.

Cryptocurrency 101

Cryptocurrency Cybercrime Hacking Information Security 101

Security Affairs

JANUARY 24, 2025

Lumen experts also mentioned another variant of cd00r, codenamed SEASPY , that was used in a campaign targeting Barracuda Email Security Gateway (ESG) appliances that dates back in 2022. However, there is no evidence that the two campaigns are linked.

Malware 123

Malware VPN Encryption Hacking 123

Security Affairs

APRIL 30, 2025

Since mid-2022, theyve deployed RomCom via spear-phishing for espionage, lateral movement, and data theft. “After March 2022, attacks using Cuba ransomware were entirely replaced by Industrial Spy , which appears to be a continuation of the former. ” continues the report.

Encryption 103

Encryption Ransomware Malware Phishing 103

Security Affairs

OCTOBER 23, 2024

Here, Data Security Posture Management (DSPM) comes into play– an essential solution for addressing evolving data security and privacy requirements. What is Data Security Posture Management? He holds a degree of Computer Science from Iqra University and specializes in Information Security & Data Privacy.

Data privacy 127

Data privacy Unstructured Data Risk Data breaches 127