Security Affairs

DECEMBER 4, 2024

Black Basta ransomware-as-a-service (RaaS) has been active since April 2022, it impacted several businesses and critical infrastructure entities across North America, Europe, and Australia. Black Basta is a ransomware-as-a-service (RaaS) variant, first identified in April 2022. reads the CSA.

Ransomware 123

Ransomware Telecommunications Healthcare Insurance 123

Security Affairs

JANUARY 15, 2025

released in October 2022. “The build date coded in the last number block also points to the same date range: None of the firewall firmwares examined had been compiled after September 14, 2022.” ” reported Heise Security.

VPN 127

VPN Passwords Firewall Firmware 127

Security Affairs

MARCH 10, 2025

authorities seized $23M in crypto linked to a $150M Ripple wallet theft, experts believe the incident is linked to the 2022 LastPass breach. authorities seized $23M in crypto tied to a $150M Ripple hack, suspected to have been carried out by hackers from the 2022 LastPass breach. ” reads the complaint. ” However.

Password Management 85

Password Management Cryptocurrency Passwords Data breaches 85

Security Affairs

JANUARY 4, 2025

networks since the summer of 2022. According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. Treasury sanctioned a Chinese cybersecurity firm, Integrity Tech, for links to cyberattacks by Chinas state-backed Flax Typhoon APT group (also called Ethereal Panda or RedJuliett). critical infrastructure sectors.“

Cybersecurity 120

Cybersecurity IoT Hacking Technology 120

Security Affairs

FEBRUARY 13, 2025

In 2022, the Russian APT used multiple wipers in attacks aimed at Ukraine, including AwfulShred , CaddyWiper , HermeticWiper , Industroyer2 , IsaacWiper , WhisperGate , Prestige , RansomBoggs , and ZeroWipe. On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Telecommunications 105

Telecommunications DNS Passwords Hacking 105

Security Affairs

APRIL 22, 2024

Microsoft reported that the Russia-linked APT28 group (aka “ Forest Blizzard ”, “ Fancybear ” or “ Strontium ” used a previously unknown tool, dubbed GooseEgg, to exploit the Windows Print Spooler flaw CVE-2022-38028. The vulnerability CVE-2022-38028 was reported by the U.S.

Government 141

Government Education Phishing Malware 141

Security Affairs

JULY 30, 2024

A new version of the Mandrake Android spyware has been found in five apps on Google Play, which have been downloaded over 32,000 times since 2022. Researchers from Kaspersky discovered a new version of the Mandrake Android spyware in five app on Google Play, totaling over 32,000 downloads between 2022 and 2024.

Spyware 124

Spyware Malware Mobile Marketing 124

Security Affairs

OCTOBER 27, 2024

The cases have been sent to the Russian Prosecutor General’s Office for consolidation, and all defendants have been held since early 2022. in March 2022. Vasinskyi (aka Profcomserv, Rabotnik, Rabotnik_New, Yarik45, Yaraslav2468, and Affiliate 22) was arrested on October 8, 2021, while he was trying to enter Poland.

Ransomware 141

Ransomware Hacking Malware Cybercrime 141

Daniel Miessler

DECEMBER 24, 2022

If you follow Information Security at all you are surely aware of the LastPass breach situation. It started back in August of 2022 as a fairly common breach notification on a blog, but it, unfortunately, turned into more of a blog series.

Password Management 364

Password Management Passwords Encryption Backups 364

Security Affairs

APRIL 9, 2025

The OCC reviewed email logs since 2022, disabled impacted accounts, and reported the breach to CISA. The confidentiality and integrity of the OCCs information security systems are paramount to fulfilling its mission, said Acting Comptroller of the Currency Rodney E. The breach was confirmed on Feb.

Accountability 120

Accountability Banking Information Security Hacking 120

Security Affairs

JANUARY 12, 2025

The group NoName57 has been active since March 2022 and has targeted government and critical infrastructure organizations worldwide. In September 2022, Avast researchers observed the group using the Bobik botnet to launch DDoS attacks. NoName057(16) uses multiple tools to carry out their attacks.

DDOS 119

DDOS Banking Government Marketing 119

Security Affairs

OCTOBER 12, 2024

Since April 2021, Russian state-sponsored hackers have exploited vulnerabilities, including Zimbra’s CVE-2022-27924 for injecting commands to access credentials and emails, and JetBrains TeamCity’s CVE-2023-42793 for arbitrary code execution through an authentication bypass.

Data collection 134

Data collection Authentication Hacking Government 134

Security Affairs

DECEMBER 28, 2024

The group NoName57 has been active since March 2022 and has targeted government and critical infrastructure organizations worldwide. In September 2022, Avast researchers observed the group using the Bobik botnet to launch DDoS attacks. NoName057(16) uses multiple tools to carry out their attacks.

DDOS 123

DDOS Artificial Intelligence Government Cybercrime 123

Security Affairs

APRIL 29, 2025

In 2024, Google tracked 75 exploited zero-day vulnerabilities, down from 98 in 2023 but up from 63 in 2022. “Microsoft Windows exploitation continued to increase, climbing from 13 zero-days in 2022, to 16 in 2023, to 22 in 2024.” ” continues the report. ” concludes the report.

Surveillance 107

Surveillance Mobile Software Hacking 107

Security Affairs

FEBRUARY 1, 2025

On October 14, 2022, Tata Power, Indias largest power generationcompany, announced a cyber attack hit its infrastructure. Threat actors hit the company’s information technology (IT) infrastructure. The gang claims to have breached the corporate network on October 3rd, 2022.

Technology 114

Technology Ransomware Engineering Manufacturing 114

Krebs on Security

NOVEMBER 4, 2022

” In late September 2022, KrebsOnSecurity warned about the proliferation of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations. For example, on October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc.

Scams 305

Scams Artificial Intelligence Cryptocurrency Accountability 305

Security Affairs

MAY 6, 2025

” The team at Stroz Friedberg ran the experiment on a Windows Server 2022 machine that had SentinelOne version 23.4.6.223 installed and confirmed that the agent was running properly and showing as online in the management dashboard.

Ransomware 140

Ransomware Hacking Information Security 140

Security Affairs

DECEMBER 18, 2024

The APT group targeted an organization in Latin America in 2019 and 2022. While investigating the 2022 attack, the researchers noticed that the victim organization had also suffered a 2019 attack using “Careto2” and “Goreto” frameworks. ” reads the analysis published by Kaspersky.

Cyber Attacks 112

Cyber Attacks Hacking Government Malware 112

Security Affairs

DECEMBER 3, 2024

In June 2022, the controversial Israeli surveillance vendor NSO Group told the European Union lawmakers that its Pegasus spyware was used by at least five countries in the region. “We will not allow the PiS machine to further destroy democracy, lead Poland to the East and sovietise our country,” Karnowski told Reuters.

Spyware 116

Spyware Government Surveillance Hacking 116

Security Affairs

NOVEMBER 13, 2024

The botnet is comprised of two complementary activity clusters, the experts believe it has been active since at least February 2022. In early July and August of 2022, the researchers noticed several Cisco RV320s , DrayTek Vigor routers , and NETGEAR ProSAFEs that were part of the botnet.

VPN 120

VPN Government Malware Manufacturing 120

Security Affairs

OCTOBER 16, 2024

The same admin later launched a chat-based drug sales platform, Tsätti, in 2022, which was taken offline along with Sipulitie. Law enforcement agencies from the United Kingdom, United States, and Ireland participated in the operation that began towards the end of 2022.

Marketing 118

Marketing Cybercrime Scams Hacking 118

Security Affairs

FEBRUARY 6, 2025

is a Remote Code Execution flaw in Microsoft Outlook.

Firewall 120

Firewall Hacking Cybersecurity Risk 120

Security Affairs

MAY 5, 2025

Sansec identified these backdoors in the following packages which were published between 2019 and 2022.” ” Below are the backdoored extensions that were published between 2019 and 2022. . “Hundreds of stores, including a $40 billion multinational, are running backdoored versions of popular ecommerce software.

eCommerce 91

eCommerce Hacking Authentication Software 91

Krebs on Security

APRIL 27, 2023

This misconfigured Salesforce Community site from the state of Vermont was leaking pandemic assistance loan application data, including names, SSNs, email address and bank account information. “My team is frustrated by the permissive nature of the platform,” Carbee said. Akiri said he notified the Washington D.C. ”

Banking 343

Banking Government Information Security Authentication 343

Security Affairs

MAY 24, 2025

The FBI warns that the Silent Ransom Group, active since 2022 and also known as Luna Moth, has targeted U.S. FBI warns Silent Ransom Group has targeted U.S. law firms for 2 years using callback phishing and social engineering extortion tactics. law firms using phishing and social engineering. ” reads the alert issued by the FBI.

Social Engineering 110

Social Engineering Antivirus Phishing Engineering 110

Security Affairs

MARCH 5, 2025

On October 14, 2022, Tata Power, Indias largest power generation company, announced a cyber attack hit its infrastructure. Threat actors hit the companys information technology (IT) infrastructure. The gang claims to have breached the corporate network on October 3rd, 2022. TB of data stored in over 730,000 files.

Technology 105

Technology Ransomware Engineering Manufacturing 105

Security Affairs

NOVEMBER 2, 2024

Between 2020 and 2022, attackers launched multiple campaigns to exploit zero-day vulnerabilities in publicly accessible network appliances, focusing on WAN-facing services. However, further investigation revealed a complex rootkit, “Cloud Snooper,” and a unique cloud pivoting technique via a misconfigured AWS SSM Agent.

Firmware 119

Firmware Government Firewall Malware 119

Security Affairs

OCTOBER 16, 2024

However, the Brazilian national turned into more complex cybercriminal activities by 2022. The link between Luan’s hacktivism and cybercrime was established due to his bad Operational security (opsec). CrowdStrike’s investigation reveals that USDoD’s leader, Luan BG, has been a hacktivist active since at least 2017.

Data breaches 124

Data breaches Media Cybercrime Accountability 124

Security Affairs

NOVEMBER 15, 2024

In February 2022, Ilya Lichtenstein (35) and his wife, Heather Morgan (32), were arrested for alleged conspiracy to launder $4.5 .” reads the press release published by DoJ. Over 96% of the stolen funds have been recovered, with most remaining unspent, according to defense attorney Samson Enzer and with assistance from Lichtenstein.

Cryptocurrency 104

Cryptocurrency Hacking Government Accountability 104

Security Affairs

NOVEMBER 21, 2024

He is accused of stealing at least $800,000 from five victims between August 2022 and March 2023. Urban, known online as “Sosa” and “King Bob,” is linked to the same group that hacked Twilio and other companies in 2022. In January 2024, U.S.

Cybercrime 108

Cybercrime Identity Theft Cryptocurrency Phishing 108

Security Affairs

APRIL 3, 2025

The operation, which has been ongoing since 2022, identified 1,393 suspects, arrested 79, and seized over 3,000 devices. million users worldwide logged on to the platform between April 2022 and March 2025. The authorities confirmed that some suspects also abused children. The investigation has protected 39 children.

Cryptocurrency 97

Cryptocurrency Cybercrime Hacking Information Security 97

Krebs on Security

SEPTEMBER 24, 2022

A native of Omsk, Russia, Kloster came into focus after KrebsOnSecurity followed clues from the RSOCKS botnet master’s identity on the cybercrime forums to Kloster’s personal blog , which featured musings on the challenges of running a company that sells “security and anonymity services to customers around the world.”

Cybercrime 263

Cybercrime Data breaches Malware Ransomware 263

Security Affairs

JANUARY 24, 2025

Lumen experts also mentioned another variant of cd00r, codenamed SEASPY , that was used in a campaign targeting Barracuda Email Security Gateway (ESG) appliances that dates back in 2022. However, there is no evidence that the two campaigns are linked.

Malware 119

Malware VPN Encryption Hacking 119

SecureWorld News

DECEMBER 9, 2024

The Chief Information Security Officer (CISO) has become one of the most critical roles in modern organizations. Burnout and job dissatisfaction The State of the CISO 20232024" report reveals a decline in job satisfaction, with only 64% of CISOs satisfied with their rolesa sharp drop from 74% in 2022.

CISO 104

CISO Cyber threats Risk Cybersecurity 104

Security Affairs

OCTOBER 23, 2024

Here, Data Security Posture Management (DSPM) comes into play– an essential solution for addressing evolving data security and privacy requirements. What is Data Security Posture Management? He holds a degree of Computer Science from Iqra University and specializes in Information Security & Data Privacy.

Data privacy 123

Data privacy Unstructured Data Risk Data breaches 123

Krebs on Security

OCTOBER 20, 2022

On October 10, 2022, there were 576,562 LinkedIn accounts that listed their current employer as Apple Inc. In late September 2022, KrebsOnSecurity warned about the proliferation of fake LinkedIn profiles for Chief Information Security Officer (CISO) roles at some of the world’s largest corporations.

Accountability 322

Accountability Cryptocurrency Scams CISO 322

Krebs on Security

OCTOBER 20, 2023

In an interview with KrebsOnSecurity, Okta’s Deputy Chief Information Security Officer Charlotte Wylie said Okta initially believed that BeyondTrust’s alert on Oct. Maiffret said BeyondTrust followed up with Okta on Oct. 2 was not a result of a breach in its systems. But she said that by Oct.

Social Engineering 362

Social Engineering Engineering Accountability Hacking 362