Security Affairs

JANUARY 4, 2025

“ Flax Typhoon is a China-linked hacking group that has been active since 2021, it targets critical infrastructure globally, exploiting vulnerabilities for persistent access. According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. critical infrastructure sectors.“

Cybersecurity 126

Cybersecurity IoT Hacking Technology 126

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. and its allies for hacking activities in July. Wall Street Journal reported.

Mobile 116

Mobile Telecommunications Data breaches Hacking 116

Security Affairs

JANUARY 21, 2025

.” Below is the list of flaws discovered by the researchers: CVE-2024-37602 CVE-2024-37600 CVE-2024-37603 CVE-2024-37601 CVE-2023-34406 CVE-2023-34397 CVE-2023-34398 CVE-2023-34399 CVE-2023-34400 CVE-2023-34401 CVE-2023-34402 CVE-2023-34403 CVE-2023-34404 The details for each of the above flaws will be published here: [link].

Software 135

Software Architecture Media Engineering 135

Security Affairs

FEBRUARY 10, 2025

Hewlett Packard Enterprise (HPE) has begun notifying individuals affected by a December 2023 attack carried out by Russia-linked threat actors. Hewlett Packard Enterprise has started notifying individuals whose personal information was exposed in a December 2023 cyber attack. reads a Form 8-K filing with the SEC.

Accountability 66

Accountability Passwords Cybersecurity Marketing 66

Security Affairs

APRIL 29, 2025

Google tracked 75 zero-day flaws exploited in 2024, down from 98 in 2023, according to its Threat Intelligence Group’s latest analysis. In 2024, Google tracked 75 exploited zero-day vulnerabilities, down from 98 in 2023 but up from 63 in 2022. In 2023, 37% of zero-day vulnerabilities targeted enterprise products.”

Surveillance 111

Surveillance Mobile Software Hacking 111

Security Affairs

NOVEMBER 15, 2024

“Ilya Lichtenstein was sentenced today to five years in prison for his involvement in a money laundering conspiracy arising from the hack and theft of approximately 120,000 bitcoin from Bitfinex, a global cryptocurrency exchange.” Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex.

Cryptocurrency 108

Cryptocurrency Hacking Government Accountability 108

The Last Watchdog

JULY 7, 2023

Budapest, Hungary, July 07, 2023 — Silent Signal, a leading technology provider of state-of-the-art ethical hacking services and solutions, discovered and reported a vulnerability to IBM, that has been confirmed and identified under CVE-2023-30990. Affected product(s) and version(s) are IBM i 7.2, IBM i 7.3, and IBM i 7.5

Architecture 179

Architecture Hacking Media Government 179

Security Affairs

OCTOBER 12, 2024

Since April 2021, Russian state-sponsored hackers have exploited vulnerabilities, including Zimbra’s CVE-2022-27924 for injecting commands to access credentials and emails, and JetBrains TeamCity’s CVE-2023-42793 for arbitrary code execution through an authentication bypass.

Data collection 139

Data collection Authentication Hacking Government 139

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. Matveyev faces charges under Russian law for creating programs designed to destroy, block, modify, or copy data, or bypass computer security measures.

Ransomware 121

Ransomware Healthcare Hacking Malware 121

Security Affairs

APRIL 13, 2025

In 2023, Loretto Hospital experienced another data security incident. On January 19, 2023, a former employee misappropriated security camera footage of a limited number of patients and posted it on Facebook. The exposed information consisted of security camera footage of a small number of patients.

Data breaches 131

Data breaches Unstructured Data Identity Theft Healthcare 131

Security Affairs

OCTOBER 16, 2024

. “Finnish customs has closed the web servers of the Sipulitie marketplace, which has been operating on the Tor network since 2023, in cooperation with the Swedish police, and confiscated their contents. The darknet market has been active since February 2023, it was used by criminals to sell narcotics anonymously.

Marketing 124

Marketing Cybercrime Scams Hacking 124

Security Affairs

DECEMBER 3, 2024

In March 2023, Reuters reported that the phone of an opposition-linked Polish mayor was infected with the Pegasus spyware. The news of the hack was reported by the Gazeta Wyborcza daily, and unfortunately, it isn’t the first time that the Pegasus spyware was used in the country. ” reported TechCrunch.

Spyware 121

Spyware Government Surveillance Hacking 121

Security Affairs

DECEMBER 19, 2024

Fortinet warns of a patched FortiWLM vulnerability that could allow admin access and sensitive information disclosure. Fortinet warned of a now-patched Wireless LAN Manager (FortiWLM) vulnerability, tracked as CVE-2023-34990 (CVSS score of 9.6), that could lead to admin access and sensitive information disclosure. through 8.6.5

Wireless 108

Wireless Authentication Healthcare Education 108

Security Affairs

MAY 13, 2025

In March 2023, Europol announced that an international operation conducted by law enforcement in Germany and Ukraine, with the help of the US FBI and the Dutch police, targeted two key figures of the DoppelPaymer ransomware group. The Europol states that in the US, victims payed at least 40 million euros between May 2019 and March 2021.

Ransomware 110

Ransomware Cybercrime Malware Banking 110

Security Affairs

NOVEMBER 21, 2024

The cybercrime group Scattered Spider is suspected of hacking into hundreds of organizations over the past two years, including Twilio , LastPass , DoorDash , and Mailchimp. Between September 2021 and April 2023, the hackers carried out phishing attacks to steal login credentials from employees of 12 companies and individuals.

Cybercrime 113

Cybercrime Identity Theft Cryptocurrency Phishing 113

Security Affairs

APRIL 30, 2025

. “The analyses of the TTPs used during APT28 campaigns since 2021 and the recommendations published in October of 2023 remain relevant and may be consulted on the website of the CERT-FR” APT28’s attack chain begins with phishing and brute-force attacks, along with zero-day exploitation (e.g. CVE-2023-23397 ).

Government 117

Government Phishing DNS VPN 117

Security Affairs

FEBRUARY 26, 2025

Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS and Palo Alto PAN-OS vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, CISA )

Authentication 105

Authentication Hacking Cybersecurity Risk 105

Security Affairs

FEBRUARY 4, 2025

Netgear addressed two critical vulnerabilities, internally tracked as PSV-2023-0039 and PSV-2021-0117 , impacting multiple WiFi router models and urged customers to install the latest firmware. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, NETGEAR )

Firmware 113

Firmware Authentication Hacking Information Security 113

Security Affairs

DECEMBER 17, 2024

In March 2023, Lumen Black Lotus Labs researchers uncovered a sophisticated campaign called HiatusRAT that infected over 100 edge networking devices globally. Starting in mid-June through August 2023, Black Lotus Labs observed multiple newly compiled versions of the HiatusRAT malware discovered in the wild.

Architecture 111

Architecture Internet Internet Malware 111

Security Affairs

JANUARY 31, 2025

In October 2024, VMware warned customers of the availability of a proof-of-concept (PoC) exploit code for another authentication bypass vulnerability, tracked as CVE-2023-34051 , in VMware Aria Operations for Logs (formerly known as vRealize Log Insight). The vulnerability CVE-2023-34051 (CVSS score 8.1)

Authentication 108

Authentication Hacking Cybersecurity Information Security 108

Security Affairs

DECEMBER 23, 2024

The decision stems from a March 2023 investigation and aligns with the EDPB’s guidance on AI-driven services and personal data processing. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,ChatGPT) ” reads the press release published by Italy’s Garante.

Artificial Intelligence 109

Artificial Intelligence Data collection Data breaches Hacking 109

Security Affairs

OCTOBER 14, 2024

The Bohemia marketplace ceased operations in late 2023 due to service disruptions, while its members suspected an exit scams of a rogue developer. At the time of its shut down, Bohemia hosted 82,000 daily ads and handled around 67,000 transactions monthly, with a turnover of €12 million in September 2023 alone.

Marketing 130

Marketing Cybercrime DDOS Cryptocurrency 130

Security Affairs

FEBRUARY 13, 2025

“ Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Russia)

Telecommunications 111

Telecommunications DNS Passwords Hacking 111

Security Affairs

MAY 22, 2024

The digital imaging products manufacturer OmniVision disclosed a data breach after the 2023 ransomware attack. In 2023, OmniVision employed 2,200 people and had an annual revenue of $1.4 In 2023, the imaging sensors manufacturer was the victim of a Cactus ransomware attack. OmniVision Technologies Inc.

Data breaches 137

Data breaches Ransomware Manufacturing Encryption 137

Security Affairs

MAY 15, 2024

An international law enforcement operation coordinated by the FBI led to the seizure of the notorious BreachForums hacking forum. BreachForums is a cybercrime forum used by threat actors to purchase, sell, and exchange stolen data, including credentials, and personal and financial information. In March 2023, U.S.

Hacking 138

Hacking Cybercrime Information Security 138

Security Affairs

NOVEMBER 13, 2024

In May 2023, Microsoft reported that the Volt Typhoon APT infiltrated critical infrastructure organizations in the U.S. In December 2023, the Black Lotus Labs team at Lumen Technologies linked a small office/home office (SOHO) router botnet, tracked as KV-Botnet to the operations of China-linked threat actor Volt Typhoon.

VPN 126

VPN Government Malware Manufacturing 126

Security Affairs

APRIL 9, 2025

The confidentiality and integrity of the OCCs information security systems are paramount to fulfilling its mission, said Acting Comptroller of the Currency Rodney E. security team the day before had notified OCC about unusual network behavior, according to the draft letter.” The review process is still ongoing. OCC on Feb.

Accountability 127

Accountability Banking Information Security Hacking 127

Security Affairs

MARCH 8, 2025

” The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. Patch and device management: Keep devices, including IoT devices, regularly patched with the most recent update.

Ransomware 133

Ransomware IoT Encryption Passwords 133

Security Affairs

OCTOBER 11, 2024

OpenAI disrupted 20 cyber and influence operations in 2023, revealing Iran and China-linked actors used ChatGPT for planning ICS attacks. Rather than using advanced hacking techniques, they exploited systems with default credentials to compromise target networks.

Malware 139

Malware Social Engineering Engineering Hacking 139

Security Affairs

NOVEMBER 26, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Array Networks AG and vxAG ArrayOS flaw to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added the Array Networks AG and vxAG ArrayOS flaw CVE-2023-28461 (CVSS score: 9.8)

VPN 114

VPN Authentication Hacking Cybersecurity 114

Security Affairs

JULY 5, 2024

The New York Times revealed that OpenAI suffered a security breach in 2023, but the company says source code and customer data were not compromised. OpenAI suffered a security breach in 2023, the New York Times reported.

Artificial Intelligence 144

Artificial Intelligence Technology Risk Hacking 144

Krebs on Security

AUGUST 27, 2024

” Those third-party reports came in late June 2024 from Michael Horka , senior lead information security engineer at Black Lotus Labs , the security research arm of Lumen Technologies , which operates one of the global Internet’s largest backbones. victims and one non-U.S. In January 2024, the U.S. ”

Internet 339

Internet Internet Technology Engineering 339

Security Affairs

FEBRUARY 19, 2025

Introduced in December 2014 (OpenSSH 6.8p1), this flaw remained active, with FreeBSD enabling VerifyHostKeyDNS by default from 2013 to 2023, increasing exposure. Introduced in August 2023 (before OpenSSH 9.5p1), the attack can be mitigated on servers using LoginGraceTime, MaxStartups, and PerSourcePenalties settings.

Authentication 125

Authentication System Administration DNS Hacking 125

Security Affairs

FEBRUARY 27, 2025

Belgian authorities are investigating Chinese hackers for breaching its State Security Service (VSSE), stealing 10% of emails from 2021 to May 2023. The Belgian federal prosecutor’s office is probing a possible security breach on its State Security Service (VSSE) by China-linked threat actors.

Malware 74

Malware Hacking Government Phishing 74

Security Affairs

MARCH 28, 2024

Google’s Threat Analysis Group (TAG) and Mandiant reported a surge in the number of actively exploited zero-day vulnerabilities in 2023. In 2023, Google (TAG) and Mandiant discovered 29 out of 97 vulnerabilities exploited in the wild. ” continues the report.

Government 141

Government Surveillance Ransomware Cybercrime 141

Security Affairs

DECEMBER 3, 2024

The ‘Bootkitty’ Linux UEFI bootkit exploits the LogoFAIL flaws (CVE-2023-40238) to target systems using vulnerable firmware. Researchers from firmware security firm Binarly now report that Bootkitty Linux UEFI bootkit exploits the LogoFAIL flaw CVE-2023-40238 to compromise systems running on vulnerable firmware.

Firmware 109

Firmware Manufacturing Malware Authentication 109

Security Affairs

JANUARY 11, 2025

An international law enforcement operation conducted by the Netherlands Financial Intelligence and Investigative Service, Finlands National Bureau of Investigation, and the FBI led to the seizure of Sinbad.ios infrastructure in November 2023. on November 27, 2023. Wible, head of the Justice Department’s Criminal Division.

Cybercrime 76

Cybercrime Cryptocurrency Hacking Ransomware 76