Authentication, Hacking and Information

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Hacking

Hacking Accountability Government Social Engineering

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

Krebs on Security

FEBRUARY 26, 2025

government officials searched online for non-extradition countries and for an answer to the question “can hacking be treason?” Among those was AT&T , which disclosed in July that cybercriminals had stolen personal information and phone and text message records for roughly 110 million people nearly all of its customers. .

Hacking

Hacking Government Identity Theft Accountability

DeepSeek database exposed highly sensitive information

Security Affairs

JANUARY 30, 2025

. “This database contained a significant volume of chat history, backend data and sensitive information, including log streams, API Secrets, and operational details.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, DeepSeek ) ” concludes the report.

Authentication

Authentication Passwords Hacking Risk

Authentication bypass CVE-2025-22230 impacts VMware Windows Tools

Security Affairs

MARCH 26, 2025

Broadcom addressed a high-severity authentication bypass vulnerability, tracked as CVE-2025-22230, in VMware Tools for Windows. Broadcom released security updates to address a high-severity authentication bypass vulnerability, tracked as CVE-2025-22230 (CVSS score 9.8), impacting VMware Tools for Windows. ” reads the advisory.

Authentication

Authentication Hacking Technology Information Security

Broadcom fixed information disclosure flaws in VMware Aria Operations

Security Affairs

JANUARY 31, 2025

is an information disclosure vulnerability in VMware Aria Operations for Logs.A is an information disclosure vulnerability. is an authentication bypass vulnerability in VMware Aria Operations for Logs. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,VMware)

Authentication

Authentication Hacking Cybersecurity Information Security

Crime Shop Sells Hacked Logins to Other Crime Shops

Krebs on Security

JANUARY 21, 2022

All of the credentials being sold by Accountz provide access to services that in turn sell access to stolen information or hijacked property, as in the case of “bot shops” that resell access to infected computers. What’s more, relatively few cybercrime shops online offer their users any sort of multi-factor authentication.

Hacking

Hacking Cybercrime Authentication Passwords

Three Top Russian Cybercrime Forums Hacked

Krebs on Security

MARCH 4, 2021

Over the past few weeks, three of the longest running and most venerated Russian-language online forums serving thousands of experienced cybercriminals have been hacked. “Initial analysis of the leaked data pointed to its probable authenticity, as at least a portion of the leaked user records correlated with our own data holdings.”

Cybercrime

Cybercrime Hacking Passwords Accountability

Subaru Starlink flaw allowed experts to remotely hack cars

Security Affairs

JANUARY 25, 2025

The duo found Subaru’s admin panel hosted on a subdomain, allowing password resets for employee accounts without confirmation, bypassing two-factor authentication. Researchers used the valid employee email to reset the password, bypass two-factor authentication, and gain access to the panels functionality. ” wrote Curry.

Hacking

Hacking Accountability Authentication Passwords

Latest on the SVR’s SolarWinds Hack

Schneier on Security

JANUARY 5, 2021

The New York Times has an in-depth article on the latest information about the SolarWinds hack (not a great name, since it’s much more far-reaching than that). There is also no indication yet that any human intelligence alerted the United States to the hacking.

Hacking

Hacking System Administration Software Surveillance

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking

Hacking Cybercrime Phishing Passwords

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

The missive bore the name of the hotel and referenced details from their reservation, claiming that booking.com’s anti-fraud system required additional information about the customer before the reservation could be finalized. One post last month on the Russian-language hacking forum BHF offered up to $5,000 for each hotel account.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. The targeted SMS scams asked employees to click a link and log in at a website that mimicked their employer’s Okta authentication page.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

Security Affairs

APRIL 10, 2025

No OCI service has been interrupted or compromised in any way,” Last week, Oracle confirmed a data breach and started informing customers while downplaying the impact of the incident. The hacker has published 10,000 customer records, a file showing Oracle Cloud access, user credentials, and an internal video as proof of the hack.

Hacking

Hacking Data breaches Encryption Authentication

DOGE as a National Cyberattack

Schneier on Security

FEBRUARY 13, 2025

For example, the Treasury Department systems contain the technical blueprints for how the federal government moves money, while the Office of Personnel Management (OPM) network contains information on who and what organizations the government employs and contracts with. To address these vulnerabilities, three immediate steps are essential.

Government

Government Artificial Intelligence Banking Software

How to Lose a Fortune with Just One Bad Click

Krebs on Security

DECEMBER 18, 2024

A scammer called using a real Google phone number to warn his Gmail account was being hacked, sent email security alerts directly from google.com, and ultimately seized control over the account by convincing him to click “yes” to a Google prompt on his mobile device.

Cryptocurrency

Cryptocurrency Accountability Authentication Phishing

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

Media coverage understandably focused on GoDaddy’s admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group. But both SMS and app-based codes can be undermined by phishing attacks that simply request this information in addition to the user’s password.

Hacking

Hacking Social Engineering Phishing Scams

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

Krebs on Security

AUGUST 6, 2020

The source, who asked not to be identified in this story, said he’s been monitoring the group’s communications for several weeks and sharing the information with state and federal authorities in a bid to disrupt their fraudulent activity. state and federal treasuries via phony loan applications with the U.S.

Accountability

Accountability Identity Theft Hacking Insurance

More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days

Security Affairs

NOVEMBER 21, 2024

Threat actors already hacked thousands of Palo Alto Networks firewalls exploiting recently patched zero-day vulnerabilities. CVE-2024-0012 is a vulnerability in Palo Alto Networks PAN-OS that allows unauthenticated attackers with network access to the management web interface to bypass authentication and gain administrator privileges.

Firewall

Firewall Hacking VPN Cybersecurity

Internet Archive was breached twice in a month

Security Affairs

OCTOBER 21, 2024

The Internet Archive was breached again, attackers hacked its Zendesk email support platform through stolen GitLab authentication tokens. Hunt will add the information of the impacted users to HIBP very soon. Hunt also verified the authenticity of the information included in the stolen archive.

Internet

Internet Internet Data breaches Authentication

A flaw in the W3 Total Cache plugin exposes hundreds of thousands of WordPress sites to attacks

Security Affairs

JANUARY 19, 2025

A WordPress W3 Total Cache plugin vulnerability could allow attackers to access information from internal services, including metadata on cloud-based apps. The vulnerability allows authenticated attackers with Subscriber access to exploit a missing capability check, leading to information disclosure.

Consumer Services

Consumer Services Authentication Hacking

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

Federal Bureau of Investigation (FBI) to build cyber and physical threat information sharing partnerships with the private sector, this week saw its database of contact information on more than 80,000 members go up for sale on an English-language cybercrime forum. InfraGard , a program run by the U.S.

Hacking

Hacking Cybercrime Energy and Utilities Accountability

Zoom addressed two high-severity issues in its platform

Security Affairs

NOVEMBER 13, 2024

Zoom addressed six flaws, including two high-severity issues that could allow remote attackers to escalate privileges or leak sensitive information. Two of these vulnerabilities, tracked as CVE-2024-45421 and CVE-2024-45419, are high-severity issues that remote attackers could exploit to escalate privileges or leak sensitive information.

Authentication

Authentication Mobile Hacking Information Security

Bybit Hack: $1.46 Billion Crypto Heist Points to North Korea's Lazarus Group

SecureWorld News

FEBRUARY 26, 2025

Well-known crypto researcher ZachXBT reached the same conclusion as Elliptic, sharing his analysis on X: Lazarus Group just connected the Bybit hack to the Phemex hack directly on-chain commingling funds from the intial theft address for both incidents. Farronato further emphasized that immediate and decisive action is necessary.

Hacking

Hacking Cryptocurrency Cyber threats Malware

Internet Archive data breach impacted 31M users

Security Affairs

OCTOBER 11, 2024

Starting from Wednesday, the website archive.org was displaying a message informing visitors that it was hacked. Internet Archive hacked. Hunt will add the information of the impacted users to HIBP very soon. Hunt also verified the authenticity of the information included in the stolen archive.

Data breaches

Data breaches Internet Internet DDOS

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Krebs on Security

FEBRUARY 4, 2021

Facebook told KrebsOnSecurity it seized hundreds of accounts — mainly on Instagram — that have been stolen from legitimate users through a variety of intimidation and harassment tactics, including hacking, coercion, extortion, sextortion , SIM swapping , and swatting. THE MIDDLEMEN. WHAT YOU CAN DO.

Accountability

Accountability Hacking Media Mobile

Silent Ransom Group targeting law firms, the FBI warns

Security Affairs

MAY 24, 2025

“The cyber threat actor Silent Ransom Group (SRG), also known as Luna Moth, Chatty Spider, and UNC3753, is targeting law firms using information technology (IT) themed social engineering calls, and callback phishing emails, to gain remote access to systems or devices and steal sensitive data to extort the victims.”

Social Engineering

Social Engineering Antivirus Phishing Engineering

SK Telecom revealed that malware breach began in 2022

Security Affairs

MAY 20, 2025

In April, SK Telecom reported that threat actors gained access to USIM-related information for customers following a malware attack. Upon discovering the infection, the company promptly reported it to the Korea Internet & Security Agency (KISA) on Sunday, April 20, sanitized the impacted systems, and isolated the suspected hacking device.

Malware

Malware Mobile Data breaches Wireless

What’s most interesting about the Florida water system hack? That we heard about it at all.

Krebs on Security

FEBRUARY 10, 2021

. “It’s a difficult thing to get organizations to report cybersecurity incidents,” said Michael Arceneaux , managing director of the Water ISAC , an industry group that tries to facilitate information sharing and the adoption of best practices among utilities in the water sector. Information sharing is broken.”

Hacking

Hacking Media Cybersecurity Ransomware

US Government officials targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. officials

Security Affairs

MAY 17, 2025

Access to personal or official accounts operated by US officials could be used to target other government officials, or their associates and contacts, by using trusted contact information they obtain.” Always confirm authenticity before responding, and contact security officials or the FBI if uncertain.

Government

Government Social Engineering Authentication Accountability

Turn on MFA Before Crooks Do It For You

Krebs on Security

JUNE 19, 2020

Hundreds of popular websites now offer some form of multi-factor authentication (MFA), which can help users safeguard access to accounts when their password is breached or stolen. Dennis soon learned the unauthorized Gmail address added to his son’s hacked Xbox account also had enabled MFA.

Authentication

Authentication Accountability Passwords Mobile

Hacking Grindr Accounts with Copy and Paste

Troy Hunt

OCTOBER 2, 2020

I asked for technical detail so I could validated the authenticity of his claim and the info duly arrived. He wanted help in disclosing what he believed was a serious security vulnerability and clearly, he was hitting a brick wall. On a surface of it, things looked bad: complete account takeover with a very trivial attack.

Accountability

Accountability Hacking Passwords InfoSec

VMware fixes high-severity SQL injection flaw CVE-2024-38814 in HCX

Security Affairs

OCTOBER 17, 2024

The vulnerability is an authenticated SQL injection vulnerability in HCX, it was privately reported to VMware by Sina Kheirkhah (@SinSinology) of Summoning Team (@SummoningTeam) through the Trend Micro Zero Day Initiative (ZDI). “An authenticated SQL injection vulnerability in HCX was privately reported to VMware. and 4.10.1.

Authentication

Authentication Mobile Hacking Information Security

Palo Alto Networks fixed multiple privilege escalation flaws

Security Affairs

JUNE 14, 2025

The most severe vulnerability, tracked as CVE-2025-4232 (CVSS score of 7.1), is an authenticated code injection through wildcard on macOS. The company also addressed a PAN-OS Authenticated Admin Command Injection Vulnerability, tracked as CVE-2025-4231 (CVSS score of 6.1), in the Management Web Interface. ” reads the advisory.

Authentication

Authentication Hacking Software Risk

Instagram Hacked: Steps to Prevent Data Breaches

Hacker's King

DECEMBER 28, 2024

Data breaches and account hacks are a growing concern for users, especially with the personal and professional information shared on the platform. If youre worried about your Instagram account being hacked , it's essential to take proactive steps to protect your data. Revoke access to any app you no longer use or trust.

Data breaches

Data breaches Hacking Passwords Accountability

EDR-as-a-Service makes the headlines in the cybercrime landscape

Security Affairs

APRIL 7, 2025

These falsely obtained credentials enable cyber criminals to successfully mimic a real-world investigation by inducing platform operators to provide extremely sensitive information. FROM ACCOUNT THEFT TO A FULL-FLEDGED SERVICE: THE EVOLUTION OF THE MODEL The phenomenon has rapidly upgraded complexity, as detailed in the Meridian Group report.

Cybercrime

Cybercrime Social Engineering Accountability Government

SonicWall warns of an exploitable SonicOS vulnerability

Security Affairs

JANUARY 8, 2025

SonicWall warns customers to address an authentication bypass vulnerability in its firewall’s SonicOS that is “susceptible to actual exploitation.” For more information about disabling firewall SSLVPN access, see: how-can-i-setup-ssl-vpn.” ” “We have identified a high (CVE Score 8.2)

Firewall

Firewall Firmware VPN Authentication

Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites

Security Affairs

APRIL 22, 2025

Japan s Financial Services Agency (FSA) warns of hundreds of millions in unauthorized trades linked to hacked brokerage accounts. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Japan) from fake websites (phishing sites) disguised as websites of real securities companies.”

Financial Services

Financial Services Passwords Accountability Antivirus

Roundcube Webmail under fire: critical exploit found after a decade

Security Affairs

JUNE 4, 2025

allows remote code execution by authenticated users because the _from parameter in a URL is not validated in program/actions/settings/upload.php, leading to PHP Object Deserialization.” This vulnerability allows authenticated users to execute arbitrary commands via PHP object deserialization. x before 1.6.11

Authentication

Authentication Risk Hacking Technology

Citrix addressed NetScaler console privilege escalation flaw

Security Affairs

FEBRUARY 20, 2025

The company pointed out that only authenticated users with existing access to the NetScaler Console can exploit this vulnerability. “The issue arises due to inadequate privilege management and could be exploited by an authenticated malicious actor to execute commands without additional authorization. NetScaler Console 14.1

Authentication

Authentication Software Hacking Information Security

Storm-2372 used the device code phishing technique since August 2024

Security Affairs

FEBRUARY 16, 2025

Storm-2372s targets during this time have included government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas in Europe, North America, Africa, and the Middle East.” ” continues the report.

Phishing

Phishing Authentication Telecommunications Accountability

F5 fixed a high-severity elevation of privilege vulnerability in BIG-IP

Security Affairs

OCTOBER 20, 2024

An authenticated attacker, with Manager role privileges or higher, could exploit the vulnerability CVE-2024-45844 to elevate privileges and compromise the BIG-IP system. “An authenticated attacker may exploit this vulnerability by storing malicious HTML or JavaScript code in the BIG-IQ user interface.

Authentication

Authentication Hacking Technology Information Security

Palo Alto Networks warns of potential RCE in PAN-OS management interface

Security Affairs

NOVEMBER 8, 2024

The cybersecurity firm states that it does not have sufficient information about any indicators of compromise. Cybersecurity and Infrastructure Security Agency (CISA) added a Palo Alto Expedition Missing Authentication Vulnerability, tracked as CVE-2024-5910 , to its Known Exploited Vulnerabilities (KEV) catalog.

Firewall

Firewall Authentication Internet Internet

FBI Hacker Dropped Stolen Airbus Data on 9/11

Krebs on Security

SEPTEMBER 13, 2023

In December 2022, KrebsOnSecurity broke the news that a cybercriminal using the handle “ USDoD ” had infiltrated the FBI ‘s vetted information sharing network InfraGard , and was selling the contact information for all 80,000 members. USDoD’s avatar used to be the seal of the U.S. Department of Defense.

Cybercrime

Cybercrime Passwords Authentication Malware

Election season raises fears for nearly a third of people who worry their vote could be leaked

Malwarebytes

OCTOBER 15, 2024

Broadly, Malwarebytes found that: 74% of people “consider US election season a risky time for personal information.” Distrust in political ads is broad—62% said they “disagree” or “strongly disagree” that the information they receive in US election-related ads is trustworthy. The reasons could be obvious.

Scams

Scams Identity Theft Cybercrime Accountability

FBI: Spike in Hacked Police Emails, Fake Subpoenas

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

Trending Sources

DeepSeek database exposed highly sensitive information

Authentication bypass CVE-2025-22230 impacts VMware Windows Tools

Broadcom fixed information disclosure flaws in VMware Aria Operations

Crime Shop Sells Hacked Logins to Other Crime Shops

Three Top Russian Cybercrime Forums Hacked

Subaru Starlink flaw allowed experts to remotely hack cars

Latest on the SVR’s SolarWinds Hack

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Booking.com Phishers May Leave You With Reservations

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

DOGE as a National Cyberattack

How to Lose a Fortune with Just One Bad Click

When Low-Tech Hacks Cause High-Impact Breaches

Hacked Data Broker Accounts Fueled Phony COVID Loans, Unemployment Claims

More than 2,000 Palo Alto Networks firewalls hacked exploiting recently patched zero-days

Internet Archive was breached twice in a month

A flaw in the W3 Total Cache plugin exposes hundreds of thousands of WordPress sites to attacks

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Zoom addressed two high-severity issues in its platform

Bybit Hack: $1.46 Billion Crypto Heist Points to North Korea's Lazarus Group

Internet Archive data breach impacted 31M users

Facebook, Instagram, TikTok and Twitter Target Resellers of Hacked Accounts

Silent Ransom Group targeting law firms, the FBI warns

SK Telecom revealed that malware breach began in 2022

What’s most interesting about the Florida water system hack? That we heard about it at all.

US Government officials targeted with texts and AI-generated deepfake voice messages impersonating senior U.S. officials

Turn on MFA Before Crooks Do It For You

Hacking Grindr Accounts with Copy and Paste

VMware fixes high-severity SQL injection flaw CVE-2024-38814 in HCX

Palo Alto Networks fixed multiple privilege escalation flaws

Instagram Hacked: Steps to Prevent Data Breaches

EDR-as-a-Service makes the headlines in the cybercrime landscape

SonicWall warns of an exploitable SonicOS vulnerability

Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites

Roundcube Webmail under fire: critical exploit found after a decade

Citrix addressed NetScaler console privilege escalation flaw

Storm-2372 used the device code phishing technique since August 2024

F5 fixed a high-severity elevation of privilege vulnerability in BIG-IP

Palo Alto Networks warns of potential RCE in PAN-OS management interface

FBI Hacker Dropped Stolen Airbus Data on 9/11

Election season raises fears for nearly a third of people who worry their vote could be leaked

Stay Connected