Cybercrime, Event, Hacking and Information Security

Cybercriminals launched “Leaksmas” event in the Dark Web exposing massive volumes of leaked PII and compromised data

Security Affairs

DECEMBER 28, 2023

This widespread geographical distribution of “Free Leaksmas” event highlights the extensive global reach and severe impact of these cybercriminal activities.

Identity Theft

Identity Theft Data breaches Government Hacking

Cactus ransomware gang claims the Schneider Electric hack

Security Affairs

JANUARY 30, 2024

The ransomware identifies user accounts by viewing successful logins in Windows Event Viewer, it also uses a modified variant of the open-source PSnmap Tool. In early January, the Cactus ransomware group claimed to have hacked Coop, one of the largest retail and grocery providers in Sweden.

Ransomware

Ransomware Hacking Data breaches Digital transformation

Malware campaign hides a shellcode into Windows event logs

Security Affairs

MAY 7, 2022

Experts spotted a malware campaign that is the first one using a technique of hiding a shellcode into Windows event logs. In February 2022 researchers from Kaspersky spotted a malicious campaign using a novel technique that consists of hiding the shellcode in Windows event logs. SecurityAffairs – hacking, Windows event logs).

Malware

Malware Encryption Hacking Cybersecurity

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Pwn2Own Toronto 2022 hacking competition. Samsung S22 hacked

Security Affairs

DECEMBER 7, 2022

The Pwn2Own Toronto 2022 hacking competition has begun, this is the 10th anniversary of the consumer-focused version of the contest. The news of the Samsung Galaxy S22 hack on the first day of Pwn2Own Toronto 2022 made the headlines. SecurityAffairs – hacking, Pwn2Own Toronto 2022). Pierluigi Paganini.

Hacking

Hacking Wireless Mobile Data breaches

Ransomware gangs target companies involved in time-sensitive financial events, FBI warns

Security Affairs

NOVEMBER 2, 2021

The FBI warns of ransomware attacks on businesses involved in “time-sensitive financial events” such as corporate mergers and acquisitions. Ransomware gangs target these companies because there is a high likelihood that they will pay the ransom to avoid the impact of the disclosure of sensitive data during these events.

Ransomware

Ransomware Hacking Accountability Cybercrime

Pwn2Own 2020 Day1 -researchers earned $180K for hacking Windows, Ubuntu, and macOS

Security Affairs

MARCH 19, 2020

During the first day of the Pwn2Own 2020 hacking competition, participants earned a total of $180,000 for exploits targeting Windows 10, Ubuntu Desktop and macOS. ” reads the official page of the event. The hack exploits an improper input validation bug. Below the schedule of the day2 of the event: 1000 – Phi Ph?m

Hacking

Hacking Advertising Cybercrime Software

Security Affairs newsletter Round 452 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 31, 2023

INC RANSOM ransomware gang claims to have breached Xerox Corp Spotify music converter TuneFab puts users at risk Cyber attacks hit the Assembly of the Republic of Albania and telecom company One Albania Russia-linked APT28 used new malware in a recent phishing campaign Clash of Clans gamers at risk while using third-party app New Version of Meduza (..)

Artificial Intelligence

Artificial Intelligence Cyber Attacks Malware Ransomware

Hackers exploited WordPress Popup Builder plugin flaw to compromise 3,300 sites

Security Affairs

MARCH 11, 2024

Threat actors are hacking WordPress sites by exploiting a vulnerability, tracked as CVE-2023-6000, in old versions of the Popup Builder plugin. “These injections serve as handlers for various Popup Builder events such as sgpb-ShouldOpen , sgpb-ShouldClose , sgpb-WillOpen , sgpbDidOpen , sgpbWillClose , sgpb-DidClose.

Malware

Malware Hacking Cybercrime Information Security

Law enforcement operation seized Ragnar Locker group’s infrastructure

Security Affairs

OCTOBER 19, 2023

This is an important achievement in the fight against cybercrime. Both FBI and Europol declined to comment on the events. The police on Thursday seized the Tor negotiation and data leak sites. More details are expected to be released tomorrow.

Ransomware

Ransomware Financial Services Cybercrime Manufacturing

BlackCat claims the hack of the Casepoint legal technology platform used by US agencies

Security Affairs

JUNE 1, 2023

The BlackCat ransomware gang claims to have hacked the Casepoint legal technology platform used US agencies, including SEC and FBI. ” In the event that the security breach is verified, it is reasonable to speculate that the ransomware group might have compromised sensitive and possibly classified information.

Technology

Technology Hacking Ransomware Manufacturing

Brokewell Android malware supports an extensive set of Device Takeover capabilities

Security Affairs

APRIL 27, 2024

Brokewell malware supports “accessibility logging,” it records any device events such as touches, swipes, displayed information, text input, and opened applications. The experts explained that potentially all applications on the device are vulnerable to data compromise as Brokewell logs every event.

Malware

Malware Spyware Authentication Mobile

City of Wichita disclosed a data breach after the recent ransomware attack

Security Affairs

MAY 17, 2024

These files contained law enforcement incident and traffic information, which include names, Social Security numbers, driver’s license or state identification card numbers, and payment card information.” ” reads the Notice of Data Event updated on May 14, 2024.

Data breaches

Data breaches Ransomware Hacking Cybercrime

Okta says 375 customers impacted by the hack, but Lapsus$ gang says it is lying

Security Affairs

MARCH 23, 2022

The gang announced the alleged hack through its Telegram channel and shared a series of screenshots as proof of the hack. Security Breach Management. a) Notification: In the event of a Security Breach, Okta notifies impacted customers of such Security Breach. SecurityAffairs – hacking, Okta).

Hacking

Hacking Engineering Passwords Data breaches

The Netherlands declares war on ransomware operations

Security Affairs

OCTOBER 8, 2021

A broad explanation of this threat is included in the Cyber Security Assessment Netherlands (CSBN) 2021, which was shared with the Chamber in June by the Minister of Justice and Security. Security Security Agenda (NCSA) and the integrated approach to cybercrime.” SecurityAffairs – hacking, cyber security).

Ransomware

Ransomware Cybercrime Government Cyber Attacks

FBI and CISA warn of attacks by Rhysida ransomware gang

Security Affairs

NOVEMBER 15, 2023

wevtutil.exe A standard Windows Event Utility tool used to view event logs. Rhysida actors used this tool to clear a significant number of Windows event logs, including system, application, and security logs [ T1070.001 ]. AnyDesk also supports remote file transfer.

Ransomware

Ransomware Manufacturing Healthcare Education

FBI chief says China is preparing to attack US critical infrastructure

Security Affairs

APRIL 19, 2024

agencies fear the possibility that these actors could gain access to the networks of critical infrastructure to cause disruptive effects in the event of potential geopolitical tensions and/or military conflicts.

Energy and Utilities

Energy and Utilities Telecommunications Technology VPN

LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

Security Affairs

DECEMBER 4, 2023

This ominous cyber-event sent shockwaves through the $26 trillion U.S. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Industrial & Commercial Bank of China) trillion under management. Treasury market.

Ransomware

Ransomware Banking Financial Services Marketing

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Security Affairs

MAY 14, 2023

ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches

Data breaches DDOS Artificial Intelligence Ransomware

Dolly.com pays ransom, attackers release data anyway

Security Affairs

NOVEMBER 9, 2023

Attackers posted details about the Dolly.com hack on a notorious Russian-language forum, typically employed by ransomware operators and stolen data traders. Moreover, all 95 AWS S3 bucket names that were hacked and belonged to Dolly.com, including backups, were attached within the post. The attackers felt the sum was insufficient.

Ransomware

Ransomware Hacking Backups Accountability

A week later, Manchester United has yet to recover after a cyberattack

Security Affairs

NOVEMBER 27, 2020

Although this is a sophisticated operation by organised cyber criminals, the club has extensive protocols and procedures in place for such an event and had rehearsed for this eventuality. The club notifies the British authotities about the incident, including the Information Commissioner’s Office. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Cybercrime Malware Hacking

The dark web drug marketplace PIILOPUOTI was dismantled by Finnish Customs

Security Affairs

SEPTEMBER 20, 2023

This event, restricted to law enforcement, will bring together over 180 investigators from across the world to discuss the latest criminal trends and developments on the dark web.” ” reads the press release published by Europol.

Encryption

Encryption Hacking Cybersecurity Cybercrime

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

Security Affairs

MAY 19, 2023

The Lemon Group cybercrime ring has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. A cybercrime group tracked has Lemon Group has reportedly pre-installed malware known as Guerilla on almost 9 million Android devices. The plugin also hijacks WhatsApp sessions to send unwanted messages.

Mobile

Mobile Advertising Malware Cybercrime

BlackMatter ransomware gang is shutting down due to pressure from law enforcement

Security Affairs

NOVEMBER 3, 2021

The news of the shutdown comes after two major events that have taken place over the past two weeks. The decision of the gang comes after the recent announcement of closer collaboration of US and Russian authorities in curbing cybercriminal organizations based in Russia, such as the FIN7 cybercrime gang. Pierluigi Paganini.

Ransomware

Ransomware Cybercrime Healthcare Encryption

Okta reveals additional attackers’ activities in October 2023 Breach

Security Affairs

NOVEMBER 29, 2023

The threat actor was able to use these session tokens to hijack the legitimate Okta sessions of 5 customers, 3 of whom have shared their own response to this event.” The three customers who shared their own responses to the event are Cloudflare, 1Password , and BeyondTrust.

Social Engineering

Social Engineering Authentication Engineering Accountability

Healthcare provider Ardent Health Services disclosed a ransomware attack

Security Affairs

NOVEMBER 28, 2023

. “Ardent Health Services and its affiliated entities (“Ardent”) became aware of an information technology cybersecurity incident on the morning of November 23, 2023, which has since been determined to be a ransomware attack.” ” reads the notice of security incident published by the company.

Healthcare

Healthcare Ransomware Technology Internet

“My Slice”, an Italian adaptive phishing campaign

Security Affairs

JANUARY 22, 2024

Attackers often exploit current events or emergency situations to elicit emotional responses and induce victims to act hastily without carefully evaluating the legitimacy of the communications. He is also the author of the book “La Gestione della Cyber Security nella Pubblica Amministrazione”.

Phishing

Phishing Education Social Engineering Media

See Tickets discloses data breach, customers’ credit card data exposed

Security Affairs

OCTOBER 26, 2022

“See Tickets was alerted to activity indicating potential unauthorized access by a third party to certain event checkout pages on the See Tickets website in April 2021. “On September 12, 2022, we determined the event may have resulted in unauthorized access to the payment card information of certain of our customers.

Data breaches

Data breaches Banking Malware Hacking

GhostTouch: how to remotely control touchscreens with EMI

Security Affairs

MAY 27, 2022

The researchers demonstrated how to inject two types of basic touch events, taps and swipes, into targeted locations of the touchscreen. The events allowed the researchers to control the devices (i.e. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. To nominate, please visit:?.

Authentication

Authentication Passwords Hacking Software

Vice Society gang is using a custom PowerShell tool for data exfiltration

Security Affairs

APRIL 17, 2023

Unit42 researchers were able to recover the script from the Windows Event Log (WEL). The script identifies any mounted drives on the target system by using Windows Management Instrumentation (WMI) , then iterates through the identified drives to prepare data exfiltration via HTTP POST events using the object’s.UploadFile method.

Ransomware

Ransomware Backups Education Media

Researcher leaked Conti’s internal chat messages in response to its support to Russia

Security Affairs

FEBRUARY 28, 2022

Researchers from cybersecurity firm Hold Security confirmed that the researcher was able to access the database XMPP chat server of the Conti group. BREAKING: @HoldSecurity tells me Conti's systems have been infiltrated by cybercrime researchers for some time. SecurityAffairs – hacking, Conti Ransomware). Pierluigi Paganini.

Digital transformation

Digital transformation Ransomware Cybercrime Banking

UK Home Office is ignoring the risk of ‘catastrophic ransomware attacks,’ report warns

Security Affairs

DECEMBER 13, 2023

in the likely event of a massive, catastrophic ransomware attack, the failure to rise to meet this challenge will rightly be seen as an inexcusable strategic failure.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Home Office) Beckett added.

Ransomware

Ransomware Risk Government Cyber threats

Bank of America customer data compromised after a third-party services provider data breach

Security Affairs

FEBRUARY 13, 2024

the Maine Attorney General’s Office, Bank of America noted that it cannot determine “with certainty what personal information was accessed” during the attack. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – Hacking, Bank of America)

Data breaches

Data breaches Banking Identity Theft Ransomware

Delaware County, Pennsylvania, opted to pay 500K ransom to DoppelPaymer gang

Security Affairs

NOVEMBER 30, 2020

We commenced an immediate investigation that included taking certain systems offline and working with computer forensic specialists to determine the nature and scope of the event. SecurityAffairs – hacking, DoppelPaymer). Pierluigi Paganini.

Computers and Electronics

Computers and Electronics Ransomware Insurance Cybercrime

The Hacker Mind Podcast: Hacking Diversity

ForAllSecure

APRIL 7, 2021

That’s why Tennisha Martin founded Black Girls Hack , an organization designed to help the next generation receive the skills and experience they need to land jobs in the C-suites, and perhaps begin to address the acute shortage of infosec professionals with qualified people of color. For many, though, that isn’t true.

Hacking

Hacking InfoSec Cybersecurity Engineering

The Hacker Mind Podcast: Hacking Diversity

ForAllSecure

APRIL 7, 2021

That’s why Tennisha Martin founded Black Girls Hack , an organization designed to help the next generation receive the skills and experience they need to land jobs in the C-suites, and perhaps begin to address the acute shortage of infosec professionals with qualified people of color. For many, though, that isn’t true.

Hacking

Hacking InfoSec Cybersecurity Engineering

National intelligence agency of Moldova warns of Russia attacks ahead of the presidential election

Security Affairs

MARCH 7, 2024

Russia’s propaganda will extensively use social networks and instant messaging platforms to spread a false narrative about the events. Follow me on Twitter: @securityaffairs and Facebook Pierluigi Paganini ( SecurityAffairs – hacking, Russia) ” reported The Record Media.

DDOS

DDOS Government Phishing Advertising

Feb 27- Mar 05 Ukraine – Russia the silent cyber conflict

Security Affairs

MARCH 6, 2022

This post provides a timeline of the events related to the Russia invasion of Ukraine from the cyber security perspective. March 5 – Anonymous #OpRussia Thousands of sites hacked, data leaks and more. Below is the timeline of the events related to the previous weeks: [link]. SecurityAffairs – hacking, Ukraine).

DDOS

DDOS Ransomware Government Phishing

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 30, 2020

FIND which devices are making vulnerable connections by monitoring event logs. The IT giant urged Windows administrators to install the released security updates as soon as possible. SecurityAffairs – hacking, Windows). ADDRESS non-compliant devices making vulnerable connections. Pierluigi Paganini.

Authentication

Authentication Advertising Architecture Cybercrime

Security Affairs newsletter Round 383

Security Affairs

SEPTEMBER 11, 2022

SecurityAffairs – hacking, newsletter). The post Security Affairs newsletter Round 383 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Data breaches

Data breaches Ransomware Phishing Malware

Report Reveals Top Cyber Threats, Trends of 2023 First Half

SecureWorld News

JUNE 13, 2023

"While many of these attack trends are troubling, there are a number of things organizations can do to reduce their risk, such as investing in security awareness programs, updating security protocols, working with trusted partners to address vulnerabilities, and partnering with an MDR vendor."

Cyber threats

Cyber threats Malware Phishing Penetration Testing

FBI warns of the consequences of telephony denial-of-service (TDoS) attacks

Security Affairs

FEBRUARY 21, 2021

The public can protect themselves in the event that 911 is unavailable by identifying in advance non-emergency phone numbers and alternate ways to request emergency services in their area.” Have non-emergency contact numbers for fire, rescue, and law enforcement readily available in the event of a 911 outage. Pierluigi Paganini.

Media

Media Hacking Risk Cybercrime

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

Security Affairs

OCTOBER 19, 2023

This is the 11th edition of the annual report and analyzes events that took place between July 2022 and July 2023. appeared first on Security Affairs. The Europen Agency for cybersecurity ENISA releases its ENISA Threat Landscape 2023 (ETL) report , which is the annual analysis of the state of the cybersecurity threat landscape.

Social Engineering

Social Engineering Artificial Intelligence Engineering Ransomware

Hitachi Energy breached by Clop gang through GoAnywhere Zero-Day exploitation

Security Affairs

MARCH 17, 2023

Hitachi Energy disclosed a data breach, the company was hacked by the Clop ransomware gang that stole its data by exploiting the recently disclosed zero-day vulnerability in the GoAnywhere MFT (Managed File Transfer). At this time, the Clops ransomware group only added the bank and the data security firm to the list of victims.

Data breaches

Data breaches Ransomware Banking Data privacy

Cybercriminals launched “Leaksmas” event in the Dark Web exposing massive volumes of leaked PII and compromised data

Cactus ransomware gang claims the Schneider Electric hack

Webinars

Trending Sources

Malware campaign hides a shellcode into Windows event logs

Webinars

Pwn2Own Toronto 2022 hacking competition. Samsung S22 hacked

Ransomware gangs target companies involved in time-sensitive financial events, FBI warns

Pwn2Own 2020 Day1 -researchers earned $180K for hacking Windows, Ubuntu, and macOS

Security Affairs newsletter Round 452 by Pierluigi Paganini – INTERNATIONAL EDITION

Hackers exploited WordPress Popup Builder plugin flaw to compromise 3,300 sites

Law enforcement operation seized Ragnar Locker group’s infrastructure

BlackCat claims the hack of the Casepoint legal technology platform used by US agencies

Brokewell Android malware supports an extensive set of Device Takeover capabilities

City of Wichita disclosed a data breach after the recent ransomware attack

Okta says 375 customers impacted by the hack, but Lapsus$ gang says it is lying

The Netherlands declares war on ransomware operations

Top 2023 Security Affairs cybersecurity stories

FBI and CISA warn of attacks by Rhysida ransomware gang

FBI chief says China is preparing to attack US critical infrastructure

LockBit on a Roll – ICBC Ransomware Attack Strikes at the Heart of the Global Financial Order

Security Affairs newsletter Round 419 by Pierluigi Paganini – International edition

Dolly.com pays ransom, attackers release data anyway

A week later, Manchester United has yet to recover after a cyberattack

The dark web drug marketplace PIILOPUOTI was dismantled by Finnish Customs

Lemon Group gang pre-infected 9 million Android devices for fraudulent activities

BlackMatter ransomware gang is shutting down due to pressure from law enforcement

Okta reveals additional attackers’ activities in October 2023 Breach

Healthcare provider Ardent Health Services disclosed a ransomware attack

“My Slice”, an Italian adaptive phishing campaign

See Tickets discloses data breach, customers’ credit card data exposed

GhostTouch: how to remotely control touchscreens with EMI

Vice Society gang is using a custom PowerShell tool for data exfiltration

Researcher leaked Conti’s internal chat messages in response to its support to Russia

UK Home Office is ignoring the risk of ‘catastrophic ransomware attacks,’ report warns

Bank of America customer data compromised after a third-party services provider data breach

Delaware County, Pennsylvania, opted to pay 500K ransom to DoppelPaymer gang

The Hacker Mind Podcast: Hacking Diversity

The Hacker Mind Podcast: Hacking Diversity

National intelligence agency of Moldova warns of Russia attacks ahead of the presidential election

Feb 27- Mar 05 Ukraine – Russia the silent cyber conflict

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

Security Affairs newsletter Round 383

Report Reveals Top Cyber Threats, Trends of 2023 First Half

FBI warns of the consequences of telephony denial-of-service (TDoS) attacks

THE 11TH EDITION OF THE ENISA THREAT LANDSCAPE REPORT IS OUT!

Hitachi Energy breached by Clop gang through GoAnywhere Zero-Day exploitation

Stay Connected