Zero Day

JUNE 22, 2025

As cybercrime is global problem, it can be extremely difficult for law enforcement to prosecute the perpetrators.  The attacker may conduct surveillance first, mapping a network to find the most valuable resources or to discover potential pathways to jump into other systems.

Passwords

Krebs on Security

NOVEMBER 26, 2024

However, this person’s identity may not remain a secret for long: A careful review of Kiberphant0m’s daily chats across multiple cybercrime personas suggests they are a U.S. A surveillance photo of Connor Riley Moucka, a.k.a. On June 20, 2023, Vars_Secc posted a sales thread on the cybercrime forum Ramp 2.0

DDOS

Zero Day

JUNE 20, 2025

As cybercrime is global problem, it can be extremely difficult for law enforcement to prosecute the perpetrators.  The attacker may conduct surveillance first, mapping a network to find the most valuable resources or to discover potential pathways to jump into other systems.

Passwords

Security Affairs

MARCH 2, 2025

from Bybit, it is the largest cryptocurrency heist ever International Press Newsletter Cybercrime Mining Company NioCorp Loses $500,000 in BEC Hack Inside Black Bastas Exposed Internal Chat Logs: A Firsthand Look The Bleeding Edge of Phishing: darcula-suite 3.0

Cybercrime

Security Affairs

MAY 25, 2025

Silent Ransom Group targeting law firms, the FBI warns Leader of Qakbot cybercrime network indicted in U.S. Every week the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. local government networks U.S.

Data breaches

Security Affairs

DECEMBER 22, 2024

BadBox rapidly grows, 190,000 Android devices infected Romanian national was sentenced to 20 years in prison for his role in NetWalker ransomware attacks Sophos fixed critical vulnerabilities in its Firewall product U.S. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Data breaches

Security Affairs

JANUARY 14, 2022

German multinational defense contractor Hensoldt confirmed to that some of its systems were infected by Lorenz ransomware. Hensoldt, a multinational defense contractor, confirmed that some of its UK subsidiary’s systems were infected with Lorenz ransomware. Ransom demands have been quite high, between $500.000 and $700.000.

Ransomware

Security Affairs

SEPTEMBER 23, 2023

The City of Dallas revealed that the Royal ransomware gang that hit the city system in May used a stolen account. In May 2023, a ransomware attack hit the IT systems at the City of Dallas , Texas. CBS News Texas obtained an image the ransomware note dropped by the malware on the infected systems. ” reads the report.

Ransomware

Security Affairs

MAY 1, 2023

Researchers at the Lookout Threat Lab have discovered a new Android surveillance spyware, dubbed BouldSpy, that was used by the Law Enforcement Command of the Islamic Republic of Iran (FARAJA). However, much of the victim data points to its broader usage, which indicates targeted surveillance efforts towards minorities within Iran.”

Surveillance

Security Affairs

JUNE 10, 2022

The Vice Society group has claimed responsibility for the ransomware attack that hit the Italian city of Palermo forcing the IT admins to shut down its infrastructure. The Vice Society ransomware group has claimed responsibility for the recent cyber attack that hit the city of Palermo in the South of Italy.

Ransomware

Security Affairs

FEBRUARY 10, 2022

Spyware are powerful weapons in the arsenal of governments and cybercrime gangs. Pegasus is probably the most popular surveillance software on the market, it has been developed by the Israeli NSO Group. The surveillance business is growing in the dark and is becoming very dangerous. Is the Pegasus spyware as a game-changer?

Spyware

Security Affairs

SEPTEMBER 3, 2023

ransomware builder used by multiple threat actors Cisco fixes 3 high-severity DoS flaws in NX-OS and FXOS software Cybercrime Unpacking the MOVEit Breach: Statistics and Analysis Cl0p Ups The Ante With Massive MOVEit Transfer Supply-Chain Exploit FBI, Partners Dismantle Qakbot Infrastructure in Multinational Cyber Takedown U.S.

Social Engineering

Security Affairs

NOVEMBER 26, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. million patients in the U.S.

Data breaches

Hot for Security

APRIL 5, 2021

But regular consumers are equally affected by cybercrime, directly or indirectly. A key stat: cybercrime in 2020 was marked by a visible and aggressive targeting of the human layer. A key stat: cybercrime in 2020 was marked by a visible and aggressive targeting of the human layer. Aligned efforts to capitalize on COVID-19.

Cybercrime

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware

Security Affairs

SEPTEMBER 1, 2024

CISA adds Google Chromium V8 bug to its Known Exploited Vulnerabilities catalog Young Consulting data breach impacts 954,177 individuals BlackByte Ransomware group targets recently patched VMware ESXi flaw CVE-2024-37085 US offers $2.5M reward for Belarusian man involved in mass malware distribution U.S.

Surveillance

Security Affairs

JANUARY 7, 2024

Experts spotted a new macOS Backdoor named SpectralBlur linked to North Korea Merck settles with insurers regarding a $1.4

Artificial Intelligence

Security Affairs

NOVEMBER 25, 2021

The PowerShortShell stealer is also used for Telegram surveillance and gathering system information from infected systems. “The adversary might be tied to Iran’s Islamic regime since the Telegram surveillance usage is typical of Iran’s threat actors like Infy, Ferocious Kitten, and Rampant Kitten. fn= hxxp://hr.dedyn.io/upload2.aspx

Surveillance

Security Affairs

DECEMBER 10, 2023

Will Enable Mass Spying Reddit Says Leaked U.S.-U.K. billion personal records compromised by data breaches in past two years — underscoring need for end‑to‑end encryption Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter)

Data breaches

Security Affairs

SEPTEMBER 24, 2023

0-days exploited by commercial surveillance vendor in Egypt PREDATOR IN THE WIRES OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes Cybersecurity Apple and Google Are Introducing New Ways to Defeat Cell Site Simulators, But Is it Enough?

Cyber Attacks

CyberSecurity Insiders

SEPTEMBER 2, 2022

Hospital authorities suggest that LockBit ransomware hackers were involved in the incident and the negotiations were being conducted to gain time to track down the criminals. Interestingly, the hospital authorities have disclosed that they will not pay any ransom to the cyber criminals and will instead recover data from a backup plan.

Surveillance

Malwarebytes

OCTOBER 11, 2021

Police take a piece out of a ransomware gang , but won’t say which one Neiman Marcus data breach affects millions Windows 11 is out. Last week on Malwarebytes Labs. Does Cybersecurity Awareness Month actually improve security? Is it any good for security?

Surveillance

Security Affairs

DECEMBER 15, 2024

CISA adds Cleo Harmony, VLTrader, and LexiCom flaw to its Known Exploited Vulnerabilities catalog German agency BSI sinkholed a botnet of 30,000 devices infected with BadBox U.S.

Firewall

Security Affairs

MARCH 28, 2024

In 2023, the researchers attributed a combined total of 48 out of 58 zero-day vulnerabilities to commercial surveillance vendors (CSVs) and government espionage actors, while 10 zero-day flaws were attributed to financially motivated actors. The researchers also tracked at least four ransomware groups exploiting four zero-day vulnerabilities.

Government

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5%

Spyware

Security Affairs

APRIL 17, 2022

Please vote for Security Affairs as the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS Vote for me in the sections “The Underdogs – Best Personal (non-commercial) Security Blog” and “The Tech Whizz – Best Technical Blog” and others of your choice.

Data breaches

Security Affairs

JANUARY 16, 2022

US NCSC and DoS share best practices against surveillance tools Swiss army asks its personnel to use the Threema instant-messaging app Russian submarines threatening undersea cables, UK defence chief warns. Threat actors stole $18.7M Threat actors stole $18.7M Threat actors stole $18.7M Follow me on Twitter: @securityaffairs and Facebook.

Surveillance

Security Affairs

SEPTEMBER 3, 2022

users China-linked APT40 used ScanBox Framework in a long-running espionage campaign Russian streaming platform Start discloses a data breach impacting 7.5M users China-linked APT40 used ScanBox Framework in a long-running espionage campaign Russian streaming platform Start discloses a data breach impacting 7.5M Pierluigi Paganini.

Data breaches

Security Affairs

JULY 30, 2023

Now Abyss Locker also targets VMware ESXi servers Russian APT BlueBravo targets diplomatic entities with GraphicalProton backdoor CoinsPaid blames North Korea-linked APT Lazarus for theft of $37M worth of cryptocurrency Monitor Insider Threats but Build Trust First Zimbra fixed actively exploited zero-day CVE-2023-38750 in ZCS DepositFiles exposed (..)

Surveillance

Security Affairs

AUGUST 29, 2021

LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCs Memorial Health System forced to cancel surgeries after ransomware attack Google discloses unpatched Microsoft WFP Default Rules AppContainer Bypass EoP. Be sure it is up to date! Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Spyware

Security Affairs

APRIL 16, 2023

New Android malicious library Goldoson found in 60 apps +100M downloads Siemens Metaverse exposes sensitive corporate data CISA adds bugs in Android and Novi Survey to its Known Exploited Vulnerabilities catalog Volvo retailer leaks sensitive files A cyberattack on the Cornwall Community Hospital in Ontario is causing treatment delays Google fixed (..)

Data breaches

Security Affairs

APRIL 19, 2020

April 14 – Crooks target Healthcare facilities involved in Coronavirus containment with Ransomware. Syrian-linked APT group SEA recently used COVID-19-themed lures as part of a long-running surveillance campaign, security researchers warn. Below a list of attacks detected this week.

Scams

Security Affairs

DECEMBER 10, 2019

Experts spotted a new piece of the Snatch ransomware that reboots computers it infects into Safe Mode to bypass resident security solutions. Researchers discovered a new strain of the Snatch ransomware that reboots computers it infects into Safe Mode to bypass resident security solutions and encrypt files on the system.

Ransomware

Security Affairs

JULY 24, 2022

released in Dark Web – malicious shortcut-based attacks are on the rise Tor Browser 11.5 is optimized to automatically bypass censorship A massive cyberattack hit Albania Watch out for the CVE-2022-30136 Windows NFS Remote Code Execution flaw Graff paid a $7.5M released in Dark Web – malicious shortcut-based attacks are on the rise Tor Browser 11.5

Spyware

Malwarebytes

SEPTEMBER 27, 2021

Insecure Hikvision security cameras can be taken over remotely MSHTML attack targets Russian state rocket centre and interior ministry Italian mafia cybercrime sting leads to 100+ arrests How to clear your cache Microsoft exchange autodiscover flaw reveals users’ passwords Parents and teachers believe digital surveillance of kids outweighs risks SonicWall (..)

Surveillance

Security Affairs

MARCH 26, 2023

If you want to also receive for free the newsletter with the international press subscribe here.

Data breaches

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware