Krebs on Security

JUNE 17, 2020

Central Intelligence Agency produced in the wake of a mammoth data breach in 2016 that led to Wikileaks publishing thousands of classified documents stolen from the agency’s offensive cyber operations division. A redacted portion of the CIA’s report on the Wikileaks breach. ” -CIA’s Wikileaks Task Force.

Data breaches 305

Data breaches Security Awareness Surveillance Media 305

Security Affairs

MAY 6, 2023

Twitter confirmed that a security incident publicly exposed Circle tweets FBI seized other domains used by the shadow eBook library Z-Library WordPress Advanced Custom Fields plugin XSS exposes +2M sites to attacks Fortinet fixed two severe issues in FortiADC and FortiOS Pro-Russia group NoName took down multiple France sites, including the French (..)

Data breaches 90

Data breaches Malware Mobile Spyware 90

CyberSecurity Insiders

SEPTEMBER 10, 2021

Cybersecurity firm Resecurity has confirmed that a hacker/s have breached the systems related to United Nations leading to the data breach. Gene Yoo, the CEO of Resecurity says that organizations such as UN are likely to be hit by a cyber attack as they have data that has immense value on the dark web.

Cyber Attacks 134

Cyber Attacks Surveillance Encryption Data breaches 134

Security Affairs

MAY 14, 2023

Nominate Pierluigi Paganini and Security Affairs here here: [link] Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. ransom Dragon Breath APT uses double-dip DLL sideloading strategy International Press Cybercrime San Bernardino County pays $1.1-million

Data breaches 84

Data breaches DDOS Artificial Intelligence Ransomware 84

Security Affairs

APRIL 2, 2023

LockBit leaks data stolen from the South Korean National Tax Service Italy’s Data Protection Authority temporarily blocks ChatGPT over privacy concerns CISA adds bugs exploited by commercial surveillance spyware to Known Exploited Vulnerabilities catalog Hackers are actively exploiting a flaw in the Elementor Pro WordPress plugin Cyber Police of Ukraine (..)

Spyware 80

Spyware Surveillance Artificial Intelligence Data breaches 80

Security Affairs

FEBRUARY 19, 2023

If you want to also receive for free the newsletter with the international press subscribe here.

DDOS 78

DDOS Data breaches Surveillance Ransomware 78

Security Affairs

SEPTEMBER 3, 2022

Google rolled out emergency fixes to address actively exploited Chrome zero-day Samsung discloses a second data breach this year The Prynt Stealer malware contains a secret backdoor.

Data breaches 63

Data breaches Malware Surveillance Ransomware 63

Security Affairs

APRIL 16, 2023

hacking tools and electronics A new round of the weekly SecurityAffairs newsletter arrived!

Data breaches 68

Data breaches Spyware Retail Surveillance 68

Security Affairs

JULY 19, 2021

Pegasus Project investigation into the leak of 50,000 phone numbers of potential surveillance targets revealed the abuse of NSO Group’s spyware. Pegasus Project is the name of a large-scale investigation into the leak of 50,000 phone numbers of potential surveillance targets that revealed the abuse of NSO Group’s spyware.

Spyware 108

Spyware Government Surveillance Media 108

Security Affairs

NOVEMBER 26, 2023

million patients in the U.S.

Data breaches 81

Data breaches Surveillance Cryptocurrency Ransomware 81

Malwarebytes

FEBRUARY 28, 2024

In late January 2024, the ThreatDown Managed Detection and Response (MDR) team found and stopped a three-month long malware campaign against a Managed Service Provider (MSP) based in Europe. Almost immediately after onboarding the MSP in mid-January, the ThreatDown MDR team found extensive evidence of an ongoing malware campaign.

Malware 83

Malware DNS Surveillance Backups 83

Schneier on Security

MARCH 5, 2020

To do so, they are using a variety of digital communications and surveillance systems. By hacking these systems and corrupting medical data, states with formidable cybercapabilities can change and manipulate data right at the source. That vulnerability should be deeply concerning.

Surveillance 338

Surveillance Hacking Government Risk 338

Security Affairs

MARCH 26, 2023

NCA infiltrates the cybercriminal underground with fake DDoS-for-hire sites Pwn2Own Vancouver 2023 awarded $1,035,000 and a Tesla for 27 0-days CISA announced the Pre-Ransomware Notifications initiative China-linked hackers target telecommunication providers in the Middle East City of Toronto is one of the victims hacked by Clop gang using GoAnywhere (..)

Data breaches 73

Data breaches DDOS Backups Ransomware 73

Security Affairs

DECEMBER 10, 2023

billion personal records compromised by data breaches in past two years — underscoring need for end‑to‑end encryption Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter) Will Enable Mass Spying Reddit Says Leaked U.S.-U.K.

Data breaches 83

Data breaches Ransomware Hacking Financial Services 83

Security Affairs

NOVEMBER 24, 2019

CVE-2019-2234 flaws in Android Camera Apps exposed millions of users surveillance. Hackers leak 2TB of Data From Cayman National Bank stolen by Phineas Fisher. Payment solutions giant Edenred announces malware infection. Russian author of NeverQuest banking malware gets 4 Years in U.S. Pierluigi Paganini.

Data breaches 83

Data breaches Wireless Banking Advertising 83

Security Affairs

FEBRUARY 11, 2024

Gov imposes visa restrictions on individuals misusing Commercial Spyware HPE is investigating claims of a new security breach Experts warn of a surge of attacks targeting Ivanti SSRF flaw How to hack the Airbus NAVBLUE Flysmart+ Manager Crooks stole $25.5

Spyware 86

Spyware Surveillance Identity Theft DDOS 86

Security Affairs

FEBRUARY 14, 2021

COMB breach: 3.2B COMB breach: 3.2B COMB breach: 3.2B If you want to also receive for free the international press subscribe here. Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Spyware 84

Spyware Phishing Data breaches Surveillance 84

Security Affairs

APRIL 17, 2022

Gov believes North Korea-linked Lazarus APT is behind Ronin Validator cyber heist The unceasing action of Anonymous against Russia Threat actors target the Ukrainian gov with IcedID malware Threat actors use Zimbra exploits to target organizations in Ukraine Conti Ransomware Gang claims responsibility for the Nordex hack ZingoStealer crimeware released (..)

Wireless 71

Wireless Data breaches Hacking Surveillance 71

Security Affairs

AUGUST 7, 2022

Greek intelligence service used surveillance malware to spy on a journalist, Reuters reports Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes Twitter confirms zero-day used to access data of 5.4 Pierluigi Paganini. SecurityAffairs – hacking, newsletter).

Spyware 115

Spyware Manufacturing Small Business Surveillance 115

Security Affairs

JUNE 26, 2022

SecurityAffairs awarded as Best European Personal Cybersecurity Blog 2022 Crooks are using RIG Exploit Kit to push Dridex instead of Raccoon stealer Flagstar Bank discloses a data breach that impacted 1.5

Small Business 74

Small Business Spyware Data breaches Surveillance 74

Security Affairs

AUGUST 29, 2021

Be sure it is up to date! LPE zero-day flaw in Razer Synapse allows attackers to take over Windows PCs Memorial Health System forced to cancel surgeries after ransomware attack Google discloses unpatched Microsoft WFP Default Rules AppContainer Bypass EoP.

Spyware 101

Spyware Data breaches Surveillance Hacking 101

SecureWorld News

NOVEMBER 30, 2023

Consequences of browser-focused cybercrime Hackers are able to utilize browser vulnerabilities to install malware and spyware on devices, steal login credentials for other services, extract sensitive user data, and maintain persistence inside systems.

Spyware 86

Spyware Surveillance Malware Risk 86

Security Affairs

SEPTEMBER 23, 2023

CBS News Texas obtained an image the ransomware note dropped by the malware on the infected systems. MILES/CBS NEWS TEXAS The Royal ransomware group is behind the attack and threatens to publish stolen data if the City will not meet its ransom demand. ” reads the report. ” continues the report.

Ransomware 97

Ransomware Surveillance Healthcare Accountability 97

Security Affairs

JULY 15, 2023

Government agencies SonicWall urges organizations to fix critical flaws in GMS/Analytics products Citrix fixed a critical flaw in Secure Access Client for Ubuntu Cl0p hacker operating from Russia-Ukraine war front line – exclusive Fortinet fixed a critical flaw in FortiOS and FortiProxy Microsoft mitigated an attack by Chinese threat actor Storm-0558 (..)

Spyware 85

Spyware Hacking Data breaches Mobile 85

Security Affairs

SEPTEMBER 24, 2023

0-days exploited by commercial surveillance vendor in Egypt PREDATOR IN THE WIRES OilRig’s Outer Space and Juicy Mix: Same ol’ rig, new drill pipes Cybersecurity Apple and Google Are Introducing New Ways to Defeat Cell Site Simulators, But Is it Enough?

Cyber Attacks 78

Cyber Attacks Firewall Data breaches Telecommunications 78

Security Affairs

FEBRUARY 13, 2022

to replace Chinese equipment Hackers breached a server of National Games of China days before the event Russian Gamaredon APT is targeting Ukraine since October Israeli surveillance firm QuaDream emerges from the dark Argo CD flaw could allow stealing sensitive data from Kubernetes Apps. US seizes $3.6 US seizes $3.6

Spyware 68

Spyware Surveillance Ransomware Hacking 68

Security Affairs

APRIL 23, 2023

Abandoned Eval PHP WordPress plugin abused to backdoor websites CISA adds MinIO, PaperCut, and Chrome bugs to its Known Exploited Vulnerabilities catalog At least 2 critical infrastructure orgs breached by North Korea-linked hackers behind 3CX attack American Bar Association (ABA) suffered a data breach,1.4

Spyware 68

Spyware Ransomware Malware Data breaches 68

Security Affairs

JULY 18, 2021

Biden discussed Russian ransomware gangs with Putin in a phone call Hackers accessed Mint Mobile subscribers data and ported some numbers Magecart hackers hide stolen credit card data into images and bogus CSS files Kaseya releases patches for flaws exploited in massive ransomware supply-chain attack BIOPASS malware abuses OBS Studio to spy on victims (..)

Spyware 54

Spyware Surveillance Ransomware Retail 54

Security Affairs

AUGUST 4, 2019

Sonicwall warns of a spike in the number of attacks involving encrypted malware and IoT malware. Capital One data breach: hacker accessed details of 106M customers before its arrest. LAPD data breach exposes personal info of thousands of officers. Malware researchers analyzed an intriguing Java ATM Malware.

Data breaches 60

Data breaches eCommerce Hacking Malware 60

Malwarebytes

OCTOBER 11, 2021

Police take a piece out of a ransomware gang , but won’t say which one Neiman Marcus data breach affects millions Windows 11 is out. Android malware pretends to be a security update. Last week on Malwarebytes Labs. Does Cybersecurity Awareness Month actually improve security? Is it any good for security?

Surveillance 65

Surveillance Data breaches Ransomware Cybercrime 65

Security Affairs

SEPTEMBER 1, 2019

Hostinger disclosed a data breach that affects 14 Million customers. Internal Revenue Service warns taxpayers of a malware campaign. Binance says that leaked KYC Data are from third-party vendor. Nemty Ransomware, a new malware appears in the threat landscape. Imperva data Breach: WAF customers data exposed.

eCommerce 47

eCommerce Data breaches Malware Advertising 47

Security Affairs

APRIL 12, 2020

hacked, data of 600k users available for sale Updated: Italian email provider Email.it supports the Secure Boot Fake Cisco ‘Critical Update used in phishing campaign to steal WebEx credentials Hackers accessed staff mailboxes at Italian bank Monte dei Paschi SFO discloses data breach following the hack of 2 of its websites.

Hacking 85

Hacking Advertising Surveillance Phishing 85

Security Affairs

JULY 24, 2022

released in Dark Web – malicious shortcut-based attacks are on the rise Tor Browser 11.5 is optimized to automatically bypass censorship A massive cyberattack hit Albania Watch out for the CVE-2022-30136 Windows NFS Remote Code Execution flaw Graff paid a $7.5M released in Dark Web – malicious shortcut-based attacks are on the rise Tor Browser 11.5

Spyware 85

Spyware Surveillance Insurance Malware 85

Security Affairs

JUNE 10, 2022

Sispi (Palermo Innovazione System), which is the municipal company that is responsible for the technical management of the municipal IT and telematic system of the Municipality of Palermo, confirmed the ransomware attack a few days later, but at this time it doesn’t confirm the data breach.

Ransomware 101

Ransomware Data breaches Cyber Attacks Surveillance 101

Security Affairs

AUGUST 11, 2019

Houston County Schools in Alabama delayed the school years opening due to a malware attack. Poshmark, the social commerce marketplace, discloses a data breach. GermanWiper, a data-wiping malware that is targeting Germany. StockX hacked, customers data offered for sale on the dark web.

Data breaches 50

Data breaches Adware Small Business Advertising 50

Security Affairs

MAY 2, 2022

IoT devices can spy on people, steal data, or bring down vast swathes of the internet, as happened in 2016 when Mirai malware infiltrated devices such as baby monitors and refrigerators and locked them into a botnet for the Dyn cyberattack. Out-of-date software or hardware or a supply network attack can allow malware onto a server.

IoT 122

IoT Cybersecurity VPN Internet 122

Security Affairs

NOVEMBER 3, 2019

UniCredit bank discloses a data breach that impacted 3 million of Italian clients. Network Solutions data breach – hacker accessed data of more 22 Million accounts. WhatsApp sued Israeli surveillance firm NSO Group and its parent Q Cyber Technologies. Raccoon info stealer already infected 100,000+ worldwide.

Data breaches 42

Data breaches Cyber Attacks Telecommunications Advertising 42