Document, Hacking and Information Security

FBI warns of malicious free online document converters spreading malware

Security Affairs

MARCH 24, 2025

The FBI warns of a significant increase in scams involving free online document converters to infect users with malware. The FBI warns that threat actors use malicious online document converters to steal users sensitive information and infect their systems with malware. ” reads the alert. ” reads the alert.

Malware

Malware Scams Identity Theft Antivirus

8Base ransomware group hacked Croatia’s Port of Rijeka

Security Affairs

DECEMBER 7, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,ransomware) Grabovac pointed out that his organization will not pay the ransom requested by the ransomware gang.

Ransomware

Ransomware Hacking Accountability Cyber Attacks

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Security Affairs

NOVEMBER 21, 2024

Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. Today they are going to send me a report on the supposed hacking.” Stolen files allegedly include contracts, insurance, and financial documents. ” reported the Associated Press.

Government

Government Hacking Ransomware Insurance

Rhysida Ransomware gang claims the hack of the Government of Peru

Security Affairs

MAY 3, 2025

The Rhysida Ransomware gang claims the hack of the Government of Peru, the gang breached Gob.pe, the Single Digital Platform of the Peruvian State. The Rhysida ransomware gang claims responsibility for hacking the Government of Peru, breaching Gob.pe, which is the country’s official digital platform.

Government

Government Hacking Ransomware Manufacturing

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Security Affairs

FEBRUARY 2, 2025

The hacking campaign targeted 90 users and was disrupted in December, WhatsApp already alerted them of a possible compromise of their devices. WhatsApp linked the hacking campaign to Paragon, an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024. reads the court document.

Spyware

Spyware Hacking Surveillance Malware

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

In August, Gunnebo said it had successfully thwarted a ransomware attack, but this week it emerged that the intruders stole and published online tens of thousands of sensitive documents — including schematics of client bank vaults and surveillance systems. What’s more, Syrén seemed to downplay the severity of the exposure.

Hacking

Hacking Ransomware Banking Accountability

Expert used ChatGPT-4o to create a replica of his passport in just 5 minutes bypassing KYC

Security Affairs

APRIL 6, 2025

The document is realistic enough to bypass automated Know Your Customer (KYC) checks, the expert states. Experts are calling for stronger defenses, including broader use of NFC-based verification and electronic identity documents (eIDs), which offer more resilient, hardware-level authentication. ” Musielak wrote on X.

Identity Theft

Identity Theft Insurance Banking Authentication

Former CIA analyst pleaded guilty to leaking top-secret documents

Security Affairs

JANUARY 21, 2025

Rahman has access to Sensitive Compartmented Information (SCI). On October 17, 2024, Rahman stole and leaked Top-Secret documents on a U.S. The CIA analyst photographed the classified documents and transmitted them to individuals he knew were not authorized to view them. “After Oct.

Media

Media Mobile Internet Internet

Apple indeed added a feature called “inactivity reboot” in iOS 18.1 that reboots locked devices

Security Affairs

NOVEMBER 12, 2024

Law enforcement warned that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them much harder to unlock, per a document obtained by 404 Media. 404 Media obtained the document from a mobile forensics source and verified it with another source. Three iPhones running iOS 18.0

Media

Media Wireless Mobile Encryption

iPhones in a law enforcement forensics lab mysteriously rebooted losing their After First Unlock (AFU) state

Security Affairs

NOVEMBER 8, 2024

Law enforcement warns that securely stored iPhones awaiting forensic examination are mysteriously rebooting, making them much harder to unlock, per a document obtained by 404 Media. 404 Media obtained the document from a mobile forensics source and verified it with another source. security feature addition.”

Media

Media Mobile Passwords Hacking

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Security Affairs

OCTOBER 21, 2024

It provides a range of development resources, including SDKs (Software Development Kits), documentation, sample code, and learning materials for networking, security, and cloud infrastructure. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, data breach)

Cybercrime

Cybercrime Data breaches Technology Banking

Experts found rogue devices, including hidden cellular radios, in Chinese-made power inverters used worldwide

Security Affairs

MAY 18, 2025

“However, rogue communication devices not listed in product documents have been found in some Chinese solar power inverters by U.S experts who strip down equipment hooked up to grids to check for security issues, the two people said.” ” reported Reuters.

Energy and Utilities

Energy and Utilities Manufacturing Government Hacking

FBI deleted China-linked PlugX malware from over 4,200 US computers

Security Affairs

JANUARY 14, 2025

The malware was operated by a China-linked threat actor, known as Mustang Panda (aka Twill Typhoon, to steal sensitive information from victim computers. According to court documents, the Chinese government paid Mustang Panda to develop PlugX malware, used since 2014 to target U.S., European, and Asian entities. systems. .”

Malware

Malware Government Hacking Cybersecurity

Operation Secure: INTERPOL dismantles 20,000+ malicious IPs in major cybercrime crackdown

Security Affairs

JUNE 11, 2025

” As part of Operation Secure, Vietnamese police arrested 18 suspects and seized cash, SIMs, and documents tied to a scheme selling corporate accounts. Operation Secure has once again shown the power of intelligence sharing in disrupting malicious infrastructure and preventing large-scale harm to both individuals and businesses.”

Cybercrime

Cybercrime Data collection Scams Cyber threats

Black Basta ransomware gang hit BT Group

Security Affairs

DECEMBER 4, 2024

The group claimed to have stolen 500GB of data including Finacial data, Organisation data, Users data and personal documents, NDA’s, Confidential data, and more. As proof of the data breach, the group published multiple screenshots, including pictures of passports and other documents.

Ransomware

Ransomware Telecommunications Healthcare Insurance

EDR-as-a-Service makes the headlines in the cybercrime landscape

Security Affairs

APRIL 7, 2025

OPERATIONAL MANUALS AND DECEPTION STRATEGIES As further evidence of the increasing professionalization of this illicit sector, Meridian Group reports the publication of informational content designed to guide the proper use of EDR services, presented as a detailed guide on how to correctly complete and unlawfully submit the requests.

Cybercrime

Cybercrime Social Engineering Accountability Government

Hacking firm I-Soon data leak revealed Chinese gov hacking capabilities

Security Affairs

FEBRUARY 26, 2024

Recently the leak of a collection of files apparently stolen from the Chinese government hacking contractor, I-Soon, exposed Chinese hacking capabilities. Recently someone has leaked on GitHub [ 1 , 2 ] a collection of files apparently stolen from the Chinese hacking firm, I-Soon.

Hacking

Hacking Government Spyware Marketing

Ukraine’s GUR hacked the Russian Ministry of Defense

Security Affairs

MARCH 4, 2024

The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense claims that it hacked the Russian Ministry of Defense. Stolen documents include: confidential documents, including orders and reports circulated among over 2000 structural units of the Russian military service.

Hacking

Hacking Data breaches Encryption Government

New Leak Shows Business Side of China’s APT Menace

Krebs on Security

FEBRUARY 22, 2024

A new data leak that appears to have come from one of China’s top private cybersecurity firms provides a rare glimpse into the commercial side of China’s many state-sponsored hacking groups. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government

Government Hacking Cyber threats Mobile

U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

Security Affairs

DECEMBER 23, 2024

Court documents state that on October 29, 2019, plaintiffs filed this lawsuit, alleging that the defendants used WhatsApp to target approximately 1,400 mobile phones and devices to infect them with the surveillance software. ” reads the court document. WhatsApp won a legal case against NSO Group in a U.S. ” The U.S.

Spyware

Spyware Surveillance Software Hacking

Fidelity Investments suffered a second data breach this year

Security Affairs

OCTOBER 14, 2024

The company confirmed that financial data was not exposed and Fidelity customer accounts were not hacked. Fidelity Investments has informed attorney generals in various states that the attacker had created two customer accounts, which they used to obtain images of documents pertaining to Fidelity customers from an internal database.

Data breaches

Data breaches Financial Services Accountability Hacking

Nigerian man Sentenced to 26+ years in real estate phishing scams

Security Affairs

NOVEMBER 4, 2024

for phishing scams that stole millions by hacking email accounts. According to court documents, Mr. Ojelade sent phishing emails to real estate businesses, then after gaining unauthorized access to victims’ accounts monitored their email traffic to determine when large transactions were about to take place. “We

Scams

Scams Phishing Identity Theft Accountability

International Civil Aviation Organization (ICAO) and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists

Security Affairs

FEBRUARY 5, 2025

In the updated statement published by ICAO, the agency said it is actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations. ” reads the statement published by the International Civil Aviation Organization.

Data breaches

Data breaches Information Security Hacking Marketing

CEO of cybersecurity firm charged with installing malware on hospital systems

Security Affairs

APRIL 26, 2025

Security footage reportedly shows the man attempting to access multiple offices before installing malicious software designed to capture screenshots every 20 minutes and transmit them to an external IP address. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, malware )

Malware

Malware Cybersecurity Healthcare Media

Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. Russian news agency RIA Novosti, citing an anonymous source, confirmed that the arrested man is the “programmer” as Mikhail Matveev, as reported in court documents.

Ransomware

Ransomware Healthcare Hacking Malware

Serbian student activist’s phone hacked using Cellebrite zero-day exploit

Security Affairs

MARCH 3, 2025

Amnesty International documented the incident. “Amnesty Internationals Security Lab performed a forensic analysis on Vedrans Samsung Galaxy A32 to check if the device was tampered with while Vedran was detained at the police station. He refused, but his phone was taken and later returned switched off at 12:45 AM.

Hacking

Hacking Spyware Technology Surveillance

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 45

Security Affairs

MAY 11, 2025

Security Affairs Malware newsletter includes a collection of the best articles and research on malware in the international landscape iClicker site hack targeted students with malware via fake CAPTCHA New Noodlophile Stealer Distributes Via Fake AI Video Generation Platforms Backdoor found in popular ecommerce components Stealthy Linux backdoor leveraging (..)

Malware

Malware eCommerce Hacking Ransomware

U.S. CISA adds Cisco ASA and FTD, and RoundCube Webmail bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

OCTOBER 25, 2024

Cisco warned customers of password-spraying attacks that have been targeting Remote Access VPN (RAVPN) services configured on Cisco Secure Firewall devices. The company published a document containing recommendations against password spray attacks aimed at Remote Access VPN (RAVPN) services.

VPN

VPN Firewall Technology Passwords

Authorities shut down Crimenetwork, the Germany’s largest crime marketplace

Security Affairs

DECEMBER 4, 2024

Since 2012, Crimenetwork facilitated the sale of illegal goods and services, including drugs, forged documents, hacking tools, and stolen data. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, cybercrime) Source Computerworld.ch

Cybercrime

Cybercrime Cryptocurrency Hacking Internet

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Security Affairs

DECEMBER 16, 2024

“In at least two cases Amnesty International documented, the Cellebrite UFED product and associated exploits were used to covertly bypass phone security features, enabling Serbian authorities to infect the devices with NoviSpy spyware. . ” reported the Associated Press. ” concludes the report.

Spyware

Spyware Surveillance Technology Mobile

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

Security Affairs

MAY 1, 2025

“The emails had the subject Documents from 04/29/2025 and were sent from an address disguised as corporate correspondence.” ” The phishing emails employed in the campaign spotted by F6 experts has the subject Documents from 04/29/2025 and were sent from addresses mimicking corporate senders.

Malware

Malware Phishing Telecommunications Antivirus

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

The RAR archive analyzed by the Ukrainian CERT-UA contains the document Algorithm_LegalAid.xlsm.Upon opening the document and enabling the macro, a PowerShell command will be executed. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Ukraine)

Computers and Electronics

Computers and Electronics Telecommunications Malware Surveillance

CISA’s 11-Month extension ensures continuity of MITRE’s CVE Program

Security Affairs

APRIL 16, 2025

These CNAs are authorized to assign CVE IDs to vulnerabilities discovered in their respective domains, ensuring timely and accurate documentation of security issues. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,MITRE)

Government

Government Risk Cybersecurity Media

Cisco states that the second data leak is linked to the one from October

Security Affairs

DECEMBER 30, 2024

It provides a range of development resources, including SDKs (Software Development Kits), documentation, sample code, and learning materials for networking, security, and cloud infrastructure. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, data breach)

Data breaches

Data breaches Cybercrime Authentication Technology

Experts found 4 billion user records online, the largest known leak of Chinese personal data from a single source

Security Affairs

JUNE 7, 2025

Cybersecurity researcher Bob Dyachenko and the Cybernews team discovered a massive data leak in China that exposed billions of documents, including financial, WeChat, and Alipay data, likely affecting hundreds of millions. That would make this data leak the largest single-source leak of Chinese personal data ever identified.”

Surveillance

Surveillance Banking Phishing Passwords

How Interlock Ransomware Affects the Defense Industrial Base Supply Chain

Security Affairs

MAY 13, 2025

Such information will be of interest to foreign intelligence agencies, nation-state actors, and advanced espionage groups, especially during local conflicts and ongoing wars. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Interlock Ransomware)

Ransomware

Ransomware Cyber Attacks Risk Hacking

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Security Affairs

FEBRUARY 6, 2025

. “Subsequently, and using up to three different pseudonyms, he attacked international bodies and government-type organisations by accessing databases with personal information of employees and clients, as well as internal documents that were subsequently sold or freely published on forums.” ” concludes the statement.

Cybercrime

Cybercrime Government Data breaches Information Security

Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications

Security Affairs

JANUARY 8, 2024

Documents belonging to the Swiss Air Force were leaked on the dark web as a result of cyberattack on a US security provider. Documents belonging to the Swiss Air Force were leaked on the dark web after the US security company Ultra Intelligence & Communications suffered a data breach.

Hacking

Hacking Ransomware Data breaches Manufacturing

DPRK-linked BlueNoroff used macOS malware with novel persistence

Security Affairs

NOVEMBER 7, 2024

The initial attack vector is a phishing email containing a link to a malicious application disguised as a link to a PDF document relating to a cryptocurrency topic such as “Hidden Risk Behind New Surge of Bitcoin Price”, “Altcoin Season 2.0-The The Hidden Gems to Watch” and “New Era for Stablecoins and DeFi, CeFi”.

Malware

Malware Architecture Risk Cryptocurrency

Ukraine’s intelligence service hacked Russia’s Federal Air Transport Agency, Rosaviatsia

Security Affairs

NOVEMBER 27, 2023

Ukraine’s intelligence service announced the hack of the Russian Federal Air Transport Agency, ‘Rosaviatsia.’ ’ Ukraine’s intelligence service announced they have hacked Russia’s Federal Air Transport Agency, ‘Rosaviatsia.’ ” reads the announcement. ” reads the announcement.

Hacking

Hacking Engineering Government Manufacturing

Medusa ransomware gang claims the hack of Toyota Financial Services

Security Affairs

NOVEMBER 17, 2023

Toyota Financial Services discloses unauthorized activity on systems after the Medusa ransomware gang claimed to have hacked the company. Medusa Toyota has set the deadline for November 26 and has published a sample of the stolen data as proof of the hack.

Financial Services

Financial Services Hacking Ransomware Data breaches

Internet Archive was breached twice in a month

Security Affairs

OCTOBER 21, 2024

The Internet Archive was breached again, attackers hacked its Zendesk email support platform through stolen GitLab authentication tokens. The breach may have exposed personal identification documents uploaded by users for Wayback Machine page removal requests, depending on the attacker’s Zendesk API access.

Internet

Internet Internet Data breaches Authentication

Ransomware attack hit Indian multinational Tata Technologies

Security Affairs

FEBRUARY 1, 2025

Stolen data include contracts, financial and business documents, engineering projects, and employees personally identifiable information (PII), including Aadhar card numbers. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, ransomware attack)

Technology

Technology Ransomware Engineering Manufacturing

Sarcoma ransomware gang claims the theft of sensitive data from PCB maker Unimicron

Security Affairs

FEBRUARY 12, 2025

Sarcoma ransomware operators claim to have stolen 377 GB of SQL files and documents. “The company will continue to enhance the security control of the network and information infrastructure to ensure information security.” However, it has yet to disclose a data breach. .

Computers and Electronics

Computers and Electronics Ransomware Manufacturing Data breaches

FBI warns of malicious free online document converters spreading malware

8Base ransomware group hacked Croatia’s Port of Rijeka

Trending Sources

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Rhysida Ransomware gang claims the hack of the Government of Peru

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Expert used ChatGPT-4o to create a replica of his passport in just 5 minutes bypassing KYC

Former CIA analyst pleaded guilty to leaking top-secret documents

Apple indeed added a feature called “inactivity reboot” in iOS 18.1 that reboots locked devices

iPhones in a law enforcement forensics lab mysteriously rebooted losing their After First Unlock (AFU) state

Cisco states that data published on cybercrime forum was taken from public-facing DevHub environment

Experts found rogue devices, including hidden cellular radios, in Chinese-made power inverters used worldwide

FBI deleted China-linked PlugX malware from over 4,200 US computers

Operation Secure: INTERPOL dismantles 20,000+ malicious IPs in major cybercrime crackdown

Black Basta ransomware gang hit BT Group

EDR-as-a-Service makes the headlines in the cybercrime landscape

Hacking firm I-Soon data leak revealed Chinese gov hacking capabilities

Ukraine’s GUR hacked the Russian Ministry of Defense

New Leak Shows Business Side of China’s APT Menace

U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

Fidelity Investments suffered a second data breach this year

Nigerian man Sentenced to 26+ years in real estate phishing scams

International Civil Aviation Organization (ICAO) and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists

CEO of cybersecurity firm charged with installing malware on hospital systems

Notorious ransomware programmer Mikhail Pavlovich Matveev arrested in Russia

Serbian student activist’s phone hacked using Cellebrite zero-day exploit

SECURITY AFFAIRS MALWARE NEWSLETTER ROUND 45

U.S. CISA adds Cisco ASA and FTD, and RoundCube Webmail bugs to its Known Exploited Vulnerabilities catalog

Authorities shut down Crimenetwork, the Germany’s largest crime marketplace

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Hive0117 group targets Russian firms with new variant of DarkWatchman malware

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

CISA’s 11-Month extension ensures continuity of MITRE’s CVE Program

Cisco states that the second data leak is linked to the one from October

Experts found 4 billion user records online, the largest known leak of Chinese personal data from a single source

How Interlock Ransomware Affects the Defense Industrial Base Supply Chain

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Swiss Air Force sensitive files stolen in the hack of Ultra Intelligence & Communications

DPRK-linked BlueNoroff used macOS malware with novel persistence

Ukraine’s intelligence service hacked Russia’s Federal Air Transport Agency, Rosaviatsia

Medusa ransomware gang claims the hack of Toyota Financial Services

Internet Archive was breached twice in a month

Ransomware attack hit Indian multinational Tata Technologies

Sarcoma ransomware gang claims the theft of sensitive data from PCB maker Unimicron

Stay Connected