Hacking - Cyber Security Informer

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based dot-gov emails get hacked.

Hacking

Hacking Accountability Government Social Engineering

Hacking Digital License Plates

Schneier on Security

DECEMBER 17, 2024

Not everything needs to be digital and “smart.” ” License plates, for example : Josep Rodriguez, a researcher at security firm IOActive, has revealed a technique to jailbreak digital license plates sold by Reviver, the leading vendor of those plates in the US with 65,000 plates already sold.

Firmware

Firmware Hacking Software

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

Krebs on Security

FEBRUARY 26, 2025

government officials searched online for non-extradition countries and for an answer to the question “can hacking be treason?” Days after he apparently finished communicating with Country-1s military intelligence service, Wagenius Googled, ‘can hacking be treason.'” million customers.

Hacking

Hacking Government Identity Theft Accountability

Microsoft Takes Legal Action Against AI “Hacking as a Service” Scheme

Schneier on Security

JANUARY 13, 2025

Not sure this will matter in the end, but it’s a positive move : Microsoft is accusing three individuals of running a “hacking-as-a-service” scheme that was designed to allow the creation of harmful and illicit content using the company’s platform for AI-generated content.

Hacking

Hacking Authentication Accountability

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

Cyber threat analysts at Silent Push said they recently received reports from a partner organization that identified an aggressive scanning effort against their website using an Internet address previously associated with a campaign by FIN7 , a notorious Russia-based hacking group. co — first came online in February 2023.

Hacking

Hacking Cybercrime Advertising Data breaches

CVE-2024-50387: Critical QNAP Flaw Exploited in Hacking Contest, Patch Now!

Penetration Testing

OCTOBER 30, 2024

In a thrilling showdown at the recent Pwn2Own Ireland 2024 hacking competition, white hat hackers YingMuo (@YingMuo), in collaboration with the DEVCORE Internship Program, successfully exploited a critical zero-day vulnerability... The post CVE-2024-50387: Critical QNAP Flaw Exploited in Hacking Contest, Patch Now!

Hacking

Hacking Cybersecurity

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Security Affairs

NOVEMBER 21, 2024

Mexico’s president announced the government is investigating an alleged ransomware hack that targeted the administration’s legal affairs office. Today they are going to send me a report on the supposed hacking.” This is not the first time Mexico’s presidential office has been targeted in a hack involving sensitive information.

Government

Government Hacking Ransomware Insurance

Spyware Maker NSO Group Found Liable for Hacking WhatsApp

Schneier on Security

DECEMBER 24, 2024

A judge has found that NSO Group, maker of the Pegasus spyware, has violated the US Computer Fraud and Abuse Act by hacking WhatsApp in order to spy on people using it. Jon Penney and I wrote a legal paper on the case.

Spyware

Spyware Hacking

Four REvil Ransomware members sentenced for hacking and money laundering

Security Affairs

OCTOBER 27, 2024

Four former members of the REvil ransomware group were sentenced in Russia for hacking and money laundering, marking a rare case of Russian gang members being convicted in the country. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, REvil ransomware gang )

Ransomware

Ransomware Hacking Malware Cybercrime

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

Security Affairs

APRIL 10, 2025

The hacker has published 10,000 customer records, a file showing Oracle Cloud access, user credentials, and an internal video as proof of the hack. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, Oracle)

Hacking

Hacking Data breaches Encryption Passwords

Chinese threat actors used two advanced exploit chains to hack Ivanti CSA

Security Affairs

JANUARY 23, 2025

is end-of-life and no longer receives security updates, for this reason, these instances are exposed to hack. The advisory details hacking activities exploiting the mentioned vulnerabilities. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,CISA)

Hacking

Hacking Government Cybersecurity Information Security

8Base ransomware group hacked Croatia’s Port of Rijeka

Security Affairs

DECEMBER 7, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,ransomware) Grabovac pointed out that his organization will not pay the ransom requested by the ransomware gang.

Ransomware

Ransomware Hacking Accountability Cyber Attacks

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Security Affairs

MARCH 10, 2025

Another American hospital falls victim to a ransomware attack; the RansomHouse gang announced the hack of Loretto Hospital in Chicago.” ” The RansomHouse gang announced the hack of Loretto Hospital in Chicago, the groups claims to have stolen 1.5TB of sensitive data.

Hacking

Hacking Healthcare Backups Ransomware

Subaru Starlink flaw allowed experts to remotely hack cars

Security Affairs

JANUARY 25, 2025

To confirm their findings, the researchers reached out to their friend and asked if they could hack her car. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Subaru Starlink) Admin panel access exposed vehicle data (e.g., location history, VIN) and customer info (e.g.,

Hacking

Hacking Accountability Passwords Authentication

Mazda Connect flaws allow to hack some Mazda vehicles

Security Affairs

NOVEMBER 9, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Mazda Connect) . “The CMU can then be compromised and “enhanced” to, for example, attempt to compromise any connected device in targeted attacks that can result in DoS, bricking, ransomware, safety compromise, etc.”

Hacking

Hacking Firmware Software Manufacturing

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. The hacking campaign, called Salt Typhoon by investigators, hasn’t previously been publicly disclosed and is the latest in a series of incursions that U.S. and its allies for hacking activities in July.

Hacking

Hacking Internet Internet Government

NSO Group Spies on People on Behalf of Governments

Schneier on Security

NOVEMBER 27, 2024

Legal documents released in ongoing US litigation between NSO Group and WhatsApp have revealed for the first time that the Israeli cyberweapons maker and not its government customers is the party that “installs and extracts” information from mobile phones targeted by the company’s hacking software.

Government

Government Spyware Mobile Hacking

Apps That Are Spying on Your Location

Schneier on Security

JANUARY 10, 2025

404 Media is reporting on all the apps that are spying on your location, based on a hack of the location data company Gravy Analytics: The thousands of apps, included in hacked files from location data company Gravy Analytics, include everything from games like Candy Crush to dating apps like Tinder, to pregnancy tracking and religious prayer apps (..)

Data collection

Data collection Advertising Media Hacking

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Security Affairs

FEBRUARY 2, 2025

The hacking campaign targeted 90 users and was disrupted in December, WhatsApp already alerted them of a possible compromise of their devices. WhatsApp linked the hacking campaign to Paragon, an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024.

Spyware

Spyware Hacking Surveillance Malware

Arguing Against CALEA

Schneier on Security

APRIL 8, 2025

This is the access that the Chinese threat actor Salt Typhoon used to spy on Americans: The Wall Street Journal first reported Friday that a Chinese government hacking group dubbed Salt Typhoon broke into three of the largest U.S.

Telecommunications

Telecommunications Internet Internet Government

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

MARCH 24, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, ransomware) .” The group uses an ARCrypter ransomware variant, derived from Babuks leaked code , to encrypt files after infiltrating a network.

Ransomware

Ransomware Hacking Social Engineering VPN

Bybit Hack: $1.46 Billion Crypto Heist Points to North Korea's Lazarus Group

SecureWorld News

FEBRUARY 26, 2025

Well-known crypto researcher ZachXBT reached the same conclusion as Elliptic, sharing his analysis on X: Lazarus Group just connected the Bybit hack to the Phemex hack directly on-chain commingling funds from the intial theft address for both incidents.

Hacking

Hacking Cryptocurrency Cyber threats Malware

More Research Showing AI Breaking the Rules

Schneier on Security

FEBRUARY 24, 2025

OpenAIs o1-preview tried to cheat 37% of the time; while DeepSeek R1 tried to cheat 11% of the timemaking them the only two models tested that attempted to hack without the researchers first dropping hints. While R1 and o1-preview both tried, only the latter managed to hack the game, succeeding in 6% of trials.

Engineering

Engineering Hacking

FBI Deletes PlugX Malware from Thousands of Computers

Schneier on Security

JANUARY 16, 2025

” Details : To retrieve information from and send commands to the hacked machines, the malware connects to a command-and-control server that is operated by the hacking group. According to a DOJ press release , the FBI was able to delete the Chinese-used PlugX malware from “approximately 4,258 U.S.-based

Malware

Malware Hacking Software

Why Italy Sells So Much Spyware

Schneier on Security

NOVEMBER 19, 2024

As a result, thousands of spyware operations have been carried out by Italian authorities in recent years, according to a report from Riccardo Coluccini, a respected Italian journalist who specializes in covering spyware and hacking. Italian spyware is cheaper and easier to use, which makes it more widely used.

Spyware

Spyware Marketing Hacking

North Korean Hackers Steal $1.5B in Cryptocurrency

Schneier on Security

FEBRUARY 25, 2025

” More : This hack sets a new precedent in crypto security by bypassing a multisig cold wallet without exploiting any smart contract vulnerability. The Bybit hack has shattered long-held assumptions about crypto security. .” The announcement on the Bybit website is almost comical.

Cryptocurrency

Cryptocurrency Social Engineering Hacking Engineering

Journalists and Civil Society Members Using WhatsApp Targeted by Paragon Spyware

Schneier on Security

FEBRUARY 3, 2025

Like other spyware makers, Paragon’s hacking software is used by government clients and WhatsApp said it had not been able to identify the clients who ordered the alleged attacks. ” It is not clear who was behind the attack.

Spyware

Spyware Government Hacking Software

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. police as part of an FBI investigation into the MGM hack. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

Feds Link $150M Cyberheist to 2022 LastPass Hacks

Krebs on Security

MARCH 7, 2025

In September 2023, KrebsOnSecurity published findings from security researchers who concluded that a series of six-figure cyberheists across dozens of victims resulted from thieves cracking master passwords stolen from the password manager service LastPass in 2022. In a court filing…

Password Management

Password Management Hacking Passwords

Age Verification Using Facial Scans

Schneier on Security

APRIL 17, 2025

” I look forward to all the videos of people hacking this system using various disguises. For Face Scan, the solution our vendor uses operates on-device, which means there is no collection of any biometric information when you scan your face. For ID verification, the scan of your ID is deleted upon verification.”

Hacking

Hacking Media

Perfectl Malware

Schneier on Security

OCTOBER 14, 2024

North Korea is the government we know that hacks cryptocurrency in order to fund its operations. Aqua Security researchers have also observed the malware serving as a backdoor to install other families of malware. Something this complex and impressive implies that a government is behind this. But this feels too complex for that.

Malware

Malware Cryptocurrency Internet Internet

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

FEBRUARY 28, 2025

Intrinsec said its analysis showed Prospero frequently hosts malware operations such as SocGholish and GootLoader , which are spread primarily via fake browser updates on hacked websites and often lay the groundwork for more serious cyber intrusions — including ransomware. A fake browser update page pushing mobile malware.

Malware

Malware Antivirus Software DDOS

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

Security Affairs

APRIL 13, 2025

. “During the half-day meeting in Geneva, Wang Lei, a top cyber official with Chinas Ministry of Foreign Affairs, indicated that the infrastructure hacks resulted from the U.S.s “Wang or the other Chinese officials didnt directly state that China was responsible for the hacking, the U.S. ” states the WSJ.

Hacking

Hacking Manufacturing Education Government

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

Security Affairs

OCTOBER 22, 2024

VMware addressed a remote code execution flaw, demonstrated in a Chinese hacking contest, for the second time in two months. During the 2024 Matrix Cup hacking contest in China, zbl & srs of team TZL demonstrated the vulnerability. In September, Broadcom released security updates to the vulnerability CVE-2024-38812.

Hacking

Hacking Government Software Information Security

Hackers stole millions of dollars from Uganda Central Bank

Security Affairs

NOVEMBER 30, 2024

Financially-motivated threat actors hacked Uganda ‘s central bank system, government officials confirmed this week. “It is true our accounts were hacked into but not to the extent of what is being reported. The police’s Criminal Investigations Department and the Auditor General are investigating the incident.

Banking

Banking Government Accountability Hacking

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

Security Affairs

FEBRUARY 22, 2025

The Bybit hack is the largest cryptocurrency heist ever, surpassing previous ones like Ronin Network ($625M), Poly Network ($611M), and BNB Bridge ($566M). Bybit is Solvent even if this hack loss is not recovered, all of clients assets are 1 to 1 backed, we can cover the loss. billion to an unidentified address.

Cryptocurrency

Cryptocurrency Hacking Banking Cybersecurity

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities.

Retail

Retail Advertising Cryptocurrency Marketing

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Security Affairs

JANUARY 4, 2025

“ Flax Typhoon is a China-linked hacking group that has been active since 2021, it targets critical infrastructure globally, exploiting vulnerabilities for persistent access. According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. critical infrastructure sectors.“

Cybersecurity

Cybersecurity IoT Hacking Technology

Silk Typhoon Hackers Indicted

Schneier on Security

MARCH 11, 2025

The indictment against Yin Kecheng, who was previously sanctioned by the Treasury Department in January for his involvement in the Treasury breach, quotes from his communications with a colleague in which he notes his personal preference for hacking American targets and how he’s seeking to ‘break into a big target,’ which he hoped (..)

Government

Government Media Hacking

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

One post last month on the Russian-language hacking forum BHF offered up to $5,000 for each hotel account. This seller claims to help people monetize hacked booking.com partners, apparently by using the stolen credentials to set up fraudulent listings.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

Threat actor says Interbank refused to pay the ransom after a two-week negotiation

Security Affairs

OCTOBER 31, 2024

Interbank disclosed a data breach after a threat actor claimed the hack of the organization and leaked stolen data online. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, data breach) Interbank , formally the Banco Internacional del Perú Service Holding S.A.A.

Data breaches

Data breaches Financial Services Hacking Mobile

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

NOVEMBER 11, 2024

million records containing employee data on the hacking forum BreachForums. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, MOVEit) The company said that the data was stolen from a third-party vendor. Amazon did not disclose the number of impacted employees.

Data breaches

Data breaches Hacking Ransomware Technology

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

Krebs on Security

FEBRUARY 4, 2025

The FBI joined authorities across Europe last week in seizing domain names for Cracked and Nulled , English-language cybercrime forums with millions of users that trafficked in stolen data, hacking tools and malware. gg , an e-commerce platform that caters to the same clientele as Sellix.

eCommerce

eCommerce Cybercrime Accountability Passwords

WhatsApp fixed a spoofing flaw that could enable Remote Code Execution

Security Affairs

APRIL 8, 2025

The hacking campaign targeted 90 users and was disrupted in December, WhatsApp immediately alerted targeted users of a possible compromise of their devices. The Meta-owned company linked the hacking campaign to Paragon , an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024.

Spyware

Spyware Media Surveillance Hacking

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Hacking Digital License Plates

Trending Sources

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

Microsoft Takes Legal Action Against AI “Hacking as a Service” Scheme

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

CVE-2024-50387: Critical QNAP Flaw Exploited in Hacking Contest, Patch Now!

Ransomhub ransomware gang claims the hack of Mexican government Legal Affairs Office

Spyware Maker NSO Group Found Liable for Hacking WhatsApp

Four REvil Ransomware members sentenced for hacking and money laundering

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

Chinese threat actors used two advanced exploit chains to hack Ivanti CSA

8Base ransomware group hacked Croatia’s Port of Rijeka

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Subaru Starlink flaw allowed experts to remotely hack cars

Mazda Connect flaws allow to hack some Mazda vehicles

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

NSO Group Spies on People on Behalf of Governments

Apps That Are Spying on Your Location

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Arguing Against CALEA

Cloak ransomware group hacked the Virginia Attorney General’s Office

Bybit Hack: $1.46 Billion Crypto Heist Points to North Korea's Lazarus Group

More Research Showing AI Breaking the Rules

FBI Deletes PlugX Malware from Thousands of Computers

Why Italy Sells So Much Spyware

North Korean Hackers Steal $1.5B in Cryptocurrency

Journalists and Civil Society Members Using WhatsApp Targeted by Paragon Spyware

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Feds Link $150M Cyberheist to 2022 LastPass Hacks

Age Verification Using Facial Scans

Perfectl Malware

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

VMware failed to fully address vCenter Server RCE flaw CVE-2024-38812

Hackers stole millions of dollars from Uganda Central Bank

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

An Interview With the Target & Home Depot Hacker

US Treasury Department sanctioned Chinese cybersecurity firm linked to Flax Typhoon APT

Silk Typhoon Hackers Indicted

Booking.com Phishers May Leave You With Reservations

Threat actor says Interbank refused to pay the ransom after a two-week negotiation

Amazon discloses employee data breach after May 2023 MOVEit attacks

Who’s Behind the Seized Forums ‘Cracked’ & ‘Nulled’?

WhatsApp fixed a spoofing flaw that could enable Remote Code Execution

Stay Connected