Hacking and Information - Cyber Security Informer

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Hacking

Hacking Accountability Government Social Engineering

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

Krebs on Security

FEBRUARY 26, 2025

government officials searched online for non-extradition countries and for an answer to the question “can hacking be treason?” Among those was AT&T , which disclosed in July that cybercriminals had stolen personal information and phone and text message records for roughly 110 million people nearly all of its customers.

Hacking

Hacking Government Identity Theft Accountability

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey. “We have been playing cat and mouse for a while with these guys,” said Matt Sciberras , chief information security officer at Invicti.

Hacking

Hacking Cybercrime Advertising Data breaches

DeepSeek database exposed highly sensitive information

Security Affairs

JANUARY 30, 2025

“This database contained a significant volume of chat history, backend data and sensitive information, including log streams, API Secrets, and operational details.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, DeepSeek ) ” concludes the report.

Authentication

Authentication Passwords Hacking Risk

NSO Group Spies on People on Behalf of Governments

Schneier on Security

NOVEMBER 27, 2024

Legal documents released in ongoing US litigation between NSO Group and WhatsApp have revealed for the first time that the Israeli cyberweapons maker and not its government customers is the party that “installs and extracts” information from mobile phones targeted by the company’s hacking software.

Government

Government Spyware Mobile Hacking

Rhysida Ransomware gang claims the hack of the Government of Peru

Security Affairs

MAY 3, 2025

The Rhysida Ransomware gang claims the hack of the Government of Peru, the gang breached Gob.pe, the Single Digital Platform of the Peruvian State. The Rhysida ransomware gang claims responsibility for hacking the Government of Peru, breaching Gob.pe, which is the country’s official digital platform.

Government

Government Ransomware Hacking Manufacturing

PLAYFULGHOST backdoor supports multiple information stealing features

Security Affairs

JANUARY 5, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,malware) Google researchers provided event rules within Google Security Operations to dete ctPLAYFULGHOST activity.

Malware

Malware Encryption Phishing Hacking

Broadcom fixed information disclosure flaws in VMware Aria Operations

Security Affairs

JANUARY 31, 2025

is an information disclosure vulnerability in VMware Aria Operations for Logs.A is an information disclosure vulnerability. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,VMware) CVE-2025-22222 (CVSS score: 7.7)

Authentication

Authentication Hacking Cybersecurity Information Security

8Base ransomware group hacked Croatia’s Port of Rijeka

Security Affairs

DECEMBER 7, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,ransomware) Grabovac pointed out that his organization will not pay the ransom requested by the ransomware gang.

Ransomware

Ransomware Hacking Accountability Cyber Attacks

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Security Affairs

MARCH 10, 2025

Another American hospital falls victim to a ransomware attack; the RansomHouse gang announced the hack of Loretto Hospital in Chicago.” ” The RansomHouse gang announced the hack of Loretto Hospital in Chicago, the groups claims to have stolen 1.5TB of sensitive data.

Hacking

Hacking Healthcare Backups Ransomware

Threat actors use fake AI tools to deliver the information stealer Noodlophile

Security Affairs

MAY 12, 2025

Threat actors use fake AI tools to trick users into installing the information stealer Noodlophile, Morphisec researchers warn. The report includes Indicators of Compromise (IOCs) for this campaign Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,fake AI tools)

Malware

Malware Media Cybercrime Scams

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.” and its allies for hacking activities in July.

Hacking

Hacking Internet Internet Government

FBI Deletes PlugX Malware from Thousands of Computers

Schneier on Security

JANUARY 16, 2025

” Details : To retrieve information from and send commands to the hacked machines, the malware connects to a command-and-control server that is operated by the hacking group. According to a DOJ press release , the FBI was able to delete the Chinese-used PlugX malware from “approximately 4,258 U.S.-based

Malware

Malware Hacking Software

Subaru Starlink flaw allowed experts to remotely hack cars

Security Affairs

JANUARY 25, 2025

To confirm their findings, the researchers reached out to their friend and asked if they could hack her car. Additionally, attackers could secretly obtain personal information such as the victims name, phone number, email, and physical address. Admin panel access exposed vehicle data (e.g., name, ZIP, phone, email, billing details).

Hacking

Hacking Accountability Passwords Authentication

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

Security Affairs

APRIL 10, 2025

No OCI service has been interrupted or compromised in any way,” Last week, Oracle confirmed a data breach and started informing customers while downplaying the impact of the incident. The hacker has published 10,000 customer records, a file showing Oracle Cloud access, user credentials, and an internal video as proof of the hack.

Hacking

Hacking Data breaches Encryption Passwords

Chinese threat actors used two advanced exploit chains to hack Ivanti CSA

Security Affairs

JANUARY 23, 2025

is end-of-life and no longer receives security updates, for this reason, these instances are exposed to hack. The advisory details hacking activities exploiting the mentioned vulnerabilities. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,CISA)

Hacking

Hacking Government Cybersecurity Information Security

Mazda Connect flaws allow to hack some Mazda vehicles

Security Affairs

NOVEMBER 9, 2024

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Mazda Connect) . “The CMU can then be compromised and “enhanced” to, for example, attempt to compromise any connected device in targeted attacks that can result in DoS, bricking, ransomware, safety compromise, etc.”

Hacking

Hacking Firmware Software Manufacturing

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Security Affairs

FEBRUARY 2, 2025

The hacking campaign targeted 90 users and was disrupted in December, WhatsApp already alerted them of a possible compromise of their devices. WhatsApp linked the hacking campaign to Paragon, an Israeli commercial surveillance vendor acquired by AE Industrial Partners for $900 million in December 2024.

Spyware

Spyware Hacking Surveillance Malware

Cloak ransomware group hacked the Virginia Attorney General’s Office

Security Affairs

MARCH 24, 2025

The breach was detected in February , leading to notifications to the FBI, Virginia State Police, and the Virginia Information Technologies Agency. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, ransomware) Chief Deputy AG Steven Popps called it a sophisticated attack.

Ransomware

Ransomware Hacking Social Engineering VPN

Age Verification Using Facial Scans

Schneier on Security

APRIL 17, 2025

“The information shared to power the age verification method is only used for the one-time age verification process and is not stored by Discord or our vendor. For Face Scan, the solution our vendor uses operates on-device, which means there is no collection of any biometric information when you scan your face.

Hacking

Hacking Media

Inside the DemandScience by Pure Incubation Data Breach

Troy Hunt

NOVEMBER 13, 2024

I am interested in finding how my information ended up in your database. That last one seems perfectly reasonable, and fortunately, DemandScience does have a link on their website to Do Not Sell My Information : Dammit! So, he asked them: I seem to have found my email in your data breach. If, like me, you're part of the 99.5%

Data breaches

Data breaches Passwords B2B Technology

Amazon discloses employee data breach after May 2023 MOVEit attacks

Security Affairs

NOVEMBER 11, 2024

Amazon disclosed a data breach exposing employee data, with information allegedly stolen in the May 2023 MOVEit attacks. Amazon disclosed a data breach that exposed employee information after data was allegedly stolen during the May 2023 MOVEit attacks. million records containing employee data on the hacking forum BreachForums.

Data breaches

Data breaches Hacking Ransomware Technology

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. police as part of an FBI investigation into the MGM hack. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

The missive bore the name of the hotel and referenced details from their reservation, claiming that booking.com’s anti-fraud system required additional information about the customer before the reservation could be finalized. One post last month on the Russian-language hacking forum BHF offered up to $5,000 for each hotel account.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

Pwn2Own Berlin 2025 Day Two: researcher earned 150K hacking VMware ESXi

Security Affairs

MAY 16, 2025

pic.twitter.com/x2oBfaSfKS — Trend Zero Day Initiative (@thezdi) May 16, 2025 Nguyen Hoang Thach of STARLabs SG exploited an integer overflow to hack VMware ESXi earning $150,000 and 15 Master of Pwn points. The full list of hacking attempts made during day two is available here. Outstanding!

Hacking

Hacking Information Security

Iran and China-linked actors used ChatGPT for preparing attacks

Security Affairs

OCTOBER 11, 2024

Rather than using advanced hacking techniques, they exploited systems with default credentials to compromise target networks. This included working on malware that was still in development, and looking for information on potential targets.” ” continues the report.

Malware

Malware Social Engineering Engineering Hacking

What Graykey Can and Can’t Unlock

Schneier on Security

NOVEMBER 26, 2024

The documents do not appear to contain information about what Graykey can access from the public release of iOS 18.1, More information : Meanwhile, Graykey’s performance with Android phones varies, largely due to the diversity of devices and manufacturers. which was released on October 28.

Media

Media Manufacturing Mobile Hacking

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Security and Exchange Commission (SEC) recently laid down the hammer charging and fining four prominent cybersecurity vendors for making misleading claims in connection with the SolarWinds hack. But the SEC’s latest actions underscore that failing to inform stakeholders about material risks and breaches is not an option.

CISO

CISO CSO Risk Cyber threats

EDR-as-a-Service makes the headlines in the cybercrime landscape

Security Affairs

APRIL 7, 2025

These falsely obtained credentials enable cyber criminals to successfully mimic a real-world investigation by inducing platform operators to provide extremely sensitive information. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,EDR-as-a-Service)

Cybercrime

Cybercrime Social Engineering Accountability Government

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Krebs on Security

FEBRUARY 28, 2025

Intrinsec said its analysis showed Prospero frequently hosts malware operations such as SocGholish and GootLoader , which are spread primarily via fake browser updates on hacked websites and often lay the groundwork for more serious cyber intrusions — including ransomware. A fake browser update page pushing mobile malware.

Malware

Malware Antivirus Software DDOS

Silk Typhoon Hackers Indicted

Schneier on Security

MARCH 11, 2025

The indictments highlight how, in some cases, the hackers operated with a surprising degree of autonomy, even choosing targets on their own before selling stolen information to Chinese government clients.

Government

Government Media Hacking

Experts found rogue devices, including hidden cellular radios, in Chinese-made power inverters used worldwide

Security Affairs

MAY 18, 2025

“That effectively means there is a built-in way to physically destroy the grid,” an anonymous informer told Reuters The rogue devices’ existence is newly revealed, with no public US government acknowledgment. The US grid was successfully hacked in November by hackers belonging to foreign governments.

Energy and Utilities

Energy and Utilities Manufacturing Government Hacking

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Security Affairs

NOVEMBER 24, 2024

Stolen information offered for sale on the carding website included bank account, credit card, and debit card numbers and associated information for conducting transactions. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, newsletter) million in revenue.

Cybercrime

Cybercrime Cryptocurrency Banking Accountability

Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites

Security Affairs

APRIL 22, 2025

Japan s Financial Services Agency (FSA) warns of hundreds of millions in unauthorized trades linked to hacked brokerage accounts. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Japan) from fake websites (phishing sites) disguised as websites of real securities companies.”

Financial Services

Financial Services Passwords Accountability Antivirus

2023 Anna Jaques Hospital data breach impacted over 310,000 people

Security Affairs

DECEMBER 8, 2024

The investigation aimed to determine the extent of the activity, and whether individual personal information, if any, may have been accessed or acquired by an unauthorized third party. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Anna Jaques Hospital)

Data breaches

Data breaches Insurance Healthcare Ransomware

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

Security Affairs

APRIL 13, 2025

. “During the half-day meeting in Geneva, Wang Lei, a top cyber official with Chinas Ministry of Foreign Affairs, indicated that the infrastructure hacks resulted from the U.S.s “Wang or the other Chinese officials didnt directly state that China was responsible for the hacking, the U.S. ” states the WSJ.

Hacking

Hacking Manufacturing Education Government

How Interlock Ransomware Affects the Defense Industrial Base Supply Chain

Security Affairs

MAY 13, 2025

The systems that companies use in the defense sector may also hold classified information. Such information will be of interest to foreign intelligence agencies, nation-state actors, and advanced espionage groups, especially during local conflicts and ongoing wars.

Ransomware

Ransomware Cyber Attacks Risk Hacking

A flaw in the W3 Total Cache plugin exposes hundreds of thousands of WordPress sites to attacks

Security Affairs

JANUARY 19, 2025

A WordPress W3 Total Cache plugin vulnerability could allow attackers to access information from internal services, including metadata on cloud-based apps. The vulnerability allows authenticated attackers with Subscriber access to exploit a missing capability check, leading to information disclosure.

Consumer Services

Consumer Services Authentication Hacking

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Security Affairs

NOVEMBER 6, 2024

Security researcher Rick de Jager demonstrated the vulner ability, called RISK:STATION by cybersecurity firm Midnight Blue, at the Pwn2Own Ireland 2024 hacking contest. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Synology) 10053 or above) Synology Photos 1.6

Firmware

Firmware Manufacturing Hacking Media

Japanese telecom giant NTT suffered a data breach that impacted 18,000 companies

Security Affairs

MARCH 8, 2025

A data breach suffered by the Japanese telecom giant NTT exposed information of nearly 18,000 corporate customers. Japanese telecom giant NTT suffered a data breach that exposed information of nearly 18,000 corporate customers. Please note that information about services for individual customers was not included.”

Data breaches

Data breaches Mobile Hacking Malware

VMware fixed three actively exploited zero-days in ESX products

Security Affairs

MARCH 4, 2025

HGFS information-disclosure vulnerability: the vulnerability is an information disclosurevulnerability that impacts VMware ESXi, Workstation, and Fusion. The virtualization giant confirmed that it has information to suggest that exploitation of the three flaws has occurred in the wild. CVE-2025-22226 (CVSS score of 7.1)

Hacking

Hacking Information Security

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

Security Affairs

JANUARY 15, 2025

At the beginning of the year, and as a positive start for us, and in order to solidify the name of our group in your memory, we are proud to announce our first official operation: Will be published of sensitive data from over 15,000 targets worldwide (both governmental and private sectors) that have been hacked and their data extracted.”

VPN

VPN Passwords Firewall Firmware

ClickFix: How to Infect Your PC in Three Easy Steps

Krebs on Security

MARCH 14, 2025

In this scam, dubbed “ ClickFix ,” the visitor to a hacked or malicious website is asked to distinguish themselves from bots by pressing a combination of keyboard keys that causes Microsoft Windows to download password-stealing malware. Some of those lures worked, and allowed thieves to gain control over booking.com accounts.

Phishing

Phishing Malware Scams Passwords

South African telecom provider Cell C disclosed a data breach following a cyberattack

Security Affairs

APRIL 13, 2025

Compromised data includes full names, contact details, ID numbers, banking information, drivers license numbers, medical records and passport details. The company engaged top cybersecurity and forensic experts, informed authorities, and is actively supporting affected stakeholders. The gang claimed the theft of 2 TB of data.

Data breaches

Data breaches Unstructured Data Identity Theft Healthcare

FBI: Spike in Hacked Police Emails, Fake Subpoenas

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

Trending Sources

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

DeepSeek database exposed highly sensitive information

NSO Group Spies on People on Behalf of Governments

Rhysida Ransomware gang claims the hack of the Government of Peru

PLAYFULGHOST backdoor supports multiple information stealing features

Broadcom fixed information disclosure flaws in VMware Aria Operations

8Base ransomware group hacked Croatia’s Port of Rijeka

RansomHouse gang claims the hack of the Loretto Hospital in Chicago

Threat actors use fake AI tools to deliver the information stealer Noodlophile

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

FBI Deletes PlugX Malware from Thousands of Computers

Subaru Starlink flaw allowed experts to remotely hack cars

Oracle confirms the hack of two obsolete servers hacked. No Oracle Cloud systems or customer data were affected

Chinese threat actors used two advanced exploit chains to hack Ivanti CSA

Mazda Connect flaws allow to hack some Mazda vehicles

WhatsApp disrupted a hacking campaign targeting journalists with Paragon spyware

Cloak ransomware group hacked the Virginia Attorney General’s Office

Age Verification Using Facial Scans

Inside the DemandScience by Pure Incubation Data Breach

Amazon discloses employee data breach after May 2023 MOVEit attacks

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Booking.com Phishers May Leave You With Reservations

Pwn2Own Berlin 2025 Day Two: researcher earned 150K hacking VMware ESXi

Iran and China-linked actors used ChatGPT for preparing attacks

What Graykey Can and Can’t Unlock

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

EDR-as-a-Service makes the headlines in the cybercrime landscape

Notorious Malware, Spam Host “Prospero” Moves to Kaspersky Lab

Silk Typhoon Hackers Indicted

Experts found rogue devices, including hidden cellular radios, in Chinese-made power inverters used worldwide

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Japan ’s FSA warns of unauthorized trades via stolen credentials from fake security firms’ sites

2023 Anna Jaques Hospital data breach impacted over 310,000 people

China admitted its role in Volt Typhoon cyberattacks on U.S. infrastructure

How Interlock Ransomware Affects the Defense Industrial Base Supply Chain

A flaw in the W3 Total Cache plugin exposes hundreds of thousands of WordPress sites to attacks

Synology fixed critical flaw impacting millions of DiskStation and BeePhotos NAS devices

Japanese telecom giant NTT suffered a data breach that impacted 18,000 companies

VMware fixed three actively exploited zero-days in ESX products

Threat actor leaked config files and VPN passwords for over Fortinet Fortigate devices

ClickFix: How to Infect Your PC in Three Easy Steps

South African telecom provider Cell C disclosed a data breach following a cyberattack

Stay Connected