Hacking, Internet and Technology - Cyber Security Informer

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

The Federal Bureau of Investigation (FBI) is urging police departments and governments worldwide to beef up security around their email systems, citing a recent increase in cybercriminal services that use hacked police email accounts to send unauthorized subpoenas and customer data requests to U.S.-based based technology companies.

Hacking

Hacking Accountability Government Social Engineering

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey. But a review of this Araneida nickname on the cybercrime forums shows they have been active in the criminal hacking scene since at least 2018.

Hacking

Hacking Cybercrime Advertising Data breaches

Hacked IoT Devices Livestreaming Swatting Attacks: FBI

Adam Levin

DECEMBER 30, 2020

Hackers are using internet-connected home devices to livestream “swatting” attacks, according to the FBI. Offenders often use spoofing technology to anonymize their own phone numbers to make it appear to first responders as if the emergency call is coming from the victim’s phone number.”.

IoT

IoT Hacking Internet Internet

Internet Archive Hacked, Introducing The AI Toilet Camera

Security Boulevard

OCTOBER 27, 2024

In this episode, we discuss the significant data breach at the Internet Archive, affecting 33 million users. We explore these technological advancements alongside other unusual tech innovations, touching upon security […] The post Internet Archive Hacked, Introducing The AI Toilet Camera appeared first on Shared Security Podcast.

Internet

Internet Internet Hacking Data breaches

The Internet Enabled Mass Surveillance. AI Will Enable Mass Spying.

Schneier on Security

DECEMBER 5, 2023

Before the internet, putting someone under surveillance was expensive and time-consuming. Surveillance has become the business model of the internet, and there’s no reasonable way for us to opt out of it. The technologies aren’t perfect; some of them are pretty primitive. Spying is another matter. But so do humans.

Surveillance

Surveillance Internet Internet Government

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams

Krebs on Security

MAY 29, 2025

government today imposed economic sanctions on Funnull Technology Inc. , A graphic from the FBI explaining how Funnull generated a slew of new domains on a regular basis and mapped them to Internet addresses on U.S. Image: Shutterstock, ArtHead. cloud providers.

Scams

Scams Internet Internet Cybercrime

Sendgrid Under Siege from Hacked Accounts

Krebs on Security

AUGUST 28, 2020

But this also means when a Sendgrid customer account gets hacked and used to send malware or phishing scams, the threat is particularly acute because a large number of organizations allow email from Sendgrid’s systems to sail through their spam-filtering systems.

Accountability

Accountability Hacking Authentication Marketing

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Krebs on Security

NOVEMBER 21, 2024

Federal prosecutors in Los Angeles this week unsealed criminal charges against five men alleged to be members of a hacking group responsible for dozens of cyber intrusions at major U.S. technology companies between 2021 and 2023, including LastPass , MailChimp , Okta , T-Mobile and Twilio. Image: Amitai Cohen twitter.com/amitaico.

Identity Theft

Identity Theft Phishing Cryptocurrency Accountability

Hacking Construction Cranes

Schneier on Security

JANUARY 22, 2019

Construction cranes are vulnerable to hacking: In our research and vulnerability discoveries, we found that weaknesses in the controllers can be (easily) taken advantage of to move full-sized machines such as cranes used in construction sites and factories. It wasn't until the arrival of Industry 4.0,

Hacking

Hacking Wireless Internet Internet

Exposed eyes: 40,000 security cameras vulnerable to remote hacking

Security Affairs

JUNE 12, 2025

Over 40,000 internet-exposed security cameras worldwide are vulnerable to remote hacking, posing serious privacy and security risks. Bitsight warns that over 40,000 security cameras worldwide are exposed to remote hacking due to unsecured HTTP or RTSP (Real-Time Streaming Protocol) access. Most of the cameras are in the U.S.

Hacking

Hacking Telecommunications Internet Internet

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

“This is the most significant technological and financial operation ever led by the Department of Justice against a botnet,” said Martin Estrada , the U.S. attorney for the Southern District of California, at a press conference this morning in Los Angeles. ” The DOJ said it also recovered more than 6.5

Hacking

Hacking Malware Ransomware Government

An Interview With the Target & Home Depot Hacker

Krebs on Security

NOVEMBER 14, 2024

But not long after KrebsOnSecurity reported in April that Shefel/Rescator also was behind the theft of Social Security and tax information from a majority of South Carolina residents in 2012, Mr. Shefel began contacting this author with the pretense of setting the record straight on his alleged criminal hacking activities. Image: U.S.

Retail

Retail Advertising Cryptocurrency Cybercrime

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

Krebs on Security

DECEMBER 13, 2022

technology firm, confirmed receipt of USDoD’s message but asked to remain anonymous for this story. That InfraGard member, who is head of security at a major U.S. This is a developing story. Updates will be noted here with timestamps.

Hacking

Hacking Cybercrime Energy and Utilities Accountability

G7 Comes Out in Favor of Encryption Backdoors

Schneier on Security

APRIL 23, 2019

Some G7 countries highlight the importance of not prohibiting, limiting, or weakening encryption; There is a weird belief amongst policy makers that hacking an encryption system's key management system is fundamentally different than hacking the system's encryption algorithm.

Encryption

Encryption Internet Internet Hacking

GUEST ESSAY: NewsCorp hack shows cyber espionage, squelching of press freedom on the rise

The Last Watchdog

APRIL 5, 2022

As the dust settles following the recently disclosed hack of NewsCorp , important lessons are emerging for the cybersecurity and journalism communities. China has enclosed its national internet servers within what is colloquially called ‘the Great Firewall.’ Related: How China challenged Google in Operation Aurora.

Hacking

Hacking Passwords Firewall Internet

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Krebs on Security

AUGUST 27, 2024

Malicious hackers are exploiting a zero-day vulnerability in Versa Director , a software product used by many Internet and IT service providers. Researchers believe the activity is linked to Volt Typhoon , a Chinese cyber espionage group focused on infiltrating critical U.S. In a security advisory published Aug. victims and one non-U.S.

Internet

Internet Internet Technology Engineering

Alleged ‘Scattered Spider’ Member Extradited to U.S.

Krebs on Security

APRIL 30, 2025

prosecutors allege Tyler Robert Buchanan and co-conspirators hacked into dozens of companies in the United States and abroad, and that he personally controlled more than $26 million stolen from victims. Internet address was used to operate a Discord account that specified a cryptocurrency wallet when asking another user to send funds.

Identity Theft

Identity Theft Phishing Cryptocurrency Cybercrime

France’s second-largest telecoms provider Free suffered a cyber attack

Security Affairs

OCTOBER 28, 2024

French internet service provider (ISP) Free disclosed a cyber attack, threat actors allegedly had access to customer personal information. that provides voice, video, data, and Internet telecommunications to consumers in France. Free S.A.S. is a French telecommunications company, subsidiary of Iliad S.A.

Cyber Attacks

Cyber Attacks Telecommunications Data breaches Banking

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

FEBRUARY 10, 2020

Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. dubbed the “China Initiative Conference.”

Hacking

Hacking Identity Theft Government Phishing

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

Related: Technology and justice systems The U.S. Security and Exchange Commission (SEC) recently laid down the hammer charging and fining four prominent cybersecurity vendors for making misleading claims in connection with the SolarWinds hack. SEC investigators gathered evidence that Unisys Corp.,

CISO

CISO CSO Risk Cyber threats

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

Security Affairs

JANUARY 18, 2025

Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned Chinese firm Sichuan Juxinhe Network Technology Co., telecommunication and internet service providers. government systems, including the recent targeting of Treasurys information technology (IT) systems, as well as sensitive U.S. national security.”

Cybersecurity

Cybersecurity Telecommunications Government Healthcare

This Simple Hack Could Tank Your Business

Adam Levin

JULY 24, 2020

Barely a day goes by without news of an elite hacking team creating a more stealth exploit– malware , elaborate spear-phishing attacks, trojans, and a killer array of ransomware that can take factories and other organizations offline, or even hobble entire cities. Cyberattacks are constantly getting more sophisticated.

Hacking

Hacking Phishing Risk Accountability

The CrowdStrike Outage and Market-Driven Brittleness

Schneier on Security

JULY 25, 2024

Friday’s massive internet outage, caused by a mid-sized tech company called CrowdStrike, disrupted major airlines, hospitals, and banks. The catastrophe is yet another reminder of how brittle global internet infrastructure is. Compare the internet with ecological systems. Nearly 7,000 flights were canceled.

Marketing

Marketing Software Internet Internet

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. The homepage of Stark Industries Solutions.

DDOS

DDOS Internet Internet Government

On the Catastrophic Risk of AI

Schneier on Security

JUNE 1, 2023

Talking about those systems, I said: Now, add into this mix the risks that arise from new and dangerous technologies such as the internet or AI or synthetic biology. Here, misaligned incentives and hacking can have catastrophic consequences for society. Or molecular nanotechnology, or nuclear weapons.

Risk

Risk Artificial Intelligence Technology Internet

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. and its allies for hacking activities in July. Wall Street Journal reported.

Mobile

Mobile Telecommunications Data breaches Hacking

MY TAKE: The role of semiconductors in bringing the ‘Internet of Everything’ into full fruition

The Last Watchdog

DECEMBER 11, 2022

The Internet of Everything ( IoE ) is on the near horizon. For instance, very visibly over the past decade, Internet of Things ( IoT ) computing devices and sensors have become embedded everywhere. For instance, very visibly over the past decade, Internet of Things ( IoT ) computing devices and sensors have become embedded everywhere.

Internet

Internet Internet Energy and Utilities IoT

Polish Space Agency POLSA disconnected its network following a cyberattack

Security Affairs

MARCH 5, 2025

The Polish space agency POLSA announced it has disconnected its network from the internet following a cyberattack. The Polish space agency POLSA was forced to disconnect its network from the internet in response to a cyberattack. To secure data after the breach, POLSA’s network was immediately disconnected from the internet.

Internet

Internet Internet Technology Ransomware

When Accounts are "Hacked" Due to Poor Passwords, Victims Must Share the Blame

Troy Hunt

NOVEMBER 7, 2018

It's just another day on the internet when the news is full of headlines about accounts being hacked. The second story was about a number of verified Twitter accounts having been "hacked" and then leveraged in Bitcoin scams.

Passwords

Passwords Accountability Hacking Education

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] Bloom’s recommendation came to Biderman via Trevor Sykes, then chief technology officer for Ashley Madison parent firm Avid Life Media (ALM). pleaded guilty to running LeakedSource[.]com

Hacking

Hacking Accountability Data breaches Marketing

Space and defense tech maker Exail Technologies exposes database access

Security Affairs

SEPTEMBER 21, 2023

Exail Technologies, a high-tech manufacturer whose clients include the US Coast Guard, exposed sensitive company data that could’ve enabled attackers to access its databases. The publicly accessible.env file, hosted on the exail.com website, was exposed to the internet, meaning that anyone could have accessed it.

Technology

Technology Internet Internet Manufacturing

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

The Last Watchdog

DECEMBER 16, 2024

Meanwhile, while business logic hacks, supply chain holes, and cyber extortion continue to loom large. Attackers arent hacking in theyre logging in. Acohido is dedicated to fostering public awareness about how to make the Internet as private and secure as it ought to be. The drivers are intensifying.

Cyber threats

Cyber threats CISO IoT Phishing

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

Security Affairs

JANUARY 18, 2025

Treasury Department’s Office of Foreign Assets Control (OFAC) sanctioned Chinese firm Sichuan Juxinhe Network Technology Co., telecommunication and internet service providers. government systems, including the recent targeting of Treasurys information technology (IT) systems, as well as sensitive U.S. national security.”

Cybersecurity

Cybersecurity Telecommunications Government Healthcare

T-Mobile detected network intrusion attempts and blocked them

Security Affairs

NOVEMBER 28, 2024

broadband providers , including Verizon, AT&T, and Lumen Technologies, potentially accessing systems for lawful wiretapping and other data. Experts suspect the state-sponsored hackers have gathered extensive internet traffic and potentially compromised sensitive data. and its allies for hacking activities in July.

Mobile

Mobile Telecommunications Government Internet

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

The Last Watchdog

APRIL 4, 2022

They are often unaware of the risks they take on, which can include hacking, fraud, phishing, and more. This can be compounded by certain enterprises using the Internet of Things (IoT) that don’t have good security. Related: Using employees as human sensors. Storing authentication credentials for the API is a significant issue.

Hacking

Hacking Penetration Testing Data breaches Authentication

China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems

Security Affairs

OCTOBER 6, 2024

broadband providers, including Verizon, AT&T, and Lumen Technologies, potentially accessing systems for lawful wiretapping and other data. Experts suspect the state-sponsored hackers have gathered extensive internet traffic and potentially compromised sensitive data. and its allies for hacking activities in July.

Hacking

Hacking Government Internet Internet

AIs as Computer Hackers

Schneier on Security

FEBRUARY 2, 2023

If you’re into this sort of thing, it’s pretty much the most fun you can possibly have on the Internet without committing multiple felonies. The researchers have since commercialized the technology, which is now busily defending networks for customers like the U.S. People train for months. Winning is a big deal. Department of Defense.

Artificial Intelligence

Artificial Intelligence Technology Software Hacking

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

SecureWorld News

DECEMBER 12, 2024

The details of the Krispy Kreme hack are still emerging, but the companys Form 8-K filing brought the incident to light, offering a rare glimpse into the challenges businesses face when their systems are compromised. The attack goes to show that, truly, nothing Internet-connected is sacred."

Password Management

Password Management Passwords CISO Cybersecurity

Americans urged to use encrypted messaging after large, ongoing cyberattack

Malwarebytes

DECEMBER 5, 2024

Speaking to Reuters , a senior US official said the attack telecommunications infrastructure was broad and that the hacking was still ongoing. During transit the message remains encrypted the entire time it is moving across the internet. What that means is only the person sending it and the person receiving it can read it.

Encryption

Encryption Identity Theft Media Telecommunications

Over 80,000 servers hit as Roundcube RCE bug gets rapidly exploited

Security Affairs

JUNE 11, 2025

After the disclosure of the flaw, the researchers at Positive Technologies announced they have reproduced CVE-2025-49113 in Roundcube. Researchers at the Shadowserver Foundation warned that roughly 84,000 Roundcube instances exposed on the Internet are still unpatched. We see ~84K unpatched worldwide.

Authentication

Authentication Internet Internet Risk

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Security Affairs

NOVEMBER 14, 2024

broadband providers, including Verizon, AT&T, and Lumen Technologies, potentially accessing systems for lawful wiretapping and other data. Experts suspect the state-sponsored hackers have gathered extensive internet traffic and potentially compromised sensitive data. The security breach poses a major national security risk.

Government

Government Telecommunications Surveillance Risk

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

Krebs on Security

MARCH 31, 2020

Ueland said after hearing about the escrow.com hack Monday evening he pulled the domain name system (DNS) records for escrow.com and saw they were pointing to an Internet address in Malaysia — 111.90.149[.]49 com was identical to the one displayed by escrow.com while the site’s DNS records were hacked.

Phishing

Phishing DNS Social Engineering Accountability

Planet WGS-804HPT Industrial Switch flaws could be chained to achieve remote code execution

Security Affairs

JANUARY 19, 2025

Critical flaws in WGS-804HPT switches could be chained to gain remote code execution on Planet Technology’s industrial devices. Planet Technology has released firmware version 1.305b241111 to address these issues. This switch family is equipped with a web service and SNMP management interface. ” concludes the report. .

Firmware

Firmware IoT Wireless Surveillance

The Life Cycle of a Breached Database

Krebs on Security

JULY 29, 2021

Our continued reliance on passwords for authentication has contributed to one toxic data spill or hack after another. And as the phishing examples above demonstrate, many of today’s phishing scams use elements from hacked databases to make their lures more convincing. TARGETED PHISHING. Urgency should be a giant red flag.

Passwords

Passwords Password Management Phishing Scams

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Trending Sources

Hacked IoT Devices Livestreaming Swatting Attacks: FBI

Internet Archive Hacked, Introducing The AI Toilet Camera

The Internet Enabled Mass Surveillance. AI Will Enable Mass Spying.

U.S. Sanctions Cloud Provider ‘Funnull’ as Top Source of ‘Pig Butchering’ Scams

Sendgrid Under Siege from Hacked Accounts

Feds Charge Five Men in ‘Scattered Spider’ Roundup

Hacking Construction Cranes

Exposed eyes: 40,000 security cameras vulnerable to remote hacking

U.S. Hacks QakBot, Quietly Removes Botnet Infections

An Interview With the Target & Home Depot Hacker

FBI’s Vetted Info Sharing Network ‘InfraGard’ Hacked

G7 Comes Out in Favor of Encryption Backdoors

GUEST ESSAY: NewsCorp hack shows cyber espionage, squelching of press freedom on the rise

New 0-Day Attacks Linked to China’s ‘Volt Typhoon’

Alleged ‘Scattered Spider’ Member Extradited to U.S.

France’s second-largest telecoms provider Free suffered a cyber attack

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

This Simple Hack Could Tank Your Business

The CrowdStrike Outage and Market-Driven Brittleness

Stark Industries Solutions: An Iron Hammer in the Cloud

On the Catastrophic Risk of AI

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

MY TAKE: The role of semiconductors in bringing the ‘Internet of Everything’ into full fruition

Polish Space Agency POLSA disconnected its network following a cyberattack

When Accounts are "Hacked" Due to Poor Passwords, Victims Must Share the Blame

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Space and defense tech maker Exail Technologies exposes database access

LW ROUNDTABLE — How 2024’s cyber threats will transform the security landscape in 2025

U.S. Treasury Sanctions Chinese cybersecurity firm and actor over federal agency breach tied to Salt Typhoon

T-Mobile detected network intrusion attempts and blocked them

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

China-linked group Salt Typhoon hacked US broadband providers and breached wiretap systems

AIs as Computer Hackers

Sweet Treats, Sour Breach: Cyberattack Hits Krispy Kreme

Americans urged to use encrypted messaging after large, ongoing cyberattack

Over 80,000 servers hit as Roundcube RCE bug gets rapidly exploited

China-linked threat actors compromised multiple telecos and spied on a limited number of U.S. government officials

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

Planet WGS-804HPT Industrial Switch flaws could be chained to achieve remote code execution

The Life Cycle of a Breached Database

Stay Connected