Information - Cyber Security Informer

Threat Informed Defense Series

Adam Shostack

APRIL 25, 2025

These deeper conversations are at the Center for Threat Informed Defense. This sort of deep dive is still rare because, frankly, most organizations are still in the crawl phase of threat modeling: Theyre starting, and theyre finding it to be hard to coordinate, hard to get where theyre going, and they fall down after eagerly standing up.

“Can you try a game I made?” Fake game sites lead to information stealers

Malwarebytes

JANUARY 3, 2025

What the target will actually download and install is in reality an information stealing Trojan. There are also various information stealers being spread through these channels like the Nova Stealer, Ageo Stealer, or the Hexon Stealer. There are several variations going around. IOCs Download sites: dualcorps[.]fr fr leyamor[.]com

Scams

Scams Identity Theft Cryptocurrency Accountability

Fake Etsy invoice scam tricks sellers into sharing credit card information

Malwarebytes

FEBRUARY 12, 2025

The site may ask for more information than Etsy would normally request for verification – like your full name, address, and even your credit card details. In the final step, the counterfeit page will prompt you to enter your credit card details , supposedly to confirm your billing information or validate your seller account.

Scams

Scams Accountability Marketing Account Security

Fake CAPTCHA websites hijack your clipboard to install information stealers

Malwarebytes

MARCH 10, 2025

While these instructions may seem harmless enough, if you follow the steps you will actually be infecting yourself with malwaremost likely an information stealer. You will observe and agree: Im not a robot reCAPTCHA Verification ID: 8253 Perform the steps above to finish verification.

Social Engineering

Social Engineering Media Scams Malware

The Power of Storytelling in Risk Management

Speaker: Dr. Karen Hardy, CEO and Chief Risk Officer of Strategic Leadership Advisors LLC

However, risk communication involves more than just reporting information and populating dashboards, and we may be limiting our skillset. When done effectively, it can help interpret complex risk environments for leaders and inform their decision-making.

Risk

Shared Intel Q&A: Can risk-informed patching finally align OT security with real-world threats?

The Last Watchdog

JUNE 9, 2025

With Bastazo, Huff and his team are advancing a bold alternative: risk-informed remediation. LW: What does “risk-informed remediation” look like in practice? Risk-informed remediation ensures you are fixing unacceptable risk to your organization, but it also ensures you have the resources to perform that work.

Risk

Risk Energy and Utilities Data collection Cybersecurity

NSO Group Spies on People on Behalf of Governments

Schneier on Security

NOVEMBER 27, 2024

Legal documents released in ongoing US litigation between NSO Group and WhatsApp have revealed for the first time that the Israeli cyberweapons maker and not its government customers is the party that “installs and extracts” information from mobile phones targeted by the company’s hacking software.

Government

Government Spyware Mobile Hacking

What Graykey Can and Can’t Unlock

Schneier on Security

NOVEMBER 26, 2024

The documents do not appear to contain information about what Graykey can access from the public release of iOS 18.1, More information : Meanwhile, Graykey’s performance with Android phones varies, largely due to the diversity of devices and manufacturers. which was released on October 28.

Manufacturing

Manufacturing Media Mobile Hacking

Experts Flag Security, Privacy Risks in DeepSeek AI App

Krebs on Security

FEBRUARY 6, 2025

The device information shared, combined with the user’s Internet address and data gathered from mobile advertising companies , could be used to deanonymize users of the DeepSeek iOS app, NowSecure warned. Image: NowSecure. “Since this protection is disabled, the app can (and does) send unencrypted data over the internet.”

Risk

Risk Artificial Intelligence Mobile Encryption

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization. It is the tangents of this data that are vital to a successful change management process.

Risk

Brazil Arrests ‘USDoD,’ Hacker in FBI Infragard Breach

Krebs on Security

OCTOBER 18, 2024

Brazilian authorities reportedly have arrested a 33-year-old man on suspicion of being “ USDoD ,” a prolific cybercriminal who rose to infamy in 2022 after infiltrating the FBI’s InfraGard program and leaking contact information for 80,000 members. population. USDoD’s InfraGard sales thread on Breached.

Social Engineering

Social Engineering Passwords Cybercrime Mobile

Location Tracking App for Foreigners in Moscow

Schneier on Security

MAY 28, 2025

Using a mobile application that all foreigners will have to install on their smartphones, the Russian state will receive the following information: Residence location Fingerprint Face photograph Real-time geo-location monitoring This isn’t the first time we’ve seen this.

Mobile

Welcoming the Isle of Man Government to Have I Been Pwned

Troy Hunt

MAY 8, 2025

Their Office of Cyber-Security & Information Assurance (OCSIA) now has free and open access to query the government domains of their jurisdiction. Today we welcome the 39th government and first self-governing British Crown Dependency to Have I Been Pwned, The Isle of Man.

Government

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

. “Cybercriminals are likely gaining access to compromised US and foreign government email addresses and using them to conduct fraudulent emergency data requests to US based companies, exposing the personal information of customers to further use for criminal purposes,” the FBI warned. Don’t be discouraged.

Hacking

Hacking Accountability Government Social Engineering

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers.

Healthcare

Inside the DemandScience by Pure Incubation Data Breach

Troy Hunt

NOVEMBER 13, 2024

I am interested in finding how my information ended up in your database. That last one seems perfectly reasonable, and fortunately, DemandScience does have a link on their website to Do Not Sell My Information : Dammit! So, he asked them: I seem to have found my email in your data breach. If, like me, you're part of the 99.5%

Data breaches

Data breaches Passwords B2B Technology

Surveillance in the US

Schneier on Security

JUNE 20, 2025

The emails show both the wide array of surveillance tools that are available to even small police departments in the United States and also shows informal collaboration between local police departments and federal agencies, when ordinarily agencies like ICE are expected to follow their own legal processes for carrying out the surveillance.

Surveillance

Surveillance Media

Fintech Giant Finastra Investigating Data Breach

Krebs on Security

NOVEMBER 19, 2024

The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. If you have any additional information about this incident, please reach out to krebsonsecurity @ gmail.com or at protonmail.com. This is a developing story.

Data breaches

Data breaches Banking Cybercrime Advertising

Social Engineering to Disable iMessage Protections

Schneier on Security

JANUARY 17, 2025

They were standard messages about delayed packages or somesuch, with the goal of getting me to click on a link and entering some personal information into a website. A few days ago I started getting phishing SMS messages with a new twist. But because they came from unknown phone numbers, the links did not work.

Social Engineering

Social Engineering Engineering Phishing

The Importance of User Roles and Permissions in Cybersecurity Software

You should restrict access to sensitive information and systems the same way you restrict access to your house. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing. The same principle should apply to your most precious data assets.

Cybersecurity

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

But the SEC’s latest actions underscore that failing to inform stakeholders about material risks and breaches is not an option. This could dovetail with a national information privacy law. The last thing we need is a patchwork of 50 different laws across the States.

CISO

CISO CSO Risk Cyber threats

Microsoft Can Fix Ransomware Tomorrow

Adam Shostack

JANUARY 2, 2025

I explained that Microsoft could fix ransomware tomorrow, and was surprised that the otherwise well-informed people I was speaking to hadn't heard about this approach. My latest article at Dark Reading is Microsoft Can Fix Ransomware Tomorrow. It starts: Recently, I was at a private event on security by design.

Ransomware

Ransomware Encryption Software

Windscribe Acquitted on Charges of Not Collecting Users’ Data

Schneier on Security

APRIL 28, 2025

Greek authorities, in cooperation with INTERPOL, traced the IP address to Windscribe’s infrastructure and, unlike standard international procedures, proceeded to initiate criminal proceedings against Sak himself, rather than pursuing information through standard corporate channels.

VPN

VPN Internet Internet Data collection

Age Verification Using Facial Scans

Schneier on Security

APRIL 17, 2025

“The information shared to power the age verification method is only used for the one-time age verification process and is not stored by Discord or our vendor. For Face Scan, the solution our vendor uses operates on-device, which means there is no collection of any biometric information when you scan your face.

Hacking

Hacking Media

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

As a result, data protection needs to be a concern for most banks, businesses, and information technology specialists. million attacks, the threat marked a 148% increase compared to 2020 and was the most expensive year on record! It’s mindboggling, but right now for 49% of respondents, cybersecurity is their primary business concern.

Ransomware

Change Healthcare Breach Hits 100M Americans

Krebs on Security

OCTOBER 30, 2024

Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that caused the largest ever known data breach of protected health information. Image: Tamer Tuncay, Shutterstock.com. Image: Darkbeast, ke-la.com.

Healthcare

Healthcare Insurance Computers and Electronics Data breaches

AI Data Poisoning

Schneier on Security

MARCH 26, 2025

It’s basically an AI-generated honeypot.

DOGE as a National Cyberattack

Schneier on Security

FEBRUARY 13, 2025

For example, the Treasury Department systems contain the technical blueprints for how the federal government moves money, while the Office of Personnel Management (OPM) network contains information on who and what organizations the government employs and contracts with.

Government

Government Artificial Intelligence Banking Software

CVE Program Almost Unfunded

Schneier on Security

APRIL 16, 2025

Mitre’s CVE’s program—which provides common naming and other informational resources about cybersecurity vulnerabilities—was about to be cancelled , as the US Department of Homeland Security failed to renew the contact. It was funded for eleven more months at the last minute. This is a big deal.

CSO

CSO Government Software Cybersecurity

FBI Deletes PlugX Malware from Thousands of Computers

Schneier on Security

JANUARY 16, 2025

” Details : To retrieve information from and send commands to the hacked machines, the malware connects to a command-and-control server that is operated by the hacking group. According to a DOJ press release , the FBI was able to delete the Chinese-used PlugX malware from “approximately 4,258 U.S.-based

Malware

Malware Hacking Software

AI Industry is Trying to Subvert the Definition of “Open Source AI”

Schneier on Security

NOVEMBER 8, 2024

Privacy rules also give a person the rightful ability to control their most sensitive information like decisions about their health. Laws that permit training on data often limit the resharing of that same data to protect copyright or other interests.

Artificial Intelligence

EDR-as-a-Service makes the headlines in the cybercrime landscape

Security Affairs

APRIL 7, 2025

These falsely obtained credentials enable cyber criminals to successfully mimic a real-world investigation by inducing platform operators to provide extremely sensitive information. FROM ACCOUNT THEFT TO A FULL-FLEDGED SERVICE: THE EVOLUTION OF THE MODEL The phenomenon has rapidly upgraded complexity, as detailed in the Meridian Group report.

Cybercrime

Cybercrime Social Engineering Accountability Government

INTERPOL Dismantles 20,000+ Malicious IPs Linked to 69 Malware Variants in Operation Secure

The Hacker News

JUNE 11, 2025

INTERPOL on Wednesday announced the dismantling of more than 20,000 malicious IP addresses or domains that have been linked to 69 information-stealing malware variants.

Malware

Scammer robs homebuyers of life savings in $20 million theft spree

Malwarebytes

NOVEMBER 14, 2024

Employees of these companies were tricked into clicking malicious attachments and links and filling in their email account login information on fake sites. The entered information went straight to the phishers and allowed the criminals to monitor the emails of those employees.

Accountability

Accountability Banking Internet Internet

When Getting Phished Puts You in Mortal Danger

Krebs on Security

MARCH 27, 2025

“All observed campaigns had similar traits and shared a common objective: collecting personal information from site-visiting victims. com), and uses a similar Google Forms page to collect information from would-be members. ” Further reading: Silent Push report, Russian Intelligence Targeting its Citizens and Informants.

Phishing

Phishing Government Engineering Internet

Privacy for Agentic AI

Schneier on Security

MAY 2, 2025

It’ll combine personal information about you, transactional data that you are a party to, and general information about the world. I joined Inrupt years ago because I thought that Solid could do for personal data what HTML did for published information. This Active Wallet is an example of an AI assistant.

Data privacy

Cartier disclosed a data breach following a cyber attack

Security Affairs

JUNE 4, 2025

Luxury-goods conglomerate Cartier disclosed a data breach that exposed customer information after a cyberattack. Cartier has disclosed a data breach following a cyberattack that compromised its systems, exposing customers’ personal information. The incident comes amid a wave of cyberattacks targeting luxury fashion brands.

Data breaches

Data breaches Cyber Attacks Manufacturing Banking

Predatory app downloaded 100,000 times from Google Play Store steals data, uses it for blackmail

Malwarebytes

FEBRUARY 25, 2025

But when the apps are installed, they steal information from the victims device that can be used to blackmail the victim. Among the stolen information are listed contacts, call logs, text messages, photos, and the devices location. The apps in the SpyLoan family offer attractive loan terms with virtually no background checks.

Passwords

Passwords Password Management Phishing Authentication

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

Krebs on Security

FEBRUARY 26, 2025

Among those was AT&T , which disclosed in July that cybercriminals had stolen personal information and phone and text message records for roughly 110 million people nearly all of its customers. AT&T reportedly paid a hacker $370,000 to delete stolen phone records. . million customers.

Hacking

Hacking Government Identity Theft Accountability

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey. “We have been playing cat and mouse for a while with these guys,” said Matt Sciberras , chief information security officer at Invicti.

Hacking

Hacking Cybercrime Advertising Data breaches

VMware fixed three actively exploited zero-days in ESX products

Security Affairs

MARCH 4, 2025

HGFS information-disclosure vulnerability: the vulnerability is an information disclosurevulnerability that impacts VMware ESXi, Workstation, and Fusion. The virtualization giant confirmed that it has information to suggest that exploitation of the three flaws has occurred in the wild. CVE-2025-22226 (CVSS score of 7.1)

Hacking

Hacking Information Security

“Urgent reminder” tax scam wants to phish your Microsoft credentials

Malwarebytes

APRIL 1, 2025

Once logged in, follow the prompts to review and confirm your tax information. The IRS’s annual Dirty Dozen list of tax scams shows common schemes that threaten your tax and financial information. And when it does, it is only to send general information and in an ongoing case with an assigned IRS employee.

Scams

Scams Phishing Artificial Intelligence Social Engineering

Warning: Hackers could take over your email account by stealing cookies, even if you have MFA

Malwarebytes

NOVEMBER 5, 2024

With access to your email account, a cybercriminal can find a lot of useful information about you, such as where you bank, your account numbers, your favorite shops, and more. This information could then be used for targeted cyberattacks that mention information that’s relevant to you only, leaving you more likely to fall for them.

Accountability

Accountability Authentication Banking Malware

Booking.com Phishers May Leave You With Reservations

Krebs on Security

NOVEMBER 1, 2024

The missive bore the name of the hotel and referenced details from their reservation, claiming that booking.com’s anti-fraud system required additional information about the customer before the reservation could be finalized. ” The phony booking.com website generated by visiting the link in the text message.

Phishing

Phishing Accountability Artificial Intelligence Cybercrime

Threat Informed Defense Series

“Can you try a game I made?” Fake game sites lead to information stealers

Trending Sources

Fake Etsy invoice scam tricks sellers into sharing credit card information

Fake CAPTCHA websites hijack your clipboard to install information stealers

The Power of Storytelling in Risk Management

Shared Intel Q&A: Can risk-informed patching finally align OT security with real-world threats?

NSO Group Spies on People on Behalf of Governments

What Graykey Can and Can’t Unlock

Experts Flag Security, Privacy Risks in DeepSeek AI App

Successful Change Management with Enterprise Risk Management

Brazil Arrests ‘USDoD,’ Hacker in FBI Infragard Breach

Location Tracking App for Foreigners in Moscow

Welcoming the Isle of Man Government to Have I Been Pwned

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Beware of Pixels & Trackers on U.S. Healthcare Websites

Inside the DemandScience by Pure Incubation Data Breach

Surveillance in the US

Fintech Giant Finastra Investigating Data Breach

Social Engineering to Disable iMessage Protections

The Importance of User Roles and Permissions in Cybersecurity Software

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

Microsoft Can Fix Ransomware Tomorrow

Windscribe Acquitted on Charges of Not Collecting Users’ Data

Age Verification Using Facial Scans

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Change Healthcare Breach Hits 100M Americans

AI Data Poisoning

DOGE as a National Cyberattack

CVE Program Almost Unfunded

FBI Deletes PlugX Malware from Thousands of Computers

AI Industry is Trying to Subvert the Definition of “Open Source AI”

EDR-as-a-Service makes the headlines in the cybercrime landscape

INTERPOL Dismantles 20,000+ Malicious IPs Linked to 69 Malware Variants in Operation Secure

Scammer robs homebuyers of life savings in $20 million theft spree

When Getting Phished Puts You in Mortal Danger

Privacy for Agentic AI

Cartier disclosed a data breach following a cyber attack

Predatory app downloaded 100,000 times from Google Play Store steals data, uses it for blackmail

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

VMware fixed three actively exploited zero-days in ESX products

“Urgent reminder” tax scam wants to phish your Microsoft credentials

Warning: Hackers could take over your email account by stealing cookies, even if you have MFA

Booking.com Phishers May Leave You With Reservations

Stay Connected