Information - Cyber Security Informer

Threat Informed Defense Series

Adam Shostack

APRIL 25, 2025

These deeper conversations are at the Center for Threat Informed Defense. This sort of deep dive is still rare because, frankly, most organizations are still in the crawl phase of threat modeling: Theyre starting, and theyre finding it to be hard to coordinate, hard to get where theyre going, and they fall down after eagerly standing up.

Fake Etsy invoice scam tricks sellers into sharing credit card information

Malwarebytes

FEBRUARY 12, 2025

The site may ask for more information than Etsy would normally request for verification – like your full name, address, and even your credit card details. In the final step, the counterfeit page will prompt you to enter your credit card details , supposedly to confirm your billing information or validate your seller account.

Scams

Scams Accountability Marketing Account Security

“Can you try a game I made?” Fake game sites lead to information stealers

Malwarebytes

JANUARY 3, 2025

What the target will actually download and install is in reality an information stealing Trojan. There are also various information stealers being spread through these channels like the Nova Stealer, Ageo Stealer, or the Hexon Stealer. There are several variations going around. IOCs Download sites: dualcorps[.]fr fr leyamor[.]com

Scams

Scams Identity Theft Media Accountability

Fake CAPTCHA websites hijack your clipboard to install information stealers

Malwarebytes

MARCH 10, 2025

While these instructions may seem harmless enough, if you follow the steps you will actually be infecting yourself with malwaremost likely an information stealer. You will observe and agree: Im not a robot reCAPTCHA Verification ID: 8253 Perform the steps above to finish verification.

Social Engineering

Social Engineering Media Scams Malware

The Power of Storytelling in Risk Management

Speaker: Dr. Karen Hardy, CEO and Chief Risk Officer of Strategic Leadership Advisors LLC

However, risk communication involves more than just reporting information and populating dashboards, and we may be limiting our skillset. When done effectively, it can help interpret complex risk environments for leaders and inform their decision-making.

Risk

Threat actors use fake AI tools to deliver the information stealer Noodlophile

Security Affairs

MAY 12, 2025

Threat actors use fake AI tools to trick users into installing the information stealer Noodlophile, Morphisec researchers warn. Morphisec researchers observed attackers exploiting AI hype to spread malware via fake AI tools promoted in viral posts and Facebook groups.

Malware

Malware Media Cybercrime Scams

NSO Group Spies on People on Behalf of Governments

Schneier on Security

NOVEMBER 27, 2024

Legal documents released in ongoing US litigation between NSO Group and WhatsApp have revealed for the first time that the Israeli cyberweapons maker and not its government customers is the party that “installs and extracts” information from mobile phones targeted by the company’s hacking software.

Government

Government Spyware Mobile Hacking

What Graykey Can and Can’t Unlock

Schneier on Security

NOVEMBER 26, 2024

The documents do not appear to contain information about what Graykey can access from the public release of iOS 18.1, More information : Meanwhile, Graykey’s performance with Android phones varies, largely due to the diversity of devices and manufacturers. which was released on October 28.

Media

Media Manufacturing Mobile Hacking

Welcoming the Isle of Man Government to Have I Been Pwned

Troy Hunt

MAY 8, 2025

Their Office of Cyber-Security & Information Assurance (OCSIA) now has free and open access to query the government domains of their jurisdiction. Today we welcome the 39th government and first self-governing British Crown Dependency to Have I Been Pwned, The Isle of Man.

Government

Successful Change Management with Enterprise Risk Management

Speaker: William Hord, Vice President of ERM Services

Your ERM program generally assesses and maintains detailed information related to strategy, operations, and the remediation plans needed to mitigate the impact on the organization. It is the tangents of this data that are vital to a successful change management process.

Risk

Experts Flag Security, Privacy Risks in DeepSeek AI App

Krebs on Security

FEBRUARY 6, 2025

The device information shared, combined with the user’s Internet address and data gathered from mobile advertising companies , could be used to deanonymize users of the DeepSeek iOS app, NowSecure warned. Image: NowSecure. “Since this protection is disabled, the app can (and does) send unencrypted data over the internet.”

Risk

Risk Artificial Intelligence Mobile Encryption

Windscribe Acquitted on Charges of Not Collecting Users’ Data

Schneier on Security

APRIL 28, 2025

Greek authorities, in cooperation with INTERPOL, traced the IP address to Windscribe’s infrastructure and, unlike standard international procedures, proceeded to initiate criminal proceedings against Sak himself, rather than pursuing information through standard corporate channels.

VPN

VPN Internet Internet Data collection

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Krebs on Security

NOVEMBER 9, 2024

. “Cybercriminals are likely gaining access to compromised US and foreign government email addresses and using them to conduct fraudulent emergency data requests to US based companies, exposing the personal information of customers to further use for criminal purposes,” the FBI warned. Don’t be discouraged.

Hacking

Hacking Accountability Government Social Engineering

Social Engineering to Disable iMessage Protections

Schneier on Security

JANUARY 17, 2025

They were standard messages about delayed packages or somesuch, with the goal of getting me to click on a link and entering some personal information into a website. A few days ago I started getting phishing SMS messages with a new twist. But because they came from unknown phone numbers, the links did not work.

Social Engineering

Social Engineering Engineering Phishing

Beware of Pixels & Trackers on U.S. Healthcare Websites

The healthcare industry has massively adopted web tracking tools, including pixels and trackers.

Healthcare

Inside the DemandScience by Pure Incubation Data Breach

Troy Hunt

NOVEMBER 13, 2024

I am interested in finding how my information ended up in your database. That last one seems perfectly reasonable, and fortunately, DemandScience does have a link on their website to Do Not Sell My Information : Dammit! So, he asked them: I seem to have found my email in your data breach. If, like me, you're part of the 99.5%

Data breaches

Data breaches Passwords B2B Technology

Age Verification Using Facial Scans

Schneier on Security

APRIL 17, 2025

“The information shared to power the age verification method is only used for the one-time age verification process and is not stored by Discord or our vendor. For Face Scan, the solution our vendor uses operates on-device, which means there is no collection of any biometric information when you scan your face.

Hacking

Hacking Media

Fintech Giant Finastra Investigating Data Breach

Krebs on Security

NOVEMBER 19, 2024

The financial technology firm Finastra is investigating the alleged large-scale theft of information from its internal file transfer platform, KrebsOnSecurity has learned. If you have any additional information about this incident, please reach out to krebsonsecurity @ gmail.com or at protonmail.com. This is a developing story.

Data breaches

Data breaches Banking Cybercrime Advertising

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Last Watchdog

NOVEMBER 12, 2024

But the SEC’s latest actions underscore that failing to inform stakeholders about material risks and breaches is not an option. This could dovetail with a national information privacy law. The last thing we need is a patchwork of 50 different laws across the States.

CISO

CISO CSO Risk Cyber threats

The Importance of User Roles and Permissions in Cybersecurity Software

You should restrict access to sensitive information and systems the same way you restrict access to your house. You have stuff that’s worth protecting—and the more people that have access to your belongings, the higher the odds that something will go missing. The same principle should apply to your most precious data assets.

Cybersecurity

Microsoft Can Fix Ransomware Tomorrow

Adam Shostack

JANUARY 2, 2025

I explained that Microsoft could fix ransomware tomorrow, and was surprised that the otherwise well-informed people I was speaking to hadn't heard about this approach. My latest article at Dark Reading is Microsoft Can Fix Ransomware Tomorrow. It starts: Recently, I was at a private event on security by design.

Ransomware

Ransomware Encryption Software

AI Data Poisoning

Schneier on Security

MARCH 26, 2025

It’s basically an AI-generated honeypot.

Privacy for Agentic AI

Schneier on Security

MAY 2, 2025

It’ll combine personal information about you, transactional data that you are a party to, and general information about the world. I joined Inrupt years ago because I thought that Solid could do for personal data what HTML did for published information. This Active Wallet is an example of an AI assistant.

Data privacy

Change Healthcare Breach Hits 100M Americans

Krebs on Security

OCTOBER 30, 2024

Change Healthcare says it has notified approximately 100 million Americans that their personal, financial and healthcare records may have been stolen in a February 2024 ransomware attack that caused the largest ever known data breach of protected health information. Image: Tamer Tuncay, Shutterstock.com. Image: Darkbeast, ke-la.com.

Healthcare

Healthcare Insurance Computers and Electronics Data breaches

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

Speaker: Karl Camilleri, Cloud Services Product Manager at phoenixNAP

As a result, data protection needs to be a concern for most banks, businesses, and information technology specialists. million attacks, the threat marked a 148% increase compared to 2020 and was the most expensive year on record! It’s mindboggling, but right now for 49% of respondents, cybersecurity is their primary business concern.

Ransomware

FBI Deletes PlugX Malware from Thousands of Computers

Schneier on Security

JANUARY 16, 2025

” Details : To retrieve information from and send commands to the hacked machines, the malware connects to a command-and-control server that is operated by the hacking group. According to a DOJ press release , the FBI was able to delete the Chinese-used PlugX malware from “approximately 4,258 U.S.-based

Malware

Malware Hacking Software

CVE Program Almost Unfunded

Schneier on Security

APRIL 16, 2025

Mitre’s CVE’s program—which provides common naming and other informational resources about cybersecurity vulnerabilities—was about to be cancelled , as the US Department of Homeland Security failed to renew the contact. It was funded for eleven more months at the last minute. This is a big deal.

CSO

CSO Government Software Cybersecurity

DOGE as a National Cyberattack

Schneier on Security

FEBRUARY 13, 2025

For example, the Treasury Department systems contain the technical blueprints for how the federal government moves money, while the Office of Personnel Management (OPM) network contains information on who and what organizations the government employs and contracts with.

Government

Government Artificial Intelligence Banking Software

AI Industry is Trying to Subvert the Definition of “Open Source AI”

Schneier on Security

NOVEMBER 8, 2024

Privacy rules also give a person the rightful ability to control their most sensitive information like decisions about their health. Laws that permit training on data often limit the resharing of that same data to protect copyright or other interests.

Artificial Intelligence

EDR-as-a-Service makes the headlines in the cybercrime landscape

Security Affairs

APRIL 7, 2025

These falsely obtained credentials enable cyber criminals to successfully mimic a real-world investigation by inducing platform operators to provide extremely sensitive information. FROM ACCOUNT THEFT TO A FULL-FLEDGED SERVICE: THE EVOLUTION OF THE MODEL The phenomenon has rapidly upgraded complexity, as detailed in the Meridian Group report.

Cybercrime

Cybercrime Social Engineering Accountability Government

Scammer robs homebuyers of life savings in $20 million theft spree

Malwarebytes

NOVEMBER 14, 2024

Employees of these companies were tricked into clicking malicious attachments and links and filling in their email account login information on fake sites. The entered information went straight to the phishers and allowed the criminals to monitor the emails of those employees.

Accountability

Accountability Banking Internet Internet

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Security Affairs

NOVEMBER 24, 2024

Stolen information offered for sale on the carding website included bank account, credit card, and debit card numbers and associated information for conducting transactions. million in revenue.

Cybercrime

Cybercrime Cryptocurrency Banking Accountability

When Getting Phished Puts You in Mortal Danger

Krebs on Security

MARCH 27, 2025

“All observed campaigns had similar traits and shared a common objective: collecting personal information from site-visiting victims. com), and uses a similar Google Forms page to collect information from would-be members. ” Further reading: Silent Push report, Russian Intelligence Targeting its Citizens and Informants.

Phishing

Phishing Government Engineering Internet

UnitedHealth almost doubles victim numbers from massive Change Healthcare data breach

Malwarebytes

JANUARY 27, 2025

Stolen information The data breach at Change Healthcare is the largest healthcare data breach in US history. However, the exposed information may include: Contact information: Names, addresses, dates of birth, phone numbers, and email addresses. Set up identity monitoring.

Data breaches

Data breaches Healthcare Passwords Insurance

4.7 million customers’ data accidentally leaked to Google by Blue Shield of California

Malwarebytes

APRIL 24, 2025

In a data breach notice on its website, Blue Shield says it had begun notifying certain members of a potential data breach that may have included elements of their protected health information. This likely included protected health information. ” The transmission of data took place between April 2021 and January 2024.

Insurance

Insurance Data breaches Passwords Phishing

Predatory app downloaded 100,000 times from Google Play Store steals data, uses it for blackmail

Malwarebytes

FEBRUARY 25, 2025

But when the apps are installed, they steal information from the victims device that can be used to blackmail the victim. Among the stolen information are listed contacts, call logs, text messages, photos, and the devices location. The apps in the SpyLoan family offer attractive loan terms with virtually no background checks.

Passwords

Passwords Password Management Phishing Authentication

“Urgent reminder” tax scam wants to phish your Microsoft credentials

Malwarebytes

APRIL 1, 2025

Once logged in, follow the prompts to review and confirm your tax information. The IRS’s annual Dirty Dozen list of tax scams shows common schemes that threaten your tax and financial information. And when it does, it is only to send general information and in an ongoing case with an assigned IRS employee.

Scams

Scams Phishing Artificial Intelligence Social Engineering

VMware fixed three actively exploited zero-days in ESX products

Security Affairs

MARCH 4, 2025

HGFS information-disclosure vulnerability: the vulnerability is an information disclosurevulnerability that impacts VMware ESXi, Workstation, and Fusion. The virtualization giant confirmed that it has information to suggest that exploitation of the three flaws has occurred in the wild. CVE-2025-22226 (CVSS score of 7.1)

Hacking

Hacking Information Security

A flaw in the W3 Total Cache plugin exposes hundreds of thousands of WordPress sites to attacks

Security Affairs

JANUARY 19, 2025

A WordPress W3 Total Cache plugin vulnerability could allow attackers to access information from internal services, including metadata on cloud-based apps. The vulnerability allows authenticated attackers with Subscriber access to exploit a missing capability check, leading to information disclosure.

Consumer Services

Consumer Services Authentication Hacking

Warning: Hackers could take over your email account by stealing cookies, even if you have MFA

Malwarebytes

NOVEMBER 5, 2024

With access to your email account, a cybercriminal can find a lot of useful information about you, such as where you bank, your account numbers, your favorite shops, and more. This information could then be used for targeted cyberattacks that mention information that’s relevant to you only, leaving you more likely to fall for them.

Accountability

Accountability Authentication Malware Banking

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

Krebs on Security

FEBRUARY 26, 2025

Among those was AT&T , which disclosed in July that cybercriminals had stolen personal information and phone and text message records for roughly 110 million people nearly all of its customers. AT&T reportedly paid a hacker $370,000 to delete stolen phone records. . million customers.

Hacking

Hacking Government Identity Theft Accountability

African multinational telco giant MTN Group disclosed a data breach

Security Affairs

APRIL 26, 2025

African multinational telecommunications company MTN Group disclosed a data breach that exposed subscribers’ personal information. The company disclosed a data breach that exposed subscribers’ personal information, it added that the incident did not impact core network, billing system,s and financial services infrastructure.

Data breaches

Data breaches Telecommunications Financial Services Mobile

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

The cracked software is being resold as a cloud-based attack tool by at least two different services, one of which KrebsOnSecurity traced to an information technology firm based in Turkey. “We have been playing cat and mouse for a while with these guys,” said Matt Sciberras , chief information security officer at Invicti.

Hacking

Hacking Cybercrime Advertising Data breaches

South African telecom provider Cell C disclosed a data breach following a cyberattack

Security Affairs

APRIL 13, 2025

Compromised data includes full names, contact details, ID numbers, banking information, drivers license numbers, medical records and passport details. The company engaged top cybersecurity and forensic experts, informed authorities, and is actively supporting affected stakeholders. The gang claimed the theft of 2 TB of data.

Data breaches

Data breaches Unstructured Data Identity Theft Healthcare

Threat Informed Defense Series

Fake Etsy invoice scam tricks sellers into sharing credit card information

Trending Sources

“Can you try a game I made?” Fake game sites lead to information stealers

Fake CAPTCHA websites hijack your clipboard to install information stealers

The Power of Storytelling in Risk Management

Threat actors use fake AI tools to deliver the information stealer Noodlophile

NSO Group Spies on People on Behalf of Governments

What Graykey Can and Can’t Unlock

Welcoming the Isle of Man Government to Have I Been Pwned

Successful Change Management with Enterprise Risk Management

Experts Flag Security, Privacy Risks in DeepSeek AI App

Windscribe Acquitted on Charges of Not Collecting Users’ Data

FBI: Spike in Hacked Police Emails, Fake Subpoenas

Social Engineering to Disable iMessage Protections

Beware of Pixels & Trackers on U.S. Healthcare Websites

Inside the DemandScience by Pure Incubation Data Breach

Age Verification Using Facial Scans

Fintech Giant Finastra Investigating Data Breach

LW ROUNDTABLE: Wrist slap or cultural shift? SEC fines cyber firms for disclosure violations

The Importance of User Roles and Permissions in Cybersecurity Software

Microsoft Can Fix Ransomware Tomorrow

AI Data Poisoning

Privacy for Agentic AI

Change Healthcare Breach Hits 100M Americans

How Preparation and Strategy Can Be Used to Fight and Defeat Any Ransomware Attack

FBI Deletes PlugX Malware from Thousands of Computers

CVE Program Almost Unfunded

DOGE as a National Cyberattack

AI Industry is Trying to Subvert the Definition of “Open Source AI”

EDR-as-a-Service makes the headlines in the cybercrime landscape

Scammer robs homebuyers of life savings in $20 million theft spree

DoJ seized credit card marketplace PopeyeTools and charges its administrators

When Getting Phished Puts You in Mortal Danger

UnitedHealth almost doubles victim numbers from massive Change Healthcare data breach

4.7 million customers’ data accidentally leaked to Google by Blue Shield of California

Predatory app downloaded 100,000 times from Google Play Store steals data, uses it for blackmail

“Urgent reminder” tax scam wants to phish your Microsoft credentials

VMware fixed three actively exploited zero-days in ESX products

A flaw in the W3 Total Cache plugin exposes hundreds of thousands of WordPress sites to attacks

Warning: Hackers could take over your email account by stealing cookies, even if you have MFA

U.S. Soldier Charged in AT&T Hack Searched “Can Hacking Be Treason”

African multinational telco giant MTN Group disclosed a data breach

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

South African telecom provider Cell C disclosed a data breach following a cyberattack

Stay Connected