Tag: hacking
-
ScarCruft Uses RokRAT Malware in Operation HanKook Phantom Targeting South Korean Academics
Cybersecurity researchers have discovered a new phishing campaign undertaken by the North Korea-linked hacking group called ScarCruft (aka APT37) to deliver a malware known as RokRAT.The activity has been codenamed Operation HanKook Phantom by Seqrite Labs, stating the attacks appear to target individuals associated with the National Intelligence Research Association, including academic figures First seen…
-
Security Affairs newsletter Round 539 by Pierluigi Paganini INTERNATIONAL EDITION
A new round of the weekly Security Affairs newsletter has arrived! Every week, the best security articles from Security Affairs are free in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press. Lab Dookhtegan hacking group disrupts communications on dozens of Iranian ships New zero-click exploit allegedly used…
-
Lab Dookhtegan hacking group disrupts communications on dozens of Iranian ships
Lab Dookhtegan hacking group allegedly disrupted communications of 60 Iranian ships run by sanctioned firms NITC and IRISL. The hacking group Lab Dookhtegan allegedly disrupted the communications of 60 Iranian ships. The attack hit at least 39 tankers and 25 cargo ships operated by Iranian maritime companies National Iranian Oil Tanker Company and Iran Shipping Lines, which…
-
Amazon Takes Down Russian APT29 Infrastructure Targeting Users
Tags: cyber, cybersecurity, group, hacking, infrastructure, intelligence, network, russia, threat, warfareAmazon’s cybersecurity team has successfully disrupted a sophisticated watering hole campaign orchestrated by APT29, a notorious hacking group linked to Russia’s Foreign Intelligence Service. The August 2025 operation represents the latest chapter in an ongoing cyber warfare battle between tech giants and state-sponsored threat actors seeking to infiltrate global networks and harvest sensitive credentials. APT29’s…
-
Chinese hacking group Salt Typhoon expansion prompts multinational advisory
Tags: advisory, attack, authentication, breach, china, cisco, communications, container, corporate, country, cyber, data, exploit, firmware, flaw, government, group, hacking, infrastructure, intelligence, Internet, ivanti, malware, military, monitoring, network, password, router, service, software, technology, threat, update, vulnerability, zero-dayIvanti, Palo Alto Networks, Cisco flaws exploited: Salt Typhoon has been active since at least 2021, targeting critical infrastructure in telecom, transportation, government, and military bodies around the globe. Notably, a “cluster of activity” has been observed in the UK, according to the country’s National Cyber Security Centre.The group has had “considerable success” with “n-days,”…
-
Nevada Dental Practice Notifying 1.2M of Hack
Absolute Dental Says Breach Involved Third-Party Managed Services Firm. A Nevada dental practice is notifying more than 1.2 million individuals of a hacking incident that compromised sensitive health and personal information. The incident involved inadvertent execution of a malicious version of a legitimate software tool, said Absolute Dental. First seen on govinfosecurity.com Jump to article:…
-
WhatsApp fixes ‘zero-click’ bug used to hack Apple users with spyware
A spyware vendor was behind a recent campaign that abused a vulnerability in WhatsApp to deliver an exploit capable of hacking into iPhones and Macs. First seen on techcrunch.com Jump to article: techcrunch.com/2025/08/29/whatsapp-fixes-zero-click-bug-used-to-hack-apple-users-with-spyware/
-
North Korean Hackers Weaponize Seoul Intelligence Files to Target South Koreans
Pyongyang-backed hacking group APT37 leveraged an internal South Korean intelligence briefing in a spear phishing campaign First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/north-korea-apt37-spear-phishing/
-
Top FBI official says Chinese reliance on domestic firms for hacking is a weakness
Jason Bilnoski with the FBI’s cyber division told CyberScoop that investigators seized on the mistakes of companies China has used in its widespread cyberespionage. First seen on cyberscoop.com Jump to article: cyberscoop.com/china-domestic-tech-company-hacking-weakness-ccp-fbi/
-
Cybercrime increasingly moving beyond financial gains
Tags: attack, awareness, business, ciso, computer, corporate, cyber, cyberattack, cybercrime, cybersecurity, defense, disinformation, espionage, finance, government, group, hacker, hacking, incident response, infrastructure, intelligence, iran, malicious, military, network, ransom, ransomware, risk, risk-analysis, russia, strategy, theft, threat, tool, ukraine, vulnerability, wormsrcset=”https://b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?quality=50&strip=all 892w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=223%2C300&quality=50&strip=all 223w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=768%2C1033&quality=50&strip=all 768w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=761%2C1024&quality=50&strip=all 761w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=518%2C697&quality=50&strip=all 518w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=125%2C168&quality=50&strip=all 125w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=62%2C84&quality=50&strip=all 62w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=357%2C480&quality=50&strip=all 357w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=268%2C360&quality=50&strip=all 268w, b2b-contenthub.com/wp-content/uploads/2025/08/Patricia-Alonso.png?resize=186%2C250&quality=50&strip=all 186w” width=”761″ height=”1024″ sizes=”auto, (max-width: 761px) 100vw, 761px”> Incibe. En la imagen, Patricia Alonso GarcÃa.”We are very redundant when talking about cybercrime, because we always associate it with economic motivations,” says Hervé Lambert, global consumer operations…
-
Hackers Chase Credentials in Hybrid Cloud Deployments
Financially Motivated Actor Storm-0501 Systematically Probed Victim Environments. As enterprises go with hybrid cloud developments, so follow hackers, even if it means jumping through extra hoops to get to where the data is stored. Microsoft on Wednesday said it spotted a financially-motivated hacking group probing a hybrid on-premise. First seen on govinfosecurity.com Jump to article:…
-
A Persistent Threat: Blind Eagle Hacking Group Continues to Target Colombia
The post A Persistent Threat: Blind Eagle Hacking Group Continues to Target Colombia appeared first on Daily CyberSecurity. First seen on securityonline.info Jump to article: securityonline.info/a-persistent-threat-blind-eagle-hacking-group-continues-to-target-colombia/
-
Chinese Hacker Suspect Arrested in South Korea Over Major Financial Cyberattack
South Korean authorities have successfully extradited a key suspect in a large-scale hacking operation that resulted in the embezzlement of over 38 billion won (approximately $28.5 million USD) from high-profile victims. The individual, identified as Mr. G, a 34-year-old Chinese national, was repatriated from Thailand to Incheon International Airport on August 22, 2025, marking the…
-
Salt Typhoon hacking campaign goes beyond previously disclosed targets, world cyber agencies say
The Chinese government-linked hackers were the subject of an alert from U.S. and international partners. First seen on cyberscoop.com Jump to article: cyberscoop.com/salt-typhoon-hacking-campaign-goes-beyond-previously-disclosed-targets-world-cyber-agencies-say/
-
FBI says China’s Salt Typhoon hacked at least 200 US companies
The FBI’s cyber chief says the long-running China-backed hacking campaign is “ongoing” and affecting companies all over the world. First seen on techcrunch.com Jump to article: techcrunch.com/2025/08/27/fbi-says-chinas-salt-typhoon-hacked-at-least-200-us-companies/
-
TDL001 – Cybersecurity Explained: Privacy, Threats, and the Future – Chester Wisniewski
Tags: access, ai, attack, backdoor, breach, business, ciso, computer, country, crime, crimes, cyber, cybercrime, cybersecurity, data-breach, defense, detection, edr, email, finance, firewall, gartner, government, guide, hacker, hacking, Hardware, infosec, Internet, jobs, linkedin, mail, malicious, microsoft, military, monitoring, network, password, phishing, phone, privacy, programming, ransomware, risk, russia, scam, skills, software, sophos, spam, sql, strategy, switch, technology, threat, update, virus, vulnerability, wifi, windowsSummary “The Defenders Log” Episode 1 features host David Redekop and guest Chet Wisniewski discussing the dynamic world of cybersecurity. Wisniewski, with decades of experience, traces his journey from early BBS and phone network exploration to becoming a cybersecurity expert. They delve into the evolution of hacking, the emergence of profitable cybercrime like email spam,…
-
Global Salt Typhoon hacking campaigns linked to Chinese tech firms
The U.S. National Security Agency (NSA), the UK’s National Cyber Security Centre (NCSC), and partners from over a dozen countries have linked the Salt Typhoon global hacking campaigns to three China-based technology firms. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/global-salt-typhoon-hacking-campaigns-linked-to-chinese-tech-firms/
-
ShadowSilk Hits 35 Organizations in Central Asia and APAC Using Telegram Bots
A threat activity cluster known as ShadowSilk has been attributed to a fresh set of attacks targeting government entities within Central Asia and Asia-Pacific (APAC).According to Group-IB, nearly three dozen victims have been identified, with the intrusions mainly geared towards data exfiltration. The hacking group shares toolset and infrastructural overlaps with campaigns undertaken by threat…
-
Spanish police arrest student suspected of hacking school system to change grades
Spanish police have arrested a university student suspected of hacking the local government’s education management system to alter grades and gain access to professors’ emails. First seen on therecord.media Jump to article: therecord.media/spanish-police-hacker-arrest-grades
-
ShadowSilk Hits 36 Government Targets in Central Asia and APAC Using Telegram Bots
A threat activity cluster known as ShadowSilk has been attributed to a fresh set of attacks targeting government entities within Central Asia and Asia-Pacific (APAC).According to Group-IB, nearly three dozen victims have been identified, with the intrusions mainly geared towards data exfiltration. The hacking group shares toolset and infrastructural overlaps with campaigns undertaken by threat…
-
Facility Laundry and Dining Vendor Hack in 2024 Hits 624,500
Crime Gang ‘Underground’ Claimed Data Theft From Healthcare Services Group. A publicly traded Pennsylvania-based firm that provides dining, housekeeping and laundry services to long-term care and skilled nursing facilities is notifying nearly 624,500 people of a 2024 hacking incident that took nearly nine months for the company to investigate. First seen on govinfosecurity.com Jump to…
-
Hackers Disrupt Iranian Ships via Maritime Communication Terminals Exploiting MySQL Database
The National Iranian Tanker Company (NITC) and Islamic Republic of Iran Shipping Lines (IRISL), two sanctioned companies, are the operators of 64 boats, 39 tankers, and 25 cargo ships that were compromised in a targeted attack on Iran’s maritime infrastructure by the hacking collective Lab-Dookhtegan. Rather than attempting direct breaches of individual ships, which are…
-
Flipper Zero im Untergrund: Wie das Hacking-Gadget zum Türöffner für Autodiebe wird
Flipper Zero im Untergrund: Hacker “Daniel” verkauft modifizierte Firmware, mit der sich hunderte unterschiedliche Autos entsperren lassen. First seen on tarnkappe.info Jump to article: tarnkappe.info/artikel/it-sicherheit/flipper-zero-im-untergrund-wie-das-hacking-gadget-zum-tueroeffner-fuer-autodiebe-wird-319948.html
-
Murky Panda hackers exploit cloud trust to hack downstream customers
A Chinese state-sponsored hacking group known as Murky Panda (Silk Typhoon) exploits trusted relationships in cloud environments to gain initial access to the networks and data of downstream customers. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/murky-panda-hackers-exploit-cloud-trust-to-hack-downstream-customers/
-
Cybersecurity Snapshot: Industrial Systems in Crosshairs of Russian Hackers, FBI Warns, as MITRE Updates List of Top Hardware Weaknesses
Tags: access, ai, attack, automation, cisa, cisco, cloud, conference, control, credentials, cve, cyber, cybersecurity, data, data-breach, deep-fake, detection, docker, espionage, exploit, flaw, framework, fraud, google, government, group, guide, hacker, hacking, Hardware, identity, infrastructure, intelligence, Internet, iot, LLM, microsoft, mitigation, mitre, mobile, network, nist, risk, russia, scam, service, side-channel, software, strategy, switch, technology, threat, tool, update, vulnerability, vulnerability-management, windowsCheck out the FBI’s alert on Russia-backed hackers infiltrating critical infrastructure networks via an old Cisco bug. Plus, MITRE dropped a revamped list of the most important critical security flaws. Meanwhile, NIST rolled out a battle plan against face-morphing deepfakes. And get the latest on the CIS Benchmarks and on vulnerability prioritization strategies! Here are…
-
AI Models Resize Photos and Open Door to Hacking
Researchers Show How AI Image Downscaling Can be an Attack Vector. Researchers discovered a method to embed invisible prompt injections that are activated during AI’s processing of an image. When the model scales down these images, the hidden malicious instructions allow theft of data from popular image production systems. First seen on govinfosecurity.com Jump to…
-
Microsoft restricts Chinese firms’ access to vulnerability warnings after hacking concerns
Tags: access, china, compliance, cybersecurity, data, government, hacking, intelligence, microsoft, service, threat, vulnerability, windowsEnterprise operations fallout: Microsoft’s decision may have broader operational consequences for multinational corporations (MNCs), particularly those with significant operations in China. For some, the move adds pressure to an already delicate balancing act between geopolitical expectations and local compliance risks.”MNCs operating in China already know they are in the crosshairs of both the Chinese and…
-
Hacktivist Tied to Multiple Cyber Groups Sentenced to Jail
At one point, Al-Tahery Al-Mashriky was hacking thousands of websites within the span of three months while stealing personal data and sensitive information. First seen on darkreading.com Jump to article: www.darkreading.com/cyberattacks-data-breaches/hacktivist-sentenced-jail
-
McFlaw: Hacker Breaches McDonald’s Portal With URL Trick
Hacking Was the Easy Part, Notifying McDonald’s the Extremely Difficult Bit. A security researcher gained access to McDonald’s global marketing portal by changing a single word in its URL, uncovering a slew of additional vulnerabilities. The hard part was notifying the burger giant about the flaws, says self-described ethical hacker BobDaHacker. First seen on govinfosecurity.com…
-
New zero-day startup offers $20 million for tools that can hack any smartphone
Prices for hacking tools that allow governments to break into mobile phones keep going up, thanks to efforts by tech firms shoring up their cybersecurity. First seen on techcrunch.com Jump to article: techcrunch.com/2025/08/20/new-zero-day-startup-offers-20-million-for-tools-that-can-hack-any-smartphone/