Tag: hacking
-
China hacking has reached ‘inflection point’
In its 2025 Global Threat Report, CrowdStrike observed an increase in China’s cyber capabilities, with a focus on espionage and ‘pre-positioning’ itself in critical environments. First seen on techtarget.com Jump to article: www.techtarget.com/searchsecurity/news/366619774/CrowdStrike-China-hacking-has-reached-inflection-point
-
Feds: Army soldier suspected of AT&T heist Googled ‘can hacking be treason,’ ‘defecting to Russia’
FYI: What NOT to search after committing a crime First seen on theregister.com Jump to article: www.theregister.com/2025/02/27/army_soldier_accused_of_att/
-
Feds: Army soldier accused of AT&T heist Googled ‘can hacking be treason,’ ‘defecting to Russia’
FYI: What NOT to search after committing a crime First seen on theregister.com Jump to article: www.theregister.com/2025/02/27/army_soldier_accused_of_att/
-
New White House Plan to Track Spending Raises Cyber Risks
Trump’s Procurement Tracking Directive Could Expose Vast Government Data to Threats. The White House is mandating federal agencies to track and justify every procurement, a move aimed at transparency but one that experts warn could expose troves of sensitive financial data to hacking, nation-state cyber threats and potential supply chain vulnerabilities across government systems. First…
-
GitVenom campaign targets gamers and crypto investors by posing as fake GitHub projects
GitVenom malware campaign targets gamers and crypto investors by posing as open-source projects on GitHub. Kaspersky researchers warn of a malware campaign, dubbed GitVenom, targeting GitHub users. The threat actors behind this campaign created hundreds of fake GitHub repositories with malicious code, disguising them as automation tools, crypto bots, and hacking utilities. The attackers used…
-
Chinese-Backed Silver Fox Plants Backdoors in Healthcare Networks
Forescout observed the recently identified Chinese hacking group using medical imaging software applications to deliver malware First seen on infosecurity-magazine.com Jump to article: www.infosecurity-magazine.com/news/chinese-silver-fox-backdoors/
-
Dragos: Surge of new hacking groups enter ICS space as states collaborate with private actors
States are increasingly collaborating with cybercriminal groups to share resources and amplify attacks on critical infrastructure in rival nations, a new report finds. First seen on cyberscoop.com Jump to article: cyberscoop.com/dragos-ot-ics-annual-report-states-collaborating-with-private-hacking-groups/
-
OpenAI bans ChatGPT accounts used by North Korean hackers
OpenAI says it blocked several North Korean hacking groups from using its ChatGPT platform to research future targets and find ways to hack into their networks. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/openai-bans-chatgpt-accounts-used-by-north-korean-hackers/
-
EU sanctions North Korean tied to Lazarus group over involvement in Ukraine war
The latest package of EU sanctions related to Russia’s invasion of Ukraine included the leader of the North Korean intelligence agency known for backing the Lazarus group and other high-profile hacking operations. First seen on therecord.media Jump to article: therecord.media/eu-sanctions-north-korea-ukraine-war-lazarus-group
-
DEF CON 32 Ground Control to Major Threat Hacking the Space Link Extension Protocol
Authors/Presenters: Andrzej Olch Our sincere appreciation to DEF CON, and the Authors/Presenters for publishing their erudite DEF CON 32 content. Originating from the conference’s events located at the Las Vegas Convention Center; and via the organizations YouTube channel. Permalink First seen on securityboulevard.com Jump to article: securityboulevard.com/2025/02/def-con-32-ground-control-to-major-threat-hacking-the-space-link-extension-protocol/
-
North Korean hackers linked to $1.5 billion ByBit crypto heist
Over the weekend, blockchain security companies and experts have linked North Korea’s Lazarus hacking group to the theft of over $1.5 billion from cryptocurrency exchange Bybit. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/north-korean-hackers-linked-to-15-billion-bybit-crypto-heist/
-
Leaked Black Basta chat logs reveal the gang’s operations
Leaked Black Basta chat logs reveal internal conflicts, exposing member details and hacking tools as the gang reportedly falls apart. An unknown actor, named ExploitWhispers, leaked Matrix chat logs of the Black Basta ransomware gang revealing internal conflicts, and exposing member details and hacking tools as the gang reportedly collapses. ExploitWhispers first uploaded the chat…
-
Ukrainian hackers claim breach of Russian loan company linked to Putin’s ex-wife
A pro-Ukraine hacking group claimed that it was behind an attack on CarMoney, a Russian microfinance company with reported connections to Vladimir Putin’s ex-wife. First seen on therecord.media Jump to article: therecord.media/russia-carmoney-data-breach-ukrainian-cyber-alliance
-
Critical UniFi Protect Camera Vulnerability Enables Remote Code Execution Attacks
Ubiquiti Networks has issued an urgent security advisory (Bulletin 046) warning of multiple critical vulnerabilities in its UniFi Protect camera ecosystem, including a high-severity remote code execution (RCE) flaw that could allow attackers to hijack devices and infiltrate network infrastructure. The vulnerabilities, discovered during the Pwn2Own 2025 hacking competition, affect UniFi Protect Cameras (firmware v4.74.88…
-
Firing of 130 CISA staff worries cybersecurity industry
Cybersecurity concerns: Alexander Garcia-Tobar, CEO of email authentication provider Valimail, said the new administration’s actions are causing significant concern among security professionals. “Many of us are advocating for cybersecurity to be seen as the bi-partisan effort it should be,” he said via emai, but “the Trump administration has taken a sledgehammer to cancelling or disbanding…
-
Ransomware-Attacke auf Gesundheitsdienstleister
Die Ransomware-Gruppe Medusa will den britischen Gesundheitsdienstleister HCRG Care Group um mehr als 2.000 Daten erleichtert haben.Die Ransomware-Bande Medusa behauptet in einem Darknet-Post, mehr als 2.000 sensible Datensätze der HCRG Care Group erbeutet zu haben. Das Unternehmen zählt zu den größten unabhängigen Anbietern von Gesundheits- und Pflegedienstleistungen im Vereinigten Königreich und arbeitet eng mit dem…
-
Chinese Hackers Exploit Windows Tool to Install Backdoors
Mustang Panda Uses MAVInject to Evade Antivirus Detection. A Chinese state-sponsored hacking group is abusing a legitimate Microsoft tool to evade security and install backdoors on government systems in the Asia-Pacific region. The threat actor uses MAVInject.exe to inject malware into waitfor.exe. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/chinese-hackers-exploit-windows-tool-to-install-backdoors-a-27555
-
US Army soldier pleads guilty to ATT and Verizon hacks
Cameron John Wagenius pleaded guilty to hacking AT&T and Verizon and stealing a massive trove of phone records from the companies, according to court records filed on Wednesday. Wagenius, who was a U.S. Army soldier, pleaded guilty to two counts of “unlawful transfer of confidential phone records information” on an online forum and via an…
-
Chinese hackers abuse Microsoft APP-v tool to evade antivirus
The Chinese APT hacking group “Mustang Panda” has been spotted abusing the Microsoft Application Virtualization Injector utility as a LOLBIN to inject malicious payloads into legitimate processes to evade detection by antivirus software. First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/chinese-hackers-abuse-microsoft-app-v-tool-to-evade-antivirus/
-
Italian Privacy Agency Warns Against Unlawful Spyware Use
Use Other Than for Police Purposes Can Invoke Fine Up to 20 Million Euros. The Italian privacy regulator warned against unlawful uses of Graphite spyware following reports of mass hacking campaigns using the tool. The Italian Data Protection Authority published a warning targeting commercial spyware developed by Israeli firm Paragon Solutions. First seen on govinfosecurity.com…
-
Unpatched Cisco Devices Still Getting Popped by Salt Typhoon
Telecoms Still Falling to Chinese Nation-State Hacking Group, Researchers Warn. A Chinese cyber espionage group tracked as Salt Typhoon and tied to the mass hacking of telecommunications networks in the U.S. and dozens of other countries has been continuing to seek and hack unpatched equipment, including exploiting two long-patched vulnerabilities in Cisco gear. First seen…
-
North Korean APT43 Uses PowerShell and Dropbox in Targeted South Korea Cyberattacks
Tags: attack, business, crypto, cyberattack, government, group, hacking, korea, north-korea, powershell, threatA nation-state threat actor with ties to North Korea has been linked to an ongoing campaign targeting South Korean business, government, and cryptocurrency sectors.The attack campaign, dubbed DEEP#DRIVE by Securonix, has been attributed to a hacking group known as Kimsuky, which is also tracked under the names APT43, Black Banshee, Emerald Sleet, Sparkling Pisces, Springtail,…
-
Arbitrary File Upload Vulnerability in WordPress Plugin Let Attackers Hack 30,000 Website
A subgroup of the Russian state-sponsored hacking group Seashell Blizzard, also known as Sandworm, has intensified its cyber operations through a campaign dubbed BadPilot. This multi-year initiative has targeted critical infrastructure worldwide, expanding the group’s reach beyond its traditional focus on Ukraine and Eastern Europe to include North America, Europe, and Asia-Pacific regions. Exploiting Vulnerabilities…
-
BadPilot Attacking Network Devices to Expand Russian Seashell Blizzard’s Attacks
A newly uncovered cyber campaign, dubbed >>BadPilot,
-
Russian hacking group targets critical infrastructure in the US, the UK, and Canada
Tags: access, attack, blizzard, computer, control, cyber, cyberattack, cybersecurity, data, espionage, exploit, fortinet, group, hacker, hacking, infrastructure, intelligence, international, microsoft, military, network, ransomware, russia, software, strategy, supply-chain, threat, tool, ukraine, update, vulnerability, zero-trustWeaponizing IT software against global enterprises: Since early 2024, the hackers have exploited vulnerabilities in widely used IT management tools, including ConnectWise ScreenConnect (CVE-2024-1709) and Fortinet FortiClient EMS (CVE-2023-48788). By compromising these critical enterprise systems, the group has gained undetected access to networks, Microsoft warned.”Seashell Blizzard’s specialized operations have ranged from espionage to information operations…
-
China’s Salt Typhoon Spies Are Still Hacking Telecoms”, Now by Exploiting Cisco Routers
Despite high-profile attention and even US sanctions, the group hasn’t stopped or even slowed its operation, including the breach of two more US telecoms. First seen on wired.com Jump to article: www.wired.com/story/chinas-salt-typhoon-spies-are-still-hacking-telecoms-now-by-exploiting-cisco-routers/
-
Russian Hackers Leverages Weaponized Microsoft Key Management Service (KMS) to Hack Windows Systems
In a calculated cyber-espionage campaign, the Russian state-sponsored hacking group Sandworm (APT44), linked to the GRU (Russia’s Main Intelligence Directorate), has been exploiting pirated Microsoft Key Management Service (KMS) activation tools to target Ukrainian Windows systems. This operation, active since late 2023, employs trojanized KMS activators and fake Windows updates to deploy malware, including the…
-
Cybercrime evolving into national security threat: Google
“The vast cybercriminal ecosystem has acted as an accelerant for state-sponsored hacking, providing malware, vulnerabilities, and in some cases full-spectrum operations to states,” said Ben Read of Google Threat Intelligence Group. First seen on therecord.media Jump to article: therecord.media/cybercrime-evolving-nation-state-threat
-
Warning: Cybercrime Services Underpin National Security Risk
Tags: china, cybercrime, cybersecurity, google, hacking, iran, korea, north-korea, ransomware, risk, russia, serviceRussia, China, Iran and North Korea Tapping Cybercrime Services, Google Says. The cybercrime-as-a-service economy continues to power ransomware and other criminal enterprises, as well as serve as an accelerant for state-sponsored hacking, collectively posing an increasing risk to Western national security, cybersecurity researchers warn. First seen on govinfosecurity.com Jump to article: www.govinfosecurity.com/warning-cybercrime-services-underpin-national-security-risk-a-27502
-
BadPilot network hacking campaign fuels Russian SandWorm attacks
A subgroup of the Russian state-sponsored hacking group APT44, also known as ‘Seashell Blizzard’ and ‘Sandworm’, has been targeting critical organizations and governments in a multi-year campaign dubbed ‘BadPilot.’ First seen on bleepingcomputer.com Jump to article: www.bleepingcomputer.com/news/security/badpilot-network-hacking-campaign-fuels-russian-sandworm-attacks/