cRyPtHoN™ INFOSEC (EN)
Latest news of INFOSEC (EN)
1. Latest Vulnerability.
2. Latest Patch.
3. Privacy Breach.
4. Security Breach.
5. InfoSec News.
German Version 🇩🇪
@cRyPtHoN_INFOSEC_DE
France Version 🇫🇷
@cRyPtHoN_INFOSEC_FR
Italian Version 🇮🇹
@cRyPtHoN_INFOSEC_IT
1. Latest Vulnerability.
2. Latest Patch.
3. Privacy Breach.
4. Security Breach.
5. InfoSec News.
German Version 🇩🇪
@cRyPtHoN_INFOSEC_DE
France Version 🇫🇷
@cRyPtHoN_INFOSEC_FR
Italian Version 🇮🇹
@cRyPtHoN_INFOSEC_IT
TGlist reytingi
0
0
TuriOmmaviy
Tekshirish
TekshirilmaganIshonchnoma
ShubhaliJoylashuv
TilBoshqa
Kanal yaratilgan sanaЛист 27, 2018
TGlist-ga qo'shildi
Лип 01, 2024Muxrlangan guruh
cRyPtHoN™ INFOSEC (EN) Chat
69
Obunachilar
4 148
24 soat
20%Hafta
13-0.3%Oy
39-0.9%
Iqtiboslar indeksi
20
Eslatmalar2Kanallardagi repostlar0Kanallardagi eslatmalar2
Bitta postning o'rtacha qamrovi
78
12 soat740%24 soat780%48 soat80
46.5%
Ishtirok (ER)
1.28%
Repostlar0Izohlar0Reaksiyalar1
Qamrov bo'yicha ishtirok (ERR)
1.88%
24 soat0%Hafta
0.87%Oy
0.38%
Bitta reklama postining qamrovi
69
1 soat2028.99%1 – 4 soat00%4 - 24 soat00%
24 soat ichidagi barcha postlar
12
Dinamika
12
"cRyPtHoN™ INFOSEC (EN)" guruhidagi so'nggi postlar
16.02.202507:05
Zelensky calls to build ‘army of Europe’ to counter future Russian threats
MUNICH, Germany — Ukrainian President Volodymyr Zelensky called on Europe to develop its own armed forces, warning that the continent must become more self-reliant in the face of potential threats from Russia.
Speaking at the Munich Security Conference (MSC) on Saturday, Zelensky said Europe has the capacity to manufacture its own artillery, air defense systems and other military technologies necessary for modern warfare.
https://therecord.media/zelensky-calls-for-army-of-europe-to-counter-russia
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
MUNICH, Germany — Ukrainian President Volodymyr Zelensky called on Europe to develop its own armed forces, warning that the continent must become more self-reliant in the face of potential threats from Russia.
Speaking at the Munich Security Conference (MSC) on Saturday, Zelensky said Europe has the capacity to manufacture its own artillery, air defense systems and other military technologies necessary for modern warfare.
https://therecord.media/zelensky-calls-for-army-of-europe-to-counter-russia
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
16.02.202507:03
Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts
Microsoft is calling attention to an emerging threat cluster it calls Storm-2372 that has been attributed to a new set of cyber attacks aimed at a variety of sectors since August 2024.
The attacks have targeted government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas sectors in Europe, North America, Africa, and the Middle East.
https://thehackernews.com/2025/02/microsoft-russian-linked-hackers-using.html
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Microsoft is calling attention to an emerging threat cluster it calls Storm-2372 that has been attributed to a new set of cyber attacks aimed at a variety of sectors since August 2024.
The attacks have targeted government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas sectors in Europe, North America, Africa, and the Middle East.
https://thehackernews.com/2025/02/microsoft-russian-linked-hackers-using.html
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
16.02.202507:02
New Microsoft Windows GUI 0-Day Vulnerability Actively Exploited in the Wild
A newly discovered vulnerability in Microsoft Windows, identified by ClearSky Cyber Security, is reportedly being actively exploited by the Chinese state-sponsored Advanced Persistent Threat (APT) group Mustang Panda.
The vulnerability, which affects the Windows Explorer graphical user interface (GUI), has been classified as low-severity by Microsoft but poses significant risks due to its exploitation in targeted attacks.
https://gbhackers.com/new-microsoft-windows-gui-0-day-vulnerability/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
A newly discovered vulnerability in Microsoft Windows, identified by ClearSky Cyber Security, is reportedly being actively exploited by the Chinese state-sponsored Advanced Persistent Threat (APT) group Mustang Panda.
The vulnerability, which affects the Windows Explorer graphical user interface (GUI), has been classified as low-severity by Microsoft but poses significant risks due to its exploitation in targeted attacks.
https://gbhackers.com/new-microsoft-windows-gui-0-day-vulnerability/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
16.02.202507:00
Virginia Attorney General’s Office Struck by Cyberattack Targeting Attorneys’ Computer Systems
The chief deputy attorney general of the agency sent an email on Wednesday that said nearly all of is computer systems were offline.
The Virginia Attorney General’s office, the state’s top prosecutorial agency led by Jason Miyares, was struck by a cyberattack this week that forced officials off the office’s computer systems.
https://www.securityweek.com/virginia-attorney-generals-office-struck-by-cyberattack-targeting-attorneys-computer-systems/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
The chief deputy attorney general of the agency sent an email on Wednesday that said nearly all of is computer systems were offline.
The Virginia Attorney General’s office, the state’s top prosecutorial agency led by Jason Miyares, was struck by a cyberattack this week that forced officials off the office’s computer systems.
https://www.securityweek.com/virginia-attorney-generals-office-struck-by-cyberattack-targeting-attorneys-computer-systems/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
16.02.202506:58
Microsoft: Hackers steal emails in device code phishing attacks
An active campaign from a threat actor potentially linked to Russia is targeting Microsoft 365 accounts of individuals at organizations of interest using device code phishing.
The targets are in the government, NGO, IT services and technology, defense, telecommunications, health, and energy/oil and gas sectors in Europe, North America, Africa, and the Middle East.
https://www.bleepingcomputer.com/news/security/microsoft-hackers-steal-emails-in-device-code-phishing-attacks/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
An active campaign from a threat actor potentially linked to Russia is targeting Microsoft 365 accounts of individuals at organizations of interest using device code phishing.
The targets are in the government, NGO, IT services and technology, defense, telecommunications, health, and energy/oil and gas sectors in Europe, North America, Africa, and the Middle East.
https://www.bleepingcomputer.com/news/security/microsoft-hackers-steal-emails-in-device-code-phishing-attacks/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
16.02.202506:56
Chinese spies suspected of 'moonlighting' as tawdry ransomware crooks
Some employees steal sticky notes, others 'borrow' malicious code
A crew identified as a Chinese government-backed espionage group appears to have started moonlighting as a ransomware player – further evidence that lines are blurring between nation-state cyberspies and financially motivated cybercriminals.
https://www.theregister.com/2025/02/14/chinese_spies_ransomware_moonlighting/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Some employees steal sticky notes, others 'borrow' malicious code
A crew identified as a Chinese government-backed espionage group appears to have started moonlighting as a ransomware player – further evidence that lines are blurring between nation-state cyberspies and financially motivated cybercriminals.
https://www.theregister.com/2025/02/14/chinese_spies_ransomware_moonlighting/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
16.02.202506:54
What is an encryption backdoor?
Talk of backdoors in encrypted services is once again doing the rounds after reports emerged that the U.K. government is seeking to force Apple to open up iCloud’s end-to-end encrypted (E2EE) device backup offering. Officials were said to be leaning on Apple to create a “backdoor” in the service that would allow state actors to access data in the clear.
https://techcrunch.com/2025/02/15/what-is-an-encryption-backdoor/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Talk of backdoors in encrypted services is once again doing the rounds after reports emerged that the U.K. government is seeking to force Apple to open up iCloud’s end-to-end encrypted (E2EE) device backup offering. Officials were said to be leaning on Apple to create a “backdoor” in the service that would allow state actors to access data in the clear.
https://techcrunch.com/2025/02/15/what-is-an-encryption-backdoor/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
16.02.202506:53
Worrying YouTube security flaw exposed billions of user emails
Researchers awarded $10k for uncovering issue
Experts have warned that any email from a YouTube account could be pulled from Google with a ‘relatively simple exploit’
A researcher who goes by Brutecat managed to leverage several vulnerabilities across Google products to access the email address of any YouTube user, CyberNews reports.
https://www.techradar.com/pro/security/worrying-youtube-security-flaw-exposed-billions-of-user-emails
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Researchers awarded $10k for uncovering issue
Experts have warned that any email from a YouTube account could be pulled from Google with a ‘relatively simple exploit’
A researcher who goes by Brutecat managed to leverage several vulnerabilities across Google products to access the email address of any YouTube user, CyberNews reports.
https://www.techradar.com/pro/security/worrying-youtube-security-flaw-exposed-billions-of-user-emails
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
16.02.202506:50
Australia Imposes New Cyber Sanctions in Response to Medibank Private Cyberattack
The government of Prime Minister Anthony Albanese has imposed additional cyber sanctions in response to a major 2022 cyberattack that hit Medibank Private.
The breach, which compromised millions of customers’ sensitive medical data, marked a turning point in Australia’s approach to cyber security. The Medibank Private cyberattack not only targeted the personal information of Medibank’s customers but also saw portions of the stolen data published on the dark web.
https://thecyberexpress.com/sanctions-on-medibank-private-cyberattack/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
The government of Prime Minister Anthony Albanese has imposed additional cyber sanctions in response to a major 2022 cyberattack that hit Medibank Private.
The breach, which compromised millions of customers’ sensitive medical data, marked a turning point in Australia’s approach to cyber security. The Medibank Private cyberattack not only targeted the personal information of Medibank’s customers but also saw portions of the stolen data published on the dark web.
https://thecyberexpress.com/sanctions-on-medibank-private-cyberattack/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
16.02.202506:49
Attackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bug
Threat actors are exploiting a recently disclosed vulnerability, tracked as CVE-2025-0108, in Palo Alto Networks PAN-OS firewalls.
Researchers warn that threat actors are exploiting a recently disclosed vulnerability, tracked as CVE-2025-0108, in Palo Alto Networks PAN-OS firewalls.
https://securityaffairs.com/174237/hacking/exploitation-palo-alto-networks-pan-os-firewalls-bug.html
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Threat actors are exploiting a recently disclosed vulnerability, tracked as CVE-2025-0108, in Palo Alto Networks PAN-OS firewalls.
Researchers warn that threat actors are exploiting a recently disclosed vulnerability, tracked as CVE-2025-0108, in Palo Alto Networks PAN-OS firewalls.
https://securityaffairs.com/174237/hacking/exploitation-palo-alto-networks-pan-os-firewalls-bug.html
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
14.02.202507:51
An Italian journalist speaks about being targeted with Paragon spyware
As an undercover journalist covering Italian politics, Francesco Cancellato is used to reporting on scandals. But he never thought he would be part of the story.
Late last month, WhatsApp announced that 90 people had been targeted with Paragon Solutions’ spyware via their accounts on the messaging platform. Cancellato, the editor-in-chief of the Italian newspaper Fanpage, is one of four victims to come forward so far. All four have been critical of the Italian government.
https://therecord.media/italian-journalist-speaks-about-being-targeted-spyware
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
As an undercover journalist covering Italian politics, Francesco Cancellato is used to reporting on scandals. But he never thought he would be part of the story.
Late last month, WhatsApp announced that 90 people had been targeted with Paragon Solutions’ spyware via their accounts on the messaging platform. Cancellato, the editor-in-chief of the Italian newspaper Fanpage, is one of four victims to come forward so far. All four have been critical of the Italian government.
https://therecord.media/italian-journalist-speaks-about-being-targeted-spyware
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
14.02.202507:44
North Korean hackers spotted using ClickFix tactic to deliver malware
North Korean state-sponsored group Kimsuky (aka Emerald Sleet, aka VELVET CHOLLIMA) is attempting to deliver malware to South Korean targets by leveraging the so-called “ClickFix” tactic.
A relatively new tactic
The ClickFix social engineering tactic has been dubbed thus because of the initial pretext used by malware peddlers: the users, wanting to read a webpage or document or join a video call, are shown a fake browser notice saying that the page or doc cannot be displayed correctly or the microphone cannot work as it should until they click the “Fix It” button and follow the outlined steps.
https://www.helpnetsecurity.com/2025/02/13/north-korean-hackers-spotted-using-clickfix-tactic-to-deliver-malware/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
North Korean state-sponsored group Kimsuky (aka Emerald Sleet, aka VELVET CHOLLIMA) is attempting to deliver malware to South Korean targets by leveraging the so-called “ClickFix” tactic.
A relatively new tactic
The ClickFix social engineering tactic has been dubbed thus because of the initial pretext used by malware peddlers: the users, wanting to read a webpage or document or join a video call, are shown a fake browser notice saying that the page or doc cannot be displayed correctly or the microphone cannot work as it should until they click the “Fix It” button and follow the outlined steps.
https://www.helpnetsecurity.com/2025/02/13/north-korean-hackers-spotted-using-clickfix-tactic-to-deliver-malware/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
14.02.202507:43
Stealthy Crypto-Mining Malware Hijacking PCs via USB Drives
A new report from AhnLab Security Intelligence Center (ASEC) reveals a concerning trend: the distribution of cryptocurrency-mining malware via USB devices in South Korea. This stealthy campaign utilizes infected USB drives to install Monero-mining malware on unsuspecting victims’ computers, hijacking their system resources for illicit cryptocurrency mining.
https://securityonline.info/stealthy-crypto-mining-malware-hijacking-pcs-via-usb-drives/
https://asec.ahnlab.com/en/86221/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
A new report from AhnLab Security Intelligence Center (ASEC) reveals a concerning trend: the distribution of cryptocurrency-mining malware via USB devices in South Korea. This stealthy campaign utilizes infected USB drives to install Monero-mining malware on unsuspecting victims’ computers, hijacking their system resources for illicit cryptocurrency mining.
https://securityonline.info/stealthy-crypto-mining-malware-hijacking-pcs-via-usb-drives/
https://asec.ahnlab.com/en/86221/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
14.02.202507:41
Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation
Rapid7 finds a new zero-day vulnerability in PostgreSQL and links it to chain of attacks against a BeyondTrust Remote Support product.
Security researchers at Rapid7 on Thursday flagged the discovery of a new zero-day vulnerability in PostgreSQL that appears to have been a critical component in a chain of attacks against a BeyondTrust Remote Support product.
https://www.securityweek.com/rapid7-flags-new-postgresql-zero-day-connected-to-beyondtrust-exploitation/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Rapid7 finds a new zero-day vulnerability in PostgreSQL and links it to chain of attacks against a BeyondTrust Remote Support product.
Security researchers at Rapid7 on Thursday flagged the discovery of a new zero-day vulnerability in PostgreSQL that appears to have been a critical component in a chain of attacks against a BeyondTrust Remote Support product.
https://www.securityweek.com/rapid7-flags-new-postgresql-zero-day-connected-to-beyondtrust-exploitation/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
14.02.202507:36
Zacks Investment Suffers Data Breach Impacting 12M Accounts
Zacks Investment Research has suffered a data breach exposing nearly 12 million user accounts, according to reports on a hacking forum.
The breach, which allegedly occurred in June 2024, includes sensitive user information such as names, email addresses, physical addresses, phone numbers, usernames, IP addresses, and unsalted SHA-256 password hashes. This marks the second major cybersecurity incident for Zacks in recent years, following a confirmed breach in 2023.
https://cyberinsider.com/zacks-investment-suffers-data-breach-impacting-12-million-accounts/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Zacks Investment Research has suffered a data breach exposing nearly 12 million user accounts, according to reports on a hacking forum.
The breach, which allegedly occurred in June 2024, includes sensitive user information such as names, email addresses, physical addresses, phone numbers, usernames, IP addresses, and unsalted SHA-256 password hashes. This marks the second major cybersecurity incident for Zacks in recent years, following a confirmed breach in 2023.
https://cyberinsider.com/zacks-investment-suffers-data-breach-impacting-12-million-accounts/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Rekordlar
08.12.202423:59
4.2KObunachilar08.02.202520:48
1200Iqtiboslar indeksi29.10.202423:59
203Bitta post qamrovi07.09.202423:59
176Reklama posti qamrovi06.02.202509:06
5.88%ER29.10.202423:59
4.82%ERRKo'proq funksiyalarni ochish uchun tizimga kiring.