cRyPtHoN™ INFOSEC (EN)
16.02.202507:05
Zelensky calls to build ‘army of Europe’ to counter future Russian threats
MUNICH, Germany — Ukrainian President Volodymyr Zelensky called on Europe to develop its own armed forces, warning that the continent must become more self-reliant in the face of potential threats from Russia.
Speaking at the Munich Security Conference (MSC) on Saturday, Zelensky said Europe has the capacity to manufacture its own artillery, air defense systems and other military technologies necessary for modern warfare.
https://therecord.media/zelensky-calls-for-army-of-europe-to-counter-russia
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
MUNICH, Germany — Ukrainian President Volodymyr Zelensky called on Europe to develop its own armed forces, warning that the continent must become more self-reliant in the face of potential threats from Russia.
Speaking at the Munich Security Conference (MSC) on Saturday, Zelensky said Europe has the capacity to manufacture its own artillery, air defense systems and other military technologies necessary for modern warfare.
https://therecord.media/zelensky-calls-for-army-of-europe-to-counter-russia
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
16.02.202506:58
Microsoft: Hackers steal emails in device code phishing attacks
An active campaign from a threat actor potentially linked to Russia is targeting Microsoft 365 accounts of individuals at organizations of interest using device code phishing.
The targets are in the government, NGO, IT services and technology, defense, telecommunications, health, and energy/oil and gas sectors in Europe, North America, Africa, and the Middle East.
https://www.bleepingcomputer.com/news/security/microsoft-hackers-steal-emails-in-device-code-phishing-attacks/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
An active campaign from a threat actor potentially linked to Russia is targeting Microsoft 365 accounts of individuals at organizations of interest using device code phishing.
The targets are in the government, NGO, IT services and technology, defense, telecommunications, health, and energy/oil and gas sectors in Europe, North America, Africa, and the Middle East.
https://www.bleepingcomputer.com/news/security/microsoft-hackers-steal-emails-in-device-code-phishing-attacks/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
16.02.202506:50
Australia Imposes New Cyber Sanctions in Response to Medibank Private Cyberattack
The government of Prime Minister Anthony Albanese has imposed additional cyber sanctions in response to a major 2022 cyberattack that hit Medibank Private.
The breach, which compromised millions of customers’ sensitive medical data, marked a turning point in Australia’s approach to cyber security. The Medibank Private cyberattack not only targeted the personal information of Medibank’s customers but also saw portions of the stolen data published on the dark web.
https://thecyberexpress.com/sanctions-on-medibank-private-cyberattack/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
The government of Prime Minister Anthony Albanese has imposed additional cyber sanctions in response to a major 2022 cyberattack that hit Medibank Private.
The breach, which compromised millions of customers’ sensitive medical data, marked a turning point in Australia’s approach to cyber security. The Medibank Private cyberattack not only targeted the personal information of Medibank’s customers but also saw portions of the stolen data published on the dark web.
https://thecyberexpress.com/sanctions-on-medibank-private-cyberattack/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
14.02.202507:43
Stealthy Crypto-Mining Malware Hijacking PCs via USB Drives
A new report from AhnLab Security Intelligence Center (ASEC) reveals a concerning trend: the distribution of cryptocurrency-mining malware via USB devices in South Korea. This stealthy campaign utilizes infected USB drives to install Monero-mining malware on unsuspecting victims’ computers, hijacking their system resources for illicit cryptocurrency mining.
https://securityonline.info/stealthy-crypto-mining-malware-hijacking-pcs-via-usb-drives/
https://asec.ahnlab.com/en/86221/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
A new report from AhnLab Security Intelligence Center (ASEC) reveals a concerning trend: the distribution of cryptocurrency-mining malware via USB devices in South Korea. This stealthy campaign utilizes infected USB drives to install Monero-mining malware on unsuspecting victims’ computers, hijacking their system resources for illicit cryptocurrency mining.
https://securityonline.info/stealthy-crypto-mining-malware-hijacking-pcs-via-usb-drives/
https://asec.ahnlab.com/en/86221/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
14.02.202507:31
Salt Typhoon remains active, hits more telecom networks via Cisco routers
The Chinese nation-state threat group intruded five additional telecom networks between December and January, including two unnamed providers in the U.S., Recorded Future researchers said.
Salt Typhoon, the Chinese nation-state threat group linked to a spree of attacks on U.S. and global telecom providers, remains active in its intrusion and has hit multiple additional networks worldwide, including two in the United States, Recorded Future said in a report released Thursday.
https://cyberscoop.com/salt-typhoon-china-ongoing-telecom-attack-spree/
https://go.recordedfuture.com/hubfs/reports/cta-cn-2025-0213.pdf
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
The Chinese nation-state threat group intruded five additional telecom networks between December and January, including two unnamed providers in the U.S., Recorded Future researchers said.
Salt Typhoon, the Chinese nation-state threat group linked to a spree of attacks on U.S. and global telecom providers, remains active in its intrusion and has hit multiple additional networks worldwide, including two in the United States, Recorded Future said in a report released Thursday.
https://cyberscoop.com/salt-typhoon-china-ongoing-telecom-attack-spree/
https://go.recordedfuture.com/hubfs/reports/cta-cn-2025-0213.pdf
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
01.02.202513:04
WhatsApp says it disrupted a hacking campaign targeting journalists with Paragon spyware
WhatsApp said on Friday that it had disrupted a hacking campaign that targeted around 90 users, including journalists and members of civil society.
A WhatsApp spokesperson told TechCrunch that the campaign was linked to Paragon, an Israeli spyware maker that was acquired in December of last year by American private equity giant AE Industrial Partners.
https://techcrunch.com/2025/01/31/whatsapp-says-it-disrupted-a-hacking-campaign-targeting-journalists-with-spyware/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
WhatsApp said on Friday that it had disrupted a hacking campaign that targeted around 90 users, including journalists and members of civil society.
A WhatsApp spokesperson told TechCrunch that the campaign was linked to Paragon, an Israeli spyware maker that was acquired in December of last year by American private equity giant AE Industrial Partners.
https://techcrunch.com/2025/01/31/whatsapp-says-it-disrupted-a-hacking-campaign-targeting-journalists-with-spyware/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
16.02.202507:03
Microsoft: Russian-Linked Hackers Using 'Device Code Phishing' to Hijack Accounts
Microsoft is calling attention to an emerging threat cluster it calls Storm-2372 that has been attributed to a new set of cyber attacks aimed at a variety of sectors since August 2024.
The attacks have targeted government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas sectors in Europe, North America, Africa, and the Middle East.
https://thehackernews.com/2025/02/microsoft-russian-linked-hackers-using.html
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Microsoft is calling attention to an emerging threat cluster it calls Storm-2372 that has been attributed to a new set of cyber attacks aimed at a variety of sectors since August 2024.
The attacks have targeted government, non-governmental organizations (NGOs), information technology (IT) services and technology, defense, telecommunications, health, higher education, and energy/oil and gas sectors in Europe, North America, Africa, and the Middle East.
https://thehackernews.com/2025/02/microsoft-russian-linked-hackers-using.html
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
16.02.202506:56
Chinese spies suspected of 'moonlighting' as tawdry ransomware crooks
Some employees steal sticky notes, others 'borrow' malicious code
A crew identified as a Chinese government-backed espionage group appears to have started moonlighting as a ransomware player – further evidence that lines are blurring between nation-state cyberspies and financially motivated cybercriminals.
https://www.theregister.com/2025/02/14/chinese_spies_ransomware_moonlighting/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Some employees steal sticky notes, others 'borrow' malicious code
A crew identified as a Chinese government-backed espionage group appears to have started moonlighting as a ransomware player – further evidence that lines are blurring between nation-state cyberspies and financially motivated cybercriminals.
https://www.theregister.com/2025/02/14/chinese_spies_ransomware_moonlighting/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
16.02.202506:49
Attackers exploit recently disclosed Palo Alto Networks PAN-OS firewalls bug
Threat actors are exploiting a recently disclosed vulnerability, tracked as CVE-2025-0108, in Palo Alto Networks PAN-OS firewalls.
Researchers warn that threat actors are exploiting a recently disclosed vulnerability, tracked as CVE-2025-0108, in Palo Alto Networks PAN-OS firewalls.
https://securityaffairs.com/174237/hacking/exploitation-palo-alto-networks-pan-os-firewalls-bug.html
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Threat actors are exploiting a recently disclosed vulnerability, tracked as CVE-2025-0108, in Palo Alto Networks PAN-OS firewalls.
Researchers warn that threat actors are exploiting a recently disclosed vulnerability, tracked as CVE-2025-0108, in Palo Alto Networks PAN-OS firewalls.
https://securityaffairs.com/174237/hacking/exploitation-palo-alto-networks-pan-os-firewalls-bug.html
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
14.02.202507:41
Rapid7 Flags New PostgreSQL Zero-Day Connected to BeyondTrust Exploitation
Rapid7 finds a new zero-day vulnerability in PostgreSQL and links it to chain of attacks against a BeyondTrust Remote Support product.
Security researchers at Rapid7 on Thursday flagged the discovery of a new zero-day vulnerability in PostgreSQL that appears to have been a critical component in a chain of attacks against a BeyondTrust Remote Support product.
https://www.securityweek.com/rapid7-flags-new-postgresql-zero-day-connected-to-beyondtrust-exploitation/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Rapid7 finds a new zero-day vulnerability in PostgreSQL and links it to chain of attacks against a BeyondTrust Remote Support product.
Security researchers at Rapid7 on Thursday flagged the discovery of a new zero-day vulnerability in PostgreSQL that appears to have been a critical component in a chain of attacks against a BeyondTrust Remote Support product.
https://www.securityweek.com/rapid7-flags-new-postgresql-zero-day-connected-to-beyondtrust-exploitation/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
14.02.202507:29
Valve removes Steam game that contained malware
Valve removed a game from its Steam video game platform and store because it contained malware, according to media reports. In its notice to users who downloaded the game, Valve said affected users may want to “consider fully reformatting your operating system.”
https://techcrunch.com/2025/02/13/valve-removes-steam-game-that-contained-malware/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Valve removed a game from its Steam video game platform and store because it contained malware, according to media reports. In its notice to users who downloaded the game, Valve said affected users may want to “consider fully reformatting your operating system.”
https://techcrunch.com/2025/02/13/valve-removes-steam-game-that-contained-malware/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
01.02.202513:04
Community Health Center data breach impacted over 1 million patients
Community Health Center (CHC) data breach impacted over 1 million patients in Connecticut, the healthcare provider started notifying them.
Community Health Center (CHC) is a leading healthcare provider based in Connecticut, offering primary care, dental, behavioral health, and specialty services. It serves a diverse patient population, focusing on accessible and affordable healthcare, particularly for underserved communities.
https://securityaffairs.com/173687/data-breach/community-health-center-data-breach.html
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Community Health Center (CHC) data breach impacted over 1 million patients in Connecticut, the healthcare provider started notifying them.
Community Health Center (CHC) is a leading healthcare provider based in Connecticut, offering primary care, dental, behavioral health, and specialty services. It serves a diverse patient population, focusing on accessible and affordable healthcare, particularly for underserved communities.
https://securityaffairs.com/173687/data-breach/community-health-center-data-breach.html
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
16.02.202507:02
New Microsoft Windows GUI 0-Day Vulnerability Actively Exploited in the Wild
A newly discovered vulnerability in Microsoft Windows, identified by ClearSky Cyber Security, is reportedly being actively exploited by the Chinese state-sponsored Advanced Persistent Threat (APT) group Mustang Panda.
The vulnerability, which affects the Windows Explorer graphical user interface (GUI), has been classified as low-severity by Microsoft but poses significant risks due to its exploitation in targeted attacks.
https://gbhackers.com/new-microsoft-windows-gui-0-day-vulnerability/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
A newly discovered vulnerability in Microsoft Windows, identified by ClearSky Cyber Security, is reportedly being actively exploited by the Chinese state-sponsored Advanced Persistent Threat (APT) group Mustang Panda.
The vulnerability, which affects the Windows Explorer graphical user interface (GUI), has been classified as low-severity by Microsoft but poses significant risks due to its exploitation in targeted attacks.
https://gbhackers.com/new-microsoft-windows-gui-0-day-vulnerability/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
16.02.202506:54
What is an encryption backdoor?
Talk of backdoors in encrypted services is once again doing the rounds after reports emerged that the U.K. government is seeking to force Apple to open up iCloud’s end-to-end encrypted (E2EE) device backup offering. Officials were said to be leaning on Apple to create a “backdoor” in the service that would allow state actors to access data in the clear.
https://techcrunch.com/2025/02/15/what-is-an-encryption-backdoor/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Talk of backdoors in encrypted services is once again doing the rounds after reports emerged that the U.K. government is seeking to force Apple to open up iCloud’s end-to-end encrypted (E2EE) device backup offering. Officials were said to be leaning on Apple to create a “backdoor” in the service that would allow state actors to access data in the clear.
https://techcrunch.com/2025/02/15/what-is-an-encryption-backdoor/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
14.02.202507:51
An Italian journalist speaks about being targeted with Paragon spyware
As an undercover journalist covering Italian politics, Francesco Cancellato is used to reporting on scandals. But he never thought he would be part of the story.
Late last month, WhatsApp announced that 90 people had been targeted with Paragon Solutions’ spyware via their accounts on the messaging platform. Cancellato, the editor-in-chief of the Italian newspaper Fanpage, is one of four victims to come forward so far. All four have been critical of the Italian government.
https://therecord.media/italian-journalist-speaks-about-being-targeted-spyware
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
As an undercover journalist covering Italian politics, Francesco Cancellato is used to reporting on scandals. But he never thought he would be part of the story.
Late last month, WhatsApp announced that 90 people had been targeted with Paragon Solutions’ spyware via their accounts on the messaging platform. Cancellato, the editor-in-chief of the Italian newspaper Fanpage, is one of four victims to come forward so far. All four have been critical of the Italian government.
https://therecord.media/italian-journalist-speaks-about-being-targeted-spyware
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
14.02.202507:36
Zacks Investment Suffers Data Breach Impacting 12M Accounts
Zacks Investment Research has suffered a data breach exposing nearly 12 million user accounts, according to reports on a hacking forum.
The breach, which allegedly occurred in June 2024, includes sensitive user information such as names, email addresses, physical addresses, phone numbers, usernames, IP addresses, and unsalted SHA-256 password hashes. This marks the second major cybersecurity incident for Zacks in recent years, following a confirmed breach in 2023.
https://cyberinsider.com/zacks-investment-suffers-data-breach-impacting-12-million-accounts/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Zacks Investment Research has suffered a data breach exposing nearly 12 million user accounts, according to reports on a hacking forum.
The breach, which allegedly occurred in June 2024, includes sensitive user information such as names, email addresses, physical addresses, phone numbers, usernames, IP addresses, and unsalted SHA-256 password hashes. This marks the second major cybersecurity incident for Zacks in recent years, following a confirmed breach in 2023.
https://cyberinsider.com/zacks-investment-suffers-data-breach-impacting-12-million-accounts/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
14.02.202507:26
Smuggling arbitrary data through an emoji
This Hacker News comment by GuB-42 intrigued me:
With ZWJ (Zero Width Joiner) sequences you could in theory encode an unlimited amount of data in a single emoji.
Is it really possible to encode arbitrary data in a single emoji?
tl;dr: yes, although I found an approach without ZWJ. In fact, you can encode data in any unicode character. This sentence has a hidden message󠅟󠅘󠄐󠅝󠅩󠄜󠄐󠅩󠅟󠅥󠄐󠅖󠅟󠅥󠅞󠅔󠄐󠅤󠅘󠅕󠄐󠅘󠅙󠅔󠅔󠅕󠅞󠄐󠅝󠅕󠅣󠅣󠅑󠅗󠅕󠄐󠅙󠅞󠄐󠅤󠅘󠅕󠄐󠅤󠅕󠅨󠅤󠄑. (Try pasting it into this decoder)
https://paulbutler.org/2025/smuggling-arbitrary-data-through-an-emoji/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
This Hacker News comment by GuB-42 intrigued me:
With ZWJ (Zero Width Joiner) sequences you could in theory encode an unlimited amount of data in a single emoji.
Is it really possible to encode arbitrary data in a single emoji?
tl;dr: yes, although I found an approach without ZWJ. In fact, you can encode data in any unicode character. This sentence has a hidden message󠅟󠅘󠄐󠅝󠅩󠄜󠄐󠅩󠅟󠅥󠄐󠅖󠅟󠅥󠅞󠅔󠄐󠅤󠅘󠅕󠄐󠅘󠅙󠅔󠅔󠅕󠅞󠄐󠅝󠅕󠅣󠅣󠅑󠅗󠅕󠄐󠅙󠅞󠄐󠅤󠅘󠅕󠄐󠅤󠅕󠅨󠅤󠄑. (Try pasting it into this decoder)
https://paulbutler.org/2025/smuggling-arbitrary-data-through-an-emoji/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
01.02.202513:04
New Russian Threat Group Hacks Into U.S. Oil and Gas Facilities
Cyble dark web researchers have identified a new pro-Russian hacktivist group that’s been hacking into oil and gas facility control panels in the U.S.
Cyble detailed two claims by the new “Sector 16” group that members hacked into control panels in energy facilities and tampered with system control settings. The new Russian threat group has been working with another pro-Russian group – Z-Pentest – which has been hacking into critical water and energy infrastructure since last year.
https://thecyberexpress.com/new-russian-threat-group-hacks-u-s-energy/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Cyble dark web researchers have identified a new pro-Russian hacktivist group that’s been hacking into oil and gas facility control panels in the U.S.
Cyble detailed two claims by the new “Sector 16” group that members hacked into control panels in energy facilities and tampered with system control settings. The new Russian threat group has been working with another pro-Russian group – Z-Pentest – which has been hacking into critical water and energy infrastructure since last year.
https://thecyberexpress.com/new-russian-threat-group-hacks-u-s-energy/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
16.02.202507:00
Virginia Attorney General’s Office Struck by Cyberattack Targeting Attorneys’ Computer Systems
The chief deputy attorney general of the agency sent an email on Wednesday that said nearly all of is computer systems were offline.
The Virginia Attorney General’s office, the state’s top prosecutorial agency led by Jason Miyares, was struck by a cyberattack this week that forced officials off the office’s computer systems.
https://www.securityweek.com/virginia-attorney-generals-office-struck-by-cyberattack-targeting-attorneys-computer-systems/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
The chief deputy attorney general of the agency sent an email on Wednesday that said nearly all of is computer systems were offline.
The Virginia Attorney General’s office, the state’s top prosecutorial agency led by Jason Miyares, was struck by a cyberattack this week that forced officials off the office’s computer systems.
https://www.securityweek.com/virginia-attorney-generals-office-struck-by-cyberattack-targeting-attorneys-computer-systems/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
16.02.202506:53
Worrying YouTube security flaw exposed billions of user emails
Researchers awarded $10k for uncovering issue
Experts have warned that any email from a YouTube account could be pulled from Google with a ‘relatively simple exploit’
A researcher who goes by Brutecat managed to leverage several vulnerabilities across Google products to access the email address of any YouTube user, CyberNews reports.
https://www.techradar.com/pro/security/worrying-youtube-security-flaw-exposed-billions-of-user-emails
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Researchers awarded $10k for uncovering issue
Experts have warned that any email from a YouTube account could be pulled from Google with a ‘relatively simple exploit’
A researcher who goes by Brutecat managed to leverage several vulnerabilities across Google products to access the email address of any YouTube user, CyberNews reports.
https://www.techradar.com/pro/security/worrying-youtube-security-flaw-exposed-billions-of-user-emails
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
14.02.202507:44
North Korean hackers spotted using ClickFix tactic to deliver malware
North Korean state-sponsored group Kimsuky (aka Emerald Sleet, aka VELVET CHOLLIMA) is attempting to deliver malware to South Korean targets by leveraging the so-called “ClickFix” tactic.
A relatively new tactic
The ClickFix social engineering tactic has been dubbed thus because of the initial pretext used by malware peddlers: the users, wanting to read a webpage or document or join a video call, are shown a fake browser notice saying that the page or doc cannot be displayed correctly or the microphone cannot work as it should until they click the “Fix It” button and follow the outlined steps.
https://www.helpnetsecurity.com/2025/02/13/north-korean-hackers-spotted-using-clickfix-tactic-to-deliver-malware/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
North Korean state-sponsored group Kimsuky (aka Emerald Sleet, aka VELVET CHOLLIMA) is attempting to deliver malware to South Korean targets by leveraging the so-called “ClickFix” tactic.
A relatively new tactic
The ClickFix social engineering tactic has been dubbed thus because of the initial pretext used by malware peddlers: the users, wanting to read a webpage or document or join a video call, are shown a fake browser notice saying that the page or doc cannot be displayed correctly or the microphone cannot work as it should until they click the “Fix It” button and follow the outlined steps.
https://www.helpnetsecurity.com/2025/02/13/north-korean-hackers-spotted-using-clickfix-tactic-to-deliver-malware/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
14.02.202507:33
Dutch Police seizes 127 XHost servers, dismantles bulletproof hoster
The Dutch Police (Politie) dismantled the ZServers/XHost bulletproof hosting operation after taking offline 127 servers used by the illegal platform.
Earlier this week, the authorities in the United States, Australia, and the United Kingdom, announced sanctions against the same bulletproof hosting provider for its involvement in cybercrime operations.
https://www.bleepingcomputer.com/news/legal/dutch-police-seizes-127-xhost-servers-dismantles-bulletproof-hoster/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
The Dutch Police (Politie) dismantled the ZServers/XHost bulletproof hosting operation after taking offline 127 servers used by the illegal platform.
Earlier this week, the authorities in the United States, Australia, and the United Kingdom, announced sanctions against the same bulletproof hosting provider for its involvement in cybercrime operations.
https://www.bleepingcomputer.com/news/legal/dutch-police-seizes-127-xhost-servers-dismantles-bulletproof-hoster/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
01.02.202513:04
Even the US government can fall victim to cryptojacking
Documents reveal that USAID was victimized by a password spray attack that resulted in roughly $500,000 in Microsoft service charges.
Cryptojacking, the tactic of breaking into a device to steal computing resources and mine crypto, is a pervasive, frustrating and expensive problem. But attacks like these can also raise cybersecurity concerns, especially when they happen to the federal government.
https://fedscoop.com/cryptojacking-federal-government-agencies-usaid/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Documents reveal that USAID was victimized by a password spray attack that resulted in roughly $500,000 in Microsoft service charges.
Cryptojacking, the tactic of breaking into a device to steal computing resources and mine crypto, is a pervasive, frustrating and expensive problem. But attacks like these can also raise cybersecurity concerns, especially when they happen to the federal government.
https://fedscoop.com/cryptojacking-federal-government-agencies-usaid/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
01.02.202513:04
Google Blocked Over 2.3 Million Risky Android Apps in 2024
Google has revealed that it blocked 2.36 million Android apps from being published on the Play Store in 2024 due to policy violations that posed potential security risks to users. This marks a continued effort to keep harmful apps, including malware and spyware, off Android’s official app marketplace.
https://www.ghacks.net/2025/01/31/google-blocked-over-2-3-million-risky-android-apps-in-2024/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Google has revealed that it blocked 2.36 million Android apps from being published on the Play Store in 2024 due to policy violations that posed potential security risks to users. This marks a continued effort to keep harmful apps, including malware and spyware, off Android’s official app marketplace.
https://www.ghacks.net/2025/01/31/google-blocked-over-2-3-million-risky-android-apps-in-2024/
📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv
Ko'rsatilgan 1 - 24 dan 32
Ko'proq funksiyalarni ochish uchun tizimga kiring.