cRyPtHoN™ INFOSEC (EN)
16 Jul 2025 16:03
China’s Salt Typhoon Hacked US National Guard
Chinese hacking group Salt Typhoon targeted a National Guard unit’s network and tapped into communications with other units.
Chinese state-sponsored hackers compromised the network of a state’s Army National Guard unit, collected configuration information, and tapped into its communication with other units, a Department of Defense report shows.
https://www.securityweek.com/chinas-salt-typhoon-hacked-us-national-guard/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
16 Jul 2025 15:54
Access to Israeli Flight Agencies and Hotels Allegedly Sold on Dark Web After Zero-Day Breach
A recent dark web listing allegedly advertises the sale of access to servers belonging to numerous Israeli flight agencies and hotels, indicating a significant cybersecurity breach and a highly concerning market for stolen credentials. The perpetrators claim to have utilized a “zero-day” exploit to gain unauthorized entry, compromising critical infrastructure within Israel’s travel and hospitality sectors. The listing, priced between $5,000 and $10,000 for access and up to $15,000 with the zero-day exploit, suggests a coordinated attack on a vital segment of the nation’s economy and tourism industry, with the intent of monetizing unauthorized access.
https://dailydarkweb.net/access-to-israeli-flight-agencies-and-hotels-allegedly-sold-on-dark-web-after-zero-day-breach/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
16 Jul 2025 15:45
Turbulence at Air Serbia, the latest airline under cyber siege
Attack enters day 11 and still no public disclosure of what insider claims to be 'deep breach' of Active Directory
Exclusive Aviation insiders say Serbia's national airline, Air Serbia, was forced to delay issuing payslips to staff as a result of a cyberattack it is battling.
Internal memos, seen by The Register, dated July 10 told staff: "Given the current situation and the ongoing cyberattacks, for security reasons, we will postpone the distribution of the June 2025 payslips.
https://www.theregister.com/2025/07/16/air_serbia_cyberattack/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
16 Jul 2025 15:28
Faulty Shopify plugin puts hundreds of websites at risk of invasive attacks - find out how to stay safe
A reputable Shopify plugin was leaking sensitive data, experts warn
A major, reputable Shopify plugin, was leaking sensitive information for months, exposing hundreds of ecommerce businesses to all sorts of risks, experts have warned.
Security researchers from Cybernews spotted the leak and helped plug the hole, having discovered a publicly accessible Kafka server which was holding sensitive data from Consentik.
https://www.techradar.com/pro/security/faulty-shopify-plugin-puts-hundreds-of-websites-at-risk-of-invasive-attacks
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
16 Jul 2025 15:24
Google Chrome 138 point update fixes another 0-day security issue
Google released the weekly security update for the stable version of its Chrome web browser. The Chrome 138 point update addresses six security issues, one of which is already exploited in the wild.
Chrome users and users who have Chrome installed on their devices may want to update to the latest version immediately.
https://www.ghacks.net/2025/07/16/google-138-point-update-fixes-another-0-day-security-issue/
https://chromereleases.googleblog.com/2025/07/stable-channel-update-for-desktop_15.html
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
15 Jul 2025 15:45
Framework 13. Press here to pwn
Introduction
BIOS protection is the digital equivalent of a locked front door, but what if the doorbell doubled as a reset button?
The Framework 13 laptop has a chassis intrusion detection switch. It’s designed to notify the BIOS when the laptop body has been opened. However, the same switch can be manipulated to reset the BIOS. This wipes critical protections like the BIOS administrator password, along with important security options such as secure boot and even the chassis intrusion lockout itself!
https://www.pentestpartners.com/security-blog/framework-13-press-here-to-pwn/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
09 Jul 2025 14:50
Have A Break, Take Your Headphone.
Share some video clip / Credit To Valeriya_Bearwolf
Have A Nice Day From Admin
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
09 Jul 2025 14:48
British criminals convicted over Wagner Group-linked arson attack on London warehouse
A gang of British criminals were convicted on Tuesday for their roles in a plot directed over the messaging app Telegram by the Wagner Group mercenary organization to conduct arson attacks against targets in London.
The case is the first under Britain’s new National Security Act. It saw the ringleaders of the gang previously plead guilty to the charge of agreeing to accept a material benefit from a foreign intelligence service. Three others were found guilty on Tuesday by a jury at the Old Bailey.
https://therecord.media/british-criminals-convicted-wagner-group-arson
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
09 Jul 2025 14:44
Samsung Announces Security Improvements for Galaxy Smartphones
New Samsung Galaxy features include protections for on-device AI, expanded cross-device threat detection, and quantum-resistant encryption for network security.
Korean appliance and consumer electronics giant Samsung Electronics this week announced fresh security improvements for upcoming Galaxy smartphones with One UI 8.
https://www.securityweek.com/samsung-announces-security-improvements-for-galaxy-smartphones/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
09 Jul 2025 14:35
Iranian ransomware crew reemerges, promises big bucks for attacks on US or Israel
Tells would-be affiliates they don't need to worry because cyberattacks don't violate a cease fire
An Iranian ransomware-as-a-service operation with ties to a government-backed cyber crew has reemerged after a nearly five-year hiatus, and is offering would-be cybercriminals cash to infect organizations in the US and Israel.
https://www.theregister.com/2025/07/09/iranian_ransomware_crew_reemerges/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
09 Jul 2025 14:30
US arrests Silk Typhoon hacker accused of stealing Covid research and mass email hacking
Chinese national arrested in Italy over hacking claims
Italian law enforcement has arrested a 33-year-old Chinese national for allegedly spying on the United States.
Landing at Milan’s Malpensa airport on a flight from China, Zewei Xu was apprehended by local police, and according to Italian news agency ANSA, is wanted by the FBI for allegedly participating in cyber-espionage operations for China, targeting data surrounding anti-COVID vaccines that were being produced at the University of Texas back in 2020.
https://www.techradar.com/pro/security/us-arrests-silk-typhoon-hacker-accused-of-stealing-covid-research-and-mass-email-hacking
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
09 Jul 2025 14:28
Security researchers uncover network of malicious Firefox extensions
Security researchers at Zen Security have uncovered a malicious campaign targeting Firefox users through extensions. Firefox, like its Chromium-based counterparts, supports browser extension. These enable users to change functionality of the browser or the sites they visit.
Popular options include content blockers, video downloaders, or extensions that list coupons. Extensions uploaded to the Mozilla Store have to pass a series of tests designed to ensure that they are not malicious or problematic in other regards.
https://www.ghacks.net/2025/07/09/security-researchers-uncover-network-of-malicious-firefox-extensions/
https://blog.koi.security/foxywallet-40-malicious-firefox-extensions-exposed-4c14419de486
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
07 Jul 2025 15:08
Lightweight Reconnaissance Tools for Cybersecurity Professionals
Introduction
Reconnaissance is a critical phase in cybersecurity, enabling professionals to gather intelligence about target systems efficiently. Lightweight reconnaissance tools prioritize speed and precision, making them ideal for penetration testers and bug hunters. This article explores key commands, techniques, and tools to enhance your reconnaissance workflow.
https://undercodetesting.com/lightweight-reconnaissance-tools-for-cybersecurity-professionals/
/channel/UndercodeCommunity/64128
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
07 Jul 2025 14:58
Hackers Abuse Legitimate Inno Setup Installer to Deliver Malware
Cybercriminals are increasingly weaponizing legitimate software installer frameworks like Inno Setup to distribute malware, turning user-friendly tools into covert vehicles for malicious payloads.
Originally designed to simplify software deployment on Windows, Inno Setup has become a favored tool among threat actors due to its trusted appearance and powerful Pascal scripting capabilities.
https://gbhackers.com/hackers-abuse-legitimate-inno-setup-installer/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
07 Jul 2025 14:53
Amazon warns millions of users about fake membership subscription emails - here's how to stay safe ahead of Prime Day
Do not click on any link in a suspicious email, and delete it immediately
With Amazon Prime Day upon us, and set to run in twenty-six countries, the company is urging customers to be wary of a growing wave of cyber scams.
The company has sent out emails informing the over 200 million Prime members it has seen a sharp rise in fraudulent activity, especially impersonation attempts using fake emails, texts, and calls, ahead of the event.
https://www.techradar.com/pro/amazon-warns-millions-of-prime-users-about-fake-membership-subscription-emails-heres-how-to-stay-safe-ahead-of-prime-day
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
16 Jul 2025 16:01
Alleged Collection of 1 Million Israeli Card Holders Data Offered for Sale
A substantial collection of data, allegedly comprising personal and financial information of 1 million Israeli cardholders, has reportedly been made available for sale. This compilation, attributed to various prominent Israeli financial institutions, raises significant concerns regarding the security of sensitive customer information within these critical entities. The origin of this data collection is currently unknown, but its exposure could have severe implications for the privacy and security of a substantial portion of the Israeli population, including customers of major banks and credit card companies.
https://dailydarkweb.net/alleged-collection-of-1-million-israeli-card-holders-data-offered-for-sale/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
16 Jul 2025 15:46
Abacus dark web drug market goes offline in suspected exit scam
Abacus Market, the largest Western darknet marketplace supporting Bitcoin payments, has shut down its public infrastructure in a move suspected to be an exit scam.
Exit scams occur when the operator of a marketplace decides to vanish with the money they hold in escrow for various transactions between platform users.
https://www.bleepingcomputer.com/news/security/abacus-dark-web-drug-market-goes-offline-in-suspected-exit-scam/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
16 Jul 2025 15:32
Chinese authorities are using a new tool to hack seized phones and extract data
Security researchers say Chinese authorities are using a new type of malware to extract data from seized phones, allowing them to obtain text messages — including from chat apps such as Signal — images, location histories, audio recordings, contacts, and more.
https://techcrunch.com/2025/07/16/chinese-authorities-are-using-a-new-tool-to-hack-seized-phones-and-extract-data/
https://300188-cn.translate.goog/news/detail/402.html?_x_tr_sl=auto&_x_tr_tl=en&_x_tr_hl=en&_x_tr_pto=wapp
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
16 Jul 2025 15:25
WordPress Security Alert: CVE-2025-6043 Enables Remote File Deletion via Malcure Plugin
A new vulnerability, CVE-2025-6043, has been discovered in the Malcure Malware Scanner plugin for WordPress, a popular security tool used by over 10,000 websites to detect and remove malware. Security researchers from Wordfence disclosed this flaw on July 15, 2025, identifying it as a high-severity issue rated 8.1 on the CVSS scale. The vulnerability, tracked under CVE-2025-6043, remains unpatched as of July 16, 2025.
https://thecyberexpress.com/malcure-vulnerability-cve-2025-6043/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
16 Jul 2025 15:22
Former US Army member confesses to Telecom hack and extortion conspiracy
A former US Army soldier pleaded guilty to hacking telecom databases, stealing data, and extorting companies by threatening to release the stolen info.
A former Army soldier, Cameron John Wagenius (21) pleaded guilty to conspiring to hack telecom companies’ databases, steal sensitive records, and extort victims by threatening to release stolen data unless ransoms were paid.
https://securityaffairs.com/180009/cyber-crime/former-us-army-member-confesses-to-telecom-hack-and-extortion-conspiracy.html
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
09 Jul 2025 14:54
How to conduct a Password Audit in Active Directory (AD)
Introduction
Weak or compromised passwords are still one of the most common ways attackers get into an organisation’s network.
That’s why running password audits in Active Directory is so important. But smaller companies often don’t have the time, budget, or resources to do them regularly.
This blog post gives you a step-by-step guide to run a proper password audit using free tools available online.
https://www.pentestpartners.com/security-blog/how-to-conduct-a-password-audit-in-active-directory-ad/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
09 Jul 2025 14:50
IES Communications notifies 6,000+ employees of data breach that compromised SSNs and payroll info
IT contractor IES Communications this week confirmed it notified 6,241 employees of a March 2025 data breach that compromised names, Social Security numbers, dates of birth, addresses, payroll info, and other identifying info.
Ransomware gang Chaos took credit for the attack. Chaos says it stole 1 TB of data from IES.
https://www.comparitech.com/news/ies-communications-notifies-6000-employees-of-data-breach-that-compromised-ssns-and-payroll-info/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
09 Jul 2025 14:46
Kanvas: Open-source incident response case management tool
Kanvas is an open-source incident response case management tool with a simple desktop interface, built in Python. It gives investigators a place to work with SOD (Spreadsheet of Doom) or similar files, so they can handle key tasks without jumping between different programs.
https://github.com/WithSecureLabs/Kanvas
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
09 Jul 2025 14:40
New Android TapTrap attack fools users with invisible UI trick
A novel tapjacking technique can exploit user interface animations to bypass Android's permission system and allow access to sensitive data or trick users into performing destructive actions, such as wiping the device.
Unlike traditional, overlay-based tapjacking, TapTrap attacks work even with zero-permission apps to launch a harmless transparent activity on top of a malicious one, a behavior that remains unmitigated in Android 15 and 16.
https://www.bleepingcomputer.com/news/security/new-android-taptrap-attack-fools-users-with-invisible-ui-trick/
https://taptrap.click/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
09 Jul 2025 14:32
Activision took down Call of Duty game after PC players hacked, says source
Games giant Activision took down Call of Duty: WWII due to hackers exploiting a flaw in a specific PC version of the game, which led to several players getting their computers hacked, TechCrunch has learned.
https://techcrunch.com/2025/07/08/activision-took-down-call-of-duty-game-after-pc-players-hacked-says-source/
https://x.com/CODUpdates/status/1941286795565728085
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
09 Jul 2025 14:29
Microsoft Patch Tuesday July 2025: 130 Vulnerabilities Fixed, 17 High-Risk
Patch Tuesday for July 2025 was the busiest day for Microsoft fixes since January, with 130 Microsoft CVEs patched – including 17 ones at high risk for exploitation.
July’s total also included 10 non-Microsoft CVEs. In all, Microsoft Patch Tuesday July 2025 was twice the size of June’s patch total, and the biggest month for Microsoft CVEs since January’s 159.
https://thecyberexpress.com/microsoft-patch-tuesday-july-2025/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
09 Jul 2025 14:26
Hackers weaponize Shellter red teaming tool to spread infostealers
Hackers are abusing the legitimate red teaming tool Shellter to spread stealer malware after a licensed copy was leaked.
Elastic Security Labs has identified several malware campaigns using the commercial AV/EDR evasion tool SHELLTER. The tool was originally built for legitimate red team operations, however, threat actors have now adopted it to bypass security measures and deploy malware. Since April 2025, attackers have repeatedly used SHELLTER in infostealer attacks, as shown by license metadata. To counter this abuse, Elastic released a dynamic unpacker to analyze and detect SHELLTER-protected binaries more effectively.
https://securityaffairs.com/179745/malware/hackers-weaponize-shellter-red-teaming-tool-to-spread-infostealers.html
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
07 Jul 2025 15:05
Aegis Authenticator: Free, open-source 2FA app for Android
Aegis Authenticator is an open-source 2FA app for Android that helps you manage login codes for your online accounts.
The app features strong encryption and the ability to back up your data. It supports both HOTP and TOTP, so it works with thousands of services.
It also allows the export or import from a wide variety of 2FA apps, with support for automatic backups.
https://github.com/beemdevelopment/Aegis
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
07 Jul 2025 14:56
Police in Brazil Arrest a Suspect Over $100M Banking Hack
Officials identified the suspect as João Roque, a C&M employee who worked in information technology and allegedly helped others gain unauthorized access to PIX systems.
Police in Brazil arrested a suspect in connection with a cyberattack that diverted more than 540 million Brazilian reais (about $100 million) from the country’s banking systems, authorities said Friday.
https://www.securityweek.com/police-in-brazil-arrest-a-suspect-over-100m-banking-hack/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
07 Jul 2025 14:51
Taiwan flags security risks in popular Chinese apps after official probe
Taiwan warns Chinese apps like TikTok and WeChat pose security risks due to excessive data collection and data transfers to China.
Taiwan National Security Bureau (NSB) warns that Chinese apps like TikTok, WeChat, Weibo, and Baidu Cloud pose security risks due to excessive data collection and data transfer to China, following an official inspection with law enforcement agencies.
https://securityaffairs.com/179687/security/taiwan-flags-security-risks-in-popular-chinese-apps-after-official-probe.html
📡@
📡@
📡@
📡@
📡@
Читать полностью…
4200