cRyPtHoN™ INFOSEC (EN)
24 Jul 2025 14:20
Clorox Sues Cognizant for $380 Million Over 2023 Hack
Clorox is blaming Congnizat for the 2023 cyberattack, claiming that the IT provided handed over passwords to the hackers.
Cleaning products giant Clorox has filed a lawsuit against IT services provider Cognizant, accusing the company of making it easy for hackers to breach its systems in the 2023 cyberattack.
https://www.securityweek.com/clorox-sues-cognizant-for-380-million-over-2023-hack/
https://www.securityweek.com/clorox-says-cyberattack-costs-exceed-49-million/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
24 Jul 2025 14:17
SonicWall urges admins to patch critical RCE flaw in SMA 100 devices
SonicWall urges customers to patch SMA 100 series appliances against a critical authenticated arbitrary file upload vulnerability that can let attackers gain remote code execution.
The security flaw (tracked as CVE-2025-40599) is caused by an unrestricted file upload weakness in the devices' web management interfaces, which can allow remote threat actors with administrative privileges to upload arbitrary files to the system.
https://www.bleepingcomputer.com/news/security/sonicwall-warns-of-critical-rce-flaw-in-sma-100-VPN-appliances/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
24 Jul 2025 14:14
European authorities arrest alleged admin of notorious Russian crime forum XSS
European officials have confirmed the arrest of the alleged administrator behind XSS.is, one of the longest-running Russian-language cybercrime forums.
Per Europol, the alleged administrator was arrested in Ukraine on Tuesday. A law enforcement notice on XSS now reads: “This domain has been seized.”
https://techcrunch.com/2025/07/23/european-authorities-arrest-alleged-admin-of-notorious-russian-crime-forum-xss/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
24 Jul 2025 14:10
European Healthcare Giant AMEOS Group Suffers Major Cyberattack
AMEOS Group, one of Central Europe’s largest private hospital networks, has reported a data breach that potentially exposed sensitive information belonging to patients, employees, and business partners.
The Zurich-headquartered healthcare organization, which operates more than 100 facilities across Switzerland, Austria, and Germany, confirmed that attackers were able to briefly infiltrate its IT systems despite “extensive security mechanisms.”
https://thecyberexpress.com/ameos-group-data-breach/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
24 Jul 2025 14:03
U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog
U.S. CISA adds CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities catalog.
The U.S. Cybersecurity and Infrastructure Security Agency (CISA) added CrushFTP, Google Chromium, and SysAid flaws to its Known Exploited Vulnerabilities (KEV) catalog.
https://securityaffairs.com/180293/hacking/u-s-cisa-adds-crushftp-google-chromium-and-sysaid-flaws-to-its-known-exploited-vulnerabilities-catalog.html
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:42
Ransomware gang claims cyber attack on Susan B. Allen Memorial Hospital
Yesterday, ransomware gang Kawa4096 uploaded the Susan B. Allen Memorial Hospital to its data leak site, alleging to have stolen 210 GB of data. The hospital in El Dorado, Kansas, confirmed it was investigating a potential cyber attack on July 18, 2025, after suffering a system outage.
https://www.comparitech.com/news/ransomware-gang-claims-cyber-attack-on-susan-b-allen-memorial-hospital/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:39
Cervantes: Open-source, collaborative platform for pentesters and red teams
Cervantes is an open-source collaborative platform built for pentesters and red teams. It offers a centralized workspace to manage projects, clients, vulnerabilities, and reports, all in one place. By streamlining data organization and team coordination, it helps reduce the time and complexity involved in planning and executing penetration tests.
https://github.com/CervantesSec/cervantes
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:36
Ransomware Groups Weaponize RMM Tools to Infiltrate Networks and Exfiltrate Data
Ransomware gangs have increasingly co-opted Remote Monitoring and Management (RMM) tools originally designed for IT operations to orchestrate sophisticated network intrusions, persistence, lateral movement, and data exfiltration.
Investigations conducted in the second half of 2024 and the first quarter of 2025 revealed this pattern across incidents affecting two US-based organizations and one UK-based entity.
https://gbhackers.com/ransomware-groups-weaponize-rmm-tools/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:33
Critical Vulnerabilities Patched in Sophos Firewall
Sophos has patched five vulnerabilities in Sophos Firewall that could allow remote attackers to execute arbitrary code.
Sophos this week announced the rollout of patches for five vulnerabilities in Sophos Firewall that could lead to remote code execution (RCE).
The first issue, tracked as CVE-2025-6704 (CVSS score of 9.8), is a critical arbitrary file writing flaw in the Secure PDF eXchange (SPX) feature of the appliance that could allow remote, unauthenticated attackers to execute arbitrary code.
https://www.securityweek.com/critical-vulnerabilities-patched-in-sophos-firewall/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:26
Operator of Jetflix illegal streaming service gets 7 years in prison
The ringleader of the Jetflicks illegal paid streaming operation, a massive service with tens of thousands of subscribers, was sentenced to seven years in prison.
Together with four other accomplices, 42-year-old Kristopher Lee Dallmann of Las Vegas, Nevada, was convicted in June 2024 of conspiracy to commit copyright infringement.
https://www.bleepingcomputer.com/news/technology/operator-of-jetflix-illegal-streaming-service-gets-7-years-in-prison/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:17
Apple alerted Iranians to iPhone spyware attacks, say researchers
Apple notified more than a dozen Iranians in recent months that their iPhones had been targeted with government spyware, according to security researchers.
https://techcrunch.com/2025/07/22/apple-alerted-iranians-to-iphone-spyware-attacks-say-researchers/
https://www.bloomberg.com/news/articles/2025-07-22/iranians-targeted-with-spyware-in-lead-up-to-war-with-israel
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:10
Replit AI Agent Deletes Codebase and Lies About It — CEO Issues Apology
Replit, a browser-based AI coding platform, has come under radar after a disaster involving its autonomous AI agent. The Replit AI agent incident, which involved the deletion of a company’s codebase during a test run, has sparked a concern about the reliability and safety of AI-powered development tools.
https://thecyberexpress.com/replit-ai-agent-incident/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:05
Microsoft linked attacks on SharePoint flaws to China-nexus actors
Microsoft linked SharePoint exploits to China-nexus groups Linen Typhoon, Violet Typhoon, and Storm-2603, active since July 7, 2025.
Microsoft confirmed that China-linked groups Linen Typhoon, Violet Typhoon, and Storm-2603 exploited SharePoint flaws for initial access as early as July 7, 2025.
https://securityaffairs.com/180267/apt/microsoft-linked-attacks-on-sharepoint-flaws-to-china-nexus-actors.html
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
22 Jul 2025 19:25
Ransomware gang says it hacked PC maker iBUYPOWER
Ransomware gang Lynx yesterday took credit for a June data breach at gaming PC maker iBUYPOWER and its sister brand, HYTE.
The company on June 25 announced it suffered a cybersecurity incident four days prior.
https://www.comparitech.com/news/ransomware-gang-says-it-hacked-pc-maker-ibuypower/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
22 Jul 2025 19:08
Vulnerabilities Expose Helmholz Industrial Routers to Hacking
Eight vulnerabilities, including ones allowing full control over a device, have been discovered and patched in Helmholz REX 100 industrial routers.
Several potentially serious vulnerabilities were recently found and patched in routers made by Germany-based industrial and automation solutions provider Helmholz.
https://www.securityweek.com/vulnerabilities-expose-helmholz-industrial-routers-to-hacking/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
24 Jul 2025 14:19
Full ‘New American Funding’ Data Leaked by Everest After Failed Ransom Negotiations
The Everest ransomware group has allegedly published the full data of New American Funding, a major U.S. mortgage lender. The data was reportedly released today, following a compromise that is said to have occurred on May 23, 2025. The publication of the data comes after the ransomware group’s deadline for negotiations apparently passed, with the group issuing a final warning: “Our group gives you the last chance to continue negotiations or the data will be published before time runs out.”
https://dailydarkweb.net/full-new-american-funding-data-leaked-by-everest-after-failed-ransom-negotiations/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
24 Jul 2025 14:16
How to host a Linux-powered local dev site in Windows
A working copy of your site can run under Windows Subsystem for Linux
hands on If you're building a website that will eventually be hosted on a Linux server (as so many are), you have a couple of choices about where you do your development work. You can create a beta version of the site at your web host and upload all of the files there or you can create a local test server that sits in your home or office.
https://www.theregister.com/2025/07/23/linux_dev_site_windows/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
24 Jul 2025 14:12
French government agency breach may have exposed data on 340k jobseekers
A second breach in as many years affected hundreds of thousands of people
France’s national employment agency has suffered a cyberattack in which threat actors allegedly accessed sensitive data on “hundreds of thousands” of people.
https://www.techradar.com/pro/security/french-government-agency-breach-may-have-exposed-data-on-340k-jobseekers
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
24 Jul 2025 14:04
How to extend Windows 10 Support by a year
Microsoft plans to end supporting major versions of its Windows 10 operating system in October 2025. This affects all home users and many businesses alike. Considering that almost half of all Windows PCs still run Windows 10, it is fair to say that ending support at this stage could end in disaster.
This is likely one reason why Microsoft has made extended security updates available for home users for the first time. It postpones the death of the system by a year, but you need to become active for that.
https://www.ghacks.net/2025/07/24/how-to-extend-windows-10-support-by-a-year/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:43
Meet Hazel Burton
Welcome to the first episode of Humans of Talos, a new video interview series that shines a spotlight on team members across Talos. Featuring their personal stories, career journeys and unique perspectives, you'll get an inside look into what it's like to work in our organization and the people who make the internet more secure for all.
https://blog.talosintelligence.com/humans-of-talos-meet-hazel-burton/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:41
FBI urges vigilance against Interlock ransomware group behind recent healthcare attacks
The Interlock ransomware is being used to target critical infrastructure and businesses across North America and Europe, the FBI and other federal agencies warned Tuesday.
Federal officials said the group emerged in late September 2024 and has used uncommon methods of obtaining initial access to devices such as so-called drive-by downloads — when hackers use a compromised website or malicious link to make malware automatically download onto a victim’s computer without them knowing.
https://therecord.media/fbi-vigilance-interlock-ransomware
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:38
Global Fashion Label SABO’s 3.5M Customer Records Exposed Online
Global fashion brand SABO suffers data breach, exposing 3.5+ million customer records including names, addresses, and order details. Learn about the risks and what to do.
A data leak has impacted SABO, a global fashion and design company based in Australia, exposing over 3.5 million customer records. The breach, discovered by cybersecurity researcher Jeremiah Fowler, involved a misconfigured database containing 292 GB of sensitive customer information that was left unsecured and without password protection. The findings were published by vpnMentor and shared with HackRead.com.
https://hackread.com/global-fashion-label-sabo-customer-records-leaked/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:35
France: New Data Breach Could Affect 340,000 Jobseekers
The French employment agency, France Travail, has suffered a data breach that could affect hundreds of thousands of jobseekers.
The agency sent an email to its users on July 22, warning them of a data breach that was detected on July 13 on its “employment” portal, which is used by its partners.
https://www.infosecurity-magazine.com/news/france-data-breach-jobseekers/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:27
Indonesian Port Operator Pelindo Subsidiary Allegedly Breached – Sensitive Data and Source Code for Sale
A threat actor has allegedly put the source code and a 300 MB database belonging to a subsidiary of PT Pelabuhan Indonesia (Pelindo), Indonesia’s state-owned port operator, up for sale on a dark web forum. The targeted entity appears to be PT Tanjung Emas Daya Sejahtera (TEDS), a company majority-owned by a Pelindo subsidiary, which provides services related to port operations. The breach allegedly involves an application named “TEDS TALY,” version 1.624. Pelindo is a critical entity in Indonesia’s infrastructure, managing a vast network of ports and logistics services, making any breach a significant concern for national trade and security.
https://dailydarkweb.net/indonesian-port-operator-pelindo-subsidiary-allegedly-breached-sensitive-data-and-source-code-for-sale/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:20
Firefox 141 relieves chronic Linux pain in the neck
But there are tweaks for everyone – even if some are less welcome than others
Mozilla has delivered the latest version of its web browser, alleviating a long-standing irritation for Linux users… but making its "AI" integration even more pervasive.
Firefox 141 is the latest normal release of the Moz browser, and along with it come point-releases for the last two ESR versions, as well. Last month we reported on Firefox 140. That's now up to Firefox 140.1.0 and it's joined by Firefox 128.13.0 too.
https://www.theregister.com/2025/07/23/firefox_141_relieves_linux_pain/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:12
The UK wants to ban some organizations from paying ransomware demands
Moves looks to de-incentivize hackers
A new set of cyber regulations are being introduced by the UK government in a move to protect British public services from the growing threat of ransomware.
Under the new guidelines, public organisations like the NHS, local councils, and schools will all be banned from paying ransom demands - a move which looks to dissuade criminals from targeting public institutions.
https://www.techradar.com/pro/security/the-uk-wants-to-ban-some-organizations-from-paying-ransomware-demands
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:07
Next Brave Browser release will block Windows from taking automatic screenshots
When Microsoft announced Windows Recall, a controversial AI feature designed to give users access to past activity on the PC by taking screenshots of pretty much anything that happened on the screen, it quickly realized that many were not heralding Recall as the first step into Windows' AI future.
Recall was criticized for its invasive nature and lack of security features. Microsoft went back to the drawing board and addressed some of the concerns in a new version of Recall.
https://www.ghacks.net/2025/07/23/next-brave-browser-release-will-block-windows-from-taking-automatic-screenshots/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
22 Jul 2025 19:30
Leaked data. Continuous glucose monitoring
Closing the Loop
Just before COVID struck the world, I was travelling through Colorado on a Sunday on a ski trip with some friends. My work phone pinged with a message from a colleague (the awesome @ who has now moved on to do even more cool things with APIs). That’s not particularly common as we’re pretty good at leaving each other alone at the weekend. Family and friends time is important. I therefore paid attention, despite 9 hours of time zone difference.
https://www.pentestpartners.com/security-blog/leaked-data-continuous-glucose-monitoring/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
22 Jul 2025 19:20
Russian-speaking hacker group disrupted by local researchers
Russian cybersecurity researchers have identified and dismantled a network of domains operated by a relatively obscure hacking group known as NyashTeam. The group has been selling malware and offering hosting services for cybercriminals since at least 2022, the Russia-based firm F6 said.
In a report published Tuesday, analysts said they uncovered and began dismantling more than 110 domains used by NyashTeam. The takedown was carried out with support from Russia’s Coordination Center for national domain names.
https://therecord.media/russia-hacker-group-disrupted-local-researchers
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
22 Jul 2025 19:04
Washington D.C. Real Estate Giant WC Smith Allegedly Breached – Over 1TB of Data for Sale Online
A major Washington, D.C.-based real estate development and property management firm, WC Smith, has allegedly fallen victim to a significant...
Sensitive Government Database of Argentine Children and Adolescents (R.E.U.N.A) Allegedly Leaked Online
A threat actor has allegedly leaked a sensitive database belonging to Argentina's Unified Statistical Registry of Children and Adolescents (R.E.U.N.A)....
Indonesian Regional Bank PT BPR Serang Allegedly Breached – Customer Loan Data For Sale
A significant data breach has allegedly hit PT Bank Perkreditan Rakyat (BPR) Serang, a regional development bank based in Serang,...
📡@
📡@
📡@
📡@
📡@
Читать полностью…
4200