crypthon_infosec_en | Unsorted

Telegram-канал crypthon_infosec_en - cRyPtHoN™ INFOSEC (EN)

4200

Latest news of INFOSEC (EN) 1. Latest Vulnerability. 2. Latest Patch. 3. Privacy Breach. 4. Security Breach. 5. InfoSec News. German Version 🇩🇪 @cRyPtHoN_INFOSEC_DE France Version 🇫🇷 @cRyPtHoN_INFOSEC_FR Italian Version 🇮🇹 @cRyPtHoN_INFOSEC_IT

Subscribe to a channel

cRyPtHoN™ INFOSEC (EN)

The Hidden Tracking in Your Printer: Understanding Machine Identification Codes (MICs)

Introduction

Did you know that most modern printers add nearly invisible yellow dots to every printed page? These dots, known as Machine Identification Codes (MICs), encode serial numbers and timestamps, allowing documents to be traced back to their source. Originally designed to combat counterfeiting, MICs raise significant privacy concerns for businesses and individuals alike.

https://undercodetesting.com/the-hidden-tracking-in-your-printer-understanding-machine-identification-codes-mics/

/channel/UndercodeCommunity/69193

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Allianz Life confirms data breach impacts majority of 1.4 million customers

Insurance company Allianz Life has confirmed that the personal information for the "majority" of its 1.4 million customers was exposed in a data breach that occurred earlier this month.

"On July 16, 2025, a malicious threat actor gained access to a third-party, cloud-based CRM system used by Allianz Life Insurance Company of North America (Allianz Life)," an Allianz Life spokesperson told BleepingComputer.

https://www.bleepingcomputer.com/news/security/allianz-life-confirms-data-breach-impacts-majority-of-14-million-customers/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Next-gen iPhone CPU could be 500x more powerful than the SoC in the original iPhone

iPhone 17 Pro will continue Apple's meteoric performance trajectory

A new investigation from PC Watch has compared the performance of Apple’s smartphone chips over time, and found the iPhone CPU has improved by 384.9x since the original model launched in 2007.

The analysis used Geekbench data to track performance across generations, estimating an average annual improvement rate of around 40%.

https://www.techradar.com/pro/next-gen-iphone-cpu-could-be-500x-more-powerful-than-the-soc-in-the-original-iphone

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Hackers Use Weaponized .HTA Files to Infect Victims with Red Ransomware

CloudSEK’s TRIAD team uncovered an active development site deploying Clickfix-themed malware linked to the Epsilon Red ransomware.

This variant deviates from traditional clipboard-based command injection tactics by directing victims to a secondary page on the same domain, where malicious shell commands are executed silently through ActiveXObject(“WScript.Shell”) to facilitate payload delivery.

https://gbhackers.com/hackers-use-weaponized-hta-files-to-infect-victims/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Amazon AI coding agent hacked to inject data wiping commands

A hacker planted data wiping code in a version of Amazon's generative AI-powered assistant, the Q Developer Extension for Visual Studio Code.

Amazon Q is a free extension that uses generative AI to help developers code, debug, create documentation, and set up custom configurations.

https://www.bleepingcomputer.com/news/security/amazon-ai-coding-agent-hacked-to-inject-data-wiping-commands/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Arizona woman sentenced for aiding North Korea in U.S. IT job fraud scheme

Arizona woman gets 8 years for helping North Korea-linked threat actors to infiltrate 309 U.S. firms with fake IT jobs.

Christina Marie Chapman (50) from Arizona, was sentenced to 102 months in prison for aiding North Korean IT workers in infiltrating 309 U.S. companies. She pleaded guilty to charges including aggravated identity theft, conspiracy to defraud the U.S., and conspiracy to commit money laundering, wire fraud, identity fraud, and bank fraud.

https://securityaffairs.com/180398/intelligence/arizona-woman-sentenced-for-aiding-north-korea-in-u-s-it-job-fraud-scheme.html

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

BRB, pausing for a "Sanctuary Moon" marathon

Welcome to this week’s edition of the Threat Source newsletter.

Yesterday, Cisco Talos debuted the first Humans of Talos episode, where I interviewed Hazel Burton, a face and voice you’re probably familiar with. In our conversation, Hazel shared not just the story of how she found her way onto the team, but also the passions and hobbies that energize her work. Plus, she offered a sneak peek into what she’s most looking forward to at Black Hat this year! With future Humans of Talos episodes, you’ll get to learn not only about the people behind the research, but the people behind the communications, operations, and design, too.

https://blog.talosintelligence.com/brb-pausing-for-a-sanctuary-moon-marathon/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

BlackSuit ransomware gang’s darknet websites seized by police

The BlackSuit ransomware gang’s darknet extortion sites were seized on Thursday in an operation involving police from more than nine countries.

A splashpage replacing the gang’s list of victims on its main TOR domain as well as its private negotiation pages states these sites have “been seized by U.S. Homeland Security Investigations” as part of a coordinated international operation.

https://therecord.media/blacksuit-ransomware-gang-website-takedown

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Scavenger Trojan Targets Crypto Wallets via Game Mods and Browser Flaws

New Scavenger Trojan steals crypto wallet data using fake game mods and browser flaws, targeting MetaMask, Exodus, Bitwarden, and other popular apps.

The latest report from Doctor Web has detailed a malware campaign involving a new family of trojans called Trojan.Scavenger (Scavenger Trojan). These aren’t your typical malicious files that simply run in the background and steal data; they’re carefully structured to abuse a vulnerability in how Windows loads certain components. The attackers used this to infect targeted systems and extract sensitive information, especially from crypto wallets and password managers.

https://hackread.com/scavenger-trojan-crypto-wallets-game-mods-browser-flaws/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

UK Student Sentenced to Prison for Selling Phishing Kits

Ollie Holman was sentenced to prison for selling over 1,000 phishing kits that caused estimated losses of over $134 million.

A British student was sentenced to seven years in prison for selling more than 1,000 phishing kits impersonating legitimate entities in 24 countries.

https://www.securityweek.com/uk-student-sentenced-to-prison-for-selling-phishing-kits/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Woman gets 8 years for aiding North Koreans infiltrate 300 US firms

Christina Marie Chapman, a 50-year-old woman from Arizona, was sentenced to 102 months in prison after pleading guilty to her involvement in a scheme that enabled North Korean IT workers to infiltrate 309 U.S. companies.

Chapman was charged in May 2024, together with Ukrainian citizen Oleksandr Didenko, with aggravated identity theft, conspiracy to defraud the United States, and conspiracy to commit money laundering, wire fraud, identity fraud, and bank fraud.

https://www.bleepingcomputer.com/news/security/us-woman-sentenced-to-8-years-in-prison-for-running-laptop-farm-helping-north-koreans-infiltrate-300-firms/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

AI slop and fake reports are coming for your bug bounty programs

So-called AI slop, meaning LLM-generated low-quality images, videos, and text, has taken over the internet in the last couple of years, polluting websites, social media platforms, at least one newspaper, and even real-world events.

https://techcrunch.com/2025/07/24/ai-slop-and-fake-reports-are-exhausting-some-security-bug-bounties/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Someone is developing a Windows-to-Linux migration tool

Millions of PC users who run Windows 10 on their devices can't upgrade their devices to Windows 11 because of stricter system requirements. Microsoft introduced the cut deliberately, well aware that it would affect a sizeable number of customers.

https://www.ghacks.net/2025/07/25/someone-is-developing-a-windows-to-linux-migration-tool/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Unmasking the new Chaos RaaS group attacks

Victimology

The new Chaos has impacted a wide variety of business verticals and seems to be opportunistic without focusing on any specific verticals. Victims have been predominantly in the U.S. and a fewer in the UK, New Zealand and India according to the actor’s data leak site.

https://blog.talosintelligence.com/new-chaos-ransomware/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

FBI: Thousands of people involved in 'The Com' targeting victims with ransomware, swatting

The FBI released a warning on Wednesday about a loosely-organized cybercriminal organization known as The Com that is launching cyberattacks to steal money and gain access to sensitive information.

The agency released three bulletins about the group — which is composed primarily of English-speaking minors but has expanded to include thousands of people who engage in a variety of cybercriminal activity. The activities include ransomware attacks, swatting, extortion of minors, the distribution of child sexual abuse material, distributed denial-of-service (DDoS) attacks, SIM Swapping, cryptocurrency theft and more.

https://therecord.media/fbi-the-com-ransomware-swatting-alert

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

New Gunra Ransomware Targets Windows Systems, Encrypts Files, and Erases Shadow Copies

AhnLab’s Threat Intelligence Platform (TIP) has been instrumental in monitoring ransomware activities across dark web forums and marketplaces.

Through its Live View > Dark Web Watch feature, security teams can track active groups, their collaborations, and emerging attack vectors, allowing organizations to preemptively bolster defenses.

https://gbhackers.com/new-gunra-ransomware-targets-windows-systems/

https://asec.ahnlab.com/en/89206/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Dating safety app Tea breached, exposing 72,000 user images

Tea, an app that allows women to post anonymous comments about men they’ve supposedly dated, announced Friday that it has suffered a data breach, with hackers gaining access to 72,000 images.

https://techcrunch.com/2025/07/26/dating-safety-app-tea-breached-exposing-72000-user-images/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

NASCAR confirms data breach after March cyberattack

NASCAR warned customers this week of a data breach caused by a cyberattack in March.

The incident exposed the Social Security numbers of an unknown number of victims. In filings with regulators in Maine, New Hampshire and Massachusetts, the company declined to say how many people were affected.

https://therecord.media/nascar-confirms-data-breach

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Mexican Public Water Utility Allegedly Breached – Data of Millions Offered for Sale

A threat actor has allegedly breached and is now selling a massive database belonging to Servicio de Agua y Drenaje de Monterrey, I.P.D. (AyD). The victim is a major public company responsible for providing essential water, drainage, and sewage services to millions of citizens in the Mexican state of Nuevo Leon. The data is being offered for sale on a dark web forum, posing a significant risk to the residents who rely on this critical public utility.

https://dailydarkweb.net/mexican-public-water-utility-allegedly-breached-data-of-millions-offered-for-sale/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack

U.S. insurance giant Allianz Life has confirmed to TechCrunch that hackers stole the personal information of the “majority” of its customers, financial professionals, and employees during a mid-July data breach.

https://techcrunch.com/2025/07/26/allianz-life-says-majority-of-customers-personal-data-stolen-in-cyberattack/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Android Services 101

What are Android services?

Android splits its communications into multiple components, some of which we’ve written about before. One of these components is service, which is a generic component that runs in a background thread. It can be communicated with by the local program through common IPC mechanisms.

https://www.pentestpartners.com/security-blog/android-services-101/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Morgan County 911 emergency services confirms ransomware attack via Qilin

After a cyber attack on Morgan County 911 in May 2025, ransomware gang Qilin came forward to claim the attack last night. It uploaded various documents as part of its proof pack, including what appear to be financial records.

https://www.comparitech.com/news/morgan-county-911-emergency-services-confirms-ransomware-attack-via-qilin/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Autoswagger: Open-source tool to expose hidden API authorization flaws

Autoswagger is a free, open-source tool that scans OpenAPI-documented APIs for broken authorization vulnerabilities. These flaws are still common, even at large enterprises with mature security teams, and are especially dangerous because they can be exploited with little technical skill.

https://github.com/intruder-io/autoswagger/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Fire Ant Exploits VMware Flaws to Compromise ESXi Hosts and vCenter Environments

Virtualization and networking infrastructure have been targeted by a threat actor codenamed Fire Ant as part of a prolonged cyber espionage campaign.

The activity, observed this year, is primarily designed Now to infiltrate organizations' VMware ESXi and vCenter environments as well as network appliances, Sygnia said in a new report published today.

https://thehackernews.com/2025/07/fire-ant-exploits-vmware-flaw-to.html

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Argentina Santa Cruz Provincial Police Data Allegedly Leaked on Dark Web

The Santa Cruz Provincial Police in Argentina has allegedly become the victim of a significant data breach. Sensitive information, purportedly belonging to the law enforcement agency, was posted on a dark web forum by a threat actor. The data was released for free, exposing what appears to be internal documents and detailed personnel records of the police force. The post, dated July 24, 2025, claims the archive contains thousands of records.

https://dailydarkweb.net/argentina-santa-cruz-provincial-police-data-allegedly-leaked-on-dark-web/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Freelance dev shop Toptal caught serving malware after GitHub account break-in

Malicious code lurking in over 5,000 downloads, says Socket researcher

Developer freelancing platform Toptal has been inadvertently spreading malicious code after attackers broke into its systems and began distributing malware through developer accounts.

Toptal bills itself as an elite software developer freelance business where every applicant "is rigorously tested and vetted."

https://www.theregister.com/2025/07/25/toptal_malware_attack/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

This major cybercrime forum might have just exposed all its users

A leak forum did what leak forums do - but to its own users

In a moment of poetic irony, an underground “leaking and cracking forum” exposed the IP addresses of all its logged-in users, essentially doxxing them to everyone - security researchers, rival criminals - and most notably, law enforcement.

https://www.techradar.com/pro/security/this-major-cybercrime-forum-might-have-just-exposed-all-its-users

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Koske, a new AI-Generated Linux malware appears in the threat landscape

Koske is a new Linux malware designed for cryptomining, likely developed with the help of artificial intelligence.

Koske is a new Linux AI-generated malware that was developed for cryptomining activities. Aquasec researchers reported that the malicious code uses rootkits and polyglot image file abuse to evade detection.

https://securityaffairs.com/180355/malware/koske-a-new-ai-generated-linux-malware-appears-in-the-threat-landscape.html

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Commercial cleaning company Prestige notifies 65K people of data breach claimed by ransomware gang

Prestige Maintenance USA yesterday confirmed it notified 65,452 people of a January 2025 data breach that compromised their personal information.

https://www.comparitech.com/news/commercial-cleaning-company-prestige-notifies-65k-people-of-data-breach-claimed-by-ransomware-gang/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Fake Receipt Generators Fuel Rise in Online Fraud

A new investigation into counterfeit receipt scams has uncovered a growing fraud ecosystem centered around tools like MaisonReceipts, which enable users to fabricate receipts from major retail brands with startling realism.

https://www.infosecurity-magazine.com/news/fake-receipt-generators-fuel

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…
Subscribe to a channel