cRyPtHoN™ INFOSEC (EN)
27 Jul 2025 15:56
The Hidden Tracking in Your Printer: Understanding Machine Identification Codes (MICs)
Introduction
Did you know that most modern printers add nearly invisible yellow dots to every printed page? These dots, known as Machine Identification Codes (MICs), encode serial numbers and timestamps, allowing documents to be traced back to their source. Originally designed to combat counterfeiting, MICs raise significant privacy concerns for businesses and individuals alike.
https://undercodetesting.com/the-hidden-tracking-in-your-printer-understanding-machine-identification-codes-mics/
/channel/UndercodeCommunity/69193
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
27 Jul 2025 15:49
Allianz Life confirms data breach impacts majority of 1.4 million customers
Insurance company Allianz Life has confirmed that the personal information for the "majority" of its 1.4 million customers was exposed in a data breach that occurred earlier this month.
"On July 16, 2025, a malicious threat actor gained access to a third-party, cloud-based CRM system used by Allianz Life Insurance Company of North America (Allianz Life)," an Allianz Life spokesperson told BleepingComputer.
https://www.bleepingcomputer.com/news/security/allianz-life-confirms-data-breach-impacts-majority-of-14-million-customers/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
27 Jul 2025 15:44
Next-gen iPhone CPU could be 500x more powerful than the SoC in the original iPhone
iPhone 17 Pro will continue Apple's meteoric performance trajectory
A new investigation from PC Watch has compared the performance of Apple’s smartphone chips over time, and found the iPhone CPU has improved by 384.9x since the original model launched in 2007.
The analysis used Geekbench data to track performance across generations, estimating an average annual improvement rate of around 40%.
https://www.techradar.com/pro/next-gen-iphone-cpu-could-be-500x-more-powerful-than-the-soc-in-the-original-iphone
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
26 Jul 2025 15:54
Hackers Use Weaponized .HTA Files to Infect Victims with Red Ransomware
CloudSEK’s TRIAD team uncovered an active development site deploying Clickfix-themed malware linked to the Epsilon Red ransomware.
This variant deviates from traditional clipboard-based command injection tactics by directing victims to a secondary page on the same domain, where malicious shell commands are executed silently through ActiveXObject(“WScript.Shell”) to facilitate payload delivery.
https://gbhackers.com/hackers-use-weaponized-hta-files-to-infect-victims/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
26 Jul 2025 15:51
Amazon AI coding agent hacked to inject data wiping commands
A hacker planted data wiping code in a version of Amazon's generative AI-powered assistant, the Q Developer Extension for Visual Studio Code.
Amazon Q is a free extension that uses generative AI to help developers code, debug, create documentation, and set up custom configurations.
https://www.bleepingcomputer.com/news/security/amazon-ai-coding-agent-hacked-to-inject-data-wiping-commands/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
26 Jul 2025 15:47
Arizona woman sentenced for aiding North Korea in U.S. IT job fraud scheme
Arizona woman gets 8 years for helping North Korea-linked threat actors to infiltrate 309 U.S. firms with fake IT jobs.
Christina Marie Chapman (50) from Arizona, was sentenced to 102 months in prison for aiding North Korean IT workers in infiltrating 309 U.S. companies. She pleaded guilty to charges including aggravated identity theft, conspiracy to defraud the U.S., and conspiracy to commit money laundering, wire fraud, identity fraud, and bank fraud.
https://securityaffairs.com/180398/intelligence/arizona-woman-sentenced-for-aiding-north-korea-in-u-s-it-job-fraud-scheme.html
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
25 Jul 2025 16:53
BRB, pausing for a "Sanctuary Moon" marathon
Welcome to this week’s edition of the Threat Source newsletter.
Yesterday, Cisco Talos debuted the first Humans of Talos episode, where I interviewed Hazel Burton, a face and voice you’re probably familiar with. In our conversation, Hazel shared not just the story of how she found her way onto the team, but also the passions and hobbies that energize her work. Plus, she offered a sneak peek into what she’s most looking forward to at Black Hat this year! With future Humans of Talos episodes, you’ll get to learn not only about the people behind the research, but the people behind the communications, operations, and design, too.
https://blog.talosintelligence.com/brb-pausing-for-a-sanctuary-moon-marathon/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
25 Jul 2025 16:51
BlackSuit ransomware gang’s darknet websites seized by police
The BlackSuit ransomware gang’s darknet extortion sites were seized on Thursday in an operation involving police from more than nine countries.
A splashpage replacing the gang’s list of victims on its main TOR domain as well as its private negotiation pages states these sites have “been seized by U.S. Homeland Security Investigations” as part of a coordinated international operation.
https://therecord.media/blacksuit-ransomware-gang-website-takedown
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
25 Jul 2025 16:48
Scavenger Trojan Targets Crypto Wallets via Game Mods and Browser Flaws
New Scavenger Trojan steals crypto wallet data using fake game mods and browser flaws, targeting MetaMask, Exodus, Bitwarden, and other popular apps.
The latest report from Doctor Web has detailed a malware campaign involving a new family of trojans called Trojan.Scavenger (Scavenger Trojan). These aren’t your typical malicious files that simply run in the background and steal data; they’re carefully structured to abuse a vulnerability in how Windows loads certain components. The attackers used this to infect targeted systems and extract sensitive information, especially from crypto wallets and password managers.
https://hackread.com/scavenger-trojan-crypto-wallets-game-mods-browser-flaws/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
25 Jul 2025 16:44
UK Student Sentenced to Prison for Selling Phishing Kits
Ollie Holman was sentenced to prison for selling over 1,000 phishing kits that caused estimated losses of over $134 million.
A British student was sentenced to seven years in prison for selling more than 1,000 phishing kits impersonating legitimate entities in 24 countries.
https://www.securityweek.com/uk-student-sentenced-to-prison-for-selling-phishing-kits/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
25 Jul 2025 16:42
Woman gets 8 years for aiding North Koreans infiltrate 300 US firms
Christina Marie Chapman, a 50-year-old woman from Arizona, was sentenced to 102 months in prison after pleading guilty to her involvement in a scheme that enabled North Korean IT workers to infiltrate 309 U.S. companies.
Chapman was charged in May 2024, together with Ukrainian citizen Oleksandr Didenko, with aggravated identity theft, conspiracy to defraud the United States, and conspiracy to commit money laundering, wire fraud, identity fraud, and bank fraud.
https://www.bleepingcomputer.com/news/security/us-woman-sentenced-to-8-years-in-prison-for-running-laptop-farm-helping-north-koreans-infiltrate-300-firms/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
25 Jul 2025 16:39
AI slop and fake reports are coming for your bug bounty programs
So-called AI slop, meaning LLM-generated low-quality images, videos, and text, has taken over the internet in the last couple of years, polluting websites, social media platforms, at least one newspaper, and even real-world events.
https://techcrunch.com/2025/07/24/ai-slop-and-fake-reports-are-exhausting-some-security-bug-bounties/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
25 Jul 2025 16:34
Someone is developing a Windows-to-Linux migration tool
Millions of PC users who run Windows 10 on their devices can't upgrade their devices to Windows 11 because of stricter system requirements. Microsoft introduced the cut deliberately, well aware that it would affect a sizeable number of customers.
https://www.ghacks.net/2025/07/25/someone-is-developing-a-windows-to-linux-migration-tool/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
24 Jul 2025 14:30
Unmasking the new Chaos RaaS group attacks
Victimology
The new Chaos has impacted a wide variety of business verticals and seems to be opportunistic without focusing on any specific verticals. Victims have been predominantly in the U.S. and a fewer in the UK, New Zealand and India according to the actor’s data leak site.
https://blog.talosintelligence.com/new-chaos-ransomware/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
24 Jul 2025 14:27
FBI: Thousands of people involved in 'The Com' targeting victims with ransomware, swatting
The FBI released a warning on Wednesday about a loosely-organized cybercriminal organization known as The Com that is launching cyberattacks to steal money and gain access to sensitive information.
The agency released three bulletins about the group — which is composed primarily of English-speaking minors but has expanded to include thousands of people who engage in a variety of cybercriminal activity. The activities include ransomware attacks, swatting, extortion of minors, the distribution of child sexual abuse material, distributed denial-of-service (DDoS) attacks, SIM Swapping, cryptocurrency theft and more.
https://therecord.media/fbi-the-com-ransomware-swatting-alert
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
27 Jul 2025 15:52
New Gunra Ransomware Targets Windows Systems, Encrypts Files, and Erases Shadow Copies
AhnLab’s Threat Intelligence Platform (TIP) has been instrumental in monitoring ransomware activities across dark web forums and marketplaces.
Through its Live View > Dark Web Watch feature, security teams can track active groups, their collaborations, and emerging attack vectors, allowing organizations to preemptively bolster defenses.
https://gbhackers.com/new-gunra-ransomware-targets-windows-systems/
https://asec.ahnlab.com/en/89206/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
27 Jul 2025 15:46
Dating safety app Tea breached, exposing 72,000 user images
Tea, an app that allows women to post anonymous comments about men they’ve supposedly dated, announced Friday that it has suffered a data breach, with hackers gaining access to 72,000 images.
https://techcrunch.com/2025/07/26/dating-safety-app-tea-breached-exposing-72000-user-images/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
26 Jul 2025 15:56
NASCAR confirms data breach after March cyberattack
NASCAR warned customers this week of a data breach caused by a cyberattack in March.
The incident exposed the Social Security numbers of an unknown number of victims. In filings with regulators in Maine, New Hampshire and Massachusetts, the company declined to say how many people were affected.
https://therecord.media/nascar-confirms-data-breach
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
26 Jul 2025 15:52
Mexican Public Water Utility Allegedly Breached – Data of Millions Offered for Sale
A threat actor has allegedly breached and is now selling a massive database belonging to Servicio de Agua y Drenaje de Monterrey, I.P.D. (AyD). The victim is a major public company responsible for providing essential water, drainage, and sewage services to millions of citizens in the Mexican state of Nuevo Leon. The data is being offered for sale on a dark web forum, posing a significant risk to the residents who rely on this critical public utility.
https://dailydarkweb.net/mexican-public-water-utility-allegedly-breached-data-of-millions-offered-for-sale/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
26 Jul 2025 15:48
Allianz Life says ‘majority’ of customers’ personal data stolen in cyberattack
U.S. insurance giant Allianz Life has confirmed to TechCrunch that hackers stole the personal information of the “majority” of its customers, financial professionals, and employees during a mid-July data breach.
https://techcrunch.com/2025/07/26/allianz-life-says-majority-of-customers-personal-data-stolen-in-cyberattack/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
25 Jul 2025 16:55
Android Services 101
What are Android services?
Android splits its communications into multiple components, some of which we’ve written about before. One of these components is service, which is a generic component that runs in a background thread. It can be communicated with by the local program through common IPC mechanisms.
https://www.pentestpartners.com/security-blog/android-services-101/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
25 Jul 2025 16:52
Morgan County 911 emergency services confirms ransomware attack via Qilin
After a cyber attack on Morgan County 911 in May 2025, ransomware gang Qilin came forward to claim the attack last night. It uploaded various documents as part of its proof pack, including what appear to be financial records.
https://www.comparitech.com/news/morgan-county-911-emergency-services-confirms-ransomware-attack-via-qilin/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
25 Jul 2025 16:50
Autoswagger: Open-source tool to expose hidden API authorization flaws
Autoswagger is a free, open-source tool that scans OpenAPI-documented APIs for broken authorization vulnerabilities. These flaws are still common, even at large enterprises with mature security teams, and are especially dangerous because they can be exploited with little technical skill.
https://github.com/intruder-io/autoswagger/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
25 Jul 2025 16:46
Fire Ant Exploits VMware Flaws to Compromise ESXi Hosts and vCenter Environments
Virtualization and networking infrastructure have been targeted by a threat actor codenamed Fire Ant as part of a prolonged cyber espionage campaign.
The activity, observed this year, is primarily designed Now to infiltrate organizations' VMware ESXi and vCenter environments as well as network appliances, Sygnia said in a new report published today.
https://thehackernews.com/2025/07/fire-ant-exploits-vmware-flaw-to.html
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
25 Jul 2025 16:43
Argentina Santa Cruz Provincial Police Data Allegedly Leaked on Dark Web
The Santa Cruz Provincial Police in Argentina has allegedly become the victim of a significant data breach. Sensitive information, purportedly belonging to the law enforcement agency, was posted on a dark web forum by a threat actor. The data was released for free, exposing what appears to be internal documents and detailed personnel records of the police force. The post, dated July 24, 2025, claims the archive contains thousands of records.
https://dailydarkweb.net/argentina-santa-cruz-provincial-police-data-allegedly-leaked-on-dark-web/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
25 Jul 2025 16:41
Freelance dev shop Toptal caught serving malware after GitHub account break-in
Malicious code lurking in over 5,000 downloads, says Socket researcher
Developer freelancing platform Toptal has been inadvertently spreading malicious code after attackers broke into its systems and began distributing malware through developer accounts.
Toptal bills itself as an elite software developer freelance business where every applicant "is rigorously tested and vetted."
https://www.theregister.com/2025/07/25/toptal_malware_attack/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
25 Jul 2025 16:36
This major cybercrime forum might have just exposed all its users
A leak forum did what leak forums do - but to its own users
In a moment of poetic irony, an underground “leaking and cracking forum” exposed the IP addresses of all its logged-in users, essentially doxxing them to everyone - security researchers, rival criminals - and most notably, law enforcement.
https://www.techradar.com/pro/security/this-major-cybercrime-forum-might-have-just-exposed-all-its-users
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
25 Jul 2025 16:32
Koske, a new AI-Generated Linux malware appears in the threat landscape
Koske is a new Linux malware designed for cryptomining, likely developed with the help of artificial intelligence.
Koske is a new Linux AI-generated malware that was developed for cryptomining activities. Aquasec researchers reported that the malicious code uses rootkits and polyglot image file abuse to evade detection.
https://securityaffairs.com/180355/malware/koske-a-new-ai-generated-linux-malware-appears-in-the-threat-landscape.html
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
24 Jul 2025 14:28
Commercial cleaning company Prestige notifies 65K people of data breach claimed by ransomware gang
Prestige Maintenance USA yesterday confirmed it notified 65,452 people of a January 2025 data breach that compromised their personal information.
https://www.comparitech.com/news/commercial-cleaning-company-prestige-notifies-65k-people-of-data-breach-claimed-by-ransomware-gang/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
24 Jul 2025 14:24
Fake Receipt Generators Fuel Rise in Online Fraud
A new investigation into counterfeit receipt scams has uncovered a growing fraud ecosystem centered around tools like MaisonReceipts, which enable users to fabricate receipts from major retail brands with startling realism.
https://www.infosecurity-magazine.com/news/fake-receipt-generators-fuel
📡@
📡@
📡@
📡@
📡@
Читать полностью…
4200