cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:43
Meet Hazel Burton
Welcome to the first episode of Humans of Talos, a new video interview series that shines a spotlight on team members across Talos. Featuring their personal stories, career journeys and unique perspectives, you'll get an inside look into what it's like to work in our organization and the people who make the internet more secure for all.
https://blog.talosintelligence.com/humans-of-talos-meet-hazel-burton/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:41
FBI urges vigilance against Interlock ransomware group behind recent healthcare attacks
The Interlock ransomware is being used to target critical infrastructure and businesses across North America and Europe, the FBI and other federal agencies warned Tuesday.
Federal officials said the group emerged in late September 2024 and has used uncommon methods of obtaining initial access to devices such as so-called drive-by downloads — when hackers use a compromised website or malicious link to make malware automatically download onto a victim’s computer without them knowing.
https://therecord.media/fbi-vigilance-interlock-ransomware
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:38
Global Fashion Label SABO’s 3.5M Customer Records Exposed Online
Global fashion brand SABO suffers data breach, exposing 3.5+ million customer records including names, addresses, and order details. Learn about the risks and what to do.
A data leak has impacted SABO, a global fashion and design company based in Australia, exposing over 3.5 million customer records. The breach, discovered by cybersecurity researcher Jeremiah Fowler, involved a misconfigured database containing 292 GB of sensitive customer information that was left unsecured and without password protection. The findings were published by vpnMentor and shared with HackRead.com.
https://hackread.com/global-fashion-label-sabo-customer-records-leaked/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:35
France: New Data Breach Could Affect 340,000 Jobseekers
The French employment agency, France Travail, has suffered a data breach that could affect hundreds of thousands of jobseekers.
The agency sent an email to its users on July 22, warning them of a data breach that was detected on July 13 on its “employment” portal, which is used by its partners.
https://www.infosecurity-magazine.com/news/france-data-breach-jobseekers/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:27
Indonesian Port Operator Pelindo Subsidiary Allegedly Breached – Sensitive Data and Source Code for Sale
A threat actor has allegedly put the source code and a 300 MB database belonging to a subsidiary of PT Pelabuhan Indonesia (Pelindo), Indonesia’s state-owned port operator, up for sale on a dark web forum. The targeted entity appears to be PT Tanjung Emas Daya Sejahtera (TEDS), a company majority-owned by a Pelindo subsidiary, which provides services related to port operations. The breach allegedly involves an application named “TEDS TALY,” version 1.624. Pelindo is a critical entity in Indonesia’s infrastructure, managing a vast network of ports and logistics services, making any breach a significant concern for national trade and security.
https://dailydarkweb.net/indonesian-port-operator-pelindo-subsidiary-allegedly-breached-sensitive-data-and-source-code-for-sale/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:20
Firefox 141 relieves chronic Linux pain in the neck
But there are tweaks for everyone – even if some are less welcome than others
Mozilla has delivered the latest version of its web browser, alleviating a long-standing irritation for Linux users… but making its "AI" integration even more pervasive.
Firefox 141 is the latest normal release of the Moz browser, and along with it come point-releases for the last two ESR versions, as well. Last month we reported on Firefox 140. That's now up to Firefox 140.1.0 and it's joined by Firefox 128.13.0 too.
https://www.theregister.com/2025/07/23/firefox_141_relieves_linux_pain/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:12
The UK wants to ban some organizations from paying ransomware demands
Moves looks to de-incentivize hackers
A new set of cyber regulations are being introduced by the UK government in a move to protect British public services from the growing threat of ransomware.
Under the new guidelines, public organisations like the NHS, local councils, and schools will all be banned from paying ransom demands - a move which looks to dissuade criminals from targeting public institutions.
https://www.techradar.com/pro/security/the-uk-wants-to-ban-some-organizations-from-paying-ransomware-demands
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:07
Next Brave Browser release will block Windows from taking automatic screenshots
When Microsoft announced Windows Recall, a controversial AI feature designed to give users access to past activity on the PC by taking screenshots of pretty much anything that happened on the screen, it quickly realized that many were not heralding Recall as the first step into Windows' AI future.
Recall was criticized for its invasive nature and lack of security features. Microsoft went back to the drawing board and addressed some of the concerns in a new version of Recall.
https://www.ghacks.net/2025/07/23/next-brave-browser-release-will-block-windows-from-taking-automatic-screenshots/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
22 Jul 2025 19:30
Leaked data. Continuous glucose monitoring
Closing the Loop
Just before COVID struck the world, I was travelling through Colorado on a Sunday on a ski trip with some friends. My work phone pinged with a message from a colleague (the awesome @ who has now moved on to do even more cool things with APIs). That’s not particularly common as we’re pretty good at leaving each other alone at the weekend. Family and friends time is important. I therefore paid attention, despite 9 hours of time zone difference.
https://www.pentestpartners.com/security-blog/leaked-data-continuous-glucose-monitoring/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
22 Jul 2025 19:20
Russian-speaking hacker group disrupted by local researchers
Russian cybersecurity researchers have identified and dismantled a network of domains operated by a relatively obscure hacking group known as NyashTeam. The group has been selling malware and offering hosting services for cybercriminals since at least 2022, the Russia-based firm F6 said.
In a report published Tuesday, analysts said they uncovered and began dismantling more than 110 domains used by NyashTeam. The takedown was carried out with support from Russia’s Coordination Center for national domain names.
https://therecord.media/russia-hacker-group-disrupted-local-researchers
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
22 Jul 2025 19:04
Washington D.C. Real Estate Giant WC Smith Allegedly Breached – Over 1TB of Data for Sale Online
A major Washington, D.C.-based real estate development and property management firm, WC Smith, has allegedly fallen victim to a significant...
Sensitive Government Database of Argentine Children and Adolescents (R.E.U.N.A) Allegedly Leaked Online
A threat actor has allegedly leaked a sensitive database belonging to Argentina's Unified Statistical Registry of Children and Adolescents (R.E.U.N.A)....
Indonesian Regional Bank PT BPR Serang Allegedly Breached – Customer Loan Data For Sale
A significant data breach has allegedly hit PT Bank Perkreditan Rakyat (BPR) Serang, a regional development bank based in Serang,...
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
22 Jul 2025 18:56
Humans can be tracked with unique 'fingerprint' based on how their bodies block Wi-Fi signals
Wi-Fi spy with my little eye that same guy I saw at another hotspot
Researchers in Italy have developed a way to create a biometric identifier for people based on the way the human body interferes with Wi-Fi signal propagation.
The scientists claim this identifier, a pattern derived from Wi-Fi Channel State Information, can re-identify a person in other locations most of the time when a Wi-Fi signal can be measured. Observers could therefore track a person as they pass through signals sent by different Wi-Fi networks – even if they’re not carrying a phone.
https://www.theregister.com/2025/07/22/whofi_wifi_identifier/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
22 Jul 2025 16:42
Dior begins sending data breach notifications following major cyber incident
Customers are being notified of the January attack
Global fashion powerhouse Dior has begin sending out data breach notification letters to customers impacted by a January 2025 cyberattack.
The outlined to customers what happened, what kind of data was taken, and what it did to contain the incident.
https://www.techradar.com/pro/security/dior-begins-sending-data-breach-notifications-following-major-cyber-incident
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
22 Jul 2025 16:25
Firefox 141 introduces local AI to help with tab management
Mozilla plans to release Firefox 141 to the public today. The new version of the open source Firefox web browser is a smaller release, at least when you look at the changes it makes. The highlight is a new local AI feature that is designed to help users manage tabs better. It also introduces a few nice-to-have usability changes and security fixes.
https://www.ghacks.net/2025/07/22/firefox-141-introduces-local-ai-to-help-with-tab-management/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
21 Jul 2025 15:30
Poland investigates sabotage after air traffic control disruption delayed flights
Poland’s internal security agency is investigating whether sabotage was behind a temporary outage in the country’s air traffic control system that disrupted operations at multiple airports on Saturday, causing widespread delays.
Poland’s air navigation authority, PANSA, said it had restored the country’s primary air traffic management system after a sudden technical failure on Saturday morning forced airspace restrictions and halted several departures from major airports, including Warsaw, Kraków and Gdańsk.
https://therecord.media/poland-investigates-potential-sabotage-air-traffic-control
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:42
Ransomware gang claims cyber attack on Susan B. Allen Memorial Hospital
Yesterday, ransomware gang Kawa4096 uploaded the Susan B. Allen Memorial Hospital to its data leak site, alleging to have stolen 210 GB of data. The hospital in El Dorado, Kansas, confirmed it was investigating a potential cyber attack on July 18, 2025, after suffering a system outage.
https://www.comparitech.com/news/ransomware-gang-claims-cyber-attack-on-susan-b-allen-memorial-hospital/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:39
Cervantes: Open-source, collaborative platform for pentesters and red teams
Cervantes is an open-source collaborative platform built for pentesters and red teams. It offers a centralized workspace to manage projects, clients, vulnerabilities, and reports, all in one place. By streamlining data organization and team coordination, it helps reduce the time and complexity involved in planning and executing penetration tests.
https://github.com/CervantesSec/cervantes
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:36
Ransomware Groups Weaponize RMM Tools to Infiltrate Networks and Exfiltrate Data
Ransomware gangs have increasingly co-opted Remote Monitoring and Management (RMM) tools originally designed for IT operations to orchestrate sophisticated network intrusions, persistence, lateral movement, and data exfiltration.
Investigations conducted in the second half of 2024 and the first quarter of 2025 revealed this pattern across incidents affecting two US-based organizations and one UK-based entity.
https://gbhackers.com/ransomware-groups-weaponize-rmm-tools/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:33
Critical Vulnerabilities Patched in Sophos Firewall
Sophos has patched five vulnerabilities in Sophos Firewall that could allow remote attackers to execute arbitrary code.
Sophos this week announced the rollout of patches for five vulnerabilities in Sophos Firewall that could lead to remote code execution (RCE).
The first issue, tracked as CVE-2025-6704 (CVSS score of 9.8), is a critical arbitrary file writing flaw in the Secure PDF eXchange (SPX) feature of the appliance that could allow remote, unauthenticated attackers to execute arbitrary code.
https://www.securityweek.com/critical-vulnerabilities-patched-in-sophos-firewall/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:26
Operator of Jetflix illegal streaming service gets 7 years in prison
The ringleader of the Jetflicks illegal paid streaming operation, a massive service with tens of thousands of subscribers, was sentenced to seven years in prison.
Together with four other accomplices, 42-year-old Kristopher Lee Dallmann of Las Vegas, Nevada, was convicted in June 2024 of conspiracy to commit copyright infringement.
https://www.bleepingcomputer.com/news/technology/operator-of-jetflix-illegal-streaming-service-gets-7-years-in-prison/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:17
Apple alerted Iranians to iPhone spyware attacks, say researchers
Apple notified more than a dozen Iranians in recent months that their iPhones had been targeted with government spyware, according to security researchers.
https://techcrunch.com/2025/07/22/apple-alerted-iranians-to-iphone-spyware-attacks-say-researchers/
https://www.bloomberg.com/news/articles/2025-07-22/iranians-targeted-with-spyware-in-lead-up-to-war-with-israel
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:10
Replit AI Agent Deletes Codebase and Lies About It — CEO Issues Apology
Replit, a browser-based AI coding platform, has come under radar after a disaster involving its autonomous AI agent. The Replit AI agent incident, which involved the deletion of a company’s codebase during a test run, has sparked a concern about the reliability and safety of AI-powered development tools.
https://thecyberexpress.com/replit-ai-agent-incident/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
23 Jul 2025 14:05
Microsoft linked attacks on SharePoint flaws to China-nexus actors
Microsoft linked SharePoint exploits to China-nexus groups Linen Typhoon, Violet Typhoon, and Storm-2603, active since July 7, 2025.
Microsoft confirmed that China-linked groups Linen Typhoon, Violet Typhoon, and Storm-2603 exploited SharePoint flaws for initial access as early as July 7, 2025.
https://securityaffairs.com/180267/apt/microsoft-linked-attacks-on-sharepoint-flaws-to-china-nexus-actors.html
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
22 Jul 2025 19:25
Ransomware gang says it hacked PC maker iBUYPOWER
Ransomware gang Lynx yesterday took credit for a June data breach at gaming PC maker iBUYPOWER and its sister brand, HYTE.
The company on June 25 announced it suffered a cybersecurity incident four days prior.
https://www.comparitech.com/news/ransomware-gang-says-it-hacked-pc-maker-ibuypower/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
22 Jul 2025 19:08
Vulnerabilities Expose Helmholz Industrial Routers to Hacking
Eight vulnerabilities, including ones allowing full control over a device, have been discovered and patched in Helmholz REX 100 industrial routers.
Several potentially serious vulnerabilities were recently found and patched in routers made by Germany-based industrial and automation solutions provider Helmholz.
https://www.securityweek.com/vulnerabilities-expose-helmholz-industrial-routers-to-hacking/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
22 Jul 2025 19:00
Cisco: Maximum-severity ISE RCE flaws now exploited in attacks
Cisco is warning that three recently patched critical remote code execution vulnerabilities in Cisco Identity Services Engine (ISE) are now being actively exploited in attacks.
Although the vendor did not specify how they were being exploited and whether they were successful, applying the security updates as soon as possible is now critical.
https://www.bleepingcomputer.com/news/security/cisco-maximum-severity-ise-rce-flaws-now-exploited-in-attacks/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
22 Jul 2025 18:28
Serial spyware founder Scott Zuckerman wants the FTC to unban him from the surveillance industry
The founder of a spyware company who was banned from the surveillance industry following an earlier data breach is now seeking to undo the ban, according to the Federal Trade Commission.
https://techcrunch.com/2025/07/21/serial-spyware-founder-scott-zuckerman-wants-the-ftc-to-unban-him-from-the-surveillance-industry/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
22 Jul 2025 16:31
Debug Code in ExpressVPN Windows App Caused IP Leak via RDP Port
ExpressVPN has alerted users of a security issue in its Windows application that allowed certain Remote Desktop Protocol (RDP) traffic to bypass the VPN tunnel, potentially exposing users’ IP addresses. This vulnerability primarily affected TCP traffic routed over port 3389, the standard port for RDP connections, which are often used in enterprise environments rather than by typical consumers.
https://thecyberexpress.com/expressvpn-fixes-windows-vpn-leak/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
22 Jul 2025 14:46
Hardcoded credentials found in HPE Aruba Instant On Wi-Fi devices
Hardcoded credentials in HPE Aruba Instant On Wi-Fi devices, let attackers to bypass authentication and access the web interface.
HPE disclosed hardcoded credentials in Aruba Instant On Wi-Fi devices that allow attackers to bypass login and access the web interface. The flaw tracked as CVE-2025-37103 (CVSS score of 9.8) impacts devices running firmware version 3.2.0.1 and below.
https://securityaffairs.com/180230/security/hardcoded-credentials-hpe-aruba-instant-on-wi-fi-devices.html
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
21 Jul 2025 15:26
Calico: Open-source solution for Kubernetes networking, security, and observability
Calico is an open-source unified platform that brings together networking, security, and observability for Kubernetes, whether you’re running in the cloud, on-premises, or at the edge. The solution uses the lowest amount of processing resources, which is especially important in edge environments where compute resources are limited.
https://github.com/projectcalico/calico
📡@
📡@
📡@
📡@
📡@
Читать полностью…
4200