crypthon_infosec_en | Unsorted

Telegram-канал crypthon_infosec_en - cRyPtHoN™ INFOSEC (EN)

4200

Latest news of INFOSEC (EN) 1. Latest Vulnerability. 2. Latest Patch. 3. Privacy Breach. 4. Security Breach. 5. InfoSec News. German Version 🇩🇪 @cRyPtHoN_INFOSEC_DE France Version 🇫🇷 @cRyPtHoN_INFOSEC_FR Italian Version 🇮🇹 @cRyPtHoN_INFOSEC_IT

Subscribe to a channel

cRyPtHoN™ INFOSEC (EN)

Meet Hazel Burton

Welcome to the first episode of Humans of Talos, a new video interview series that shines a spotlight on team members across Talos. Featuring their personal stories, career journeys and unique perspectives, you'll get an inside look into what it's like to work in our organization and the people who make the internet more secure for all.

https://blog.talosintelligence.com/humans-of-talos-meet-hazel-burton/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

FBI urges vigilance against Interlock ransomware group behind recent healthcare attacks

The Interlock ransomware is being used to target critical infrastructure and businesses across North America and Europe, the FBI and other federal agencies warned Tuesday.

Federal officials said the group emerged in late September 2024 and has used uncommon methods of obtaining initial access to devices such as so-called drive-by downloads — when hackers use a compromised website or malicious link to make malware automatically download onto a victim’s computer without them knowing.

https://therecord.media/fbi-vigilance-interlock-ransomware

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Global Fashion Label SABO’s 3.5M Customer Records Exposed Online

Global fashion brand SABO suffers data breach, exposing 3.5+ million customer records including names, addresses, and order details. Learn about the risks and what to do.

A data leak has impacted SABO, a global fashion and design company based in Australia, exposing over 3.5 million customer records. The breach, discovered by cybersecurity researcher Jeremiah Fowler, involved a misconfigured database containing 292 GB of sensitive customer information that was left unsecured and without password protection. The findings were published by vpnMentor and shared with HackRead.com.

https://hackread.com/global-fashion-label-sabo-customer-records-leaked/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

France: New Data Breach Could Affect 340,000 Jobseekers

The French employment agency, France Travail, has suffered a data breach that could affect hundreds of thousands of jobseekers.

The agency sent an email to its users on July 22, warning them of a data breach that was detected on July 13 on its “employment” portal, which is used by its partners.

https://www.infosecurity-magazine.com/news/france-data-breach-jobseekers/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Indonesian Port Operator Pelindo Subsidiary Allegedly Breached – Sensitive Data and Source Code for Sale

A threat actor has allegedly put the source code and a 300 MB database belonging to a subsidiary of PT Pelabuhan Indonesia (Pelindo), Indonesia’s state-owned port operator, up for sale on a dark web forum. The targeted entity appears to be PT Tanjung Emas Daya Sejahtera (TEDS), a company majority-owned by a Pelindo subsidiary, which provides services related to port operations. The breach allegedly involves an application named “TEDS TALY,” version 1.624. Pelindo is a critical entity in Indonesia’s infrastructure, managing a vast network of ports and logistics services, making any breach a significant concern for national trade and security.

https://dailydarkweb.net/indonesian-port-operator-pelindo-subsidiary-allegedly-breached-sensitive-data-and-source-code-for-sale/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Firefox 141 relieves chronic Linux pain in the neck

But there are tweaks for everyone – even if some are less welcome than others

Mozilla has delivered the latest version of its web browser, alleviating a long-standing irritation for Linux users… but making its "AI" integration even more pervasive.

Firefox 141 is the latest normal release of the Moz browser, and along with it come point-releases for the last two ESR versions, as well. Last month we reported on Firefox 140. That's now up to Firefox 140.1.0 and it's joined by Firefox 128.13.0 too.

https://www.theregister.com/2025/07/23/firefox_141_relieves_linux_pain/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

The UK wants to ban some organizations from paying ransomware demands

Moves looks to de-incentivize hackers

A new set of cyber regulations are being introduced by the UK government in a move to protect British public services from the growing threat of ransomware.

Under the new guidelines, public organisations like the NHS, local councils, and schools will all be banned from paying ransom demands - a move which looks to dissuade criminals from targeting public institutions.

https://www.techradar.com/pro/security/the-uk-wants-to-ban-some-organizations-from-paying-ransomware-demands

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Next Brave Browser release will block Windows from taking automatic screenshots

When Microsoft announced Windows Recall, a controversial AI feature designed to give users access to past activity on the PC by taking screenshots of pretty much anything that happened on the screen, it quickly realized that many were not heralding Recall as the first step into Windows' AI future.

Recall was criticized for its invasive nature and lack of security features. Microsoft went back to the drawing board and addressed some of the concerns in a new version of Recall.

https://www.ghacks.net/2025/07/23/next-brave-browser-release-will-block-windows-from-taking-automatic-screenshots/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Leaked data. Continuous glucose monitoring

Closing the Loop

Just before COVID struck the world, I was travelling through Colorado on a Sunday on a ski trip with some friends. My work phone pinged with a message from a colleague (the awesome @evstykas who has now moved on to do even more cool things with APIs). That’s not particularly common as we’re pretty good at leaving each other alone at the weekend. Family and friends time is important. I therefore paid attention, despite 9 hours of time zone difference.

https://www.pentestpartners.com/security-blog/leaked-data-continuous-glucose-monitoring/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Russian-speaking hacker group disrupted by local researchers

Russian cybersecurity researchers have identified and dismantled a network of domains operated by a relatively obscure hacking group known as NyashTeam. The group has been selling malware and offering hosting services for cybercriminals since at least 2022, the Russia-based firm F6 said.

In a report published Tuesday, analysts said they uncovered and began dismantling more than 110 domains used by NyashTeam. The takedown was carried out with support from Russia’s Coordination Center for national domain names.

https://therecord.media/russia-hacker-group-disrupted-local-researchers

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Washington D.C. Real Estate Giant WC Smith Allegedly Breached – Over 1TB of Data for Sale Online

A major Washington, D.C.-based real estate development and property management firm, WC Smith, has allegedly fallen victim to a significant...

Sensitive Government Database of Argentine Children and Adolescents (R.E.U.N.A) Allegedly Leaked Online

A threat actor has allegedly leaked a sensitive database belonging to Argentina's Unified Statistical Registry of Children and Adolescents (R.E.U.N.A)....

Indonesian Regional Bank PT BPR Serang Allegedly Breached – Customer Loan Data For Sale

A significant data breach has allegedly hit PT Bank Perkreditan Rakyat (BPR) Serang, a regional development bank based in Serang,...

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Humans can be tracked with unique 'fingerprint' based on how their bodies block Wi-Fi signals

Wi-Fi spy with my little eye that same guy I saw at another hotspot

Researchers in Italy have developed a way to create a biometric identifier for people based on the way the human body interferes with Wi-Fi signal propagation.

The scientists claim this identifier, a pattern derived from Wi-Fi Channel State Information, can re-identify a person in other locations most of the time when a Wi-Fi signal can be measured. Observers could therefore track a person as they pass through signals sent by different Wi-Fi networks – even if they’re not carrying a phone.

https://www.theregister.com/2025/07/22/whofi_wifi_identifier/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Dior begins sending data breach notifications following major cyber incident

Customers are being notified of the January attack

Global fashion powerhouse Dior has begin sending out data breach notification letters to customers impacted by a January 2025 cyberattack.

The outlined to customers what happened, what kind of data was taken, and what it did to contain the incident.

https://www.techradar.com/pro/security/dior-begins-sending-data-breach-notifications-following-major-cyber-incident

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Firefox 141 introduces local AI to help with tab management

Mozilla plans to release Firefox 141 to the public today. The new version of the open source Firefox web browser is a smaller release, at least when you look at the changes it makes. The highlight is a new local AI feature that is designed to help users manage tabs better. It also introduces a few nice-to-have usability changes and security fixes.

https://www.ghacks.net/2025/07/22/firefox-141-introduces-local-ai-to-help-with-tab-management/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Poland investigates sabotage after air traffic control disruption delayed flights

Poland’s internal security agency is investigating whether sabotage was behind a temporary outage in the country’s air traffic control system that disrupted operations at multiple airports on Saturday, causing widespread delays.

Poland’s air navigation authority, PANSA, said it had restored the country’s primary air traffic management system after a sudden technical failure on Saturday morning forced airspace restrictions and halted several departures from major airports, including Warsaw, Kraków and Gdańsk.

https://therecord.media/poland-investigates-potential-sabotage-air-traffic-control

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Ransomware gang claims cyber attack on Susan B. Allen Memorial Hospital

Yesterday, ransomware gang Kawa4096 uploaded the Susan B. Allen Memorial Hospital to its data leak site, alleging to have stolen 210 GB of data. The hospital in El Dorado, Kansas, confirmed it was investigating a potential cyber attack on July 18, 2025, after suffering a system outage.

https://www.comparitech.com/news/ransomware-gang-claims-cyber-attack-on-susan-b-allen-memorial-hospital/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Cervantes: Open-source, collaborative platform for pentesters and red teams

Cervantes is an open-source collaborative platform built for pentesters and red teams. It offers a centralized workspace to manage projects, clients, vulnerabilities, and reports, all in one place. By streamlining data organization and team coordination, it helps reduce the time and complexity involved in planning and executing penetration tests.

https://github.com/CervantesSec/cervantes

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Ransomware Groups Weaponize RMM Tools to Infiltrate Networks and Exfiltrate Data

Ransomware gangs have increasingly co-opted Remote Monitoring and Management (RMM) tools originally designed for IT operations to orchestrate sophisticated network intrusions, persistence, lateral movement, and data exfiltration.

Investigations conducted in the second half of 2024 and the first quarter of 2025 revealed this pattern across incidents affecting two US-based organizations and one UK-based entity.

https://gbhackers.com/ransomware-groups-weaponize-rmm-tools/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Critical Vulnerabilities Patched in Sophos Firewall

Sophos has patched five vulnerabilities in Sophos Firewall that could allow remote attackers to execute arbitrary code.

Sophos this week announced the rollout of patches for five vulnerabilities in Sophos Firewall that could lead to remote code execution (RCE).

The first issue, tracked as CVE-2025-6704 (CVSS score of 9.8), is a critical arbitrary file writing flaw in the Secure PDF eXchange (SPX) feature of the appliance that could allow remote, unauthenticated attackers to execute arbitrary code.

https://www.securityweek.com/critical-vulnerabilities-patched-in-sophos-firewall/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Operator of Jetflix illegal streaming service gets 7 years in prison

The ringleader of the Jetflicks illegal paid streaming operation, a massive service with tens of thousands of subscribers, was sentenced to seven years in prison.

Together with four other accomplices, 42-year-old Kristopher Lee Dallmann of Las Vegas, Nevada, was convicted in June 2024 of conspiracy to commit copyright infringement.

https://www.bleepingcomputer.com/news/technology/operator-of-jetflix-illegal-streaming-service-gets-7-years-in-prison/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Apple alerted Iranians to iPhone spyware attacks, say researchers

Apple notified more than a dozen Iranians in recent months that their iPhones had been targeted with government spyware, according to security researchers.

https://techcrunch.com/2025/07/22/apple-alerted-iranians-to-iphone-spyware-attacks-say-researchers/

https://www.bloomberg.com/news/articles/2025-07-22/iranians-targeted-with-spyware-in-lead-up-to-war-with-israel

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Replit AI Agent Deletes Codebase and Lies About It — CEO Issues Apology

Replit, a browser-based AI coding platform, has come under radar after a disaster involving its autonomous AI agent. The Replit AI agent incident, which involved the deletion of a company’s codebase during a test run, has sparked a concern about the reliability and safety of AI-powered development tools.

https://thecyberexpress.com/replit-ai-agent-incident/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Microsoft linked attacks on SharePoint flaws to China-nexus actors

Microsoft linked SharePoint exploits to China-nexus groups Linen Typhoon, Violet Typhoon, and Storm-2603, active since July 7, 2025.

Microsoft confirmed that China-linked groups Linen Typhoon, Violet Typhoon, and Storm-2603 exploited SharePoint flaws for initial access as early as July 7, 2025.

https://securityaffairs.com/180267/apt/microsoft-linked-attacks-on-sharepoint-flaws-to-china-nexus-actors.html

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Ransomware gang says it hacked PC maker iBUYPOWER

Ransomware gang Lynx yesterday took credit for a June data breach at gaming PC maker iBUYPOWER and its sister brand, HYTE.

The company on June 25 announced it suffered a cybersecurity incident four days prior.

https://www.comparitech.com/news/ransomware-gang-says-it-hacked-pc-maker-ibuypower/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Vulnerabilities Expose Helmholz Industrial Routers to Hacking

Eight vulnerabilities, including ones allowing full control over a device, have been discovered and patched in Helmholz REX 100 industrial routers.

Several potentially serious vulnerabilities were recently found and patched in routers made by Germany-based industrial and automation solutions provider Helmholz.

https://www.securityweek.com/vulnerabilities-expose-helmholz-industrial-routers-to-hacking/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Cisco: Maximum-severity ISE RCE flaws now exploited in attacks

Cisco is warning that three recently patched critical remote code execution vulnerabilities in Cisco Identity Services Engine (ISE) are now being actively exploited in attacks.

Although the vendor did not specify how they were being exploited and whether they were successful, applying the security updates as soon as possible is now critical.

https://www.bleepingcomputer.com/news/security/cisco-maximum-severity-ise-rce-flaws-now-exploited-in-attacks/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Serial spyware founder Scott Zuckerman wants the FTC to unban him from the surveillance industry

The founder of a spyware company who was banned from the surveillance industry following an earlier data breach is now seeking to undo the ban, according to the Federal Trade Commission.

https://techcrunch.com/2025/07/21/serial-spyware-founder-scott-zuckerman-wants-the-ftc-to-unban-him-from-the-surveillance-industry/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Debug Code in ExpressVPN Windows App Caused IP Leak via RDP Port

ExpressVPN has alerted users of a security issue in its Windows application that allowed certain Remote Desktop Protocol (RDP) traffic to bypass the VPN tunnel, potentially exposing users’ IP addresses. This vulnerability primarily affected TCP traffic routed over port 3389, the standard port for RDP connections, which are often used in enterprise environments rather than by typical consumers.

https://thecyberexpress.com/expressvpn-fixes-windows-vpn-leak/

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Hardcoded credentials found in HPE Aruba Instant On Wi-Fi devices

Hardcoded credentials in HPE Aruba Instant On Wi-Fi devices, let attackers to bypass authentication and access the web interface.

HPE disclosed hardcoded credentials in Aruba Instant On Wi-Fi devices that allow attackers to bypass login and access the web interface. The flaw tracked as CVE-2025-37103 (CVSS score of 9.8) impacts devices running firmware version 3.2.0.1 and below.

https://securityaffairs.com/180230/security/hardcoded-credentials-hpe-aruba-instant-on-wi-fi-devices.html

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…

cRyPtHoN™ INFOSEC (EN)

Calico: Open-source solution for Kubernetes networking, security, and observability

Calico is an open-source unified platform that brings together networking, security, and observability for Kubernetes, whether you’re running in the cloud, on-premises, or at the edge. The solution uses the lowest amount of processing resources, which is especially important in edge environments where compute resources are limited.

https://github.com/projectcalico/calico

📡@cRyPtHoN_INFOSEC_IT
📡@cRyPtHoN_INFOSEC_FR
📡@cRyPtHoN_INFOSEC_EN
📡@cRyPtHoN_INFOSEC_DE
📡@BlackBox_Archiv

Читать полностью…
Subscribe to a channel