cRyPtHoN™ INFOSEC (EN)
07 Jul 2025 14:50
Apple appeals €500 Million EU antitrust fine, calls it unlawful
Apple has officially appealed the €500 million fine from the EU. The European commission had found the company guilty of breaching the Digital Markets Act in April 2025.
According to the DMA, gatekeepers such as Apple should allow apps on the App Store to allow alternate payment options. Apple's scare tactics, which warned users about the risks of going to third party sources meant that it failed to meet these rules, and unsurprisingly it was accused of anti-steering practices. Meta was also slapped with a fine of €500 million for violating antitrust rules regarding its controversial way to offer ad-free services on Facebook, Instagram.
https://www.ghacks.net/2025/07/07/apple-appeals-e500-million-eu-antitrust-fine-calls-it-unlawful/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
06 Jul 2025 15:38
Louis Vuitton Korea Suffers Cyberattack as Customer Data Leaked
Louis Vuitton Korea suffered a cyberattack that compromised some customer data, the second time in recent months that hackers have targeted the world’s largest luxury group.
The Korean unit of LVMH’s flagship brand said an “unauthorized third party” accessed its systems on June 8 and some customer information was leaked. No financial data including credit card or bank account details were taken and the security breach has been contained, it said in a statement
https://www.bloomberg.com/news/articles/2025-07-04/louis-vuitton-korea-suffers-cyberattack-as-customer-data-leaked
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
06 Jul 2025 15:16
Ingram Micro Issues Statement Regarding Cybersecurity Incident
IRVINE, Calif.--(BUSINESS WIRE)-- Ingram Micro Holding Corporation (NYSE: INGM) (“Ingram Micro” or the “Company”) today issued the following statement with respect to an ongoing system outage:
Ingram Micro recently identified ransomware on certain of its internal systems. Promptly after learning of the issue, the Company took steps to secure the relevant environment, including proactively taking certain systems offline and implementing other mitigation measures. The Company also launched an investigation with the assistance of leading cybersecurity experts and notified law enforcement.
https://ir.ingrammicro.com/press-releases/detail/945/ingram-micro-issues-statement-regarding-cybersecurity-incident
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
06 Jul 2025 15:09
North Korea-linked threat actors spread macOS NimDoor malware via fake Zoom updates
North Korea-linked hackers use fake Zoom updates to spread macOS NimDoor malware, targeting crypto firms with stealthy backdoors.
North Korea-linked threat actors are targeting Web3 and crypto firms with NimDoor, a rare macOS backdoor disguised as a fake Zoom update.
https://securityaffairs.com/179643/malware/north-korea-linked-threat-actors-spread-macos-nimdoor-malware-via-fake-zoom-updates.html
https://www.sentinelone.com/labs/macos-nimdoor-dprk-threat-actors-target-web3-and-crypto-platforms-with-nim-based-malware/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
05 Jul 2025 17:17
Apache Under the Lens: Tomcat’s Partial PUT and Camel’s Header Hijack
Executive Summary
In March 2025, Apache disclosed CVE-2025-24813, a vulnerability impacting Apache Tomcat. This is a widely used platform that allows Apache web servers to run Java-based web applications. The flaw allows remote code execution, affecting Apache Tomcat versions 9.0.0.M1 to 9.0.98, 10.1.0-M1 to 10.1.34 and 11.0.0-M1 to 11.0.2.
https://unit42.paloaltonetworks.com/apache-cve-2025-24813-cve-2025-27636-cve-2025-29891/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
05 Jul 2025 17:11
Massive spike in use of .es domains for phishing abuse
¡Cuidado! Time to double-check before entering your Microsoft creds
Cybersecurity experts are reporting a 19x increase in malicious campaigns being launched from .es domains, making it the third most common, behind only .com and .ru.
The .es top-level domain (TLD) is the domain reserved for the country of Spain, or websites targeting Spanish-speaking audiences.
https://www.theregister.com/2025/07/05/spain_domains_phishing/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
05 Jul 2025 16:49
Taming Google Gemini: how to block it from accessing your apps
AI applications like Gemini, Meta AI or ChatGPT work best when they have access to your data. That is one reason why the heavy hitters are introducing their AIs in an enabled-state. Sometimes, there is not even an option to turn off the AI feature.
Connecting AI services deeper into your personal space offers other advantages, especially for advertising companies like Google or Meta. The more they know, the better they can push ads to you that you are more likely to click.
https://www.ghacks.net/2025/07/04/taming-google-gemini-how-to-block-it-from-accessing-your-apps/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
04 Jul 2025 16:51
Pet microchip scams and data leaks in the UK
We were recently on BBC Morning Live talking about issues with pet microchip data, helping some pet owners understand how they were being billed for services which they didn’t recall signing up for. There was so much more to this piece though, so we’ve written up our findings in more detail here.
It’s a rabbit hole of leaky data, inconsistency and privacy nightmares. Some chip database operators are good, some less so.
https://www.pentestpartners.com/security-blog/pet-microchip-scams-and-data-leaks-in-the-uk/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
04 Jul 2025 16:48
Two new pro-Russian hacktivist groups target Ukraine, recruit insiders
Two new pro-Russian hacktivist groups have emerged in recent months to mount cyberattacks on Ukraine and its allies.
The groups, calling themselves IT Army of Russia and TwoNet, use the Telegram messaging app to coordinate operations, recruit insiders and collect information about targets in Ukraine, according to a new report by cybersecurity firm Intel 471.
https://therecord.media/twonet-it-army-of-russia-new-hacktivist-groups-target-ukraine
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
04 Jul 2025 16:45
Ancient Bitcoin Worth Over $2 Billion on the Move After 14 Years of Dormancy
A significant amount of Bitcoin, mined in the early days of the cryptocurrency's existence, has been transferred for the first...
VoIP Provider Apntelecom Allegedly Breached by Imncrew Ransomware Group
The Imncrew ransomware group has allegedly targeted Asia Pacific Network (Apntelecom), a Texas-based premier provider of VoIP services. Apntelecom is...
Allianz Seguros Spain Allegedly Breached – Database of 4.6 Million Offered for Sale
A threat actor has allegedly put a database containing 4.6 million rows of data belonging to Allianz Seguros, the Spanish...
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
04 Jul 2025 16:40
Venture capital giant IdeaLab confirms breach, says private data was stolen in attack
Almost a year later, the company comes forward with more details
Technology startup incubator IdeaLab has confirmed suffered a cyberattack in which it lost sensitive company files.
The organization confirmed the news after an extensive investigation that took almost a year, noting in a data breach notification letter sent earlier to affected individuals the attack most likely took place on October 4 2024, when cybercriminals accessed its network and stole sensitive information on current and former employees, current and former support service contractors, and their dependents.
https://www.techradar.com/pro/security/venture-capital-giant-idealab-confirms-breach-says-private-data-was-stolen-in-attack
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
04 Jul 2025 16:36
Microsoft Store will soon let you install apps directly from top featured sections
Microsoft has announced a change for its app marketplace. You will soon be able to install apps directly from Microsoft Store's top featured sections
Currently, you have to open the Microsoft Store, click on app's banner on the featured pages, and then click on the install button. The announcement from Microsoft says that the option to install apps directly from the top featured sections will allow users to download their favorite products in fewer steps. It shaves a step, you open the Store app, and just hit install directly on an app's banner if it is on the front page (or a genre's main page). What if someone doesn't own a paid app or game? Does it function as a one-click buy button, probably not?
https://www.ghacks.net/2025/07/04/microsoft-store-will-soon-let-you-install-apps-directly-from-top-featured-sections
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
03 Jul 2025 16:29
Mastering OSINT and Cyber Threat Intelligence: Free Courses and Essential Skills
Introduction
Open Source Intelligence (OSINT) and Cyber Threat Intelligence (CTI) are critical skills in today’s cybersecurity landscape. These disciplines help security professionals identify threats, investigate cybercrimes, and strengthen defenses. Below, we highlight free training resources and provide hands-on technical guidance to enhance your OSINT and CTI expertise.
https://undercodetesting.com/mastering-osint-and-cyber-threat-intelligence-free-courses-and-essential-skills/
/channel/UndercodeCommunity/63394
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
03 Jul 2025 16:17
GitPhish: Open-source GitHub device code flow security assessment tool
GitPhish is an open-source security research tool built to replicate GitHub’s device code authentication flow. It features three core operating modes: an authentication server, automated landing page deployment, and an administrative management interface.
https://github.com/praetorian-inc/GitPhish
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
03 Jul 2025 16:12
[Updated]Austrian Crypto Giant Bitpanda Allegedly Breached – 5.4 Million User Data for Sale
Vienna-based fintech unicorn, Bitpanda, is allegedly the latest victim of a significant data breach, with a threat actor claiming to have exfiltrated the data of 5.4 million verified users across Europe. Bitpanda, a leading European cryptocurrency broker valued at over four billion dollars, offers trading in cryptocurrencies, stocks, and precious metals to its millions of customers. The company, founded in 2014, is a fully regulated and licensed platform, making the alleged breach a serious concern for the security of its users’ sensitive financial and personal information.
https://dailydarkweb.net/austrian-crypto-giant-bitpanda-allegedly-breached-5-4-million-user-data-for-sale/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
06 Jul 2025 15:41
The Role of JavaScript Bans in Darknet Market Survival
Introduction
Darknet markets (DNMs) have long been a hub for illicit trade, relying on anonymity and security to evade law enforcement. One critical survival tactic employed by successful markets is banning vendor JavaScript—a measure that mitigates phishing, scams, and exploit risks. This article explores the technical and operational reasons behind this strategy and its impact on market longevity.
https://undercodetesting.com/the-role-of-javascript-bans-in-darknet-market-survival/
/channel/UndercodeCommunity/63962
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
06 Jul 2025 15:18
Ingram Micro outage caused by SafePay ransomware attack
An ongoing outage at IT giant Ingram Micro is caused by a SafePay ransomware attack that led to the shutdown of internal systems, BleepingComputer has learned.
Ingram Micro is one of the world's largest business-to-business technology distributors and service providers, offering a range of solutions including hardware, software, cloud services, logistics, and training to resellers and managed service providers worldwide.
https://www.bleepingcomputer.com/news/security/ingram-micro-outage-caused-by-safepay-ransomware-attack/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
06 Jul 2025 15:12
This surprisingly simple way to hide hardware security keys in mainstream flash memory could pave the way for ultra-secure storage very soon
Concealable PUF tech hides encryption keys in regular V-NAND
As digital data volume continues to grow with the rise of AI, cloud services, and connected devices, securing that data has become increasingly difficult.
Traditional password-based protections are no longer enough, and while hardware security solutions like Physical Unclonable Functions (PUFs) offer stronger protection, they have struggled with real-world deployment.
https://www.techradar.com/pro/this-surprisingly-simple-way-to-hide-hardware-security-keys-in-mainstream-flash-memory-could-pave-the-way-for-ultra-secure-storage-very-soon
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
05 Jul 2025 17:19
RondoDox Unveiled: Breaking Down a New Botnet Threat
Affected Platforms: TBK DVR-4104. TBK DVR-4216. Four-Faith router models F3x24. Four-Faith router models F3x36.
Impacted Users: Any organization
Impact: Remote attackers gain control of the vulnerable systems
Severity Level: High
Over the past month, FortiGuard Labs has observed a significant increase in scanning activity, including a new botnet campaign that exploits two high-risk vulnerabilities: CVE-2024-3721 and CVE-2024-12856. Both have been publicly disclosed and are actively being targeted, posing serious risks to device security and overall network integrity.
https://www.fortinet.com/blog/threat-research/rondobox-unveiled-breaking-down-a-botnet-threat
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
05 Jul 2025 17:13
Hacker leaks Telefónica data allegedly stolen in a new breach
A hacker is threatening to leak 106GB of data allegedly stolen from Spanish telecommunications company Telefónica in a breach that the company did not acknowledge.
The threat actor has leaked a 2.6GB archive that unpacks into five gigabytes of data with a little over 20,000 files to prove that the breach occurred.
https://www.bleepingcomputer.com/news/security/hacker-leaks-telef-nica-data-allegedly-stolen-in-a-new-breach/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
05 Jul 2025 17:04
This guy tested 200 microSD cards, destroying 51 in the process - but I don't understand why he didn't test more 1TB memory cards
Self-funded setup used eight machines and 70 readers, writing 100TB of data daily
One man has taken the task of testing microSD cards to a level most users would never entertain.
Over the course of a year, tech enthusiast Matt Cole bought and tested 200 different models, ranging from 8GB to 1TB, with a particular focus on identifying fakes, testing performance, and measuring durability.
Fifty-one of those cards failed during testing.
https://www.techradar.com/pro/this-guy-tested-200-microsd-cards-destroying-51-in-the-process-but-i-dont-understand-why-he-didnt-test-more-1tb-memory-cards
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
05 Jul 2025 16:47
Critical Sudo bugs expose major Linux distros to local Root exploits
Critical Sudo flaws let local users gain root access on Linux systems, the vulnerabilities affect major Linux distributions.
Cybersecurity researchers disclosed two vulnerabilities in the Sudo command-line utility for Linux and Unix-like operating systems. Local attackers can exploit the vulnerabilities to escalate privileges to root on affected systems.
https://securityaffairs.com/179637/security/critical-sudo-bugs-expose-major-linux-distros-to-local-root-exploits.html
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
04 Jul 2025 16:50
City of Coppell, TX notifies 17K residents of data breach following ransomware attack
The City of Coppell, Texas, has started notifying 16,835 residents of a data breach following its cyber attack in October 2024. The following data has been impacted:
https://www.comparitech.com/uncategorized/city-of-coppell-tx-notifies-17k-residents-of-data-breach-following-ransomware-attack/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
04 Jul 2025 16:47
Researchers Defeat Content Security Policy Protections via HTML Injection
In a breakthrough that challenges the perceived safety of nonce-based Content Security Policy (CSP), security researchers have demonstrated a practical method to bypass these protections by combining HTML injection, CSS-based nonce leakage, and browser cache manipulation.
https://gbhackers.com/researchers-defeat-content-security-policy-protections/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
04 Jul 2025 16:43
Grafana releases critical security update for Image Renderer plugin
Grafana Labs has addressed four Chromium vulnerabilities in critical security updates for the Grafana Image Renderer plugin and Synthetic Monitoring Agent.
Although the issues impact Chromium and were fixed by the open-source project two weeks ago, Grafana received a bug bounty submission from security researcher Alex Chapman proving their exploitability in the Grafana components.
https://www.bleepingcomputer.com/news/security/grafana-releases-critical-security-update-for-image-renderer-plugin/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
04 Jul 2025 16:39
Suraksha Catalyst and The Cyber Express to Launch Candid On-Site Podcast Series at Black Hat USA 2025
The global cybersecurity community is gearing up for Black Hat USA 2025, one of the industry’s most awaited events. The six days program, August 2 to 7, 2025, returns once again to the Mandalay Bay Convention Center in Las Vegas.
Suraksha Catalyst, in collaboration with The Cyber Express, will be launching an on-site podcast series broadcast live from the event floor.
https://thecyberexpress.com/black-hat-usa-2025-podcast-series/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
04 Jul 2025 16:34
Google fined $314M for misusing idle Android users’ data
Google must pay $314M after a California court ruled it misused idle Android users’ data. The case ends a class-action suit filed in August 2019.
A San Jose jury ruled that Google misused Android users’ cell phone data and must pay over $314.6 million in damages to affected users in California.
https://securityaffairs.com/179628/laws-and-regulations/google-fined-314m-for-misusing-idle-android-users-data.html
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
03 Jul 2025 16:18
China-linked hackers spoof big-name brand websites to steal shoppers' payment info
Researchers have uncovered a sprawling network of fraudulent retail websites impersonating major global brands in an effort to steal payment data from online shoppers.
The campaign, which has been active for months, uses thousands of phishing websites that mimic the design and product listings of well-known retailers — including Apple, PayPal, Nordstrom, Hermes, and Michael Kors — to trick users into entering their credit card information.
https://therecord.media/china-linked-hackers-website-phishing
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
03 Jul 2025 16:14
Cl0p Ransomware’s Exfiltration Process Exposes RCE Vulnerability
A newly disclosed vulnerability in the Python-based data-exfiltration utility used by the notorious Cl0p ransomware group has exposed the cybercrime operation itself to potential attack.
The flaw, cataloged as GCVE-1-2025-0002, was identified by Italian security researcher Lorenzo N and published by the Computer Incident Response Center Luxembourg (CIRCL) on July 1, 2025.
https://gbhackers.com/cl0p-ransomwares-exfiltration-process-exposes-rce-vulnerability/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
cRyPtHoN™ INFOSEC (EN)
03 Jul 2025 16:09
NimDoor crypto-theft macOS malware revives itself when killed
North Korean state-backed hackers have been using a new family of macOS malware called NimDoor in a campaign that targets web3 and cryptocurrency organizations.
Researchers analyzing the payloads discovered that the attacker relied on unusual techniques and a previously unseen signal-based persistence mechanism.
https://www.bleepingcomputer.com/news/security/nimdoor-crypto-theft-macos-malware-revives-itself-when-killed/
📡@
📡@
📡@
📡@
📡@
Читать полностью…
4200