breach Archives

Winsage

April 7, 2025

EncryptHub’s dual life: Cybercriminal vs Windows bug-bounty researcher

EncryptHub has been linked to breaches affecting 618 organizations and is associated with the disclosure of two Windows zero-day vulnerabilities, CVE-2025-24061 and CVE-2025-24071, to Microsoft. The vulnerabilities were addressed during the March 2025 Patch Tuesday updates, and the reporter was acknowledged as 'SkorikARI with SkorikARI.' Investigations revealed a connection between EncryptHub and SkorikARI, following an incident where EncryptHub exposed their credentials. SkorikARI's accounts were used to report the vulnerabilities, contributing to Windows security. Evidence linking SkorikARI to EncryptHub includes password files exfiltrated from EncryptHub's system and a GitHub account associated with SkorikARI. EncryptHub has previously attempted to market zero-day vulnerabilities on underground forums and is believed to have affiliations with ransomware groups. The threat actor has executed social engineering campaigns, phishing attacks, and developed a custom infostealer known as Fickle Stealer. They created fictitious social media profiles and websites, such as a fake project management application called GartoriSpace, which installed malicious files on unsuspecting users. EncryptHub has also been implicated in exploiting a Microsoft Management Console vulnerability, CVE-2025-26633.

Tech Optimizer

April 7, 2025

Scanguard

Scanguard is owned by Total Security LTD and offers a comprehensive security and optimization suite that includes virus protection, system performance improvements, junk file removal, a password vault, and a VPN. Its security features include real-time protection against malware, ransomware, spyware, and adware, facilitated by specialized guards. A free version is available for Windows, but it has limitations regarding update speed. The initial scan on a 512 GB SSD takes under five minutes and covers various checks. The app prompts users to upgrade for certain features, although discounts are available for first-time users. Core features include Malware Guard, Ransomware Guard, Spyware Guard, Aware Guard, and WebShield for real-time protection against malicious sites. Scanguard also offers identity theft protection services and a system optimizer that cleans junk files and manages applications. An Android app is available, but there is no iPhone app, and the Android version must be downloaded from the Scanguard website. Scanguard's pricing includes a free version and a paid plan with a promotional rate for the first year, with payment through PayPal. The paid plan offers real-time protection, cloud-based threat detection, and customer support. Recent evaluations show a detection rate of 96.94% in a VB100 test, with a 0.000% false alarm rate, but it is not currently VB100 certified. The user interface is modern and intuitive, though the installation process may take time due to database updates.

AppWizard

April 6, 2025

Wrong signal: Donald Trump shoots the messaging app instead of the messmaker

Maher became the non-executive chair at Web Summit after leaving her CEO position last year to lead NPR. She also chairs the Signal Foundation, known for its encrypted messaging service, which was used by Trump administration members during military planning in Yemen, leading to criticism from Trump supporters due to her previous comments about Trump and her advocacy for restricting free speech. Meanwhile, Gordon Hardie, CEO of O-I Glass, received a total compensation package of €1.46 million last year, which included a base salary of €682,322, stock awards, and additional benefits. The University of Limerick recently ceased posting on X due to declining engagement and concerns over content, though it remains open to reconsidering its stance. Peter Vandermeersch, CEO of Mediahuis Ireland, is writing a book titled “Ierland. Guinness, God en Google,” which will explore various aspects of Irish life and culture.

TrendTechie

April 5, 2025

Ремастер культовой The Last of Us Part II только вышел на ПК, а его сразу же взломали и слили на торренты

The remastered version of The Last of Us Part II has been released on PC, available on Steam and Epic Games, but is not accessible in the CIS regions. It includes a Russian voiceover. The game does not feature Denuvo protection, which may have led to a quick breach and online dissemination of game files. Originally released on PlayStation 4 in 2020, it continues the story of Ellie and Joel set five years after a pandemic in America. The game has received over 300 awards, including "Game of the Year."

Tech Optimizer

March 31, 2025

Traditional EDR can’t keep up with modern cyber threats

By 2025, the global cost of cybercrime is projected to reach .5 trillion annually. Many organizations continue to use outdated Endpoint Detection and Response (EDR) solutions, which are increasingly ineffective against sophisticated cyber threats. EDR was introduced in 2013 but has struggled to keep pace with evolving attack techniques. Traditional EDR is reactive, responding to incidents after they occur, and relies on known Indicators of Compromise (IoCs), which limits its effectiveness. Real-world examples of traditional EDR failures include a misconfigured update to CrowdStrike’s Falcon EDR causing an IT outage, the Akira ransomware exploiting an unsecured webcam, the Medibank breach despite multiple alerts from EDR, and the BlackCat ransomware attack on Henry Schein. These incidents highlight the inadequacy of traditional EDR in preventing modern threats. The next phase of endpoint security is Preemptive Endpoint Protection (PEP), which actively prevents attacks rather than just detecting and responding to them. PEP utilizes proactive strategies like Automated Moving Target Defense (AMTD) and Adaptive Exposure Management (AEM), and research indicates that organizations using proactive security save 30% more on breach costs compared to those relying solely on reactive measures.

AppWizard

March 28, 2025

Was the Signal Chat Illegal?

Some Democrats are claiming that the unintentional inclusion of a journalist in a Trump administration group chat about a military operation in Yemen may be criminal, with legal experts suggesting it could breach the Espionage Act. The chat took place on Signal and involved high-ranking national security officials, including Defense Secretary Pete Hegseth, who reportedly shared details about imminent military strikes. The Department of Defense prohibits sharing non-public information through messaging apps, and the Pentagon later warned of vulnerabilities in Signal that could be exploited by Russian hackers. House Speaker Mike Johnson called the use of Signal a "mistake," while several Democrats, including Sen. Elizabeth Warren and Rep. Jim Himes, expressed outrage and called for accountability. Legal experts stated that the chat likely violated the Espionage Act due to potential gross negligence in handling sensitive information. Despite the serious implications, there is skepticism about any prosecution occurring against those involved. The use of Signal raises concerns regarding compliance with federal open-records laws, as messages can be automatically deleted.

AppWizard

March 27, 2025

Which is the most secure messaging app? Expert weighs in after U.S. war plan leak blunder

A significant intelligence breach occurred when Jeffrey Goldberg, editor-in-chief of The Atlantic, was inadvertently added to a sensitive Signal group chat that included discussions about U.S. military operations targeting Houthi rebels in Yemen, involving Vice President JD Vance and Defense Secretary Pete Hegseth. Senate Democratic Leader Chuck Schumer described it as "one of the most stunning breaches of military intelligence." Experts emphasized that the breach resulted from human error, not flaws in encryption technology. Signal is considered the gold standard for secure messaging due to its end-to-end encryption and lack of metadata collection. Other platforms like iMessage and WhatsApp have varying levels of security, with iMessage requiring both parties to use Apple devices for full protection, and WhatsApp collecting metadata. Telegram does not enable end-to-end encryption by default for standard messages. The incident highlights that even the most secure messaging applications cannot prevent breaches caused by human oversight.

AppWizard

March 27, 2025

The Trump Administration Accidentally Texted Me Its War Plans

On March 15, news emerged about U.S. military strikes against Houthi targets in Yemen, which had been hinted at through discussions in a Signal group involving senior officials, including the Secretary of Defense and Secretary of State. The group, titled “Houthi PC small group,” discussed operational details of the strikes, raising concerns about the appropriateness of using an encrypted messaging app for sensitive military discussions. On March 14, participants debated the risks and benefits of the action, including its impact on global trade and oil prices. Just before the strikes, a message outlined the operational plan, leading to celebratory reactions after the attacks began. A National Security Council spokesperson confirmed the authenticity of the group and acknowledged a journalist's unintended inclusion. Legal experts noted that discussing classified information on Signal could violate the Espionage Act and federal records laws, raising issues about the credibility of U.S. national security communications.

AppWizard

March 27, 2025

Florida’s Mike Waltz and Marco Rubio on text chain that included journalist. What we know

A Florida politician, National Security Adviser Mike Waltz, was involved in a national security breach after inadvertently including a journalist in a group chat on the Signal messaging app. The chat contained sensitive discussions about U.S. airstrikes against Iranian-backed militants in Yemen, specifically targeting Houthi sites, with critical details shared by Defense Secretary Pete Hegseth just hours before the strikes on March 15. President Trump claimed no classified information was shared despite the seriousness of the situation. The National Security Council is investigating the breach, and Waltz has taken responsibility for the error. The incident raises questions about the use of Signal, an app designed for secure communications, for sensitive government discussions and potential violations of the Presidential Records Act.

AppWizard

March 27, 2025

What Is Signal, the App Used by Trump Staff, and Is It Safe?

The Trump administration is under scrutiny for officials using the messaging app Signal for discussions about sensitive military operations, revealed in an article by Jeffrey Goldberg on March 24. Secretary of Defense Pete Hegseth and others discussed military actions in Yemen via Signal, despite prior warnings from the U.S. government against using such applications for official communications. Democratic lawmakers, including Senator Chuck Schumer, are calling for an investigation into potential national security breaches. Signal, launched in 2014, emphasizes privacy through end-to-end encryption and has gained popularity among activists. However, its use in government contexts is contentious, with previous reprimands for non-compliance with federal record preservation requirements. Concerns have been raised about sharing sensitive information on Signal, although intelligence officials stated that no classified information was exchanged in the Trump officials' conversations. The Pentagon has warned military personnel about using Signal due to risks from Russian hackers, and experts suggest that government-specific communication tools would provide a higher level of security.