The Breach News

CBI Website Breach: Pakistani Group Takes Credit

Dec 05, 2010

The Central Bureau of Investigation (CBI) has confirmed that its official website was hacked, leading to a case being filed under the Information Technology Act. An official spokesperson revealed that unauthorized access and defacement occurred during the night of December 3-4. Law enforcement is actively working with the National Informatics Centre and CBI cybersecurity experts to restore the site. Reports surfaced on Friday about the breach, which has rendered the CBI website inaccessible. Allegedly, the attack was carried out by a group identifying itself as the Pakistan Cyber Army, which claimed to have retaliated for the hacking of 40 Pakistani sites.

CBI Website Compromised: Responsibility Claimed by Pakistani Hacker Group On December 5, 2010, the Central Bureau of Investigation (CBI) confirmed that its official website had been compromised over the weekend. A spokesperson for the agency disclosed that unauthorized access and defacement occurred between the nights of December 3 and 4,…

Read More

CBI Website Breach: Pakistani Group Takes Credit

Dec 05, 2010

The Central Bureau of Investigation (CBI) has confirmed that its official website was hacked, leading to a case being filed under the Information Technology Act. An official spokesperson revealed that unauthorized access and defacement occurred during the night of December 3-4. Law enforcement is actively working with the National Informatics Centre and CBI cybersecurity experts to restore the site. Reports surfaced on Friday about the breach, which has rendered the CBI website inaccessible. Allegedly, the attack was carried out by a group identifying itself as the Pakistan Cyber Army, which claimed to have retaliated for the hacking of 40 Pakistani sites.

Noodlophile Malware Campaign Broadens Global Scope with Targeted Copyright Phishing Tactics

Aug 18, 2025
Malware / Enterprise Security

The Noodlophile malware actors are intensifying their reach, employing spear-phishing emails and enhanced delivery techniques to target enterprises in the U.S., Europe, Baltic countries, and the Asia-Pacific (APAC) region. According to Morphisec researcher Shmuel Uzan, “The Noodlophile campaign, active for over a year, now utilizes sophisticated spear-phishing emails masquerading as copyright infringement notices, complete with reconnaissance-driven details such as specific Facebook Page IDs and company ownership information.” Previously reported by a cybersecurity vendor in May 2025, the Noodlophile campaign initially leveraged fake AI-powered tools as malware lures, which were promoted on social media platforms like Facebook. The shift to copyright infringement tactics, however, is not a new strategy.

Noodlophile Malware Campaign Broadens Its Global Impact Through Copyright Phishing Tactics As of August 18, 2025, the Noodlophile malware campaign has intensified its operations, targeting businesses across the U.S., Europe, the Baltic nations, and the Asia-Pacific region. The cybercriminals orchestrating this campaign are employing sophisticated spear-phishing tactics, utilizing emails that…

Read More

Noodlophile Malware Campaign Broadens Global Scope with Targeted Copyright Phishing Tactics

Aug 18, 2025
Malware / Enterprise Security

The Noodlophile malware actors are intensifying their reach, employing spear-phishing emails and enhanced delivery techniques to target enterprises in the U.S., Europe, Baltic countries, and the Asia-Pacific (APAC) region. According to Morphisec researcher Shmuel Uzan, “The Noodlophile campaign, active for over a year, now utilizes sophisticated spear-phishing emails masquerading as copyright infringement notices, complete with reconnaissance-driven details such as specific Facebook Page IDs and company ownership information.” Previously reported by a cybersecurity vendor in May 2025, the Noodlophile campaign initially leveraged fake AI-powered tools as malware lures, which were promoted on social media platforms like Facebook. The shift to copyright infringement tactics, however, is not a new strategy.

Exploring the Threats Posed by Stuxnet to Industrial Control Systems

Dec 09, 2010

Stuxnet is a highly advanced virus tailored to penetrate supervisory control and data acquisition (SCADA) systems created by Siemens, a major industrial corporation in Germany. These systems play a critical role in managing essential services like water supply and power generation, making Stuxnet a significant threat to national security.

Who Developed This Malware?
Cybersecurity experts suggest that Stuxnet was likely developed by a government entity or a well-funded organization, as its complex design exceeds the capabilities of an individual hacker. With much of the damage traced back to Iran, many theorize that the malware was aimed at sabotaging the country’s nuclear infrastructure.

A New Era of Cyber Threats
Regardless of whether Stuxnet was directed at U.S. infrastructures, its emergence signals a troubling evolution in cyber warfare. This development opens the door to increasingly sophisticated threats targeting critical infrastructure like power plants, forcing us to confront a new level of cyber risk.

Examining the Threat of Stuxnet in Industrial Control Systems Published: December 9, 2010 Stuxnet has emerged as a highly sophisticated malware specifically engineered to infiltrate supervisory control and data acquisition (SCADA) systems manufactured by Siemens, a prominent player in the industrial sector. These systems are integral to the management of…

Read More

Exploring the Threats Posed by Stuxnet to Industrial Control Systems

Dec 09, 2010

Stuxnet is a highly advanced virus tailored to penetrate supervisory control and data acquisition (SCADA) systems created by Siemens, a major industrial corporation in Germany. These systems play a critical role in managing essential services like water supply and power generation, making Stuxnet a significant threat to national security.

Who Developed This Malware?
Cybersecurity experts suggest that Stuxnet was likely developed by a government entity or a well-funded organization, as its complex design exceeds the capabilities of an individual hacker. With much of the damage traced back to Iran, many theorize that the malware was aimed at sabotaging the country’s nuclear infrastructure.

A New Era of Cyber Threats
Regardless of whether Stuxnet was directed at U.S. infrastructures, its emergence signals a troubling evolution in cyber warfare. This development opens the door to increasingly sophisticated threats targeting critical infrastructure like power plants, forcing us to confront a new level of cyber risk.

The Importance of Security Culture in Reducing Cyber Risk

In an era where organizations have invested two decades in enhancing their security architectures, a stark reality has emerged: advanced tools and technologies alone cannot sufficiently mitigate cyber risks. As technology has evolved, so too have the tactics of cyber attackers, who are increasingly targeting human behavior rather than solely infrastructure vulnerabilities. Recent data shows that the initial breach vector is often not a technical exploit but rather the exploitation of human vulnerabilities.

According to Verizon’s Data Breach Investigations Report, human factors have been the leading cause of breaches for five consecutive years. The most recent report indicates that almost 60% of all breaches in 2024 involved a human element. However, it is essential to clarify a prevalent misconception: the notion that “people are the weakest link” wrongly places the blame solely on employees for breaches.

The Importance of Security Culture in Reducing Cyber Risk In recent years, organizations have honed their security architectures, yet a crucial reality persists: advanced tools and technologies alone cannot sufficiently mitigate cyber risk. As cybersecurity solutions evolve, malicious actors have adapted their strategies, increasingly targeting human weaknesses rather than simply…

Read More

The Importance of Security Culture in Reducing Cyber Risk

In an era where organizations have invested two decades in enhancing their security architectures, a stark reality has emerged: advanced tools and technologies alone cannot sufficiently mitigate cyber risks. As technology has evolved, so too have the tactics of cyber attackers, who are increasingly targeting human behavior rather than solely infrastructure vulnerabilities. Recent data shows that the initial breach vector is often not a technical exploit but rather the exploitation of human vulnerabilities.

According to Verizon’s Data Breach Investigations Report, human factors have been the leading cause of breaches for five consecutive years. The most recent report indicates that almost 60% of all breaches in 2024 involved a human element. However, it is essential to clarify a prevalent misconception: the notion that “people are the weakest link” wrongly places the blame solely on employees for breaches.

Urgent: Critical RCE Vulnerability Discovered in F5 Big-IP Platform—Immediate Patching Required!

On March 11, 2021, F5 Networks issued an advisory highlighting four severe vulnerabilities across various products that could lead to denial of service (DoS) attacks and unauthenticated remote code execution on affected networks. The advisory addresses a total of seven related flaws (CVE-2021-22986 through CVE-2021-22992), including two identified by Felix Wilhelm of Google Project Zero in December 2020. The four critical vulnerabilities impact BIG-IP versions 11.6, 12.x, and newer, with a notable pre-auth remote code execution issue (CVE-2021-22986) also affecting BIG-IQ versions 6.x and 7.x. F5 has stated that it is not currently aware of any public exploitation of these vulnerabilities. If successfully exploited, these flaws could lead to complete system compromise, enabling remote code execution and potential buffer overflow, resulting in DoS conditions. Customers are strongly urged to apply updates immediately.

Critical Vulnerability Discovered in F5 Big-IP Platform: Immediate Patching Recommended On March 11, 2021, F5 Networks, a prominent player in application security, issued an urgent advisory regarding four significant vulnerabilities affecting its Big-IP platform. These security flaws, which span several F5 products, pose severe risks, including the potential for denial-of-service…

Read More

Urgent: Critical RCE Vulnerability Discovered in F5 Big-IP Platform—Immediate Patching Required!

On March 11, 2021, F5 Networks issued an advisory highlighting four severe vulnerabilities across various products that could lead to denial of service (DoS) attacks and unauthenticated remote code execution on affected networks. The advisory addresses a total of seven related flaws (CVE-2021-22986 through CVE-2021-22992), including two identified by Felix Wilhelm of Google Project Zero in December 2020. The four critical vulnerabilities impact BIG-IP versions 11.6, 12.x, and newer, with a notable pre-auth remote code execution issue (CVE-2021-22986) also affecting BIG-IQ versions 6.x and 7.x. F5 has stated that it is not currently aware of any public exploitation of these vulnerabilities. If successfully exploited, these flaws could lead to complete system compromise, enabling remote code execution and potential buffer overflow, resulting in DoS conditions. Customers are strongly urged to apply updates immediately.

Future Group’s E-Commerce Site Hacked, Halting Online Sales

December 22, 2010

Future Group’s ambitions to enhance online sales have hit a significant setback. Its main e-commerce platform, FutureBazaar, has experienced a cyber attack and has been unavailable for the past two days. CEO Rajiv Prakash referred to the incident as a “denial of service attack,” stating, “The website has been down for the last couple of days and is currently inaccessible to consumers.” The company is actively addressing the situation internally and taking legal steps against the perpetrators. “We have filed a complaint with the Cyber Crime Branch in Mumbai. We are working diligently to restore the site, and it should be operational soon,” Prakash reassured. To mitigate financial losses, the company is maintaining its phone commerce service, enabling customers to make purchases through that channel. While Prakash did not disclose the estimated daily losses from the outage, the portal represents a key growth area for the group. Future Group aims to achieve at least 10% of…

Future Group’s E-Commerce Platform Compromised, Hindering Online Operations December 22, 2010 Future Group, an influential player in the retail sector, is facing a significant setback in its efforts to enhance online sales. The company’s flagship e-commerce portal, FutureBazaar, has reportedly been compromised by a cyber-attack, rendering it non-operational for the…

Read More

Future Group’s E-Commerce Site Hacked, Halting Online Sales

December 22, 2010

Future Group’s ambitions to enhance online sales have hit a significant setback. Its main e-commerce platform, FutureBazaar, has experienced a cyber attack and has been unavailable for the past two days. CEO Rajiv Prakash referred to the incident as a “denial of service attack,” stating, “The website has been down for the last couple of days and is currently inaccessible to consumers.” The company is actively addressing the situation internally and taking legal steps against the perpetrators. “We have filed a complaint with the Cyber Crime Branch in Mumbai. We are working diligently to restore the site, and it should be operational soon,” Prakash reassured. To mitigate financial losses, the company is maintaining its phone commerce service, enabling customers to make purchases through that channel. While Prakash did not disclose the estimated daily losses from the outage, the portal represents a key growth area for the group. Future Group aims to achieve at least 10% of…

Public Exploit Combines Two Critical SAP Vulnerabilities, Leaving Unpatched Systems Open to Remote Code Execution

Date: Aug 19, 2025
Category: Vulnerability / Cyber Espionage

A new exploit has emerged that leverages two critical, now-patched vulnerabilities in SAP NetWeaver, putting organizations at significant risk of system compromise and data theft. This exploit chains CVE-2025-31324 and CVE-2025-42999 to bypass authentication and enable remote code execution, according to SAP security firm Onapsis.

  • CVE-2025-31324 (CVSS score: 10.0) – Lacks authorization checks in SAP NetWeaver’s Visual Composer development server
  • CVE-2025-42999 (CVSS score: 9.1) – Vulnerability due to insecure deserialization in the same server

These vulnerabilities were patched by SAP in April and May 2025, but not before they were exploited as zero-days by threat actors as early as March. Multiple ransomware and data extortion groups, including Qilin, BianLian, and RansomExx, have been seen exploiting these flaws, along with several espionage groups linked to China targeting critical infrastructures.

Public Exploit for Chained SAP Vulnerabilities Poses Risk of Remote Code Execution August 19, 2025 A concerning new exploit has come to light that leverages two critical security vulnerabilities in SAP NetWeaver, introducing significant risks for organizations that have yet to apply patches. This exploit combines CVE-2025-31324 and CVE-2025-42999, enabling…

Read More

Public Exploit Combines Two Critical SAP Vulnerabilities, Leaving Unpatched Systems Open to Remote Code Execution

Date: Aug 19, 2025
Category: Vulnerability / Cyber Espionage

A new exploit has emerged that leverages two critical, now-patched vulnerabilities in SAP NetWeaver, putting organizations at significant risk of system compromise and data theft. This exploit chains CVE-2025-31324 and CVE-2025-42999 to bypass authentication and enable remote code execution, according to SAP security firm Onapsis.

  • CVE-2025-31324 (CVSS score: 10.0) – Lacks authorization checks in SAP NetWeaver’s Visual Composer development server
  • CVE-2025-42999 (CVSS score: 9.1) – Vulnerability due to insecure deserialization in the same server

These vulnerabilities were patched by SAP in April and May 2025, but not before they were exploited as zero-days by threat actors as early as March. Multiple ransomware and data extortion groups, including Qilin, BianLian, and RansomExx, have been seen exploiting these flaws, along with several espionage groups linked to China targeting critical infrastructures.

Released ProxyLogon Exploit PoC: A Potential Catalyst for Increased Cyber Attacks

March 11, 2021

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a joint advisory on Wednesday, highlighting ongoing exploitation of vulnerabilities in Microsoft Exchange on-premises products by both nation-state actors and cybercriminals. “CISA and FBI assess that adversaries could exploit these vulnerabilities to compromise networks, steal sensitive information, encrypt data for ransom, or conduct destructive attacks,” the agencies stated. They also noted that compromised networks might be sold on the dark web. Recent attacks have mainly targeted local governments, academic institutions, NGOs, and businesses across various sectors such as agriculture, biotechnology, aerospace, defense, legal services, power utilities, and pharmaceuticals—consistent with previous activities linked to Chinese cyber threats. Tens of thousands of entities, including the Eur…

ProxyLogon Exploit Now Public, Heightening Cyber Threats Date: March 11, 2021 The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) have issued an urgent advisory concerning the exploitation of serious vulnerabilities within Microsoft Exchange on-premises products. This advisory comes in the wake of confirmed…

Read More

Released ProxyLogon Exploit PoC: A Potential Catalyst for Increased Cyber Attacks

March 11, 2021

The U.S. Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) issued a joint advisory on Wednesday, highlighting ongoing exploitation of vulnerabilities in Microsoft Exchange on-premises products by both nation-state actors and cybercriminals. “CISA and FBI assess that adversaries could exploit these vulnerabilities to compromise networks, steal sensitive information, encrypt data for ransom, or conduct destructive attacks,” the agencies stated. They also noted that compromised networks might be sold on the dark web. Recent attacks have mainly targeted local governments, academic institutions, NGOs, and businesses across various sectors such as agriculture, biotechnology, aerospace, defense, legal services, power utilities, and pharmaceuticals—consistent with previous activities linked to Chinese cyber threats. Tens of thousands of entities, including the Eur…

Bank of America Website Targeted in Cyber Attack by Islamic Hackers

Sept 19, 2012

The Bank of America’s website faced intermittent outages on Tuesday due to cyber attacks claimed to be in retaliation for “Innocence of Muslims,” a controversial film that has sparked violent protests across the Middle East. The group “Cyber Fighters of Izz ad-Din Al Qassam” announced its intent to target the Bank of America and the New York Stock Exchange as part of a broader campaign against what they term “American-Zionist Capitalists.” Following recent successful attacks on YouTube servers by various Muslim groups, there has been a surge in threats of similar actions. The hackers stated, “As long as the supporters of the sacrilegious film attempt to penalize its cast and crew, this conflict will continue, and the cyber realm will remain treacherous for all enemies of Islam.” Reports of the attacks have emerged from across the nation.

Bank of America Website Faces Cyber Attacks Amid Rising Tensions September 19, 2012 On Tuesday, the website of Bank of America experienced significant disruptions due to targeted cyber attacks, which have been linked to escalating geopolitical tensions. These attacks stem from a response to “Innocence of Muslims,” a controversial film…

Read More

Bank of America Website Targeted in Cyber Attack by Islamic Hackers

Sept 19, 2012

The Bank of America’s website faced intermittent outages on Tuesday due to cyber attacks claimed to be in retaliation for “Innocence of Muslims,” a controversial film that has sparked violent protests across the Middle East. The group “Cyber Fighters of Izz ad-Din Al Qassam” announced its intent to target the Bank of America and the New York Stock Exchange as part of a broader campaign against what they term “American-Zionist Capitalists.” Following recent successful attacks on YouTube servers by various Muslim groups, there has been a surge in threats of similar actions. The hackers stated, “As long as the supporters of the sacrilegious film attempt to penalize its cast and crew, this conflict will continue, and the cyber realm will remain treacherous for all enemies of Islam.” Reports of the attacks have emerged from across the nation.