Security Affairs

JANUARY 31, 2021

Shadowsocks is a free and open-source encryption protocol project, widely used in China to circumvent Internet censorship. It was created in 2012 by a Chinese programmer named “ clowwindy “, and multiple implementations of the protocol have been made available since.

Firewall 137

Firewall Surveillance Internet Internet 137

The Last Watchdog

JUNE 21, 2020

Although most people think of ransomware as a dodgy application that encrypts data and holds it for ransom, the concept is much more heterogeneous than that. The above-mentioned AIDS Trojan hailing from the distant pre-Internet era was the progenitor of the trend, but its real-world impact was close to zero. FBI spoofs 2012 – 2013.

Ransomware 244

Ransomware Hacking Encryption Penetration Testing 244

Schneier on Security

JUNE 6, 2023

Chatting with Snowden on an encrypted IM connection, I joked that the NSA cafeteria menu probably has code names for menu items. Transferring files electronically is what encryption is for. I told Greenwald that he and Laura Poitras should be sending large encrypted files of dummy documents back and forth every day. Definitely.

Surveillance 310

Surveillance Computers and Electronics Encryption Government 310

Google Security

AUGUST 24, 2022

Cryptology ePrint Archive, Paper 2012/064 ; Nadia Heninger, Zakir Durumeric, Eric Wustrow, and J. Reporting weak certificates is important to keep the internet secure, as stated by the policies of the CAs. The Let's Encrypt policy, for example, is defined here. Lenstra, James P. Hughes, Maxime Augier, Joppe W. Alex Halderman.

Engineering 107

Engineering Cryptocurrency Encryption Internet 107

Duo's Security Blog

SEPTEMBER 13, 2023

In 2012 a group of 250+ security vendors formed the FIDO (Fast Identity Online) Alliance to combat authentication challenges "with a focused mission: authentication standards to help reduce the world’s over-reliance on passwords”, and Web Authentication API, or WebAuthn for short, was born. How do users enroll? What is WebAuthn?

Authentication 57

Authentication Encryption eCommerce Phishing 57

CyberSecurity Insiders

MARCH 24, 2021

Canada-based Internet of Things (IoT) maker Sierra Wireless has been hit by ransomware attack bringing certain production operations of the company to a halt. Note – The products that Sierra Wireless produces are used in various industries like automobile, transportation and energy and healthcare fields.

Wireless 66

Wireless IoT Ransomware Mobile 66

Security Affairs

FEBRUARY 16, 2023

Below is the list of vulnerabilities exploited by V3G4: CVE-2012-4869 : FreePBX Elastix Remote Command Execution Vulnerability Gitorious Remote Command Execution Vulnerability CVE-2014-9727 : FRITZ!Box Unlike most Mirai variants, the V3G4 variant uses different XOR encryption keys for string encryption.

IoT 98

IoT DDOS Encryption Malware 98

The Last Watchdog

APRIL 13, 2020

Here are key takeaways: Middle East motivation Somewhat quietly since about 2012 or so, nation states of the Middle East, led by Saudi Arabia and the UAE, commenced a quiet surge to the forefront of implementing comprehensive cybersecurity regulations. You now actually have to prove the data is encrypted, both at rest and in transit.

Mobile 206

Mobile Computers and Electronics Encryption Data privacy 206

eSecurity Planet

JULY 3, 2021

The internet and, now, cloud computing transformed the way we conduct business. VPNs offer clients an encrypted access channel to remote networks through a tunneling protocol and can obfuscate the client’s IP address. Also Read: Tokenization vs. Encryption: Pros and Cons. Enter VPN technology.

VPN 57

VPN Encryption Marketing Internet 57

Malwarebytes

JUNE 1, 2021

The Kimsuky APT—also known as Thallium, Black Banshee, and Velvet Chollima—is a North Korean threat actor that has been active since 2012. On December 2020, KISA (Korean Internet & Security Agency) provided a detailed analysis about the phishing infrastructure and TTPs used by Kimsuky to target South Korea.

Government 145

Government Phishing Encryption Media 145

SecureList

OCTOBER 25, 2023

It comes equipped with a built-in TOR network tunnel for communication with command servers, along with update and delivery functionality through trusted services such as GitLab, GitHub, and Bitbucket, all using custom encrypted archives. The malware executable file is placed in /tmp directory with a random name. 8, 10.0.0.0/8, 8, 100.64.0.0/10,

Malware 118

Malware DNS Encryption Cryptocurrency 118

The Last Watchdog

MAY 11, 2020

Somewhat quietly since about 2012 or so, nation states in that region, led by Saudi Arabia and the United Arab Emirates, commenced a quiet surge to the forefront of implementing comprehensive cybersecurity regulations. Two meaningful steps every person can take, right now, is to begin routinely using a password manager and encrypted browsers.

Computers and Electronics 114

Computers and Electronics Data privacy Encryption Media 114

SecureList

JUNE 2, 2022

In one case we investigated, we noticed that a signed executable qgametool.exe (MD5 f756083b62ba45dcc6a4d2d2727780e4 ), compiled in 2012, deployed WinDealer on a target machine. Layout of the encrypted data. Packets exchanged with the C2 server contain a header (described in the next table) followed by AES-encrypted data.

Malware 124

Malware Encryption Social Engineering Telecommunications 124

Security Affairs

NOVEMBER 9, 2019

In June 2018, experts at Kaspersky were investigating attacks against government and military entities in South and Southeast Asian countries, The experts tracked the campaign as EasternRoppels, they speculate it may have started as far back as 2012. This C2 encrypts data with the same key as the C&C requests.

Encryption 48

Encryption Passwords Malware Software 48

Security Affairs

MARCH 4, 2019

Necurs botnet is currently the second largest spam botnet , it has been active since at least 2012 and was involved in massive campaigns spreading malware such as the Locky ransomware , the Scarab ransomware , and the Dridex banking Trojan. Instead, the real IP address of the C2 is obfuscated with what is essentially an encryption algorithm.

DNS 80

DNS Banking Advertising Ransomware 80

ForAllSecure

JULY 28, 2020

In late March 2014, two teams of security researchers independently started fuzz testing OpenSSL, an open source utility that encrypts traffic from a web browser to a server and forms the basis of trusted transactions online. In 2012, a change was made to OpenSSL-- that change allowed for Heartbleed to exist. through 1.0.1f

Encryption 52

Encryption Retail Software Banking 52

ForAllSecure

JULY 28, 2020

In late March 2014, two teams of security researchers independently started fuzz testing OpenSSL, an open source utility that encrypts traffic from a web browser to a server and forms the basis of trusted transactions online. In 2012, a change was made to OpenSSL-- that change allowed for Heartbleed to exist. through 1.0.1f

Encryption 52

Encryption Retail Software Banking 52

Troy Hunt

SEPTEMBER 17, 2020

I want a "secure by default" internet with all the things encrypted all the time such that people can move freely between networks without ever needing to care about who manages them or what they're doing with them. Now let's try the mobile app: What's the encryption story there? " It means "this is private."

VPN 358

VPN Phishing DNS Encryption 358

Krebs on Security

MAY 13, 2024

Pin was active on Opensc around March 2012, and authored 13 posts that mostly concerned data encryption issues, or how to fix bugs in code. Therefore, decryptors appear on the Internet, and with them the hope that files can be decrypted without paying a ransom. Cyber intelligence firm Intel 471 finds that pin@darktower.ru

Ransomware 242

Ransomware Cybercrime Accountability Malware 242

ForAllSecure

JULY 28, 2020

In late March 2014, two teams of security researchers independently started fuzz testing OpenSSL, an open source utility that encrypts traffic from a web browser to a server and forms the basis of trusted transactions online. In 2012, a change was made to OpenSSL-- that change allowed for Heartbleed to exist. through 1.0.1f

Encryption 52

Encryption Retail Software Banking 52

McAfee

JANUARY 5, 2022

However, if your organization is using this software, you probably should have followed the disclosure last month, lest your “/etc/passwd” files are now known to the whole internet. Beyond that, there are two interesting points you can ponder while swirling your eggnog in its glass (side-rant on the disgustingness of eggnog redacted).

Software 81

Software Network Security Authentication Internet 81

Security Affairs

OCTOBER 20, 2018

All the php files were encrypted using IONCube which has a known public decoder and given the version used was an old one, decoding the files didn’t take long. If you are using one of the above devices and they are connected on the WAN, make sure to remove your device from the internet. Part One: XXE.

Firmware 62

Firmware IoT VPN Authentication 62

Fox IT

DECEMBER 7, 2021

This model utilizes the Half-Space-Trees algorithm and provides our security operations teams (SOC) with the opportunity to detect suspicious behavior, in real-time, even when network traffic is encrypted. The prevalence of encrypted traffic. The use of encrypted network protocols yields improved mitigation against eavesdropping.

Encryption 79

Encryption Ransomware Internet Internet 79

CyberSecurity Insiders

SEPTEMBER 8, 2021

I was obsessed with encryption. I was fascinated by the fact that nothing in the world could reverse an operation of encryption without the needed key to decrypt the item. I would love to get more involved in advancing privacy and security through the use of strong encryption and other safeguards. Those aren’t my only plans.

Computers and Electronics 52

Computers and Electronics Architecture Education Cybersecurity 52

ForAllSecure

NOVEMBER 24, 2020

A kind of digital smash and grab of sensitive information such as the encryption keys created to protect sensitive transactions on a site like Amazon, or your bank with no way to trace any of it back to you. Such a scenario isn’t fantasy; something like this actually existed between 2012 and 2014. TheHackerMind.com.

Encryption 52

Encryption Software Artificial Intelligence Marketing 52

ForAllSecure

NOVEMBER 24, 2020

A kind of digital smash and grab of sensitive information such as the encryption keys created to protect sensitive transactions on a site like Amazon, or your bank with no way to trace any of it back to you. Such a scenario isn’t fantasy; something like this actually existed between 2012 and 2014. TheHackerMind.com.

Encryption 52

Encryption Software Artificial Intelligence Marketing 52

ForAllSecure

NOVEMBER 24, 2020

A kind of digital smash and grab of sensitive information such as the encryption keys created to protect sensitive transactions on a site like Amazon, or your bank with no way to trace any of it back to you. Such a scenario isn’t fantasy; something like this actually existed between 2012 and 2014. TheHackerMind.com.

Encryption 52

Encryption Software Artificial Intelligence Marketing 52

eSecurity Planet

JANUARY 29, 2024

The company was founded in 2009, and the first software edition was released in 2012. Internet security best practices mandate unique credentials for each online account; doing so would be impossible without a solid password manager like Dashlane.

Password Management 109

Password Management Passwords Authentication Accountability 109

SecureWorld News

MARCH 24, 2022

Summary: Multiple Facebook databases were found to be unprotected by passwords or encryption, meaning anyone who searched the internet could find them. LinkedIn data breach (2012). Summary: The company was attacked in 2012, when usernames and passwords were posted to a Russian hacker forum. Who attacked: no attacker.

Data breaches 119

Data breaches Passwords Accountability Government 119

SecureList

OCTOBER 12, 2021

Code similarity and re-use of C2 infrastructure we discovered allowed us to connect these attacks with the actor known as IronHusky and Chinese-speaking APT activity dating back to 2012. Microsoft Windows Server 2012. Microsoft Windows Server 2012 R2. All communication is encrypted with SSL. Microsoft Windows 7.

Malware 140

Malware Technology Engineering Advertising 140

Security Affairs

MAY 16, 2023

MustangPanda has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. The communications are encrypted using a custom or modified encryption scheme that is based on Substitution-Permutation Network.

Firmware 98

Firmware Encryption Government Malware 98

SecureWorld News

DECEMBER 29, 2020

Summary: Multiple Facebook databases were found to be unprotected by passwords or encryption, meaning anyone who searched the internet could find them. LinkedIn data breach (2012). Summary: The company was attacked in 2012, when usernames and passwords were posted to a Russian hacker forum. Who attacked: no attacker.

Data breaches 98

Data breaches Passwords Accountability Government 98

SecureList

MAY 6, 2021

Since Moriya is a passive backdoor intended to be deployed on a server accessible from the internet, it contains no hardcoded C&C address and relies solely on the driver to provide it with packets filtered from the machine’s overall incoming traffic. All traffic passed on the channel is encoded with a simple encryption scheme.

Malware 145

Malware Architecture Engineering Technology 145

eSecurity Planet

JULY 8, 2021

The company was founded in 2009, and the first software edition was released in 2012. Internet security best practices mandate unique credentials for each online account; doing so would be impossible without a solid password manager like Dashlane.

Password Management 98

Password Management Passwords Authentication Accountability 98

eSecurity Planet

DECEMBER 17, 2021

Security functionality for DLP, discovery, encryption, and digital rights management. McAfee’s MVISION Cloud claims the “largest and most accurate registry of cloud services,” AI and machine learning functionality, DLP, encryption and more. Encryption and tokenization. Lookout Features. McAfee Features.

Risk 141

Risk Firewall Authentication Encryption 141

eSecurity Planet

FEBRUARY 8, 2021

Don Duncan, security engineer at NuData Security, told eSecurity Planet by email that POS systems are often dangerously easy to penetrate with malware , including the following (among many others): Dexter was discovered by Seculert (now Radware) researchers in 2012. vSkimmer malware, a successor to Dexter, dates back to 2013.

Retail 52

Retail Encryption Malware Artificial Intelligence 52

Troy Hunt

JULY 18, 2022

But this isn't an internet age thing, the origins go back way further, originally being used to describe TV viewers being served ads. I think it was around the end of 2012, and they were terrible! And now you're thinking "I bet he wrote this just to get donations" so instead, go and give Let's Encrypt a donation.

Data breaches 255

Data breaches Passwords Password Management Software 255