2000, Accountability and Information Security

New ZLoader malware campaign hit more than 2000 victims across 111 countries

Security Affairs

JANUARY 10, 2022

The malware campaign is still active and threat actors have already stolen data and credentials of more than 2000 victims across 111 countries as of 2 Jan 2022. The post New ZLoader malware campaign hit more than 2000 victims across 111 countries appeared first on Security Affairs. Pierluigi Paganini.

Malware

Malware Banking Software Cybercrime

The Risk-Conscious, Security-Aware Culture: The Forgotten Critical Security Control

Cisco Security

JULY 12, 2021

Chief Information Security Officers (CISOs) across the Global 2000 and Fortune 1000 are obsessed with protecting the workforce endpoints as critical vulnerabilities in the cybersecurity and risk management posture of their enterprises.

Security Awareness

Security Awareness Risk CISO Cybersecurity

Grandson of FISMA: Why We Desperately Need New Cybsersecurity Legislation from the 117th Congress

Cisco Security

AUGUST 12, 2021

The 47-page report provided significant detail to support the conclusion that “According to agency inspectors general, the average grade of the agencies’ overall information security maturity is C-.”. The Risk Management Framework doesn’t take into account that the human is the new perimeter of the enterprise.

CISO

CISO Information Security Risk Government

Security Affairs newsletter Round 433 by Pierluigi Paganini – International edition

Security Affairs

AUGUST 20, 2023

Over 3,000 Android Malware spotted using unsupported/unknown compression methods to avoid detection WinRAR flaw enables remote code execution of arbitrary code #OpFukushima: Anonymous group protests against the plan to dump Fukushima RADIOACTIVE wastewater into Pacific Massive phishing campaign targets users of the Zimbra Collaboration email server (..)

Cybercrime

Cybercrime Hacking Malware Phishing

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Security Affairs

JANUARY 5, 2024

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The SBU helped Kyivstar in recovering from the cyber attack.

Mobile

Mobile Cyber Attacks Telecommunications Internet

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Security Affairs

JULY 15, 2021

SonicWall also provides recommendations to customers that can’t update their installs, the vendor suggests disconnecting devices immediately and reset their access passwords, and enable account multi-factor authentication, if supported. Continued use of this firmware or end-of-life devices is an active security risk,” states the alert.

Ransomware

Ransomware Firmware Passwords Mobile

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). ” reads the advisory published by the CERT-UA. “Note (!)

Telecommunications

Telecommunications Authentication Data collection Passwords

Experts warn of critical flaws in Flexlan devices that provide WiFi on airplanes

Security Affairs

SEPTEMBER 19, 2022

“It is found that our wireless products, FLEXLAN FX3000/2000 series, have a firmware vulnerability. The second vulnerability ( CVE–2022–36159 ) ties the use of hard-coded, weak cryptographic keys and backdoor accounts. “[CVE-2022-36159] – Use of weak Hard-coded Cryptographic Keys and backdoor account.

Wireless

Wireless Firmware Passwords Engineering

19-Year-Old man arrested for misusing leaked record from Optus Breach

Security Affairs

OCTOBER 6, 2022

” The arrest is the result of Operation Guardian led by AFP which became aware of a number of text messages demanding some Optus customers transfer $2000 to a bank account or face their personal information being used for financial crimes.

Data breaches

Data breaches Scams Telecommunications Financial Services

Imperva blocked the largest Layer 7 DDoS attack it has ever seen

Security Affairs

JULY 25, 2019

Experts noticed that most of the IPs that were involved in the attack had the same opened ports: 2000 and 7547. You can protect yourself, your business and your reputation by using the Account Takeover Protection capability of Imperva’s Application Security stack. These ports are usually associated with Mirai infections.

DDOS

DDOS Authentication IoT Hacking

Ukraine cyber police arrested a man for selling data of 300M people

Security Affairs

APRIL 28, 2023

The Ukrainian cyber police have arrested a man (36) from the city of Netishyn for selling the personal data and sensitive information of over 300 million people from different countries. The man had information on passport data, taxpayer numbers, birth certificates, driver’s licenses, and bank account data.

Education

Education Accountability Banking Mobile

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Security Affairs

MAY 4, 2023

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The CERT also provided Indicators of Compromise (IoCs) for these attacks.

VPN

VPN Education Accountability Cyber Attacks

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 4, 2024

Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Identity Theft

Identity Theft VPN Malware Ransomware

Google TAG warns of Russia-linked APT groups targeting Ukraine

Security Affairs

APRIL 20, 2023

In Q1 2023, threat actors linked to Russia’s military intelligence service focused their phishing campaigns on Ukraine, with the country accounting for over 60% of observed Russian targeting. The campaigns have been relatively small in volume, sent from spoofed domains, and targeting users’ Gmail accounts.”

Phishing

Phishing Education Accountability Malware

Hackers actively targeting unsecured SAP installs, DHS, SAP and Onapsis warn

SC Magazine

APRIL 6, 2021

Multiple hackers are actively targeting SAP installations that have not updated in nearly a year or use poor account management. The warning, which came from the Department of Homeland Security, SAP and Onapsis, is based on research documenting activity in the wild. SAP warned users to change those account names in 2018.

Accountability

Accountability Software Media Information Security

Developer successfully compiled leaked source code for MS Windows XP and Windows Server 2003 OSs

Security Affairs

SEPTEMBER 30, 2020

The collection of torrent files leaked online is 43GB in size and include the source code for Windows Server 2003 and other older operating systems developed by Microsoft, including: Windows 2000 Windows CE 3 Windows CE 4 Windows CE 5 Windows Embedded 7 Windows Embedded CE Windows NT 3.5 Windows NT 4 MS-DOS 3.30 MS-DOS 6.0.

Advertising

Advertising Hacking Accountability Information Security

Cerberus, a new banking Trojan available as malware-as-a-service in the underground

Security Affairs

AUGUST 13, 2019

The author of this malware is very active on Twitter and mocks security firms claiming to have avoided the detection for at least two years. ” The author is offering the malware for rent at a price of $2000 for 1-month use, $7000 for 6 months and up to $12,000 for an entire year. ” continues the report.

Banking

Banking Malware Advertising Social Engineering

CISA warns of a critical flaw affecting Illumina medical devices

Security Affairs

APRIL 29, 2023

and newer NextSeq 1000/2000 Control Software: v1.4.1 Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ChatGPT ) The post CISA warns of a critical flaw affecting Illumina medical devices appeared first on Security Affairs.

Software

Software Data breaches Education Media

Thousands of publicly-exposed Apache Superset installs exposed to RCE attacks

Security Affairs

APRIL 26, 2023

The maintainers of the software have released security patches to address an insecure default configuration, tracked as CVE-2023-27524 (CVSS score: 8.9), that could lead to remote code execution. The issue was discovered by Horizon3 researchers who reported that there are more than 3000 instances of the platform exposed to the Internet.

Authentication

Authentication Education Media Hacking

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Security Affairs

APRIL 2, 2023

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The documents demonstrate that it also developed hacking tools for the Russia-linked APT group Sandworm.

Energy and Utilities

Energy and Utilities Media Hacking Technology

Digital Footprint Intelligence Report

SecureList

DECEMBER 29, 2020

Lack of security updates. Corporate accounts in databases of leaked passwords. Corporate accounts of employees from 253 organizations (from a total of 402) were found in public dumps of compromised third-party services. Corporate accounts leakage in the region ( download ). What’s behind the statistics. Data leaks.

Banking

Banking Accountability Passwords Software

Forescout Platform: NAC Product Review

eSecurity Planet

APRIL 7, 2023

In 2000, Forescout entered the security market as an NAC provider and then expanded capabilities to encompass more security and asset control features. This wide compatibility enables rapid deployment with minimal issues to sprawling networks with a variety of networking equipment. Who is Forescout?

IoT

IoT Technology Energy and Utilities Wireless

Best SIEM Tools & Software for 2022

eSecurity Planet

AUGUST 15, 2022

Company Product Est HQ Fortinet FortiSIEM 2000 Sunnyvale, CA LogPoint LogPoint SIEM 2001 Copenhagen, Denmark Micro Focus ArcSight Enterprise Security Manager 1976 London, UK Rapid7 Rapid7 SIEM 2000 Boston, MA Trellix SecOps and Analytics 2022 Milpitas, CA. A screenshot of the User Account Management dashboard on LogPoint.

Software

Software Small Business Marketing Firewall

7 Cyber Security Courses Online For Everybody

Spinone

NOVEMBER 21, 2019

In case you want to train your employees, you may need to use a company account to be able to set scheduled lessons for your staff. to $199 for business accounts. This course covers a broad range of security topics, explaining it with a simple language. But it works only for individual users.

Social Engineering

Social Engineering Accountability Phishing Cybersecurity

CISSPs from Around The Globe: An Interview with Theresa Grafenstine

CyberSecurity Insiders

JULY 7, 2021

The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted. I did two things.

Financial Services

Financial Services Cybersecurity Technology Government

On Detection: Tactical to Functional

Security Boulevard

SEPTEMBER 30, 2022

When an attacker is interested in obtaining a particular set of credentials, both Out-Minidump and Invoke-Kerberoast are valid choices depending on the details of the user account of interest and other tradecraft considerations. The master and his emissary: The divided brain and the making of the western world. Yale University Press. [2]:

Engineering

Engineering InfoSec Information Security Threat Reports

Crooks hacked other celebrity Instagram accounts to push scams

Security Affairs

SEPTEMBER 20, 2019

There is the same group behind the hack of the celebrity Instagram accounts, attackers used the same attack pattern to push scams. The same threat actor continues to target celebrity Instagram accounts to push scam sites to their wide audience. Recently the Instagram account of the popular actor Robert Downey Jr.

Scams

Scams Accountability Hacking Advertising

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

McAfee

AUGUST 24, 2021

From the 1960’s to 2000 infusion pumps were mostly electromechanical devices with some embedded electronics, but the turn of the century delivered “smarter” devices with better safety mechanisms and the possibility to program them, which slowly opened the door to information security challenges.

Computers and Electronics

Computers and Electronics Authentication Software Risk

KnowBe4 CEO Stu Sjouwerman talks IPO, and ‘strengthening that human firewall’

SC Magazine

APRIL 22, 2021

And they were only focused on the global 2000 at a very high price point. The IPO is essentially extremely useful to even out those kind of bumps so you’re not dipping into your bank account without sufficient buffer or additional capital sitting there on your balance sheet. So yes, there will be fluctuations for sure.

Firewall

Firewall Social Engineering Phishing Marketing

The Hacker Mind Podcast: Hacking Real World Criminals Online

ForAllSecure

MAY 2, 2023

So, usually my mode was to find a college student, get an account, dial up, and then you know, then I was on the internet and then get on IRC and, and whatnot. And I remember probably 2000 to 2003 ish, complaining when we when I think it was last year that we were at Alexa, Alexis Park for DEF CON. Mine was 2000.

Hacking

Hacking Media InfoSec Internet

The Hacker Mind Podcast: Hacking Healthcare

ForAllSecure

JANUARY 15, 2021

I’m Robert Vamosi and this episode about best practices in information security, and how critical life services, in particular, remain at risk today -- in the middle of a global pandemic. It’s important to note that we have made great progress in healthcare digital security since the early 2000s.

Healthcare

Healthcare Hacking InfoSec Software

The Hacker Mind Podcast: Hacking Healthcare

ForAllSecure

JANUARY 15, 2021

I’m Robert Vamosi and this episode about best practices in information security, and how critical life services, in particular, remain at risk today -- in the middle of a global pandemic. It’s important to note that we have made great progress in healthcare digital security since the early 2000s.

Healthcare

Healthcare Hacking InfoSec Software

MY TAKE: Lessons learned from the summer of script kiddies hacking Twitter, TikTok

The Last Watchdog

SEPTEMBER 1, 2020

However, Clark, de Guzman and Calce are equally notable as leading members of the Hall of Fame of script kiddies – youngsters who precociously shed light on the how these same tools and services are riddled with profound privacy and security flaws. His caper is worrisome on two counts.

Hacking

Hacking Media Accountability CISO

Cyber Security Informer

New ZLoader malware campaign hit more than 2000 victims across 111 countries

The Risk-Conscious, Security-Aware Culture: The Forgotten Critical Security Control

Trending Sources

Grandson of FISMA: Why We Desperately Need New Cybsersecurity Legislation from the 117th Congress

Security Affairs newsletter Round 433 by Pierluigi Paganini – International edition

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Experts warn of critical flaws in Flexlan devices that provide WiFi on airplanes

19-Year-Old man arrested for misusing leaked record from Optus Breach

Imperva blocked the largest Layer 7 DDoS attack it has ever seen

Ukraine cyber police arrested a man for selling data of 300M people

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

Google TAG warns of Russia-linked APT groups targeting Ukraine

Hackers actively targeting unsecured SAP installs, DHS, SAP and Onapsis warn

Developer successfully compiled leaked source code for MS Windows XP and Windows Server 2003 OSs

Cerberus, a new banking Trojan available as malware-as-a-service in the underground

CISA warns of a critical flaw affecting Illumina medical devices

Thousands of publicly-exposed Apache Superset installs exposed to RCE attacks

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Digital Footprint Intelligence Report

Forescout Platform: NAC Product Review

Best SIEM Tools & Software for 2022

7 Cyber Security Courses Online For Everybody

CISSPs from Around The Globe: An Interview with Theresa Grafenstine

On Detection: Tactical to Functional

Crooks hacked other celebrity Instagram accounts to push scams

McAfee Enterprise ATR Uncovers Vulnerabilities in Globally Used B. Braun Infusion Pump

KnowBe4 CEO Stu Sjouwerman talks IPO, and ‘strengthening that human firewall’

The Hacker Mind Podcast: Hacking Real World Criminals Online

The Hacker Mind Podcast: Hacking Healthcare

The Hacker Mind Podcast: Hacking Healthcare

MY TAKE: Lessons learned from the summer of script kiddies hacking Twitter, TikTok

Stay Connected