2000, Hacking and Information Security - Cyber Security Informer

OT attacks increased by over 2000 percent in 2019, IBM reports

Security Affairs

FEBRUARY 11, 2020

According to IBM, OT attacks increased by over 2000 percent in 2019, most of them involved the Echobot IoT malware. According to IBM X-Force, attacks targeting operational technology (OT) infrastructure increased by over 2000 p ercent in 2019 compared to 2018, and most of them involved the Echobot malware. Pierluigi Paganini.

Advertising

Advertising Malware IoT Technology

New ZLoader malware campaign hit more than 2000 victims across 111 countries

Security Affairs

JANUARY 10, 2022

The malware campaign is still active and threat actors have already stolen data and credentials of more than 2000 victims across 111 countries as of 2 Jan 2022. SecurityAffairs – hacking, Zloader). The post New ZLoader malware campaign hit more than 2000 victims across 111 countries appeared first on Security Affairs.

Malware

Malware Banking Software Cybercrime

Study shows connections between 2000 malware samples used by Russian APT groups

Security Affairs

SEPTEMBER 26, 2019

A joint research from Intezer and Check Point Research shed light on Russian hacking ecosystem and reveals connections between nearly 2,000 malware samples developed by Russian APT groups. The report is extremely interesting because gives to the analysts an overview of the Russian hacking community and their operations.

Malware

Malware Hacking Advertising Ransomware

Ukraine’s GUR hacked the Russian Ministry of Defense

Security Affairs

MARCH 4, 2024

The Main Intelligence Directorate (GUR) of Ukraine’s Ministry of Defense claims that it hacked the Russian Ministry of Defense. Stolen documents include: confidential documents, including orders and reports circulated among over 2000 structural units of the Russian military service.

Hacking

Hacking Data breaches Encryption Government

Romanian energy supplier Electrica Group is facing a ransomware attack

Security Affairs

DECEMBER 9, 2024

Electrica Group was established in 1998 as a division of CONEL, Romania’s largest electricity distribution company, and became independent in 2000 after CONEL’s restructuring. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Romania) The company serves over 3.8

Ransomware

Ransomware Cyber Attacks Cybercrime Marketing

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Security Affairs

FEBRUARY 13, 2025

Seashell Blizzard (aka Sandworm , BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRUs Main Center for Special Technologies (GTsST). “ Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Russia)

Telecommunications

Telecommunications DNS Passwords Hacking

Approximately 2000 Citrix NetScaler servers were backdoored in a massive campaign

Security Affairs

AUGUST 16, 2023

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, NetScaler) The post Approximately 2000 Citrix NetScaler servers were backdoored in a massive campaign appeared first on Security Affairs.

System Administration

System Administration VPN Software Hacking

Britain’s information commissioner fines British Airways for 2018 Hack

Security Affairs

OCTOBER 16, 2020

Britain’s information commissioner has fined British Airways 20 million pounds for the 2018 hack that exposed data of 400,000 customers. In September 2018, British Airways suffered a data breach that exposed the personal information of 400,000 customers. SecurityAffairs – hacking, British Airways). Pierluigi Paganini.

Hacking

Hacking Data breaches Advertising Information Security

A new botnet named M?ris is behind massive DDoS attack that hit Yandex

Security Affairs

SEPTEMBER 9, 2021

The analysis of the sources of the attack revealed that they were devices with open ports 2000 and 5678 (2000 “Bandwidth test server” and port 5678 “Mikrotik Neighbor Discovery Protocol”), a combination that suggests the involvement of Mikrotik systems. SecurityAffairs – hacking, botnet). ris botnet.

DDOS

DDOS Internet Internet Hacking

EU Digital Services and Digital Markets Acts aim at setting new rules for tech giants

Security Affairs

DECEMBER 16, 2020

Eu authorities pointed out that the rules were never revisioned since 2000, the new laws have been anticipated by commissioners Margrethe Vestager and Thierry Breton. ” “Our rules on digital services in Europe – the most coveted single market in the world – date back to 2000. Pierluigi Paganini.

Marketing

Marketing Hacking Risk Information Security

Security Affairs newsletter Round 251

Security Affairs

FEBRUARY 16, 2020

Chinese Military personnel charged with hacking into credit reporting agency Equifax. Dell SupportAssist flaw exposes computers to hack, patch it asap! OT attacks increased by over 2000 percent in 2019, IBM reports. The Altsbit exchange will exit in May following a hack. Adobe addresses 42 flaws in its five products.

Cyber Attacks

Cyber Attacks Banking Advertising Internet

Experts disclosed a 22-year-old bug in popular SQLite Database library

Security Affairs

OCTOBER 25, 2022

The security expert Andreas Kellas detailed a high-severity vulnerability, tracked as CVE-2022-35737 (CVSS score: 7.5), in the SQLite database library, which was introduced in October 2000. SecurityAffairs – hacking, SQLite). The CVE-2022-35737 flaw is an integer overflow issue that impacts SQLite versions 1.0.12 through 3.39.x

Hacking

Hacking Information Security

Security Affairs newsletter Round 349

Security Affairs

JANUARY 16, 2022

SecurityAffairs – hacking, newsletter). The post Security Affairs newsletter Round 349 appeared first on Security Affairs. Threat actors stole $18.7M Threat actors stole $18.7M Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Ransomware

Ransomware Surveillance Malware Hacking

SolarWinds hackers also breached the US NNSA nuclear agency

Security Affairs

DECEMBER 20, 2020

US DOE confirmed that threat actors behind the recent SolarWinds supply chain attack also hacked the networks of the US NNSA nuclear agency. US DOE confirmed this week that threat actors behind the recent SolarWinds supply chain attack also compromised the networks of the US National Nuclear Security Administration (NNSA) agency.

Hacking

Hacking Software Malware Risk

GOOGLE FIXED THE FIFTH CHROME ZERO-DAY OF 2023

Security Affairs

SEPTEMBER 28, 2023

Reported by [pwn2car] on 2023-09-05 [$2000][ 1475798 ] High CVE-2023-5187: Use after free in Extensions. Google also addressed this month the following vulnerabilities in the Chrome browser: [$TBD][ 1478889 ] High CVE-2023-5186: Use after free in Passwords.

Surveillance

Surveillance Spyware Passwords Hacking

Security Affairs newsletter Round 433 by Pierluigi Paganini – International edition

Security Affairs

AUGUST 20, 2023

Over 3,000 Android Malware spotted using unsupported/unknown compression methods to avoid detection WinRAR flaw enables remote code execution of arbitrary code #OpFukushima: Anonymous group protests against the plan to dump Fukushima RADIOACTIVE wastewater into Pacific Massive phishing campaign targets users of the Zimbra Collaboration email server (..)

Cybercrime

Cybercrime Hacking Malware Phishing

RansomBoggs Ransomware hit several Ukrainian entities, experts attribute it to Russia

Security Affairs

NOVEMBER 28, 2022

Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). SecurityAffairs – hacking, RansomBoggs ransomware). 1/9 pic.twitter.com/WyxzCZSz84 — ESET research (@ESETresearch) November 25, 2022.

Ransomware

Ransomware Encryption Telecommunications Malware

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. The Russia-linked APT group Sandworm (UAC-0165) has compromised eleven telecommunication service providers in Ukraine between May and September 2023, reported the Ukraine’s Computer Emergency Response Team (CERT-UA).

Telecommunications

Telecommunications Authentication Data collection Passwords

GUEST ESSAY: Supply chain vulnerabilities play out in latest Pentagon personnel records breach

The Last Watchdog

OCTOBER 15, 2018

The Pentagon has since issued a statement conceding that a department cyber team informed leaders about the breach on Oct. Joseph Buccino now says that DoD continues to gather information on the size and scope of the hack, and is attempting to identify the culprits. Pentagon spokesman Lt. Cross-referencing.

Risk

Risk Government Cyber Attacks Passwords

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 4, 2024

Clorox estimates the costs of the August cyberattack will exceed $49 Million Mastodon fixed a flaw that can allow the takeover of any account Iranian hackers breached Albania’s Institute of Statistics (INSTAT) Operation Synergia led to the arrest of 31 individuals Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison Cloudflare breached (..)

Identity Theft

Identity Theft VPN Malware Ransomware

France agency ANSSI links Russia’s Sandworm APT to attacks on hosting providers

Security Affairs

FEBRUARY 15, 2021

Sandworm (aka BlackEnergy and TeleBots) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, ANSSI). Pierluigi Paganini.

VPN

VPN Software Internet Internet

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall

Security Affairs

MAY 1, 2024

Attackers used “super-aged” domains, usually registered before the year 2000, to avoid DNS blocklists and blending in with old malware at the same time The attackers manipulate MX (Mail Exchange) records by injecting fake responses through China’s Great Firewall. .”

DNS

DNS Firewall DDOS Hacking

8220 Gang Cloud Botnet infected 30,000 host globally

Security Affairs

JULY 21, 2022

This month, the experts noticed that the number of infected hosts passed from 2000 to around 30,000. The growth is linked to the increased use of Linux and common cloud application vulnerabilities and poorly secured configurations for services such as Docker, Apache WebLogic, and Redis. SecurityAffairs – hacking, 8220 Gang ).

Cryptocurrency

Cryptocurrency Malware Internet Internet

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Security Affairs

JANUARY 5, 2024

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

Mobile

Mobile Telecommunications Cyber Attacks Internet

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Security Affairs

JULY 15, 2021

Below the recommendations provided by the company: SRA 4600/1600 (EOL 2019) Disconnect immediately Reset passwords SRA 4200/1200 (EOL 2016) Disconnect immediately Reset passwords SSL-VPN 200/2000/400 (EOL 2013/2014) Disconnect immediately Reset passwords SMA 400/200 (Still Supported, in Limited Retirement Mode) Update to 10.2.0.7-34

Firmware

Firmware Ransomware Passwords Mobile

Chinese actors behind attacks on industrial enterprises and public institutions

Security Affairs

AUGUST 9, 2022

The CVE-2017-11882 flaw is a memory-corruption issue that affects all versions of Microsoft Office released between 2000 and 2017. SecurityAffairs – hacking, industrial enterprises). The post Chinese actors behind attacks on industrial enterprises and public institutions appeared first on Security Affairs. Pierluigi Paganini.

Encryption

Encryption Antivirus Malware Hacking

Sandworm APT targets Ukraine with new SwiftSlicer wiper

Security Affairs

JANUARY 28, 2023

1/3 pic.twitter.com/pMij9lpU5J — ESET Research (@ESETresearch) January 27, 2023 The Sandworm group has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The #SwiftSlicer wiper is written in Go programing language.

Telecommunications

Telecommunications Malware Hacking Ransomware

Google fixed a new Chrome Zero-Day actively exploited in the wild

Security Affairs

AUGUST 17, 2022

Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-06-22 [$2000][ 1345193 ] Medium CVE-2022-2860: Insufficient policy enforcement in Cookies. SecurityAffairs – hacking, Chrome). The post Google fixed a new Chrome Zero-Day actively exploited in the wild appeared first on Security Affairs.

Telecommunications

Telecommunications Mobile Engineering Hacking

Russian Sandworm disrupts power in Ukraine with a new OT attack

Security Affairs

NOVEMBER 9, 2023

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The report includes a discovery and hardening guidance, Indicators of Compromise (IoCs) and Yara rules.

Telecommunications

Telecommunications Hacking Technology Internet

US and UK link new Cyclops Blink malware to Russian state hackers?

Security Affairs

FEBRUARY 23, 2022

US and UK cybersecurity and law enforcement agencies published a joint security advisory about a new malware, dubbed Cyclops Blink, that has been linked to the Russian-backed Sandworm APT group. SecurityAffairs – hacking, CISA). appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook.

Malware

Malware Firmware Architecture Firewall

Previously unknown Kapeka backdoor linked to Russian Sandworm APT

Security Affairs

APRIL 18, 2024

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). WithSecure believes that Kapeka is likely part of the Sandworm’s arsenal.

Malware

Malware Ransomware Hacking Technology

Imperva blocked the largest Layer 7 DDoS attack it has ever seen

Security Affairs

JULY 25, 2019

Experts noticed that most of the IPs that were involved in the attack had the same opened ports: 2000 and 7547. You can protect yourself, your business and your reputation by using the Account Takeover Protection capability of Imperva’s Application Security stack. SecurityAffairs – DDoS, hacking). ” concludes Imperva.

DDOS

DDOS Authentication IoT Hacking

Developer successfully compiled leaked source code for MS Windows XP and Windows Server 2003 OSs

Security Affairs

SEPTEMBER 30, 2020

The leaker also added that the source code for multiple Microsoft operating systems is circulating in the hacking community for years. SecurityAffairs – hacking, Cisco IOS XR). The post Developer successfully compiled leaked source code for MS Windows XP and Windows Server 2003 OSs appeared first on Security Affairs.

Advertising

Advertising Hacking Accountability Information Security

19-Year-Old man arrested for misusing leaked record from Optus Breach

Security Affairs

OCTOBER 6, 2022

” The arrest is the result of Operation Guardian led by AFP which became aware of a number of text messages demanding some Optus customers transfer $2000 to a bank account or face their personal information being used for financial crimes. SecurityAffairs – hacking, Optus). Pierluigi Paganini.

Data breaches

Data breaches Scams Telecommunications Financial Services

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Security Affairs

NOVEMBER 11, 2022

Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). SecurityAffairs – hacking, Prestige ransomware). Follow me on Twitter: @securityaffairs and Facebook and Mastodon. Pierluigi Paganini.

Ransomware

Ransomware Telecommunications DNS Hacking

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

Security Affairs

SEPTEMBER 21, 2022

Multiple security firms have reported that the Sandworm APT continues to target Ukraine with multiple means, including custom malware and botnet like Cyclops Blink. Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

Malware

Malware Telecommunications DNS Hacking

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Security Affairs

APRIL 2, 2023

The documents demonstrate that it also developed hacking tools for the Russia-linked APT group Sandworm. The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

Energy and Utilities

Energy and Utilities Media Hacking Technology

Sandworm APT group hit Ukrainian news agency with five data wipers

Security Affairs

JANUARY 30, 2023

The Sandworm group has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). According to the report, threat actors conducted a reconnaissance of the Ukrinform agency no later than December 7, 2022, and breached its systems on January 17, 2023.

Telecommunications

Telecommunications Malware Hacking Ransomware

Experts warn of critical flaws in Flexlan devices that provide WiFi on airplanes

Security Affairs

SEPTEMBER 19, 2022

“It is found that our wireless products, FLEXLAN FX3000/2000 series, have a firmware vulnerability. SecurityAffairs – hacking, Log4Shell). The post Experts warn of critical flaws in Flexlan devices that provide WiFi on airplanes appeared first on Security Affairs. ” reads the advisory published by Contec.

Wireless

Wireless Firmware Passwords Engineering

Ukraine cyber police arrested a man for selling data of 300M people

Security Affairs

APRIL 28, 2023

The man had information on passport data, taxpayer numbers, birth certificates, driver’s licenses, and bank account data. Depending on the amount of data offered for sale, the man demanded from 500 to 2000 dollars. ” reads the announcement published by the Ukraine Cyber Police.

Education

Education Accountability Banking Mobile

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Security Affairs

MAY 4, 2023

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017.

VPN

VPN Education Accountability Cyber Attacks

Russia-linked Sandworm continues to conduct attacks against Ukraine

Security Affairs

MAY 21, 2022

Security experts from ESET reported that the Russia-linked cyberespionage group Sandworm continues to launch cyber attacks against entities in Ukraine. Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

Malware

Malware Government Cyber Attacks Hacking

CISA warns of a critical flaw affecting Illumina medical devices

Security Affairs

APRIL 29, 2023

and newer NextSeq 1000/2000 Control Software: v1.4.1 Nominate here: [link] Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ChatGPT ) The post CISA warns of a critical flaw affecting Illumina medical devices appeared first on Security Affairs.

Software

Software Data breaches Education Media

CISA adds WatchGuard flaw to its Known Exploited Vulnerabilities Catalog

Security Affairs

APRIL 12, 2022

Sandworm (aka BlackEnergy and TeleBots) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). SecurityAffairs – hacking, Known Exploited Vulnerabilities Catalog ). To nominate, please visit:? Follow me on Twitter: @securityaffairs and Facebook.

Malware

Malware Firmware Cybersecurity Hacking

OT attacks increased by over 2000 percent in 2019, IBM reports

New ZLoader malware campaign hit more than 2000 victims across 111 countries

Trending Sources

Study shows connections between 2000 malware samples used by Russian APT groups

Ukraine’s GUR hacked the Russian Ministry of Defense

Romanian energy supplier Electrica Group is facing a ransomware attack

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Approximately 2000 Citrix NetScaler servers were backdoored in a massive campaign

Britain’s information commissioner fines British Airways for 2018 Hack

A new botnet named M?ris is behind massive DDoS attack that hit Yandex

EU Digital Services and Digital Markets Acts aim at setting new rules for tech giants

Security Affairs newsletter Round 251

Experts disclosed a 22-year-old bug in popular SQLite Database library

Security Affairs newsletter Round 349

SolarWinds hackers also breached the US NNSA nuclear agency

GOOGLE FIXED THE FIFTH CHROME ZERO-DAY OF 2023

Security Affairs newsletter Round 433 by Pierluigi Paganini – International edition

RansomBoggs Ransomware hit several Ukrainian entities, experts attribute it to Russia

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

GUEST ESSAY: Supply chain vulnerabilities play out in latest Pentagon personnel records breach

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

France agency ANSSI links Russia’s Sandworm APT to attacks on hosting providers

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall

8220 Gang Cloud Botnet infected 30,000 host globally

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Chinese actors behind attacks on industrial enterprises and public institutions

Sandworm APT targets Ukraine with new SwiftSlicer wiper

Google fixed a new Chrome Zero-Day actively exploited in the wild

Russian Sandworm disrupts power in Ukraine with a new OT attack

US and UK link new Cyclops Blink malware to Russian state hackers?

Previously unknown Kapeka backdoor linked to Russian Sandworm APT

Imperva blocked the largest Layer 7 DDoS attack it has ever seen

Developer successfully compiled leaked source code for MS Windows XP and Windows Server 2003 OSs

19-Year-Old man arrested for misusing leaked record from Optus Breach

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

Leaked documents from Russian firm NTC Vulkan show Sandworm cyberwarfare arsenal

Sandworm APT group hit Ukrainian news agency with five data wipers

Experts warn of critical flaws in Flexlan devices that provide WiFi on airplanes

Ukraine cyber police arrested a man for selling data of 300M people

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Russia-linked Sandworm continues to conduct attacks against Ukraine

CISA warns of a critical flaw affecting Illumina medical devices

CISA adds WatchGuard flaw to its Known Exploited Vulnerabilities Catalog

Stay Connected