2000, Hacking and Malware - Cyber Security Informer

New ZLoader malware campaign hit more than 2000 victims across 111 countries

Security Affairs

JANUARY 10, 2022

A malware campaign spreads ZLoader malware by exploiting a Windows vulnerability that was fixed in 2013 but in 2014 Microsoft revised the fix. Experts from Check Point Research uncovered a new ZLoader malware campaign in early November 2021. SecurityAffairs – hacking, Zloader). Zeus OpenSSL). Pierluigi Paganini.

Malware

Malware Banking Software Cybercrime

OT attacks increased by over 2000 percent in 2019, IBM reports

Security Affairs

FEBRUARY 11, 2020

According to IBM, OT attacks increased by over 2000 percent in 2019, most of them involved the Echobot IoT malware. According to IBM X-Force, attacks targeting operational technology (OT) infrastructure increased by over 2000 p ercent in 2019 compared to 2018, and most of them involved the Echobot malware.

Advertising

Advertising Malware IoT Technology

Study shows connections between 2000 malware samples used by Russian APT groups

Security Affairs

SEPTEMBER 26, 2019

A joint research from Intezer and Check Point Research shows connections between nearly 2,000 malware samples developed by Russian APT groups. A joint research from Intezer and Check Point Research shed light on Russian hacking ecosystem and reveals connections between nearly 2,000 malware samples developed by Russian APT groups.

Malware

Malware Hacking Advertising Ransomware

The Olympics: a timeline of scams, hacks, and malware

Malwarebytes

JULY 28, 2021

And while actual, measurable cyberrattacks and hacks surrounding The Olympics did not truly get rolling until 2008 in Beijing, The Olympic games have traditionally been quite the target for malicious acts of all kinds, dating back years. 2000 Sydney. A non-hacked games were enjoyed by all. People getting up to mischief?

Scams

Scams Hacking Malware Mobile

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Security Affairs

FEBRUARY 13, 2025

Seashell Blizzard (aka Sandworm , BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRUs Main Center for Special Technologies (GTsST). On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Telecommunications

Telecommunications DNS Hacking Passwords

Romanian energy supplier Electrica Group is facing a ransomware attack

Security Affairs

DECEMBER 9, 2024

Electrica Group was established in 1998 as a division of CONEL, Romania’s largest electricity distribution company, and became independent in 2000 after CONEL’s restructuring. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Romania) The company serves over 3.8

Ransomware

Ransomware Cyber Attacks Cybercrime Marketing

The Belgacom hack was the work of the UK GCHQ intelligence agency

Security Affairs

OCTOBER 28, 2018

Belgian newspaper reported that investigators had found proof that the Belgacom hack was the work of the UK GCHQ intelligence agency. Back to September 2013, Belgacom (now Proximus), the largest telecommunications company in Belgium and primarily state-owned, announced its IT infrastructure had suffered a malware-based attack.

Hacking

Hacking Spyware Telecommunications Malware

US and UK link new Cyclops Blink malware to Russian state hackers?

Security Affairs

FEBRUARY 23, 2022

UK and US cybersecurity agencies linked Cyclops Blink malware to Russia’s Sandworm APT. US and UK cybersecurity and law enforcement agencies published a joint security advisory about a new malware, dubbed Cyclops Blink, that has been linked to the Russian-backed Sandworm APT group. SecurityAffairs – hacking, CISA).

Malware

Malware Firmware Architecture Firewall

Britain’s information commissioner fines British Airways for 2018 Hack

Security Affairs

OCTOBER 16, 2020

Britain’s information commissioner has fined British Airways 20 million pounds for the 2018 hack that exposed data of 400,000 customers. SecurityAffairs – hacking, British Airways). The post Britain’s information commissioner fines British Airways for 2018 Hack appeared first on Security Affairs. ” concludes the ICO.

Hacking

Hacking Data breaches Advertising Information Security

Why 83 Percent of Large Companies Are Vulnerable to This Basic Domain Hack

Adam Levin

JULY 8, 2020

Far from being jealously guarded assets with Fort Knox-level security, a new study of Forbes Global 2000 Companies suggests many domain names are imminently hackable. Many of these faux-Zoom sites were used to distribute malware under the guise of links to online meetings. That spells trouble if you’re the one that gets hacked.

Hacking

Hacking Retail Cyber Insurance Authentication

GUEST ESSAY – Notable events in hacking history that helped transform cybersecurity assessment

The Last Watchdog

SEPTEMBER 27, 2021

Phishing scams, malware, ransomware and data breaches are just some of the examples of cyberthreats that can devastate business operations and the protection of consumer information. The Morris worm was created by researcher Robert Morris and was considered one of the earliest forms of malware. The ILOVEYOU Worm (2000).

Hacking

Hacking Cybersecurity Identity Theft Technology

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

Security Affairs

SEPTEMBER 21, 2022

Russia-linked APT group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. Russia-linked cyberespionage group Sandworm has been observed impersonating telecommunication providers to target Ukrainian entities with malware. ” reads the report published by Recorded Future.

Malware

Malware Telecommunications DNS Hacking

Frequent VBA Macros used in Office Malware

Security Affairs

OCTOBER 1, 2019

The malware expert Marco Ramilli collected a small set of VBA Macros widely re-used to “weaponize” Maldoc (Malware Document) in cyber attacks. Here comes the idea to collect a small set of VBA Macros widely re-used to “weaponize” Maldoc (Malware Document) in contemporary cyber attacks. compatible; MSIE 6.0;

Malware

Malware Computers and Electronics Penetration Testing Cyber Attacks

Security Affairs newsletter Round 251

Security Affairs

FEBRUARY 16, 2020

Chinese Military personnel charged with hacking into credit reporting agency Equifax. Dell SupportAssist flaw exposes computers to hack, patch it asap! OT attacks increased by over 2000 percent in 2019, IBM reports. The Altsbit exchange will exit in May following a hack. Adobe addresses 42 flaws in its five products.

Cyber Attacks

Cyber Attacks Banking Advertising Internet

RansomBoggs Ransomware hit several Ukrainian entities, experts attribute it to Russia

Security Affairs

NOVEMBER 28, 2022

While the malware written in.NET is new, its deployment is similar to previous attacks attributed to #Sandworm. Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). MSIL/Filecoder.RansomBoggs.A

Ransomware

Ransomware Encryption Telecommunications Malware

Security Affairs newsletter Round 349

Security Affairs

JANUARY 16, 2022

SecurityAffairs – hacking, newsletter). Threat actors stole $18.7M Threat actors stole $18.7M Threat actors stole $18.7M Enjoy it! US NCSC and DoS share best practices against surveillance tools Swiss army asks its personnel to use the Threema instant-messaging app Russian submarines threatening undersea cables, UK defence chief warns.

Surveillance

Surveillance Ransomware Hacking Malware

Cerberus, a new banking Trojan available as malware-as-a-service in the underground

Security Affairs

AUGUST 13, 2019

A new malware-as-a- service dubbed Cerberus has emerged in the threat landscape, it is an Android RAT developed from scratch that doesn’t borrow the code from other malware. The malware implements banking Trojan capabilities such as the use of overlay attacks, the ability to intercept SMS messages and access to the contact list.

Banking

Banking Malware Advertising Social Engineering

SolarWinds hackers also breached the US NNSA nuclear agency

Security Affairs

DECEMBER 20, 2020

US DOE confirmed that threat actors behind the recent SolarWinds supply chain attack also hacked the networks of the US NNSA nuclear agency. Department of Energy that was established by Congress in 2000. The Cybersecurity and Infrastructure Security Agency was helping the federal agencies to respond to the hacking campaign.

Hacking

Hacking Software Malware Risk

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 4, 2024

Clorox estimates the costs of the August cyberattack will exceed $49 Million Mastodon fixed a flaw that can allow the takeover of any account Iranian hackers breached Albania’s Institute of Statistics (INSTAT) Operation Synergia led to the arrest of 31 individuals Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison Cloudflare breached (..)

Identity Theft

Identity Theft Malware VPN Ransomware

A new botnet named M?ris is behind massive DDoS attack that hit Yandex

Security Affairs

SEPTEMBER 9, 2021

The analysis of the sources of the attack revealed that they were devices with open ports 2000 and 5678 (2000 “Bandwidth test server” and port 5678 “Mikrotik Neighbor Discovery Protocol”), a combination that suggests the involvement of Mikrotik systems. SecurityAffairs – hacking, botnet). ris botnet.

DDOS

DDOS Internet Internet IoT

Security Affairs newsletter Round 433 by Pierluigi Paganini – International edition

Security Affairs

AUGUST 20, 2023

Every week the best security articles from Security Affairs are free for you in your email box. Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Cybercrime

Cybercrime Hacking Malware Phishing

Previously unknown Kapeka backdoor linked to Russian Sandworm APT

Security Affairs

APRIL 18, 2024

The nature of the targets, low detection rate, and sophisticated malware-supported features suggest that an APT group developed it. The malware masqueraded as a Microsoft Word Add-In (.wll) The malware has a multi-threaded implementation, utilizing event objects for thread synchronization and signaling.

Malware

Malware Ransomware Hacking Technology

EU Digital Services and Digital Markets Acts aim at setting new rules for tech giants

Security Affairs

DECEMBER 16, 2020

Eu authorities pointed out that the rules were never revisioned since 2000, the new laws have been anticipated by commissioners Margrethe Vestager and Thierry Breton. ” “Our rules on digital services in Europe – the most coveted single market in the world – date back to 2000. Pierluigi Paganini.

Marketing

Marketing Hacking Risk Information Security

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. The malware maintains persistence through Cron jobs. According to public sources, the threat actors targeted ICS of at least 11 Ukrainian telecommunications providers leading to the disruption of their services.

Telecommunications

Telecommunications Authentication Data collection Passwords

8220 Gang Cloud Botnet infected 30,000 host globally

Security Affairs

JULY 21, 2022

This month, the experts noticed that the number of infected hosts passed from 2000 to around 30,000. “While the group has operated for years, by mid 2021, the botnet was observed operating with roughly 2000 hosts globally. .” IRC Botnet malware and miner download/configuration and remediation persistence.

Cryptocurrency

Cryptocurrency Malware Hacking Internet

Sandworm APT targets Ukraine with new SwiftSlicer wiper

Security Affairs

JANUARY 28, 2023

1/3 pic.twitter.com/pMij9lpU5J — ESET Research (@ESETresearch) January 27, 2023 The Sandworm group has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The #SwiftSlicer wiper is written in Go programing language.

Telecommunications

Telecommunications Malware Hacking Technology

Chinese actors behind attacks on industrial enterprises and public institutions

Security Affairs

AUGUST 9, 2022

The CVE-2017-11882 flaw is a memory-corruption issue that affects all versions of Microsoft Office released between 2000 and 2017. Other malware employed in the attacks linked to TA428 are nccTrojan, Logtu, Cotx, and DNSep, and previously undetected malware named CotSam. SecurityAffairs – hacking, industrial enterprises).

Encryption

Encryption Antivirus Malware Hacking

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall

Security Affairs

MAY 1, 2024

Attackers used “super-aged” domains, usually registered before the year 2000, to avoid DNS blocklists and blending in with old malware at the same time The attackers manipulate MX (Mail Exchange) records by injecting fake responses through China’s Great Firewall.

DNS

DNS Firewall DDOS Hacking

Retired Malware Samples: Everything Old is New Again

Lenny Zeltser

JULY 27, 2018

Finding real-world malware samples that illustrate practical analysis techniques is tricky. When training professionals how to reverse-engineer malware , I’ve gone through lots of malicious programs for the purpose of educational examples. A Backdoor with a Backdoor. The backdoor had a backdoor! You Are an Idiot.

Malware

Malware Engineering Education Software

GUEST ESSAY: Supply chain vulnerabilities play out in latest Pentagon personnel records breach

The Last Watchdog

OCTOBER 15, 2018

Joseph Buccino now says that DoD continues to gather information on the size and scope of the hack, and is attempting to identify the culprits. The OPM breach put most federal workers since the year 2000 are at risk. Pentagon spokesman Lt. It will be interesting to see if there is a nation-state tie-in to this latest attack.

Risk

Risk Government Cyber Attacks Authentication

Russia-linked Sandworm continues to conduct attacks against Ukraine

Security Affairs

MAY 21, 2022

Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). ESETresearch found an evolution of a malware loader used during the #Industroyer2 attacks. SecurityAffairs – hacking, Sandworm).

Malware

Malware Government Cyber Attacks Hacking

Ransomware related news headlines trending on Google

CyberSecurity Insiders

DECEMBER 28, 2022

According to the intelligence gathered by the National Police Agency of South Korea, the Kim Jong UN funded hacking groups were caught stealing email and identity related credentials related to over 890 foreign policy proficients in the past few weeks.

Ransomware

Ransomware Insurance Healthcare Encryption

France agency ANSSI links Russia’s Sandworm APT to attacks on hosting providers

Security Affairs

FEBRUARY 15, 2021

Sandworm (aka BlackEnergy and TeleBots) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). SecurityAffairs – hacking, ANSSI). This backdoor is version 3.1.4. Pierluigi Paganini.

Software

Software VPN Internet Internet

US dismantled the Russia-linked Cyclops Blink botnet

Security Affairs

APRIL 6, 2022

“The operation copied and removed malware from vulnerable internet-connected firewall devices that Sandworm used for command and control (C2) of the underlying botnet.” Cyclops Blink is sophisticated malware with a modular structure. The malware leverages the firmware update process to achieve persistence.

Malware

Malware Government Firmware Firewall

Sandworm APT group hit Ukrainian news agency with five data wipers

Security Affairs

JANUARY 30, 2023

The Sandworm group has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). On September 2022, the Sandworm group was observed impersonating telecommunication providers to target Ukrainian entities with malware.

Telecommunications

Telecommunications Malware Hacking Technology

Russia-linked Cyclops Blink botnet targeting ASUS routers

Security Affairs

MARCH 18, 2022

The Cyclops Blink malware has been active since at least June 2019, it targets WatchGuard Firebox and other Small Office/Home Office (SOHO) network devices. Sandworm (aka BlackEnergy and TeleBots) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

IoT

IoT Firewall Malware Internet

CISA adds WatchGuard flaw to its Known Exploited Vulnerabilities Catalog

Security Affairs

APRIL 12, 2022

Sandworm (aka BlackEnergy and TeleBots) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). Cyclops Blink is sophisticated malware with a modular structure. The malware leverages the firmware update process to achieve persistence.

Firmware

Firmware Malware Cybersecurity Hacking

Security Affairs newsletter Round 233

Security Affairs

SEPTEMBER 29, 2019

North Korea-linked malware ATMDtrack infected ATMs in India. Study shows connections between 2000 malware samples used by Russian APT groups. After SIMJacker, WIBattack hacking technique disclosed. Malware-based attacks disrupted operations of Rheinmetall AG and Defence Construction Canada. The Dumb-Proof Guide.

Data breaches

Data breaches Malware Advertising Ransomware

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Herjavec Group

AUGUST 26, 2021

1834 — French Telegraph System — A pair of thieves hack the French Telegraph System and steal financial market information, effectively conducting the world’s first cyberattack. 1870 — Switchboard Hack — A teenager hired as a switchboard operator is able to disconnect and redirect calls and use the line for personal usage. .

Cybercrime

Cybercrime Computers and Electronics Banking Hacking

39% of all existing Counter-Strike 1.6 game servers online are malicious

Security Affairs

MARCH 14, 2019

was developed by Valve Corporation in 2000. Threat actors have set-up the servers in the attempt of hacking gamers’ computers worldwide by exploiting zero-day vulnerabilities in the game client. The delegation of the domain names used by the malware developer was suspended with the help of REG.ru The game Counter-Strike 1.6

Advertising

Advertising Malware Hacking Accountability

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Security Affairs

NOVEMBER 11, 2022

Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). In April, Sandworm targeted energy facilities in Ukraine with a new strain of the Industroyer ICS malware (INDUSTROYER2) and a new version of the CaddyWiper wiper.

Ransomware

Ransomware Telecommunications DNS Hacking

Russian Sandworm disrupts power in Ukraine with a new OT attack

Security Affairs

NOVEMBER 9, 2023

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The report includes a discovery and hardening guidance, Indicators of Compromise (IoCs) and Yara rules.

Telecommunications

Telecommunications Hacking Technology Internet

DHS also issued an alert for the Windows BlueKeep flaw

Security Affairs

JUNE 18, 2019

Experts at the CISA Agency successfully exploited the BlueKeep flaw on a machine running Windows 2000. BlueKeep is a wormable flaw that can be exploited by malware authors to create malicious code with WannaCry capabilities. SecurityAffairs – BlueKeep, hacking). Pierluigi Paganini.

Authentication

Authentication Advertising Malware Firewall

Google TAG warns of Russia-linked APT groups targeting Ukraine

Security Affairs

APRIL 20, 2023

. “FROZENBARENTS (aka Sandworm), a group attributed to Russian Armed Forces’ Main Directorate of the General Staff (GRU) Unit 74455, continues to focus heavily on the war in Ukraine with campaigns spanning intelligence collection, IO, and leaking hacked data through Telegram.” ” reads the report published by the Google TAG.

Phishing

Phishing Education Accountability Telecommunications

New ZLoader malware campaign hit more than 2000 victims across 111 countries

OT attacks increased by over 2000 percent in 2019, IBM reports

Trending Sources

Study shows connections between 2000 malware samples used by Russian APT groups

The Olympics: a timeline of scams, hacks, and malware

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Romanian energy supplier Electrica Group is facing a ransomware attack

The Belgacom hack was the work of the UK GCHQ intelligence agency

US and UK link new Cyclops Blink malware to Russian state hackers?

Britain’s information commissioner fines British Airways for 2018 Hack

Why 83 Percent of Large Companies Are Vulnerable to This Basic Domain Hack

GUEST ESSAY – Notable events in hacking history that helped transform cybersecurity assessment

Russian Sandworm APT impersonates Ukrainian telcos to deliver malware

Frequent VBA Macros used in Office Malware

Security Affairs newsletter Round 251

RansomBoggs Ransomware hit several Ukrainian entities, experts attribute it to Russia

Security Affairs newsletter Round 349

Cerberus, a new banking Trojan available as malware-as-a-service in the underground

SolarWinds hackers also breached the US NNSA nuclear agency

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

A new botnet named M?ris is behind massive DDoS attack that hit Yandex

Security Affairs newsletter Round 433 by Pierluigi Paganini – International edition

Previously unknown Kapeka backdoor linked to Russian Sandworm APT

EU Digital Services and Digital Markets Acts aim at setting new rules for tech giants

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

8220 Gang Cloud Botnet infected 30,000 host globally

Sandworm APT targets Ukraine with new SwiftSlicer wiper

Chinese actors behind attacks on industrial enterprises and public institutions

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall

Retired Malware Samples: Everything Old is New Again

GUEST ESSAY: Supply chain vulnerabilities play out in latest Pentagon personnel records breach

Russia-linked Sandworm continues to conduct attacks against Ukraine

Ransomware related news headlines trending on Google

France agency ANSSI links Russia’s Sandworm APT to attacks on hosting providers

US dismantled the Russia-linked Cyclops Blink botnet

Sandworm APT group hit Ukrainian news agency with five data wipers

Russia-linked Cyclops Blink botnet targeting ASUS routers

CISA adds WatchGuard flaw to its Known Exploited Vulnerabilities Catalog

Security Affairs newsletter Round 233

Cyber CEO: The History Of Cybercrime, From 1834 To Present

39% of all existing Counter-Strike 1.6 game servers online are malicious

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Russian Sandworm disrupts power in Ukraine with a new OT attack

DHS also issued an alert for the Windows BlueKeep flaw

Google TAG warns of Russia-linked APT groups targeting Ukraine

Stay Connected