2004, Information Security and Malware - Cyber Security Informer

New Linux variant of BIFROSE RAT uses deceptive domain strategies

Security Affairs

MARCH 3, 2024

The Bifrost RAT has been active since 2004, it allows its operators to gather sensitive information, including hostname and IP address. The researchers observed the malware trying to contact a Taiwan-based public DNS resolver with the IP address 168.95.1[.]1. com) that mimics the legitimate VMware domain.

DNS

DNS Malware Encryption Hacking

Sophos Sandboxie is now available as an open-source tool

Security Affairs

APRIL 10, 2020

.” The sandbox was developed by Ronen Tzur and released on June 26, 2004, he sold the solution to Invincea in 2013. Releasing the tool as the open-source, Sophos aims at engaging malware researchers to improve its Sandboxie with knowledge of the community. . SecurityAffairs – Sandbox, malware). Pierluigi Paganini.

Advertising

Advertising Malware Marketing Technology

Russia-linked Turla APT uses new TinyTurla-NG backdoor to spy on Polish NGOs

Security Affairs

FEBRUARY 16, 2024

The Turla APT group (aka Snake , Uroburos , Waterbug , Venomous Bear and KRYPTON ) has been active since at least 2004 targeting diplomatic and government organizations and private businesses in the Middle East, Asia, Europe, North and South America, and former Soviet bloc nations.

Malware

Malware Password Management Passwords Hacking

Critical bug in decoder used by popular chipsets exposes 2/3 of Android devices to hack

Security Affairs

APRIL 21, 2022

Security researchers at Check Point Research have discovered a critical remote code execution that affects the implementation of the Apple Lossless Audio Codec (ALAC) in Android devices running on Qualcomm and MediaTek chipsets. ALAC was developed in 2004 and Apple open-sourced it in 2011, since then many third-party vendors used it.

Hacking

Hacking Media Malware Cybersecurity

Domestic Kitten has been conducting surveillance targeting over 1,000 individuals

Security Affairs

FEBRUARY 8, 2021

The researchers documented a malware, tracked as ‘FurBall,’ that was employed since the beginning of the operation. The attack chain leverage multiple vectors Telegram channels, SMS messages containing a link to the malware, phishing messages, and watering hole attacks involving Iranian websites. ” concludes the report.

Surveillance

Surveillance Mobile Malware Cyber Attacks

The Five-Step PCI DSS 4.0 Transition Checklist

CyberSecurity Insiders

JANUARY 6, 2023

With the boom in digital commerce paired with the increased popularity of contactless payment and cloud-stored accountholder data, the Payment Card Industry (PCI) Security Standards Council decided to re-evaluate the existing standard. Test security of systems and networks regularly. The current version, PCI DSS v3.2.1,

Antivirus

Antivirus Retail Software Accountability

US disrupts Russia-linked Snake implant’s network

Security Affairs

MAY 10, 2023

The US government announced to have disrupted the peer-to-peer (P2P) network of computers compromised by the Snake malware. The malware has been designed and used by Center 16 of Russia’s Federal Security Service (FSB) in cyber espionage operations on sensitive targets. ” reads the press release published by DoJ.

Malware

Malware Government Hacking Cybersecurity

Tianfu Cup 2020 – 5 minutes to hack Windows 10, Ubuntu iOS, VMWare EXSi, and others

Security Affairs

NOVEMBER 9, 2020

11 out of 16 targets cracked with 23 successful demos: Chrome, Safari, FireFox Adobe PDF Reader Docker-CE, VMware EXSi, Qemu, CentOS 8 iPhone 11 Pro+iOS 14, GalaxyS20 Windows 10 2004 TP-Link, ASUS Router — TianfuCup (@TianfuCup) November 8, 2020. Many mature and hard targets have been pwned on this year’s contest.

Hacking

Hacking Firmware Software Government

Turla APT used two new backdoors to infiltrate a European ministry of foreign affairs

Security Affairs

MAY 17, 2024

Russia-linked Turla APT allegedly used two new backdoors, named Lunar malware and LunarMail, to target European government agencies. ESET researchers discovered two previously unknown backdoors named LunarWeb and LunarMail that were exploited to breach European ministry of foreign affairs.

Phishing

Phishing Software Government Encryption

Turla APT group used a new backdoor in attacks against Afghanistan, Germany and the US

Security Affairs

SEPTEMBER 21, 2021

The previously undetected backdoor is likely used by the nation-state actor as a second-chance backdoor in case if the primary Turla malware is removed. Threat actors targeted the previous Afghan government, Talos speculates. “The adversaries installed the backdoor as a service on the infected machine.

Government

Government Malware Encryption Hacking

Britain’s information commissioner fines British Airways for 2018 Hack

Security Affairs

OCTOBER 16, 2020

. “The ICO has specific responsibilities set out in the Data Protection Act 2018, the General Data Protection Regulation (GDPR), the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003. ” concludes the ICO.

Hacking

Hacking Data breaches Advertising Information Security

Microsoft Out-of-Band security patch fixes Windows privilege escalation flaws

Security Affairs

AUGUST 20, 2020

Both vulnerabilities were addressed by Microsoft in August, the August 2020 Patch Tuesday security updates fixed the flaws in Windows 10, Windows 7, and Windows Server 2008, 2012, 2016, 2019, and Windows Server versions 1903, 1909, and 2004. The IT giant urges users to apply the security updates as soon as possible.

Advertising

Advertising Hacking Information Security Malware

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

The company added that the incident may have impacted those that attended a public institution of higher education in Colorado between 2007-2020, attended a Colorado public high school between 2004-2020, individuals with a Colorado K-12 public school educator license between 2010-2014, participated in the Dependent Tuition Assistance Program from 2009-2013, (..)

Data breaches

Data breaches Education Ransomware Hacking

Achieving PCI DSS Compliant Firewalls within a Small Business

Security Boulevard

MAY 6, 2021

Cloud Security Connectivity with third parties and cloud service providers can also be controlled through a firewall policy, to safeguard from supply chain threats and protect sensitive data from exposure. Malware Protection Firewalls are much more than just filtering network traffic based on IP addresses.

Small Business

Small Business Firewall Wireless Internet

Harvard Business Publishing licensee hit by ransomware

Security Affairs

OCTOBER 9, 2022

SHA1 (Secure Hashing Algorithm 1) has been broken since 2004 and can be breached quickly by criminals at relatively little cost. Moreover, the database contained physical addresses – paired with names, email addresses, and phone numbers, this information could be used for identity theft or harassment.

Ransomware

Ransomware Passwords Encryption Identity Theft

CyberArk Named an Overall Privileged Access Management Leader by KuppingerCole Analysts in 2021 Leadership Compass Report

CyberSecurity Insiders

SEPTEMBER 3, 2021

This KuppingerCole Leadership Compass evaluated 26 vendors in the Privileged Access Management (PAM) market to help security and Identity and Access Management (IAM) leaders identify and select solutions that will have the greatest impact on their cybersecurity programs. About KuppingerCole Analysts.

Digital transformation

Digital transformation Marketing Architecture Manufacturing

PCI Audit – Checklist & Requirements

Centraleyes

DECEMBER 17, 2023

The Payment Card Industry Data Security Standard, known widely as PCI DSS, is a set of security standards intended to ensure that ALL businesses who accept, process, store, or transmit credit card data do so in a safe manner. Important Note: PCI DSS current version, Version 3.2.1, in March of 2024.

Passwords

Passwords Computers and Electronics Software Encryption

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

Security Affairs

SEPTEMBER 2, 2019

and Israel get Stuxnet onto the highly secured Natanz plant? For years, experts speculated the involvement of a spy that infiltrated the Iranian plant and installed the malware. That mole physically spread the malware inside the plant using a USB flash drive. In 2004, Mossad and the CIA asked for help from AIVD.

Malware

Malware Engineering Advertising Hacking

Operation Moonlander dismantled the botnet behind Anyproxy and 5socks cybercriminals services

Security Affairs

MAY 10, 2025

. “The Indictment alleges that a botnet was created by infecting older-model wireless internet routers worldwide, including in the United States, using malware without their owners knowledge.” Operating since 2004, the site falsely claimed identities to register domains. ” reads the press release published by DoJ.

Malware

Malware DDOS Internet Internet

Cyber Security Informer

New Linux variant of BIFROSE RAT uses deceptive domain strategies

Sophos Sandboxie is now available as an open-source tool

Trending Sources

Russia-linked Turla APT uses new TinyTurla-NG backdoor to spy on Polish NGOs

Critical bug in decoder used by popular chipsets exposes 2/3 of Android devices to hack

Domestic Kitten has been conducting surveillance targeting over 1,000 individuals

The Five-Step PCI DSS 4.0 Transition Checklist

US disrupts Russia-linked Snake implant’s network

Tianfu Cup 2020 – 5 minutes to hack Windows 10, Ubuntu iOS, VMWare EXSi, and others

Turla APT used two new backdoors to infiltrate a European ministry of foreign affairs

Turla APT group used a new backdoor in attacks against Afghanistan, Germany and the US

Britain’s information commissioner fines British Airways for 2018 Hack

Microsoft Out-of-Band security patch fixes Windows privilege escalation flaws

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Achieving PCI DSS Compliant Firewalls within a Small Business

Harvard Business Publishing licensee hit by ransomware

CyberArk Named an Overall Privileged Access Management Leader by KuppingerCole Analysts in 2021 Leadership Compass Report

PCI Audit – Checklist & Requirements

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

Operation Moonlander dismantled the botnet behind Anyproxy and 5socks cybercriminals services

Stay Connected