Security Affairs

MARCH 20, 2020

According to security researchers from Trend Micro, the Russia-linked APT28 cyberespionage group has been scanning vulnerable email servers for more than a year. The nation-state hackers are scanning the entire internet, in search of vulnerable webmail and Microsoft Exchange Autodiscover servers that expose TCP ports 445 and 1433.

Phishing 145

Phishing Accountability Advertising DNS 145

Security Affairs

AUGUST 29, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. “North Korea’s intelligence apparatus controls a hacking team dedicated to robbing banks through remote internet access.

Banking 144

Banking Malware Advertising Hacking 144

Security Affairs

MARCH 1, 2020

Ireland is a strategic place for intercontinental communications because it represents the place where undersea cables which carry internet traffic connect to Europe. This has raised concerns that Russian agents are checking the cables for weak points, with a view to tapping or even damaging them in the future.” Source [link].

Wireless 145

Wireless Surveillance Telecommunications Advertising 145

Security Affairs

NOVEMBER 29, 2020

In the last phase of the attack, the PowerShell script downloads encoded executable parts from legitimate cloud storage services like Dropbox or Bitbucket then assemble the Bandook loader, which injects the RAT into a new Internet Explorer process.

Energy and Utilities 139

Energy and Utilities Malware Government Healthcare 139

Security Affairs

APRIL 8, 2022

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Government 138

Government Media Malware Hacking 138

Security Affairs

MAY 22, 2019

The websites still use the technology because of a 20-year old law that mandated the use of Internet Explorer and asked users to allow ActiveX controls to run. Microsoft no longer supports ActiveX in Microsoft Edge, which is the default recommended default browser over Internet Explorer.

Government 94

Government Technology Internet Internet 94

Security Affairs

FEBRUARY 25, 2021

.” The malware was able to steal data from both office IT networks and a restricted network (one containing mission-critical assets and computers with highly sensitive data and no internet access). ” The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Malware 131

Malware Cryptocurrency Password Management Encryption 131

Security Affairs

MAY 4, 2022

Winnti (aka APT41 , Axiom, Barium , Blackfly) is a cyberespionage group that has been active since at least 2007. The attacks leverage a multi-step infection chain that starts with attacks on internet-facing servers in the attempt to deploy a web shell used for reconnaissance, lateral movement, and data exfiltration purposes.

Manufacturing 130

Manufacturing Malware Hacking Passwords 130

SC Magazine

MAY 18, 2021

Flags and the Dow logo at the main entrance of the Dow world headquarters complex is shown April 12, 2007 in Midland, Michigan. Not surprisingly, one of the first priorities Dow Jones focused on was providing employees secure access to the internet and company IT resources while they worked from home.

IoT 70

IoT Telecommunications Manufacturing Firewall 70

Security Affairs

SEPTEMBER 10, 2019

Microsoft Patch Tuesday security updates for September 2019 address 80 vulnerabilities, including two privilege escalation flaws that have been exploited in attacks in the wild. Interestingly, this file has been targeted by malware in the past, with some references going back as far as 2007.”

Authentication 89

Authentication Advertising Malware Internet 89

The Security Ledger

DECEMBER 21, 2022

The “web” has, in the space of 30 years, transformed from a funky little corner of the Internet full of pictures and text to become the bedrock of modern commerce. These days, Sima has situated himself on the other end of the vendor divide as the Chief Security Officer at Robinhood , the Menlo Park based stock trading and investments firm.

CSO 52

CSO Financial Services CISO Mobile 52

Security Affairs

AUGUST 6, 2019

The STRONTIUM APT group (aka APT28 , Fancy Bear , Pawn Storm , Sofacy Group , and Sednit ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

IoT 99

IoT Hacking Advertising Government 99

Security Affairs

MARCH 2, 2019

The command highlighted in Figure 2 is an instruction responsible to download an MSI file from the C2 server ( hxxp://195.123.209.169/control ), geolocated in Latvia and with ports 80 and 3389 opened to the Internet. The structure of this stream is fully specified in Microsoft Office Excel 97-2007 – Binary File Format Specification.

Malware 109

Malware Antivirus Technology Phishing 109

Cisco Security

JUNE 15, 2022

To consumers, the Internet of Things might bring to mind a smart fridge that lets you know when to buy more eggs, or the ability to control your home’s lighting and temperature remotely through your phone. But for cybersecurity professionals, internet-connected medical devices are more likely to be top-of-mind.

Internet 145

Internet Internet Manufacturing IoT 145

Security Affairs

MAY 6, 2021

A taste of the latest release of QakBot – one of the most popular and mediatic trojan bankers active since 2007. The malware QakBot , also known as Qbot , Pinkslipbot , and Quakbot is a banking trojan that has been made headlines since 2007. Figure 1: Email template of QakBot malware targeting Portuguese Internet end users – May 2021.

Malware 122

Malware Encryption Banking Software 122

Daniel Miessler

SEPTEMBER 29, 2020

Since 2007 the InfoSec industry has been talking about TheBigOne™—the event that would change cyber threats from annoyances to existential concerns. The idea was that it’d be some massive blast that would take out the country’s power grid, or disable the entire internet, along with what they used to call e-commerce.

Ransomware 246

Ransomware Government Social Engineering Small Business 246

CyberSecurity Insiders

APRIL 20, 2021

As a security evangelist, you understand the necessity of adhering to a set of security requirements, but as a normal staff member, you can understand the frustration of your non-security coworkers. Is there ever such a thing as being a “normal” staff member after you have crossed into the elite world of information security?

Healthcare 107

Healthcare Information Security Wireless Security Awareness 107

ForAllSecure

JULY 6, 2022

Centre for Defence: In 2007, a struggle over a divisive Soviet statutes set the standard for a new form of Russian interference in the affairs of foreign states. Vamosi: The slogan of the RSA Conference is “Where the World Talks Security,” and, in general. The Internet is where elections are won and lost.

Cybercrime 40

Cybercrime Government Ransomware Hacking 40