2008 and Hacking - Cyber Security Informer

A zero-day in Windows 7 and Windows Server 2008 has yet to be fixed

Security Affairs

NOVEMBER 26, 2020

Researcher discovers a zero-day vulnerability in Windows 7 and Windows Server 2008 while he was working on a Windows security tool. “If you have ever run this script on Windows 7 or Windows Server 2008 R2 , you probably noticed a weird recurring result and perhaps thought that it was a false positive just as I did.

Hacking

Hacking Information Security Malware

Microsoft Patches Zero-Day Bug in Win7, Server 2008 and 2008 R2

Threatpost

NOVEMBER 13, 2018

Microsoft’s November Patch Tuesday fixes include mitigation against a zero-day vulnerability leaving Windows 7, Server 2008 and Server 2008 R2 open to attack.

Malware

Malware Hacking

0patch will provide micropatches for Windows 7 and Server 2008 after EoS

Security Affairs

SEPTEMBER 22, 2019

With the end-of-life of Windows 7 and Server 2008, their users will no more receive security patches, the only way to remain protected is to trust in micropatches. On January 14, 2020, support for Window 7, Windows Server 2008 and 2008 R2 will end, this means that users will no longer receive security updates.

Advertising

Advertising Hacking Software Risk

US NSA hacks Chinese Aviation University

CyberSecurity Insiders

SEPTEMBER 5, 2022

For the first time in the history of cyber attacks, a China-based university serving Aviation industry has accused the United States National Security Agency (NSA) for hacking into its servers to steal intelligence related to aviation, aerospace and navigation study material.

Hacking

Hacking Surveillance Education Cyber Attacks

Teens Hacked Boston Subway’s CharlieCard to Get Infinite Free Rides—and This Time Nobody Got Sued

WIRED Threat Level

AUGUST 10, 2023

In 2008, Boston’s transit authority sued to stop MIT hackers from presenting at the Defcon hacker conference on how to get free subway rides. Today, four teens picked up where they left off.

Hacking

The Olympics: a timeline of scams, hacks, and malware

Malwarebytes

JULY 28, 2021

And while actual, measurable cyberrattacks and hacks surrounding The Olympics did not truly get rolling until 2008 in Beijing, The Olympic games have traditionally been quite the target for malicious acts of all kinds, dating back years. It was also the first major Olympics event where organizers braced for hacking related impact.

Scams

Scams Hacking Malware Mobile

From Cybercrime Saul Goodman to the Russian GRU

Krebs on Security

FEBRUARY 7, 2024

In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. From the forum’s inception until around 2008, Djamix was one of its most active and eloquent contributors. ru at DomainTools.com reveals this address has been used to register at least 10 domain names since 2008. Some of those photos date back to 2008.

Cybercrime

Cybercrime Accountability Identity Theft Hacking

Microsoft rolled out emergency updates to fix Windows Server auth failures

Security Affairs

NOVEMBER 15, 2021

These issues impacts Windows Server 2019 and lower versions, including Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2. SecurityAffairs – hacking, Operation Cyclone). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Authentication

Authentication Hacking Information Security

Hacking Nespresso machines to have unlimited funds to purchase coffee

Security Affairs

FEBRUARY 7, 2021

Some commercial Nespresso machines that are used in Europe could be hacked to add unlimited funds to purchase coffee. Some Nespresso Pro machines in Europe could be hacked to add unlimited funds to purchase coffee. SecurityAffairs – hacking, Nespresso). The vulnerability was disclosed by the security researcher Polle Vanhoof.

Hacking

Hacking Technology Software Engineering

Microsoft Fixes Bad Patch That Left Windows 7, Server 2008 Open to Attack

Threatpost

MARCH 30, 2018

Microsoft released an out-of-band security update that corrected a faulty patch that left Windows 7 and Windows Server 2008 open to attack.

Hacking

DarkPulsar and other NSA hacking tools used in hacking operations in the wild

Security Affairs

OCTOBER 21, 2018

Attackers are targeting high-value servers using a three of hacking tools from NSA arsenal, including DarkPulsar, that were leaked by the Shadow Brokers hacker group. It shows how hackers combined the tool to carry out high sophisticated hacking operations. Security Affairs – NSA hacking tools, DarkPulsar ).

Hacking

Hacking Energy and Utilities Advertising Authentication

U.S. Internet Leaked Years of Internal, Customer Emails

Krebs on Security

FEBRUARY 14, 2024

Some of the exposed emails dated back to 2008; others were as recent as the present day. Holden said he also discovered that hackers have been abusing a Securence link scrubbing and anti-spam service called Url-Shield to create links that look benign but instead redirect visitors to hacked and malicious websites.

Internet

Internet Internet Wireless Government

The Link Between AWM Proxy & the Glupteba Botnet

Krebs on Security

JUNE 28, 2022

That same day, AWM Proxy — a 14-year-old anonymity service that rents hacked PCs to cybercriminals — suddenly went offline. Launched in March 2008, AWM Proxy quickly became the largest service for crooks seeking to route their malicious Web traffic through compromised devices. ru , and the website web-site[.]ru

Passwords

Passwords Malware Internet Internet

Chinese Supply-Chain Attack on Computer Systems

Security Boulevard

FEBRUARY 13, 2021

Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. It’s been going on since at least 2008. The US government has known about it for almost as long, and has tried to keep the attack secret: China’s exploitation of products made by Supermicro, as the U.S.

Government

Government Hacking Internet Internet

Chinese APT IronHusky use Win zero-day in recent wave of attacks

Security Affairs

OCTOBER 13, 2021

A Chinese-speaking hacking group exploited a Windows zero-day vulnerability in a wave of attacks on defense and IT businesses. A Chinese-speaking hacking group exploited a zero-day vulnerability in the Windows Win32k kernel driver to deploy a new remote access trojan (RAT), tracked as MysterySnail. SecurityAffairs – hacking, Windows).

Hacking

Hacking Malware Government Technology

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Security Affairs

FEBRUARY 13, 2020

“ In 2017, the Shadow Brokers hacking group released a collection of NSA exploits and hacking tools targeting Microsoft’s Windows OS, some of them were developed to exploit the SMBv1 p rotocol to execute commands on vulnerable servers with administrative p rivileges. Please see this KB for more information.

Authentication

Authentication Malware Advertising Hacking

Microsoft Issues Emergency Fix for IE Zero Day

Krebs on Security

DECEMBER 19, 2018

Satnam Narang , senior research engineer at Tenable , said the vulnerability affects the following installations of IE: Internet Explorer 11 from Windows 7 to Windows 10 as well as Windows Server 2012, 2016 and 2019; IE 9 on Windows Server 2008; and IE 10 on Windows Server 2012.

Internet

Internet Internet Engineering Software

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Krebs on Security

MARCH 10, 2020

District Court for the Southern District of California allege Firsov was the administrator of deer.io, an online platform that hosted more than 24,000 shops for selling stolen and/or hacked usernames and passwords for a variety of top online destinations. An example seller’s panel at deer.io. Click image to enlarge.

Accountability

Accountability Advertising Hacking Cybercrime

Avoid The Hack: 7 Best Private Search Engine Recommendations

Security Boulevard

SEPTEMBER 2, 2023

Founded circa 2008, DuckDuckGo is a private metasearch engine based in the US. The post Avoid The Hack: 7 Best Private Search Engine Recommendations appeared first on Security Boulevard. While this search engine is certainly better than using Google or Bing, it is advised to use this search engine with discretion.

Engineering

Engineering Hacking Technology Marketing

Microsoft Patch Tuesday, March 2021 Edition

Krebs on Security

MARCH 9, 2021

The IE weakness — CVE-2021-26411 — affects both IE11 and newer EdgeHTML-based versions, and it allows attackers to run a file of their choice by getting you to view a hacked or malicious website in IE. “There is the outside chance this could be wormable between DNS servers,” warned Trend Micro’s Dustin Childs.

DNS

DNS Internet Internet Software

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

ru in 2008. su from 2008. su from 2008. Intel 471 shows akafitis@gmail.com was used to register another O.R.Z. user account — this one on Verified[.]ru Prior to that, akafitis@gmail.com was used as the email address for the account “ Fitis ,” which was active on Exploit between September 2006 and May 2007.

Malware

Malware Cybercrime Software Antivirus

Qakbot is back and targets the Hospitality industry

Security Affairs

DECEMBER 18, 2023

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, malware) The malware spreads via malspam campaigns, it inserts replies in active email threads.

Malware

Malware Phishing Ransomware Hacking

Expert developed a MetaSploit module for the BlueKeep flaw

Security Affairs

JUNE 5, 2019

Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. Windows 7 and Server 2008 users can prevent unauthenticated attacks by enabling Network Level Authentication (NLA), and the threat can also be mitigated by blocking TCP port 3389. SecurityAffairs – Metasploit, hacking). According to Z??osum0x0,

Penetration Testing

Penetration Testing Advertising Malware Authentication

PlugX malware delivered by exploiting flaws in Chinese programs

Security Affairs

MARCH 11, 2023

The PlugX backdoor has been used since 2008 by multiple China-linked APT groups, including Mustang Panda , Winnti , and APT41 In the attacks observed by ASEC, once exploited the vulnerability, threat actors executed a PowerShell command to create a file named esetservice.exe. ” reads the analysis published by ASEC.

Malware

Malware Software Hacking Information Security

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

Security Affairs

JANUARY 31, 2024

It was operating between 2008 and 2013. According to German media , one of the two operators was also involved in the operations of the site mega-downloads.net. Movie2k was a platform involved in the unauthorized distribution of copyrighted movies, TV shows, and other media content.

Media

Media Cybercrime Advertising Information Security

REvil Ransom Arrest, $6M Seizure, and $10M Reward

Krebs on Security

NOVEMBER 8, 2021

Some of these nicknames go back more than a decade on Russian cybercrime forums, many of which have been hacked and relieved of their user databases over the years. su, and that forum’s database says a user by the name “Damnating” registered with the forum in 2008 using the email address damnating@yandex.ru.

Ransomware

Ransomware Cybercrime System Administration Passwords

Canada Charges Its “Most Prolific Cybercriminal”

Krebs on Security

DECEMBER 8, 2021

According to cyber intelligence firm Intel 471 , that dark_cl0ud6@hotmail.com address has been used in conjunction with the handle “ DCReavers2 ” to register user accounts on a half-dozen English-language cybercrime forums since 2008, including Hackforums , Blackhatworld, and Ghostmarket. An advertisement for the ButterFly Bot.

Cybercrime

Cybercrime Ransomware Accountability Advertising

Avast released a free decryptor for the Windows version of the Akira ransomware

Security Affairs

JULY 1, 2023

Files are encrypted by Chacha 2008 ( D. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Akira ransomware ) The post Avast released a free decryptor for the Windows version of the Akira ransomware appeared first on Security Affairs. Bernstein’s implementation ).”

Ransomware

Ransomware Encryption Malware Hacking

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

has been associated with the user Kerens on the Russian hacking forum Exploit from 2011 to the present day. Intel 471 found that Kerens used the email address pepyak@gmail.com , which also was used to register Kerens accounts on the Russian language hacking forums Verified and Damagelab. The WHOIS records for autodoska[.]biz

Malware

Malware Antivirus Cybercrime Hacking

QakBot threat actors are still operational after the August takedown

Security Affairs

OCTOBER 7, 2023

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. In August, the FBI announced that the Qakbot botnet was dismantled as a result of an international law enforcement operation named Operation ‘Duck Hunt.’

Malware

Malware Ransomware Phishing Hacking

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Security Affairs

DECEMBER 1, 2023

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ransomware) The malware spreads via malspam campaigns, it inserts replies in active email threads.

Ransomware

Ransomware Retail Malware Insurance

Chinese Supply-Chain Attack on Computer Systems

Schneier on Security

FEBRUARY 13, 2021

Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. It’s been going on since at least 2008. The US government has known about it for almost as long, and has tried to keep the attack secret: China’s exploitation of products made by Supermicro, as the U.S.

Surveillance

Surveillance Government Internet Internet

Too many issues in Pentagon networks expose it to cybersecurity risks

Security Affairs

JANUARY 15, 2019

This means that security and IT staff at the Pentagon is ignoring the recommendations exposing it to the risk of hack. related recommendations, dating as far back as 2008. SecurityAffairs – Pentagon, hacking). Additionally, as of September 30, 2018, there were 266 open cybersecurity?related ” concludes the DoD OIG.

Risk

Risk Cybersecurity Cyber Risk Government

CIA Hacking unit APT-C-39 hit China since 2008

Security Affairs

MARCH 4, 2020

Chinese security firm Qihoo 360 revealed that the US CIA has hacked Chinese organizations in various sectors for the last 11 years. Chinese security firm Qihoo 360 is accusing that the US Central Intelligence Agency (CIA) of having hacked Chinese organizations for the last 11 years. SecurityAffairs – hacking, CIA).

Hacking

Hacking Government Advertising Engineering

FBI: Operation ‘Duck Hunt’ dismantled the Qakbot botnet

Security Affairs

AUGUST 30, 2023

’ Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. The FBI announced that the Qakbot botnet has been dismantled as a result of an international law enforcement operation named Operation ‘Duck Hunt.’

Malware

Malware Manufacturing Data breaches Cyber threats

Cyber Attack news headlines trending on Google

CyberSecurity Insiders

JULY 26, 2022

The Insurance firm that was founded in 2008 has a background of selling over 19 million policies and is planning to expand its business reach after obtaining an insurance broker’s license from India’s IRDAI.

Cyber Attacks

Cyber Attacks Insurance Data breaches Mobile

IETF deprecates TLS 1.0 and TLS 1.1, update to latest versions

Security Affairs

MARCH 31, 2021

was recommended for IETF protocols in 2008 and became obsolete with the introduction of TLS version 1.3 SecurityAffairs – hacking, TLS 1.0). The Internet Engineering Task Force (IETF) formally deprecates Transport Layer Security (TLS) versions 1.0 (RFC RFC 2246) and 1.1 (RFC TLS version 1.2 Pierluigi Paganini.

Internet

Internet Internet Engineering Hacking

Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

Security Affairs

JANUARY 18, 2022

VPNLab was launched in 2008 and was offering online anonymity to criminal organizations. VPNLab operators were advertising their platform on several hacking forums and dark web forums. SecurityAffairs – hacking, VPNLab). The authorities seized 15 VPNLab.net servers across 10 countries. Pierluigi Paganini.

VPN

VPN Cybercrime Ransomware Advertising

Black Basta ransomware operators leverage QBot for lateral movements

Security Affairs

JUNE 7, 2022

QBot, aka Qakbot and Pinkslipbot , has been active since 2008, it is used by threat actors for collecting browsing data and banking credentials and other financial information from the victims. SecurityAffairs – hacking, Black Basta ransomware). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Ransomware

Ransomware Backups Malware Firewall

Finland’s Most-Wanted Hacker Nabbed in France

Krebs on Security

FEBRUARY 5, 2023

In 2013, Kurittu worked on an investigation involving Kivimäki’s use of the Zbot botnet, among other activities Kivimäki engaged in as a member of the hacker group Hack the Planet (HTP).”

Cybercrime

Cybercrime DDOS Hacking Accountability

Qakbot operations continue to evolve to avoid detection

Security Affairs

JULY 13, 2022

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. SecurityAffairs – hacking, malware). Experts warn that operators behind the Qakbot malware operation are improving their attack chain in an attempt to avoid detection. Follow me on Twitter: @securityaffairs and Facebook.

Malware

Malware Hacking Cybercrime Information Security

AcidBox, a malware that borrows Turla APT exploit, hit Russian organizations

Security Affairs

JUNE 19, 2020

The exploit used by Turla, referred to as CVE-2008-3431 , abuses two vulnerabilities, but only one was ever fixed in the aforementioned CVE. The other vulnerability was chained by Turla operators with the CVE-2008-3431 flaw in the first version of their exploit. SecurityAffairs – hacking, Turla). Pierluigi Paganini.

Malware

Malware InfoSec Advertising Hacking

Microsoft issues emergency patch for IE Zero Day exploited in the wild

Security Affairs

DECEMBER 20, 2018

The IE zero-day vulnerability impacts IE 9 on Windows Server 2008, IE 10 on Windows Server 2012, IE 11 from Windows 7 to Windows 10, and IE 11 on Windows Server 2019, Windows Server 2016, Windows Server 2008 R2, Windows Server 2012 R2. SecurityAffairs –Windows zero-day, hacking). Pierluigi Paganini.

Engineering

Engineering Internet Internet Advertising

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Security Affairs

DECEMBER 17, 2021

and above 2008 Workspace ONE UEM patch 20.8.0.36 SecurityAffairs – hacking, VMware Workspace ONE UEM). .” Below is the list of impacted versions: I mpacted Versions Fixed Version 2109 Workspace ONE UEM patch 21.9.0.13 and above 2105 Workspace ONE UEM patch 21.5.0.37 and above 2102 Workspace ONE UEM patch 21.2.0.27

Authentication

Authentication Hacking Software Information Security

A zero-day in Windows 7 and Windows Server 2008 has yet to be fixed

Microsoft Patches Zero-Day Bug in Win7, Server 2008 and 2008 R2

Trending Sources

0patch will provide micropatches for Windows 7 and Server 2008 after EoS

US NSA hacks Chinese Aviation University

Teens Hacked Boston Subway’s CharlieCard to Get Infinite Free Rides—and This Time Nobody Got Sued

The Olympics: a timeline of scams, hacks, and malware

From Cybercrime Saul Goodman to the Russian GRU

Microsoft rolled out emergency updates to fix Windows Server auth failures

Hacking Nespresso machines to have unlimited funds to purchase coffee

Microsoft Fixes Bad Patch That Left Windows 7, Server 2008 Open to Attack

DarkPulsar and other NSA hacking tools used in hacking operations in the wild

U.S. Internet Leaked Years of Internal, Customer Emails

The Link Between AWM Proxy & the Glupteba Botnet

Chinese Supply-Chain Attack on Computer Systems

Chinese APT IronHusky use Win zero-day in recent wave of attacks

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Microsoft Issues Emergency Fix for IE Zero Day

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Avoid The Hack: 7 Best Private Search Engine Recommendations

Microsoft Patch Tuesday, March 2021 Edition

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Qakbot is back and targets the Hospitality industry

Expert developed a MetaSploit module for the BlueKeep flaw

PlugX malware delivered by exploiting flaws in Chinese programs

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

REvil Ransom Arrest, $6M Seizure, and $10M Reward

Canada Charges Its “Most Prolific Cybercriminal”

Avast released a free decryptor for the Windows version of the Akira ransomware

Why Malware Crypting Services Deserve More Scrutiny

QakBot threat actors are still operational after the August takedown

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Chinese Supply-Chain Attack on Computer Systems

Too many issues in Pentagon networks expose it to cybersecurity risks

CIA Hacking unit APT-C-39 hit China since 2008

FBI: Operation ‘Duck Hunt’ dismantled the Qakbot botnet

Cyber Attack news headlines trending on Google

IETF deprecates TLS 1.0 and TLS 1.1, update to latest versions

Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

Black Basta ransomware operators leverage QBot for lateral movements

Finland’s Most-Wanted Hacker Nabbed in France

Qakbot operations continue to evolve to avoid detection

AcidBox, a malware that borrows Turla APT exploit, hit Russian organizations

Microsoft issues emergency patch for IE Zero Day exploited in the wild

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Stay Connected