2008, Hacking and Information Security - Cyber Security Informer

A zero-day in Windows 7 and Windows Server 2008 has yet to be fixed

Security Affairs

NOVEMBER 26, 2020

Researcher discovers a zero-day vulnerability in Windows 7 and Windows Server 2008 while he was working on a Windows security tool. The French security researcher Clément Labro discovered a zero-day vulnerability was discovered while the security researcher was working on an update Windows security tool.

Hacking

Hacking Information Security Malware

0patch will provide micropatches for Windows 7 and Server 2008 after EoS

Security Affairs

SEPTEMBER 22, 2019

With the end-of-life of Windows 7 and Server 2008, their users will no more receive security patches, the only way to remain protected is to trust in micropatches. On January 14, 2020, support for Window 7, Windows Server 2008 and 2008 R2 will end, this means that users will no longer receive security updates.

Advertising

Advertising Hacking Software Risk

Microsoft rolled out emergency updates to fix Windows Server auth failures

Security Affairs

NOVEMBER 15, 2021

These issues impacts Windows Server 2019 and lower versions, including Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2. SecurityAffairs – hacking, Operation Cyclone). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Authentication

Authentication Hacking Information Security

Hacking Nespresso machines to have unlimited funds to purchase coffee

Security Affairs

FEBRUARY 7, 2021

Some commercial Nespresso machines that are used in Europe could be hacked to add unlimited funds to purchase coffee. Some Nespresso Pro machines in Europe could be hacked to add unlimited funds to purchase coffee. The vulnerability was disclosed by the security researcher Polle Vanhoof. SecurityAffairs – hacking, Nespresso).

Hacking

Hacking Technology Software Engineering

Chinese APT IronHusky use Win zero-day in recent wave of attacks

Security Affairs

OCTOBER 13, 2021

A Chinese-speaking hacking group exploited a Windows zero-day vulnerability in a wave of attacks on defense and IT businesses. A Chinese-speaking hacking group exploited a zero-day vulnerability in the Windows Win32k kernel driver to deploy a new remote access trojan (RAT), tracked as MysterySnail. SecurityAffairs – hacking, Windows).

Hacking

Hacking Malware Government Technology

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Security Affairs

FEBRUARY 13, 2020

Please see this KB for more information. “ In 2017, the Shadow Brokers hacking group released a collection of NSA exploits and hacking tools targeting Microsoft’s Windows OS, some of them were developed to exploit the SMBv1 p rotocol to execute commands on vulnerable servers with administrative p rivileges.

Authentication

Authentication Malware Advertising Hacking

Qakbot is back and targets the Hospitality industry

Security Affairs

DECEMBER 18, 2023

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, malware) The malware spreads via malspam campaigns, it inserts replies in active email threads.

Malware

Malware Phishing Ransomware Hacking

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

Security Affairs

JANUARY 31, 2024

It was operating between 2008 and 2013. According to German media , one of the two operators was also involved in the operations of the site mega-downloads.net. Movie2k was a platform involved in the unauthorized distribution of copyrighted movies, TV shows, and other media content.

Media

Media Cybercrime Advertising Information Security

PlugX malware delivered by exploiting flaws in Chinese programs

Security Affairs

MARCH 11, 2023

The PlugX backdoor has been used since 2008 by multiple China-linked APT groups, including Mustang Panda , Winnti , and APT41 In the attacks observed by ASEC, once exploited the vulnerability, threat actors executed a PowerShell command to create a file named esetservice.exe. ” reads the analysis published by ASEC.

Malware

Malware Software Hacking Information Security

Expert developed a MetaSploit module for the BlueKeep flaw

Security Affairs

JUNE 5, 2019

Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. Windows 7 and Server 2008 users can prevent unauthenticated attacks by enabling Network Level Authentication (NLA), and the threat can also be mitigated by blocking TCP port 3389. SecurityAffairs – Metasploit, hacking). According to Z??osum0x0,

Penetration Testing

Penetration Testing Advertising Malware Authentication

QakBot threat actors are still operational after the August takedown

Security Affairs

OCTOBER 7, 2023

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. In August, the FBI announced that the Qakbot botnet was dismantled as a result of an international law enforcement operation named Operation ‘Duck Hunt.’

Malware

Malware Ransomware Phishing Hacking

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Security Affairs

DECEMBER 1, 2023

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, ransomware) The malware spreads via malspam campaigns, it inserts replies in active email threads.

Ransomware

Ransomware Retail Malware Insurance

Avast released a free decryptor for the Windows version of the Akira ransomware

Security Affairs

JULY 1, 2023

Files are encrypted by Chacha 2008 ( D. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Akira ransomware ) The post Avast released a free decryptor for the Windows version of the Akira ransomware appeared first on Security Affairs.

Ransomware

Ransomware Encryption Malware Hacking

FBI: Operation ‘Duck Hunt’ dismantled the Qakbot botnet

Security Affairs

AUGUST 30, 2023

’ Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. The FBI announced that the Qakbot botnet has been dismantled as a result of an international law enforcement operation named Operation ‘Duck Hunt.’

Malware

Malware Manufacturing Data breaches Cyber threats

Qakbot operations continue to evolve to avoid detection

Security Affairs

JULY 13, 2022

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. SecurityAffairs – hacking, malware). The post Qakbot operations continue to evolve to avoid detection appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Malware

Malware Hacking Cybercrime Information Security

First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild

Security Affairs

NOVEMBER 3, 2019

Experts have spotted the first mass-hacking campaign exploiting the BlueKeep exploit , crooks leverage the exploit to install a cryptocurrency miner. Security researchers have spotted the first mass-hacking campaign exploiting the BlueKeep exploit , the attack aims at installing a cryptocurrency miner on the infected systems.

Cyber Attacks

Cyber Attacks Penetration Testing Cryptocurrency Hacking

Black Basta ransomware operators leverage QBot for lateral movements

Security Affairs

JUNE 7, 2022

QBot, aka Qakbot and Pinkslipbot , has been active since 2008, it is used by threat actors for collecting browsing data and banking credentials and other financial information from the victims. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. Pierluigi Paganini.

Ransomware

Ransomware Backups Malware Firewall

IETF deprecates TLS 1.0 and TLS 1.1, update to latest versions

Security Affairs

MARCH 31, 2021

The Internet Engineering Task Force (IETF) formally deprecates Transport Layer Security (TLS) versions 1.0 (RFC was recommended for IETF protocols in 2008 and became obsolete with the introduction of TLS version 1.3 If you want to receive the weekly Security Affairs Newsletter for free subscribe here. RFC 2246) and 1.1 (RFC

Internet

Internet Internet Engineering Hacking

Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

Security Affairs

JANUARY 18, 2022

VPNLab was launched in 2008 and was offering online anonymity to criminal organizations. VPNLab operators were advertising their platform on several hacking forums and dark web forums. SecurityAffairs – hacking, VPNLab). The authorities seized 15 VPNLab.net servers across 10 countries. Pierluigi Paganini.

VPN

VPN Cybercrime Ransomware Advertising

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Security Affairs

DECEMBER 17, 2021

and above 2008 Workspace ONE UEM patch 20.8.0.36 SecurityAffairs – hacking, VMware Workspace ONE UEM). The post VMware fixes critical SSRF flaw in Workspace ONE UEM Console appeared first on Security Affairs. and above 2105 Workspace ONE UEM patch 21.5.0.37 and above 2102 Workspace ONE UEM patch 21.2.0.27 Pierluigi Paganini.

Authentication

Authentication Hacking Software Information Security

Episode 233: Unpacking Log4Shell’s Un-coordinated Disclosure Chaos

The Security Ledger

DECEMBER 29, 2021

Back in 2008, the late, great security researcher Dan Kaminsky discovered a serious security flaw in a ubiquitous Internet technology: the domain name system, or DNS. Mark Stanislav is a VP of Information Security at Gemini. Also: if you enjoy this podcast, consider signing up to receive it in your email.

DNS

DNS Internet Internet Cyber Attacks

AcidBox, a malware that borrows Turla APT exploit, hit Russian organizations

Security Affairs

JUNE 19, 2020

The exploit used by Turla, referred to as CVE-2008-3431 , abuses two vulnerabilities, but only one was ever fixed in the aforementioned CVE. The other vulnerability was chained by Turla operators with the CVE-2008-3431 flaw in the first version of their exploit. SecurityAffairs – hacking, Turla). Pierluigi Paganini.

Malware

Malware InfoSec Advertising Hacking

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. SSC asked fellow forum members for help in testing the security of a website they claimed was theirs: myiptest[.]com

Malware

Malware VPN Internet Internet

A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

Security Affairs

MAY 23, 2023

Further analysis revealed that the actor behind the above operations has been active since at least 2008. “As our research demonstrates, their origins date back to 2008, the year the first Prikormka samples were discovered. . This means that the threat actor was able to avoid detection for more than 15 years.

Malware

Malware Spyware Encryption Phishing

Microsoft releases Windows out-of-band emergency fixes for Win Server, VPN issues

Security Affairs

JANUARY 18, 2022

However, experts warn that removing the above updates they will also remove bundled security updates that address vulnerabilities patched with the release of the January 2021 Patch Tuesday. . SecurityAffairs – hacking, Windows emergency out-of-band). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

VPN

VPN Media Hacking Information Security

Russian authorities arrested the kingpin of cybercrime Infraud Organization

Security Affairs

JANUARY 24, 2022

’ In February 2008, the US authorities dismantled the global cybercrime organization tracked as Infraud Organization, which was involved in stealing and selling credit card and personal identity data. Russia’s FSB and law enforcement have detained four members of the Infraud Organization hacking group. Pierluigi Paganini.

Cybercrime

Cybercrime Hacking Cryptocurrency Ransomware

DHS also issued an alert for the Windows BlueKeep flaw

Security Affairs

JUNE 18, 2019

Enable Network Level Authentication in Windows 7, Windows Server 2008, and Windows Server 2008 R2. Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. SecurityAffairs – BlueKeep, hacking). The post DHS also issued an alert for the Windows BlueKeep flaw appeared first on Security Affairs.

Authentication

Authentication Advertising Malware Firewall

NSA urges Windows Users and admins to Patch BlueKeep flaw

Security Affairs

JUNE 5, 2019

Many security experts have already developed their own exploit code for this issue without publicly disclosing it for obvious reasons. Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. SecurityAffairs – BlueKeep, hacking). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Penetration Testing

Penetration Testing Firewall Authentication Advertising

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

.” The Lambert APT (aka Longhorn APT ) has been active since at least 2008, but its first samples were spotted in 2014. Across the years, the researchers found analyzed multiple backdoors and hacking tools composing the arsenal of the cyberespionage group. SecurityAffairs – hacking, CIA). Pierluigi Paganini.

Malware

Malware Hacking Government Telecommunications

New QBot campaign delivered hijacking business correspondence

Security Affairs

APRIL 17, 2023

QBot has been active since 2008, it is used by threat actors for collecting browsing data and banking credentials, and other financial information from the victims. Kaspersky researchers warn of a new QBot campaign leveraging hijacked business emails to deliver malware.

Malware

Malware Education Banking Media

LuoYu APT delivers WinDealer malware via man-on-the-side attacks

Security Affairs

JUNE 3, 2022

LuoYu has been active since at least 2008, it focuses on targets located in China, such as foreign diplomatic organizations established in the country, members of the academic community, or companies from the defense, logistics and telecommunications sectors. SecurityAffairs – hacking, LuoYu). To nominate, please visit:?.

Malware

Malware Telecommunications Internet Internet

An archive with 20 Million Taiwanese? citizens leaked in the dark web

Security Affairs

MAY 29, 2020

The seller claims the database dates back as 2019, but Cyble researchers noted the last DOB record was from 2008. The database size is 3.5 GB, exposed data includes full name, full address, ID, gender, date of birth, and other info. Experts are still investigating the leak and will provide an update as soon as possible.

Advertising

Advertising Data breaches Government Information Security

Experts bypassed Microsoft’s emergency patch for the PrintNightmare

Security Affairs

JULY 8, 2021

2008 and 2012 but require Point&Print configured for Windows 2016,2019,10 & 11(?). SecurityAffairs – hacking, PrintNightmare). The post Experts bypassed Microsoft’s emergency patch for the PrintNightmare appeared first on Security Affairs. These work out of the box on Windows 7, 8, 8.1, Pierluigi Paganini.

Engineering

Engineering Hacking Malware Information Security

Microsoft Out-of-Band security patch fixes Windows privilege escalation flaws

Security Affairs

AUGUST 20, 2020

Microsoft released this week an out-of-band security update for Windows 8.1 Both vulnerabilities were addressed by Microsoft in August, the August 2020 Patch Tuesday security updates fixed the flaws in Windows 10, Windows 7, and Windows Server 2008, 2012, 2016, 2019, and Windows Server versions 1903, 1909, and 2004.

Advertising

Advertising Hacking Information Security Malware

Security Affairs newsletter Round 254

Security Affairs

MARCH 8, 2020

SurfingAttack – hacking phones via ultrasonic waves. CIA Hacking unit APT-C-39 hit China since 2008. SecurityAffairs – hacking, newsletter). The post Security Affairs newsletter Round 254 appeared first on Security Affairs. . $1B to help telecom carriers to rip and replace Huawei and ZTE equipment.

Data breaches

Data breaches Mobile Advertising Ransomware

Threat actors leverages DLL-SideLoading to spread Qakbot malware

Security Affairs

JULY 26, 2022

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. SecurityAffairs – hacking, malware). The post Threat actors leverages DLL-SideLoading to spread Qakbot malware appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook.

Malware

Malware Passwords Hacking Information Security

Security Affairs newsletter Round 291

Security Affairs

NOVEMBER 29, 2020

SecurityAffairs – hacking, newsletter). The post Security Affairs newsletter Round 291 appeared first on Security Affairs. Pierluigi Paganini.

Data breaches

Data breaches Social Engineering Ransomware Malware

Experts add a BlueKeep exploit module to MetaSploit

Security Affairs

SEPTEMBER 7, 2019

It has been developed to target only the 64-bit versions of Windows 7 and Windows 2008 R2. The initial PR of the exploit module targets 64-bit versions of Windows 7 and Windows 2008 R2.” SecurityAffairs – BlueKeep, hacking). The post Experts add a BlueKeep exploit module to MetaSploit appeared first on Security Affairs.

Penetration Testing

Penetration Testing Advertising Malware Engineering

New Kraken botnet is allowing operators to earn USD 3,000 every month

Security Affairs

FEBRUARY 17, 2022

Experts pointed out that despite having the same name, this botnet should not be confused with the Kraken botnet that was spotted in 2008. SecurityAffairs – hacking, Kraken botnet). The post New Kraken botnet is allowing operators to earn USD 3,000 every month appeared first on Security Affairs. Pierluigi Paganini.

VPN

VPN Cryptocurrency Hacking Cybercrime

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

Security Affairs

APRIL 23, 2020

A security expert uncovered an old APT operation, tracked Nazar, by analyzing the NSA hacking tools included in the dump leaked by Shadow Brokers in 2017. SecurityAffairs – Nazar, hacking). The post Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak appeared first on Security Affairs.

Hacking

Hacking Advertising Malware Engineering

NSA Equation Group tool was used by Chinese hackers years before it was leaked online

Security Affairs

FEBRUARY 22, 2021

The Chinese APT group had access to an NSA Equation Group, NSA hacking tool and used it years before it was leaked online by Shadow Brokers group. used a tool dubbed Jian, which is a clone of NSA Equation Group ‘s “EpMe” hacking tool years before it was leaked online by Shadow Brokers hackers.

Hacking

Hacking Malware Software Information Security

Zoom is working on a patch for a zero-day in Windows client

Security Affairs

JULY 9, 2020

The zero vulnerability was reported to ACROS by a security researcher who wanted to remain anonymous. The vulnerability affects Windows client running on old versions of Windows OS, including Windows 7 and Windows Server 2008 R2 and earlier. SecurityAffairs – hacking, RCE). ” reads a post published by the experts.

Advertising

Advertising Hacking Software Information Security

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

Security Affairs

AUGUST 1, 2019

Back in 2008, a whistle-blower identifies a vulnerability in Cisco video surveillance software, but the tech giant continued to sell the software to US agencies until July 2013. Cisco is going to pay $8.6 million to settle a legal dispute for selling vulnerable software to the US government. ” reported The New York Times.

Surveillance

Surveillance Technology Government Software

Some of TOP universities wouldn’t pass cybersecurity exam: left websites vulnerable

Security Affairs

SEPTEMBER 11, 2023

That could allow arbitrary admin account creation and access to files and personal information. UTEL is a private Mexican university for online education founded in 2008. Our information security team took immediate steps to correct this vulnerability upon being notified on April 25th.”

Cybersecurity

Cybersecurity Penetration Testing Passwords DDOS

A zero-day in Windows 7 and Windows Server 2008 has yet to be fixed

0patch will provide micropatches for Windows 7 and Server 2008 after EoS

Trending Sources

Microsoft rolled out emergency updates to fix Windows Server auth failures

Hacking Nespresso machines to have unlimited funds to purchase coffee

Chinese APT IronHusky use Win zero-day in recent wave of attacks

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Qakbot is back and targets the Hospitality industry

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

PlugX malware delivered by exploiting flaws in Chinese programs

Expert developed a MetaSploit module for the BlueKeep flaw

QakBot threat actors are still operational after the August takedown

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Avast released a free decryptor for the Windows version of the Akira ransomware

FBI: Operation ‘Duck Hunt’ dismantled the Qakbot botnet

Qakbot operations continue to evolve to avoid detection

First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild

Black Basta ransomware operators leverage QBot for lateral movements

IETF deprecates TLS 1.0 and TLS 1.1, update to latest versions

Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Episode 233: Unpacking Log4Shell’s Un-coordinated Disclosure Chaos

AcidBox, a malware that borrows Turla APT exploit, hit Russian organizations

Who and What is Behind the Malware Proxy Service SocksEscort?

A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

Microsoft releases Windows out-of-band emergency fixes for Win Server, VPN issues

Russian authorities arrested the kingpin of cybercrime Infraud Organization

DHS also issued an alert for the Windows BlueKeep flaw

NSA urges Windows Users and admins to Patch BlueKeep flaw

Purple Lambert, a new malware of CIA-linked Lambert APT group

New QBot campaign delivered hijacking business correspondence

LuoYu APT delivers WinDealer malware via man-on-the-side attacks

An archive with 20 Million Taiwanese? citizens leaked in the dark web

Experts bypassed Microsoft’s emergency patch for the PrintNightmare

Microsoft Out-of-Band security patch fixes Windows privilege escalation flaws

Security Affairs newsletter Round 254

Threat actors leverages DLL-SideLoading to spread Qakbot malware

Security Affairs newsletter Round 291

Experts add a BlueKeep exploit module to MetaSploit

New Kraken botnet is allowing operators to earn USD 3,000 every month

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

NSA Equation Group tool was used by Chinese hackers years before it was leaked online

Zoom is working on a patch for a zero-day in Windows client

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

Some of TOP universities wouldn’t pass cybersecurity exam: left websites vulnerable

Stay Connected