2008 and Information Security - Cyber Security Informer

A zero-day in Windows 7 and Windows Server 2008 has yet to be fixed

Security Affairs

NOVEMBER 26, 2020

Researcher discovers a zero-day vulnerability in Windows 7 and Windows Server 2008 while he was working on a Windows security tool. The French security researcher Clément Labro discovered a zero-day vulnerability was discovered while the security researcher was working on an update Windows security tool.

Hacking

Hacking Information Security Malware

0patch will provide micropatches for Windows 7 and Server 2008 after EoS

Security Affairs

SEPTEMBER 22, 2019

With the end-of-life of Windows 7 and Server 2008, their users will no more receive security patches, the only way to remain protected is to trust in micropatches. On January 14, 2020, support for Window 7, Windows Server 2008 and 2008 R2 will end, this means that users will no longer receive security updates.

Advertising

Advertising Hacking Software Risk

Microsoft rolled out emergency updates to fix Windows Server auth failures

Security Affairs

NOVEMBER 15, 2021

These issues impacts Windows Server 2019 and lower versions, including Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2.

Authentication

Authentication Hacking Information Security

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

Security Affairs

JANUARY 31, 2024

It was operating between 2008 and 2013. According to German media , one of the two operators was also involved in the operations of the site mega-downloads.net. Movie2k was a platform involved in the unauthorized distribution of copyrighted movies, TV shows, and other media content.

Media

Media Cybercrime Advertising Information Security

Microsoft Patches Six Zero-Day Security Holes

Krebs on Security

JUNE 8, 2021

CVE-2021-31959 affects everything from Windows 7 through Windows 10 and Server versions 2008 , 2012 , 2016 and 2019. .” Microsoft also patched five critical bugs — flaws that can be remotely exploited to seize control over the targeted Windows computer without any help from users.

Backups

Backups Cyber threats Ransomware Phishing

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Security Affairs

FEBRUARY 13, 2020

Windows Server 2008 R2: By default, SMBv1 is enabled in Windows Server 2008 R2. Windows Server 2008 R2: Set-ItemProperty -Path "HKLM:SYSTEMCurrentControlSetServicesLanmanServerParameters" -Name SMB1 -Type DWORD -Value 0 –Force. If it returns an SMB1 value of 0, it is disabled. (Get-WindowsFeature Get-WindowsFeature FS-SMB1).Installed

Authentication

Authentication Malware Advertising Hacking

Expert developed a MetaSploit module for the BlueKeep flaw

Security Affairs

JUNE 5, 2019

Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. Windows 7 and Server 2008 users can prevent unauthenticated attacks by enabling Network Level Authentication (NLA), and the threat can also be mitigated by blocking TCP port 3389. According to Z??osum0x0,

Penetration Testing

Penetration Testing Advertising Malware Authentication

Chinese APT IronHusky use Win zero-day in recent wave of attacks

Security Affairs

OCTOBER 13, 2021

Microsoft Windows Server 2008 Microsoft Windows Server 2008 R2 Microsoft Windows Server 2012 Microsoft Windows Server 2012 R2 Microsoft Windows 10 (build 14393) Microsoft Windows Server 2016 (build 14393) Microsoft Windows 10 (build 17763) Microsoft Windows Server 2019 (build 17763).

Hacking

Hacking Malware Government Technology

Qakbot is back and targets the Hospitality industry

Security Affairs

DECEMBER 18, 2023

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. In August, the FBI announced that the Qakbot botnet was dismantled as a result of an international law enforcement operation named Operation ‘Duck Hunt.’ Duck Hunt is one of the largest U.S.-led

Malware

Malware Phishing Ransomware Hacking

An archive with 20 Million Taiwanese? citizens leaked in the dark web

Security Affairs

MAY 29, 2020

The seller claims the database dates back as 2019, but Cyble researchers noted the last DOB record was from 2008. The database size is 3.5 GB, exposed data includes full name, full address, ID, gender, date of birth, and other info. Experts are still investigating the leak and will provide an update as soon as possible.

Advertising

Advertising Data breaches Government Information Security

PlugX malware delivered by exploiting flaws in Chinese programs

Security Affairs

MARCH 11, 2023

The PlugX backdoor has been used since 2008 by multiple China-linked APT groups, including Mustang Panda , Winnti , and APT41 In the attacks observed by ASEC, once exploited the vulnerability, threat actors executed a PowerShell command to create a file named esetservice.exe. ” reads the analysis published by ASEC.

Malware

Malware Software Hacking Information Security

QakBot threat actors are still operational after the August takedown

Security Affairs

OCTOBER 7, 2023

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. In August, the FBI announced that the Qakbot botnet was dismantled as a result of an international law enforcement operation named Operation ‘Duck Hunt.’

Malware

Malware Ransomware Phishing Hacking

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

Security Affairs

DECEMBER 1, 2023

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. In August, the FBI announced that the Qakbot botnet was dismantled as a result of an international law enforcement operation named Operation ‘Duck Hunt.’

Ransomware

Ransomware Retail Malware Insurance

DHS also issued an alert for the Windows BlueKeep flaw

Security Affairs

JUNE 18, 2019

Enable Network Level Authentication in Windows 7, Windows Server 2008, and Windows Server 2008 R2. Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. Disable services not being used by the OS. This best practice limits exposure to vulnerabilities. Enable Network Level Authentication.

Authentication

Authentication Advertising Malware Firewall

0patch releases free unofficial patches for Windows 0days exploited in the wild

Security Affairs

MARCH 27, 2020

The security patches developed by 0patch address the issues for Windows 7 and Windows Server 2008 R2 without ESU. The service will also release unofficial patches for Windows 7 and Server 2008 R2 with ESU, Windows 8.1, and Windows Server 2012.

Advertising

Advertising Risk Internet Internet

Episode 233: Unpacking Log4Shell’s Un-coordinated Disclosure Chaos

The Security Ledger

DECEMBER 29, 2021

Back in 2008, the late, great security researcher Dan Kaminsky discovered a serious security flaw in a ubiquitous Internet technology: the domain name system, or DNS. Mark Stanislav is a VP of Information Security at Gemini. Also: if you enjoy this podcast, consider signing up to receive it in your email.

DNS

DNS Internet Internet Cyber Attacks

NSA urges Windows Users and admins to Patch BlueKeep flaw

Security Affairs

JUNE 5, 2019

Many security experts have already developed their own exploit code for this issue without publicly disclosing it for obvious reasons. Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003.

Penetration Testing

Penetration Testing Firewall Authentication Advertising

AcidBox, a malware that borrows Turla APT exploit, hit Russian organizations

Security Affairs

JUNE 19, 2020

The exploit used by Turla, referred to as CVE-2008-3431 , abuses two vulnerabilities, but only one was ever fixed in the aforementioned CVE. The other vulnerability was chained by Turla operators with the CVE-2008-3431 flaw in the first version of their exploit.

Malware

Malware InfoSec Advertising Hacking

A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

Security Affairs

MAY 23, 2023

Further analysis revealed that the actor behind the above operations has been active since at least 2008. “As our research demonstrates, their origins date back to 2008, the year the first Prikormka samples were discovered. . This means that the threat actor was able to avoid detection for more than 15 years.

Malware

Malware Spyware Encryption Phishing

FBI: Operation ‘Duck Hunt’ dismantled the Qakbot botnet

Security Affairs

AUGUST 30, 2023

’ Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. The FBI announced that the Qakbot botnet has been dismantled as a result of an international law enforcement operation named Operation ‘Duck Hunt.’

Malware

Malware Manufacturing Data breaches Cyber threats

Qakbot operations continue to evolve to avoid detection

Security Affairs

JULY 13, 2022

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. Experts warn that operators behind the Qakbot malware operation are improving their attack chain in an attempt to avoid detection. The malware spreads via malspam campaigns, it inserts replies in active email threads.

Malware

Malware Hacking Cybercrime Information Security

Black Basta ransomware operators leverage QBot for lateral movements

Security Affairs

JUNE 7, 2022

QBot, aka Qakbot and Pinkslipbot , has been active since 2008, it is used by threat actors for collecting browsing data and banking credentials and other financial information from the victims. Black Basta has been active since April 2022, like other ransomware operations, it implements a double-extortion attack model. .

Ransomware

Ransomware Backups Malware Firewall

IETF deprecates TLS 1.0 and TLS 1.1, update to latest versions

Security Affairs

MARCH 31, 2021

The Internet Engineering Task Force (IETF) formally deprecates Transport Layer Security (TLS) versions 1.0 (RFC was recommended for IETF protocols in 2008 and became obsolete with the introduction of TLS version 1.3 RFC 2246) and 1.1 (RFC Both versions lack support for current and recommended cryptographic algorithms and mechanisms.

Internet

Internet Internet Engineering Hacking

Avast released a free decryptor for the Windows version of the Akira ransomware

Security Affairs

JULY 1, 2023

Files are encrypted by Chacha 2008 ( D. . “During the run, the ransomware generates a symmetric encryption key using CryptGenRandom() , which is the random number generator implemented by Windows CryptoAPI. Bernstein’s implementation ).” ” reads the report published by Avast.

Ransomware

Ransomware Encryption Malware Hacking

First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild

Security Affairs

NOVEMBER 3, 2019

Over the last months, many security experts have developed their own exploit code for this issue without publicly disclosing it for obvious reasons. Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. ” concludes the expert. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cyber Attacks

Cyber Attacks Penetration Testing Cryptocurrency Hacking

The Clock is Ticking for PCI DSS 4.0 Compliance

Thales Cloud Protection & Licensing

SEPTEMBER 18, 2023

The deadline is fast approaching The PCI Data Security Standard (PCI DSS) was developed in 2008 to standardize the security controls that need to be enforced by businesses processing payment card data in order to protect cardholder data and sensitive authentication data wherever it is stored, processed, or transmitted.

Financial Services

Financial Services Data breaches Accountability Encryption

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Security Affairs

DECEMBER 17, 2021

and above 2008 Workspace ONE UEM patch 20.8.0.36 .” Below is the list of impacted versions: I mpacted Versions Fixed Version 2109 Workspace ONE UEM patch 21.9.0.13 and above 2105 Workspace ONE UEM patch 21.5.0.37 and above 2102 Workspace ONE UEM patch 21.2.0.27 and above 2101 Workspace ONE UEM patch 21.1.0.27

Authentication

Authentication Hacking Software Information Security

Experts add a BlueKeep exploit module to MetaSploit

Security Affairs

SEPTEMBER 7, 2019

It has been developed to target only the 64-bit versions of Windows 7 and Windows 2008 R2. The initial PR of the exploit module targets 64-bit versions of Windows 7 and Windows 2008 R2.” ” explained Metasploit senior engineering manager Brent Cook.

Penetration Testing

Penetration Testing Advertising Malware Engineering

Microsoft releases Windows out-of-band emergency fixes for Win Server, VPN issues

Security Affairs

JANUARY 18, 2022

Users that cannot immediately install these out-of-band updates can remove the following updates that could cause the above problems: KB5009624 KB5009557 KB5009555 KB5009566 KB5009543.

VPN

VPN Media Hacking Information Security

New QBot campaign delivered hijacking business correspondence

Security Affairs

APRIL 17, 2023

QBot has been active since 2008, it is used by threat actors for collecting browsing data and banking credentials, and other financial information from the victims. Kaspersky researchers warn of a new QBot campaign leveraging hijacked business emails to deliver malware.

Malware

Malware Education Banking Media

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

Security Affairs

AUGUST 1, 2019

Back in 2008, a whistle-blower identifies a vulnerability in Cisco video surveillance software, but the tech giant continued to sell the software to US agencies until July 2013. Cisco is going to pay $8.6 million to settle a legal dispute for selling vulnerable software to the US government. ” reported The New York Times.

Surveillance

Surveillance Technology Government Software

LuoYu APT delivers WinDealer malware via man-on-the-side attacks

Security Affairs

JUNE 3, 2022

LuoYu has been active since at least 2008, it focuses on targets located in China, such as foreign diplomatic organizations established in the country, members of the academic community, or companies from the defense, logistics and telecommunications sectors.

Malware

Malware Telecommunications Internet Internet

Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

Security Affairs

JANUARY 18, 2022

VPNLab was launched in 2008 and was offering online anonymity to criminal organizations. The operation saw in Germany, the Czech Republic, France, Latvia, Hungary, Ukraine, the UK, the US, and Canada took part in the operation. The authorities seized 15 VPNLab.net servers across 10 countries.

VPN

VPN Cybercrime Ransomware Advertising

Microsoft Out-of-Band security patch fixes Windows privilege escalation flaws

Security Affairs

AUGUST 20, 2020

Microsoft released this week an out-of-band security update for Windows 8.1 Both vulnerabilities were addressed by Microsoft in August, the August 2020 Patch Tuesday security updates fixed the flaws in Windows 10, Windows 7, and Windows Server 2008, 2012, 2016, 2019, and Windows Server versions 1903, 1909, and 2004.

Advertising

Advertising Hacking Information Security Malware

Experts bypassed Microsoft’s emergency patch for the PrintNightmare

Security Affairs

JULY 8, 2021

2008 and 2012 but require Point&Print configured for Windows 2016,2019,10 & 11(?). The Microsoft fix released for recent #PrintNightmare vulnerability addresses the remote vector – however the LPE variations still function. These work out of the box on Windows 7, 8, 8.1,

Engineering

Engineering Hacking Malware Information Security

Threat actors leverages DLL-SideLoading to spread Qakbot malware

Security Affairs

JULY 26, 2022

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. According to the researcher, the operators are using this technique since at least July 11. The malware spreads via malspam campaigns, it inserts replies in active email threads.

Malware

Malware Passwords Hacking Information Security

New Kraken botnet is allowing operators to earn USD 3,000 every month

Security Affairs

FEBRUARY 17, 2022

Experts pointed out that despite having the same name, this botnet should not be confused with the Kraken botnet that was spotted in 2008. Kraken is a new Golang-based botnet discovered in late October 2021 by researchers from threat intelligence firm ZeroFox Intelligence.

VPN

VPN Cryptocurrency Hacking Cybercrime

Some of TOP universities wouldn’t pass cybersecurity exam: left websites vulnerable

Security Affairs

SEPTEMBER 11, 2023

That could allow arbitrary admin account creation and access to files and personal information. UTEL is a private Mexican university for online education founded in 2008. Our information security team took immediate steps to correct this vulnerability upon being notified on April 25th.”

Cybersecurity

Cybersecurity Penetration Testing Passwords DDOS

CyberSheath Receives Investment From Lightview Capital to Secure the Defense Supply Chain

CyberSecurity Insiders

DECEMBER 14, 2021

Established in 2008, CyberSheath is one of the most experienced and trusted IT security services partners for the U.S. From CMMC compliance to strategic security planning to managed security services, CyberSheath offers a comprehensive suite of offerings tailored to clients’ information security and regulatory compliance needs.

Government

Government Marketing Cybersecurity Technology

Zoom is working on a patch for a zero-day in Windows client

Security Affairs

JULY 9, 2020

The zero vulnerability was reported to ACROS by a security researcher who wanted to remain anonymous. The vulnerability affects Windows client running on old versions of Windows OS, including Windows 7 and Windows Server 2008 R2 and earlier. Clients running on Windows 8 or Windows 10 are not affected.

Advertising

Advertising Hacking Software Information Security

Hacking Nespresso machines to have unlimited funds to purchase coffee

Security Affairs

FEBRUARY 7, 2021

The vulnerability was disclosed by the security researcher Polle Vanhoof. The Mifare Classic smart card technology is known to be insecure since 2008, when security researchers from Radboud University Nijmegen performed reverse engineering of the chip and published their findings.

Hacking

Hacking Technology Software Engineering

Magento 1.x EOL is set on June 30, 75% of installs potentially impacted

Security Affairs

JUNE 28, 2020

x branch was released in 2008 and was initially scheduled to reach EOL in November 2018. Adobe delayed MAGENTO 1.X X EOL two times, the firstTWICE. Adobe, which acquired Magento in May 2018, has been more than gracious and lenient to Magento 1.x x store owners. The Magento team released version 2.0 x version.

Advertising

Advertising Cyber Attacks Hacking Software

Be The Strongest Link In Your Organization’s Supply Chain

CyberSecurity Insiders

JULY 20, 2021

Prior to that, in 2008, the Cyber Supply Chain Risk Management ( C-SCRM ) program was already underway by The National Institute of Standards and Technology (NIST). Unfortunately, in the field of healthcare information security, there are not many training offerings. How Long Is The Chain In Your Organization?

Healthcare

Healthcare Risk Information Security Manufacturing

Microsoft warns for the second time of applying BlueKeep patch

Security Affairs

MAY 31, 2019

Many security experts have already developed their own exploit code for this issue without publicly disclosing it for obvious reasons. Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003.

Internet

Internet Internet Malware Advertising

A zero-day in Windows 7 and Windows Server 2008 has yet to be fixed

0patch will provide micropatches for Windows 7 and Server 2008 after EoS

Trending Sources

Microsoft rolled out emergency updates to fix Windows Server auth failures

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

Microsoft Patches Six Zero-Day Security Holes

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Expert developed a MetaSploit module for the BlueKeep flaw

Chinese APT IronHusky use Win zero-day in recent wave of attacks

Qakbot is back and targets the Hospitality industry

An archive with 20 Million Taiwanese? citizens leaked in the dark web

PlugX malware delivered by exploiting flaws in Chinese programs

QakBot threat actors are still operational after the August takedown

Black Basta Ransomware gang accumulated at least $107 million in Bitcoin ransom payments since early 2022

DHS also issued an alert for the Windows BlueKeep flaw

0patch releases free unofficial patches for Windows 0days exploited in the wild

Episode 233: Unpacking Log4Shell’s Un-coordinated Disclosure Chaos

NSA urges Windows Users and admins to Patch BlueKeep flaw

AcidBox, a malware that borrows Turla APT exploit, hit Russian organizations

A deeper insight into the CloudWizard APT’s activity revealed a long-running activity

FBI: Operation ‘Duck Hunt’ dismantled the Qakbot botnet

Qakbot operations continue to evolve to avoid detection

Black Basta ransomware operators leverage QBot for lateral movements

IETF deprecates TLS 1.0 and TLS 1.1, update to latest versions

Avast released a free decryptor for the Windows version of the Akira ransomware

First Cyber Attack ‘Mass Exploiting’ BlueKeep RDP Flaw Spotted in the Wild

The Clock is Ticking for PCI DSS 4.0 Compliance

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Experts add a BlueKeep exploit module to MetaSploit

Microsoft releases Windows out-of-band emergency fixes for Win Server, VPN issues

New QBot campaign delivered hijacking business correspondence

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

LuoYu APT delivers WinDealer malware via man-on-the-side attacks

Law enforcement shutdown the VPN service VPNLab used by many cybercriminal gangs

Microsoft Out-of-Band security patch fixes Windows privilege escalation flaws

Experts bypassed Microsoft’s emergency patch for the PrintNightmare

Threat actors leverages DLL-SideLoading to spread Qakbot malware

New Kraken botnet is allowing operators to earn USD 3,000 every month

Some of TOP universities wouldn’t pass cybersecurity exam: left websites vulnerable

CyberSheath Receives Investment From Lightview Capital to Secure the Defense Supply Chain

Zoom is working on a patch for a zero-day in Windows client

Hacking Nespresso machines to have unlimited funds to purchase coffee

Magento 1.x EOL is set on June 30, 75% of installs potentially impacted

Be The Strongest Link In Your Organization’s Supply Chain

Microsoft warns for the second time of applying BlueKeep patch

Stay Connected