The Hacker News

MAY 15, 2024

A malware botnet called Ebury is estimated to have compromised 400,000 Linux servers since 2009, out of which more than 100,000 were still compromised as of late 2023. The findings come from Slovak cybersecurity firm ESET, which characterized it as one of the most advanced server-side malware campaigns for financial gain.

Malware 135

Malware Cybersecurity 135

Zero Day

MAY 4, 2021

Five critical security issues have been discovered.

Software 98

Software 98

Krebs on Security

NOVEMBER 15, 2022

Gary Warner , director of research in computer forensics at the University of Alabama at Birmingham, noted in his blog from 2014 that Tank told co-conspirators in a JabberZeus chat on July 22, 2009 that his daughter, Miloslava , had been born and gave her birth weight. tank: Levak was written there. lucky12345: It’s f *d.

Banking 323

Banking Small Business Accountability Malware 323

The Hacker News

DECEMBER 1, 2021

organizations and financial institutions between 2009 to 2015, has received a 60-month prison sentence. A Russian national charged with providing bulletproof hosting services for cybercriminals, who used the platform to spread malware and attack U.S.

Malware 141

Malware 141

SecureWorld News

FEBRUARY 20, 2025

Key findings from the advisory The advisory highlights the rapid and efficient attack lifecycle of Ghost ransomware, with some incidents seeing full encryption within a single day.

Ransomware 112

Ransomware IoT Encryption Social Engineering 112

Krebs on Security

JUNE 21, 2023

Those records indicate the user Kerens registered on Verified in March 2009 from an Internet address in Novosibirsk, a city in the southern Siberian region of Russia. Intel 471 reports that gumboldt@gmail.com was used in 2009 to register a user by the nickname “ Kolumb ” on the Russian hacking forum Antichat.

Malware 269

Malware Antivirus Cybercrime Hacking 269

Krebs on Security

DECEMBER 8, 2021

Darkode was taken down in 2015 as part of an FBI investigation sting operation , but screenshots of the community saved by this author show that DCReavers2 was already well known to the Darkode founders when his membership to the forum was accepted in May 2009. DCReavers2 was just the 22nd account to register on the Darkode cybercrime forum.

Cybercrime 329

Cybercrime Ransomware Accountability Advertising 329

The Hacker News

SEPTEMBER 21, 2023

of breaking into Huawei's servers, stealing critical data, and implanting backdoors since 2009, amid mounting geopolitical tensions between the two countries. China's Ministry of State Security (MSS) has accused the U.S. In a message posted on WeChat, the government authority said U.S.

Surveillance 133

Surveillance Government 133

Krebs on Security

FEBRUARY 22, 2022

She stated in 2009, policy was changed to move all information technology services to the Office of Administration.” . “I asked her if the ITSD was within the Office of Administration, or if DESE had their on-information technology section, and she indicated it was within the Office of Administration.

Education 357

Education Technology Hacking Media 357

Schneier on Security

APRIL 9, 2020

We released a security advisory in June of 2009 and a security update that helps keep customers safe. "To help in keeping systems protected we encourage customers to practice safe security habits when planning for internal domain and network names," the statement reads. "We

DNS 279

DNS Wireless Internet Internet 279

Security Boulevard

MAY 15, 2024

The operators behind the Ebury server-side malware botnet have been doing business since at least 2009 and, according to the threat researchers who have been tracking it for the last decade, are stronger and more active than ever. The malware has compromised at least 400,000 Linux servers over the past 15 years, with about 100,000.

Malware 121

Malware Cybersecurity Network Security 121

Threatpost

MAY 4, 2021

The privilege-escalation bug remained hidden for 12 years and has been present in all Dell PCs, tablets and notebooks shipped since 2009.

Risk 116

Risk 116

The Hacker News

FEBRUARY 17, 2024

to his role in two different malware schemes, Zeus and IcedID, between May 2009 and February 2021. A Ukrainian national has pleaded guilty in the U.S. Vyacheslav Igorevich Penchukov (aka Vyacheslav Igoravich Andreev, father, and tank), 37, was arrested by Swiss authorities in October 2022 and extradited to the U.S.

Malware 129

Malware 129

The Last Watchdog

AUGUST 29, 2022

Poor password practices are responsible for most incidents involving web applications and data breaches since 2009. 2009 DBIR page 17) . •Brute forcing passwords (10 percent) came in third. Backdoors or C2 (10 percent) were the fourth runner-ups. It’s not just a web thing. It’s an e-mail thing too.

Hacking 201

Hacking Passwords Password Management Data breaches 201

Krebs on Security

JUNE 1, 2023

According to cyber intelligence firm Intel 471 , Megatraffer has been active on more than a half-dozen crime forums from September 2009 to the present day. In November 2009, Fitis wrote, “I am the perfect criminal. WHO IS MEGATRAFFER? And on most of these identities, Megatraffer has used the email address 774748@gmail.com.

Malware 299

Malware Cybercrime Software Accountability 299

Security Affairs

JULY 8, 2024

The compilation has been named ‘RockYou2021’ by the forum user, presumably in reference to the RockYou data breach that occurred in 2009, when threat actors hacked their way into the social app website’s servers and got their hands on more than 32 million user passwords stored in plain text. RockYou2021 had 8.4

Passwords 131

Passwords Data breaches Hacking Accountability 131

Adam Shostack

JANUARY 2, 2025

Now, this was a 2009 device, so maybe, just maybe, there was a COGS issue in how much storage was needed. By telling me to read the manual. Why it doesn't say "device has reached end of life?" That would be direct and to the point. When you press the button, it says "please see manual." But sheesh. At least it was loud and annoying.

130

130

WIRED Threat Level

JANUARY 15, 2019

Opinion: The 2009 vs. 2019 profile picture trend may or may not have been a data collection ruse to train its facial recognition algorithm. But we can't afford to blithely play along.

Data collection 111

Data collection 111

Krebs on Security

FEBRUARY 14, 2024

For example, the timestamp for Mr. Carter’s inbox reads August 2009, but clicking that inbox revealed messages as recent as Feb. Wireless employees were published in clear text on the Internet. The timestamps listed do not appear to be accurate somehow. Within minutes of that notification, U.S.

Internet 361

Internet Internet Wireless Government 361

Krebs on Security

OCTOBER 22, 2020

” It appears that Centauri hasn’t filed any business records with the state since 2009, and the state subsequently suspended the company’s license to do business in Aug. According to the California Secretary of State, Centauri’s status as a business in the state is “suspended.”

Internet 300

Internet Internet Technology DDOS 300

Schneier on Security

DECEMBER 3, 2019

The previous records were RSA-768 (768 bits) in December 2009 [2], and a 768-bit prime discrete logarithm in June 2016 [3]. It is the first time that two records for integer factorization and discrete logarithm are broken together, moreover with the same hardware and software.

Software 175

Software Encryption 175

CSO Magazine

SEPTEMBER 23, 2021

The Federal Trade Commission (FTC) commissioners, in a split-vote (3-2), issued a policy statement on September 15, requiring both health applications and connected devices to comply with the “ Health Breach Notification Rule (August 2009).”

Insurance 120

Insurance Accountability 120

Naked Security

MAY 5, 2021

These bugs date back to 2009, and they could give crooks who are already in your network access to sysadmin superpowers.

Firmware 102

Firmware 102

The Hacker News

MAY 5, 2021

PC maker Dell has issued an update to fix multiple critical privilege escalation vulnerabilities that went undetected since 2009, potentially allowing attackers to gain kernel-mode privileges and cause a denial-of-service condition. The issues, reported to Dell by researchers from SentinelOne on Dec. sys" that comes pre-installed on

Firmware 113

Firmware 113

Dark Reading

MAY 4, 2021

Hardware maker has issued an update to fix multiple critical privilege escalation vulnerabilities that have gone undetected since 2009.

100

100

Security Boulevard

NOVEMBER 4, 2022

When it was launched in 2009, the Operation Aurora cyberattack was one of the first major nation-state cyberattacks aimed at private industry. Its impact forced organizations to take a hard look at their cybersecurity systems.

Hacking 115

Hacking Cybersecurity 115

Krebs on Security

JULY 25, 2023

SocksEscort began in 2009 as “ super-socks[.]com According to cyber intelligence firm Intel 471 , the very first “SSC” identity registered on the cybercrime forums happened in 2009 at the Russian language hacker community Antichat , where SSC registered using the email address adriman@gmail.com.

Malware 234

Malware VPN Internet Internet 234

Krebs on Security

DECEMBER 29, 2023

As of this birthday, I’ve officially been an independent investigative journalist for longer than I was a reporter for The Washington Post (1995-2009). But I do want to thank you all for your continued readership, encouragement and support, without which I could not do what I do.

Phishing 272

Phishing Scams Advertising Mobile 272

Krebs on Security

APRIL 7, 2020

“We released a security advisory in June of 2009 and a security update that helps keep customers safe. . “To help in keeping systems protected we encourage customers to practice safe security habits when planning for internal domain and network names,” the statement reads.

DNS 357

DNS Wireless Risk Passwords 357

Dark Reading

JUNE 24, 2019

NASA report shows exfiltration totaling more than 100 GB of information since 2009.

93

93

The Hacker News

OCTOBER 21, 2021

for offering "bulletproof hosting" services to cybercriminals, who used the technical infrastructure to distribute malware and attack financial institutions across the country between 2009 to 2015. Two Eastern European nationals have been sentenced in the U.S.

Malware 103

Malware 103

The State of Security

MAY 17, 2022

#1 The history of the National Cyber Security Centre The UK’s first cybersecurity strategy was launched in 2009 and outlined that whatever the shape of the cybersecurity mission, it made no sense to silo it away from other aspects of national security.

Cybersecurity 109

Cybersecurity Government 109

CSO Magazine

JUNE 11, 2021

Analysis of over 200 cybersecurity incidents associated with nation state activity since 2009 also shows the enterprise is now the most common target (35%), followed by cyberdefence (25%), media and communications (14%), government bodies and regulators (12%), and critical infrastructure (10%).

Media 120

Media Internet Internet Government 120

CSO Magazine

FEBRUARY 16, 2023

During the 2008–2009 Global Financial Crisis (GFC) and subsequent recession, researchers noted that cybercrime rates increased dramatically. However, there is some evidence that macroeconomic conditions can impact cybercrime. Their report focused exclusively on financial cybercrime, including identity theft.

Identity Theft 115

Identity Theft Cybercrime Technology 115

Dark Reading

AUGUST 1, 2019

A security consultant reported vulnerabilities in Cisco's Video Surveillance Manager in 2009 - but the company ignored the issues and fired the consultant.

Surveillance 89

Surveillance 89

Security Affairs

APRIL 6, 2024

Most of the vulnerable systems are in the US (4686 at the time of this writing), followed by Japan (2009), and UK (1032). Shadowserver researchers have scanned the Internet for instances vulnerable to CVE-2024-21894 and reported that about 16,500 are still vulnerable.

VPN 131

VPN Internet Internet Hacking 131

Krebs on Security

JULY 20, 2021

One was Alan Ralsky , an American spammer who was convicted in 2009 of paying Severa and other spammers to promote pump-and-dump stock scams. In this paid ad from 2004, Severa lists prices to rent his spam botnet. Early in his career, Severa worked very closely with two major purveyors of spam.

Antivirus 343

Antivirus Cybercrime Identity Theft Scams 343