2009, Accountability and Hacking - Cyber Security Informer

China Says U.S. Hacking Huawei Since 2009

SecureWorld News

SEPTEMBER 28, 2023

In a tale as old as the computer, China has once again pointed fingers at the United States, accusing it of hacking into one of its technology companies. National Security Agency (NSA) of infiltrating Huawei servers since as early as 2009. Of course, this comes about a month after the U.S.

Hacking

Hacking Artificial Intelligence Cyber Attacks Telecommunications

Hackers Expose Russian FSB Cyberattack Projects

Schneier on Security

JULY 22, 2019

More nation-state activity in cyberspace, this time from Russia : Per the different reports in Russian media, the files indicate that SyTech had worked since 2009 on a multitude of projects since 2009 for FSB unit 71330 and for fellow contractor Quantum.

Media

Media Internet Internet Accountability

Canada Charges Its “Most Prolific Cybercriminal”

Krebs on Security

DECEMBER 8, 2021

There is a now-dormant Myspace account for a Matthew Philbert from Orleans, a suburb of Ottawa, Ontario. The information tied to the Myspace account matches the age and town of the defendant. The Myspace account was registered under the nickname “ Darkcloudowner ,” and to the email address dark_cl0ud6@hotmail.com.

Cybercrime

Cybercrime Ransomware Accountability Advertising

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

According to cyber intelligence firm Intel 471 , Megatraffer has been active on more than a half-dozen crime forums from September 2009 to the present day. That same email address also is tied to two forum accounts for a user with the handle “ O.R.Z.” user account — this one on Verified[.]ru account on Carder[.]su

Malware

Malware Cybercrime Software Accountability

RockYou2024 compilation containing 10 billion passwords was leaked online

Security Affairs

JULY 8, 2024

Threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. The Cybernews researchers reported that threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. RockYou2021 had 8.4 RockYou2021 had 8.4 ” concludes CyberNews.

Passwords

Passwords Data breaches Hacking Accountability

Hacking Linux is Easy with PwnKit

eSecurity Planet

JUNE 30, 2022

Qualys researchers found that the flaw has existed for 13 years, since pkexec’s first release in May 2009. The only inconvenience is that it requires initial access, which can be achieved by exploiting another vulnerability first, but hackers can use the least privileged accounts like the nobody user to root the machine.

Hacking

Hacking Accountability Software Cybersecurity

Who’s Behind the GandCrab Ransomware?

Krebs on Security

JULY 8, 2019

Russian security firm Kaspersky Lab estimated that by the time the program ceased operations, GandCrab accounted for up to half of the global ransomware market. in threads asking for urgent help obtaining access to hacked businesses in South Korea. via sites that track hacked or leaked databases turned up some curious results.

Ransomware

Ransomware Accountability Cybercrime Passwords

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

Krebs on Security

JUNE 29, 2023

Nikita Kislitsin , formerly the head of network security for one of Russia’s top cybersecurity firms, was arrested last week in Kazakhstan in response to 10-year-old hacking charges from the U.S. Prosecutors in Northern California indicted Kislitsin in 2014 for his alleged role in stealing account data from Formspring.

Cybersecurity

Cybersecurity Cybercrime Hacking Government

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

For example, in 2010 Spamdot and its spam affiliate program Spamit were hacked, and its user database shows Sal and Icamis often accessed the forum from the same Internet address — usually from Cherepovets , an industrial town situated approximately 230 miles north of Moscow. bank accounts.

Cybercrime

Cybercrime Banking Computers and Electronics DDOS

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Security Affairs

JUNE 23, 2019

NASA Office of Inspector General revealed that the Agency’s network was hacked in April 2018, intruders exfiltrated roughly 500 MB of data related to Mars missions. Unfortunately, this was not the first time hackers broke into JPL , it has already happened back in 2009, 2011, 2014, 2016 and 2017. The post NASA hacked!

Hacking

Hacking Data breaches Advertising Firewall

Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks

Security Affairs

NOVEMBER 10, 2018

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The post Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks appeared first on Security Affairs.

Banking

Banking Hacking Malware Advertising

Network Solutions data breach – hacker accessed data of more 22 Million accounts

Security Affairs

OCTOBER 30, 2019

Network Solutions, one of the world’s biggest domain registrars, disclosed a data breach that impacted 22 million accounts. Network Solutions , one of the world’s biggest domain registrars, disclosed a data breach that may have impacted 22 million accounts, no financial data was exposed. SecurityAffairs – data breach, hacking).

Data breaches

Data breaches Accountability Advertising Encryption

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Security Affairs

MARCH 3, 2020

“ Two Chinese nationals were charged with laundering over $100 million worth of cryptocurrency from a hack of a cryptocurrency exchange. The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack. million from another exchange.

Cryptocurrency

Cryptocurrency Banking Hacking Accountability

538 Million Weibo users’ records being sold on Dark Web

Security Affairs

MARCH 23, 2020

107 million records include personal data and basic account information such as the user ID, number of Weibo tweets, number of followers and accounts users are following, account gender, geographic location and more. The dump doesn’t include Weibo users’ passwords. 5.38??????????????

Accountability

Accountability Passwords Advertising Internet

Administrators of bulletproof hosting sentenced to prison in the US

Security Affairs

OCTOBER 21, 2021

The two individuals, Aleksandr Skorodumov (33) of Lithuania, and Pavel Stassi (30) of Estonia, administrated the bulletproof hosting service between 2009 and 2015. Stassi conducted several administrative tasks for the group, such as registering webhosting and financial accounts using stolen and/or false personal information.

System Administration

System Administration Malware Accountability Marketing

Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID operations

Security Affairs

JULY 13, 2024

At the time, DoJ accused Penchukov of coordinating the exchange of stolen banking credentials and money mules and received alerts once a bank account had been compromised. Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, Vyacheslav Igorevich Penchukov)

Cybercrime

Cybercrime Banking Malware Hacking

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

At least a dozen patriotic Russian hacking groups have been launching DDoS attacks since the start of the war at a variety of targets seen as opposed to Moscow. But by all accounts, few attacks from those gangs have come close to the amount of firepower wielded by a pro-Russia group calling itself “ NoName057(16).”

DDOS

DDOS Internet Internet Government

Backdoor in XZ Utils That Almost Happened

Schneier on Security

APRIL 11, 2024

He has been in charge of XZ Utils since he wrote it in 2009. We don’t know by whom, but we have account names: Jia Tan, Jigar Kumar, Dennis Ens. And, at least in 2022, he’s had some “ longterm mental health issues. ” (To be clear, he is not to blame in this story. This is a systems problem.) They’re not real names.

Software

Software Engineering Internet Internet

RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries

Security Affairs

JUNE 7, 2021

billion unique password variations with other breach compilations that include usernames and email addresses, threat actors can use the RockYou2021 collection to mount password dictionary and password spraying attacks against untold numbers of online accounts. Enable two-factor authentication (2FA) on all of your online accounts.

Passwords

Passwords Data breaches Accountability Password Management

Orchard botnet uses Bitcoin Transaction info to generate DGA domains

Security Affairs

AUGUST 8, 2022

Experts spotted a new botnet named Orchard using Bitcoin creator Satoshi Nakamoto’s account information to generate malicious domains. The latest version is dedicated to mining and has started using more unpredictable information like transaction information of bitcoin accounts as input to DGA, making detection more difficult.

Accountability

Accountability Cryptocurrency Malware Hacking

RockYou2024: The Largest Password Compilation (10 Billion) Ever Leaked

SecureWorld News

JULY 8, 2024

The name "RockYou2024" pays homage to the infamous RockYou data breach of 2009, which exposed 32 million passwords due to insecure storage practices. The data compilation was leaked on a popular hacking forum, where it quickly gained notoriety for its sheer size and potential impact.

Passwords

Passwords Password Management Education Accountability

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Security Affairs

FEBRUARY 25, 2021

Next, the attackers logged in to the web interface using a privileged root account. It’s unknown how the attackers were able to obtain the credentials for that account, but it’s possible the credentials were saved in one of the infected system’s browser password managers.” SecurityAffairs – hacking, Lazarus).

Malware

Malware Cryptocurrency Password Management Encryption

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Security Affairs

FEBRUARY 17, 2024

At the time, DoJ accused Penchukov of coordinating the exchange of stolen banking credentials and money mules and received alerts once a bank account had been compromised. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, IcedID Malware)

Malware

Malware Cybercrime Banking Hacking

Microsoft: North Korea-linked Zinc APT targets security experts

Security Affairs

JANUARY 29, 2021

Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to ZINC, a DPRK-affiliated and state-sponsored group, based on observed tradecraft, infrastructure, malware patterns, and account affiliations.” SecurityAffairs – hacking, Zinc). Pierluigi Paganini.

Malware

Malware Antivirus Hacking Accountability

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. io ), to share videos of their claimed exploits, and for amplifying and retweeting posts from other accounts under their control.

Malware

Malware Phishing Antivirus Hacking

FBI seized other domains used by the shadow eBook library Z-Library

Security Affairs

MAY 6, 2023

The library has been active since 2009, it offers e-book files in a variety of file formats, stripped of their copyright protections. The list of the domains seized by the authorities includes singlelogin.me, which is used to register new accounts for the service. The library is still reachable through TOR and I2P networks.

Accountability

Accountability Hacking Cybersecurity Cybercrime

Experts found 20 Million tax records for Russian citizens exposed online

Security Affairs

OCTOBER 1, 2019

The experts found an unprotected Elasticsearch cluster that was containing personally identifiable information on Russian citizens spanning from 2009 to 2016. “The first database contained more than 14 million personal and tax records from 2010 to 2016, and the second included over 6 million from 2009 to 2015.”

Identity Theft

Identity Theft Scams Advertising Risk

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Herjavec Group

AUGUST 26, 2021

1834 — French Telegraph System — A pair of thieves hack the French Telegraph System and steal financial market information, effectively conducting the world’s first cyberattack. 1870 — Switchboard Hack — A teenager hired as a switchboard operator is able to disconnect and redirect calls and use the line for personal usage. .

Cybercrime

Cybercrime Computers and Electronics Banking Hacking

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

Security Affairs

OCTOBER 3, 2018

The US-CERT has released a joint technical alert from the DHS, the FBI, and the Treasury warning about a new ATM cash-out scheme, dubbed “ FASTCash ,” being used by the prolific North Korean APT hacking group known as Hidden Cobra (aka Lazarus Group and Guardians of Peace).

Banking

Banking Retail Advertising Malware

Dashlane 2024

eSecurity Planet

JANUARY 29, 2024

The company was founded in 2009, and the first software edition was released in 2012. Internet security best practices mandate unique credentials for each online account; doing so would be impossible without a solid password manager like Dashlane. Your employees will love the unique bonus features Dashlane offers as well.

Password Management

Password Management Passwords Authentication Accountability

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

Security Affairs

JUNE 17, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. SecurityAffairs – Operation In(ter)reception , hacking). Collins Aerospace and General Dynamics). ” continues the report.

Advertising

Advertising Malware Passwords Accountability

ENISA provides data related to major telecom security incidents in 2021

Security Affairs

JULY 28, 2022

The reporting of security incidents has been part of the EU’s regulatory framework for telecoms since the 2009 reform of the telecoms package. System failures accounted for 363 million user hours lost compared to 419 million user hours in 2020. SecurityAffairs – hacking, telecom security incidents). Pierluigi Paganini.

Authentication

Authentication Hacking Accountability Information Security

Billions of FBS Records Exposed in Online Trading Broker Data Leak

Security Affairs

MARCH 24, 2021

Founded in 2009, FBS is an international online forex broker with more than 400,000 partners and 16 million traders spanning over 190 countries. A German User’s Account. An Australian User’s Account. Account Takeover. SecurityAffairs – hacking, Microsoft Exchange). Who is FBS. User ID and Credit Card Photo Uploads.

Passwords

Passwords Accountability Media Identity Theft

Maryland Department of Labor discloses a data breach

Security Affairs

JULY 9, 2019

” Threat actors accessed to files stored in the Literacy Works Information System that are dated back 2009, 2010, and 2014. The Department is notifying the impacted customers, potentially affected users have to carefully monitor their accounts. SecurityAffairs – Maryland Depar t ment of Labor , hacking).

Data breaches

Data breaches Insurance Advertising Technology

The analysis of the code reuse revealed many links between North Korea malware

Security Affairs

AUGUST 10, 2018

Security researchers when analyzing a hacking campaign attempt to attribute it to a specific threat actor also evaluating the code reuse. Each node represents a malware family or a hacking tool (“ Brambul ,” “ Fallchill ,” etc.) Each node represents a malware family or a hacking tool (“ Brambul ,” “ Fallchill ,” etc.)

Malware

Malware Hacking Advertising Accountability

Dashlane Review 2021: Pricing & Features

eSecurity Planet

JULY 8, 2021

The company was founded in 2009, and the first software edition was released in 2012. Internet security best practices mandate unique credentials for each online account; doing so would be impossible without a solid password manager like Dashlane. Your employees will love the unique bonus features Dashlane offers as well.

Password Management

Password Management Passwords Authentication Accountability

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

Security Affairs

JULY 6, 2021

According to Group-IB’s Threat Intelligence team, the suspect, dubbed Dr HeX by Group-IB based on one of the nicknames that he used, has been active since at least 2009 and is responsible for a number of cybercrimes, including phishing, defacing, malware development, fraud, and carding that resulted in thousands of unsuspecting victims.

Cybercrime

Cybercrime Phishing Banking Telecommunications

Personal info of 90k hikers leaked by French tourism company La Malle Postale

Security Affairs

MAY 13, 2023

Founded in 2009, the company provides luggage and passenger transportation services on many popular hiking routes, including the famous Santiago de Compostela pilgrimage trail. The Cybernews research team has discovered a data leak on La Malle Postale’s system that exposed the personal data of their clients. One of them is identity theft.

Passwords

Passwords Identity Theft Scams Social Engineering

An ongoing Qbot campaign targeted customers of tens of US banks

Security Affairs

JUNE 18, 2020

Qbot , aka Qakbot , is a data stealer worm with backdoor capabilities that was first detected by Symantec back in 2009. The bot also makes lateral movements via network share exploits to infect other systems on the same network and leverage brute-force attacks to target Active Directory admin accounts. ” concludes the report.

Banking

Banking Malware Advertising Financial Services

Mysterious DarkUniverse APT remained undetected for 8 years

Security Affairs

NOVEMBER 5, 2019

In 2017, a hacker group known as the Shadow Brokers stolen malware and hacking tools from the arsenal of the NSA-Linked Equation Group , then it published online the data dump called “ Lost in Translation.” The DarkUniverse has been active at least from 2009 until 2017. Attackers used C2 servers on cloud storage at mydrive.

Malware

Malware Advertising Accountability Phishing

Tank, the leader of the Zeus cybercrime gang, was arrested by the Swiss police

Security Affairs

NOVEMBER 17, 2022

At the time, DoJ accused Penchukov of coordinating the exchange of stolen banking credentials and money mules and received alerts once a bank account had been compromised. SecurityAffairs – hacking, Zeus). Follow me on Twitter: @securityaffairs and Facebook and Mastodon. Pierluigi Paganini.

Cybercrime

Cybercrime Banking Identity Theft Hacking

How to lose your password

Thales Cloud Protection & Licensing

NOVEMBER 14, 2017

The modern era of mass data breaches perhaps began in 2009, with the hack of 32 million account credentials held by software developer RockYou, in which a SQL injection attack revealed that passwords were simple held in cleartext in a database table. The following year saw a leak from Gawker Media’s servers, with another 1.5

Passwords

Passwords Internet Internet Data breaches

Spain extradites 94 Taiwanese to China phone and online fraud charges

Security Affairs

JUNE 10, 2019

In the fraud scheme, the criminals impersonate Chinese authorities and attempt to trick victims into transferring money to accounts controlled by the scammers. “The callers typically masquerade as Chinese authorities and pressure or persuade the victims to transfer money to the scammers’ accounts.”

Scams

Scams Advertising Accountability Government

Operator of Scan4You Malware-Scanning sentenced to 14 Years in prison

Security Affairs

SEPTEMBER 22, 2018

Bondars is one of the two hackers found to have been running Scan4you from 2009 to 2016, its service was very popular in the cybercrime community and was used by malware developers to test their malicious codes. “In issuing the sentence, the court found a loss amount of $20.5 In addition to the term of imprisonment, U.S.

Malware

Malware Antivirus Retail Advertising

China Says U.S. Hacking Huawei Since 2009

Hackers Expose Russian FSB Cyberattack Projects

Trending Sources

Canada Charges Its “Most Prolific Cybercriminal”

Ask Fitis, the Bear: Real Crooks Sign Their Malware

RockYou2024 compilation containing 10 billion passwords was leaked online

Hacking Linux is Easy with PwnKit

Who’s Behind the GandCrab Ransomware?

Russian Cybersecurity Executive Arrested for Alleged Role in 2012 Megahacks

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks

Network Solutions data breach – hacker accessed data of more 22 Million accounts

US officials charge two Chinese men for laundering cryptocurrency for North Korea

538 Million Weibo users’ records being sold on Dark Web

Administrators of bulletproof hosting sentenced to prison in the US

Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID operations

Stark Industries Solutions: An Iron Hammer in the Cloud

Backdoor in XZ Utils That Almost Happened

RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries

Orchard botnet uses Bitcoin Transaction info to generate DGA domains

RockYou2024: The Largest Password Compilation (10 Billion) Ever Leaked

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Microsoft: North Korea-linked Zinc APT targets security experts

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

FBI seized other domains used by the shadow eBook library Z-Library

Experts found 20 Million tax records for Russian citizens exposed online

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

Dashlane 2024

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

ENISA provides data related to major telecom security incidents in 2021

Billions of FBS Records Exposed in Online Trading Broker Data Leak

Maryland Department of Labor discloses a data breach

The analysis of the code reuse revealed many links between North Korea malware

Dashlane Review 2021: Pricing & Features

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

Personal info of 90k hikers leaked by French tourism company La Malle Postale

An ongoing Qbot campaign targeted customers of tens of US banks

Mysterious DarkUniverse APT remained undetected for 8 years

Tank, the leader of the Zeus cybercrime gang, was arrested by the Swiss police

How to lose your password

Spain extradites 94 Taiwanese to China phone and online fraud charges

Operator of Scan4You Malware-Scanning sentenced to 14 Years in prison

Stay Connected