Security Affairs

OCTOBER 30, 2019

Network Solutions, one of the world’s biggest domain registrars, disclosed a data breach that impacted 22 million accounts. Network Solutions , one of the world’s biggest domain registrars, disclosed a data breach that may have impacted 22 million accounts, no financial data was exposed. SecurityAffairs – data breach, hacking).

Data breaches 52

Data breaches Accountability Advertising Encryption 52

Security Affairs

AUGUST 8, 2022

Experts spotted a new botnet named Orchard using Bitcoin creator Satoshi Nakamoto’s account information to generate malicious domains. The latest version is dedicated to mining and has started using more unpredictable information like transaction information of bitcoin accounts as input to DGA, making detection more difficult.

Accountability 97

Accountability Cryptocurrency Malware Hacking 97

Krebs on Security

JUNE 29, 2023

Nikita Kislitsin , formerly the head of network security for one of Russia’s top cybersecurity firms, was arrested last week in Kazakhstan in response to 10-year-old hacking charges from the U.S. Prosecutors in Northern California indicted Kislitsin in 2014 for his alleged role in stealing account data from Formspring.

Cybersecurity 249

Cybersecurity Cybercrime Hacking Technology 249

Security Affairs

FEBRUARY 17, 2024

At the time, DoJ accused Penchukov of coordinating the exchange of stolen banking credentials and money mules and received alerts once a bank account had been compromised. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, IcedID Malware)

Malware 93

Malware Cybercrime Banking Hacking 93

Security Affairs

MAY 6, 2023

The library has been active since 2009, it offers e-book files in a variety of file formats, stripped of their copyright protections. The list of the domains seized by the authorities includes singlelogin.me, which is used to register new accounts for the service. The library is still reachable through TOR and I2P networks.

Accountability 82

Accountability Hacking Cybersecurity Cybercrime 82

Security Affairs

JUNE 23, 2019

NASA Office of Inspector General revealed that the Agency’s network was hacked in April 2018, intruders exfiltrated roughly 500 MB of data related to Mars missions. Unfortunately, this was not the first time hackers broke into JPL , it has already happened back in 2009, 2011, 2014, 2016 and 2017. The post NASA hacked!

Hacking 111

Hacking Data breaches Advertising Firewall 111

Security Affairs

NOVEMBER 10, 2018

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The post Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks appeared first on Security Affairs.

Banking 108

Banking Hacking Malware Advertising 108

Security Affairs

JULY 28, 2022

The reporting of security incidents has been part of the EU’s regulatory framework for telecoms since the 2009 reform of the telecoms package. System failures accounted for 363 million user hours lost compared to 419 million user hours in 2020. SecurityAffairs – hacking, telecom security incidents). Pierluigi Paganini.

Authentication 95

Authentication Hacking Accountability Information Security 95

Security Affairs

OCTOBER 21, 2021

The two individuals, Aleksandr Skorodumov (33) of Lithuania, and Pavel Stassi (30) of Estonia, administrated the bulletproof hosting service between 2009 and 2015. Stassi conducted several administrative tasks for the group, such as registering webhosting and financial accounts using stolen and/or false personal information.

System Administration 97

System Administration Malware Accountability Marketing 97

Security Affairs

MAY 13, 2023

Founded in 2009, the company provides luggage and passenger transportation services on many popular hiking routes, including the famous Santiago de Compostela pilgrimage trail. The Cybernews research team has discovered a data leak on La Malle Postale’s system that exposed the personal data of their clients. One of them is identity theft.

Passwords 91

Passwords Identity Theft Scams Social Engineering 91

Security Affairs

JUNE 7, 2021

billion unique password variations with other breach compilations that include usernames and email addresses, threat actors can use the RockYou2021 collection to mount password dictionary and password spraying attacks against untold numbers of online accounts. Enable two-factor authentication (2FA) on all of your online accounts.

Passwords 113

Passwords Data breaches Accountability Password Management 113

Security Affairs

AUGUST 4, 2022

The presidential office said it would up its monitoring in the face of “hybrid information warfare by external forces” In August 2020, Chinese hackers gained access to around 6,000 email accounts belonging to at least 10 Taiwan government agencies, officials said. SecurityAffairs – hacking, Taiwan). Pierluigi Paganini.

DDOS 84

DDOS Government Cyber Attacks Hacking 84

Security Affairs

MARCH 23, 2020

107 million records include personal data and basic account information such as the user ID, number of Weibo tweets, number of followers and accounts users are following, account gender, geographic location and more. The dump doesn’t include Weibo users’ passwords. 5.38??????????????

Accountability 112

Accountability Passwords Advertising Internet 112

Security Affairs

MARCH 3, 2020

“ Two Chinese nationals were charged with laundering over $100 million worth of cryptocurrency from a hack of a cryptocurrency exchange. The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack. million from another exchange.

Cryptocurrency 99

Cryptocurrency Banking Hacking Accountability 99

Security Affairs

NOVEMBER 28, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. io ), to share videos of their claimed exploits, and for amplifying and retweeting posts from other accounts under their control.

Malware 126

Malware Phishing Antivirus Hacking 126

Security Affairs

JULY 6, 2021

According to Group-IB’s Threat Intelligence team, the suspect, dubbed Dr HeX by Group-IB based on one of the nicknames that he used, has been active since at least 2009 and is responsible for a number of cybercrimes, including phishing, defacing, malware development, fraud, and carding that resulted in thousands of unsuspecting victims.

Cybercrime 96

Cybercrime Phishing Banking Telecommunications 96

Security Affairs

NOVEMBER 17, 2022

At the time, DoJ accused Penchukov of coordinating the exchange of stolen banking credentials and money mules and received alerts once a bank account had been compromised. SecurityAffairs – hacking, Zeus). Follow me on Twitter: @securityaffairs and Facebook and Mastodon. Pierluigi Paganini.

Cybercrime 92

Cybercrime Banking Identity Theft Hacking 92

Security Affairs

FEBRUARY 25, 2021

Next, the attackers logged in to the web interface using a privileged root account. It’s unknown how the attackers were able to obtain the credentials for that account, but it’s possible the credentials were saved in one of the infected system’s browser password managers.” SecurityAffairs – hacking, Lazarus).

Malware 95

Malware Cryptocurrency Password Management Encryption 95

Security Affairs

JANUARY 29, 2021

Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to ZINC, a DPRK-affiliated and state-sponsored group, based on observed tradecraft, infrastructure, malware patterns, and account affiliations.” SecurityAffairs – hacking, Zinc). Pierluigi Paganini.

Malware 116

Malware Antivirus Hacking Accountability 116

ForAllSecure

JUNE 16, 2021

So how hard is it to hack APIs? In this episode, Jason Kent from Cequence Security talks about his experience hacking a garage door opener API, the tools he uses such as Burp, ZAP, and APK tool, and why we need to be paying more attention to the OWASP API Security Top 10. I mean, how hard is it even to hack an API.

Hacking 52

Hacking Mobile Authentication Internet 52

ForAllSecure

JUNE 16, 2021

So how hard is it to hack APIs? In this episode, Jason Kent from Cequence Security talks about his experience hacking a garage door opener API, the tools he uses such as Burp, ZAP, and APK tool, and why we need to be paying more attention to the OWASP API Security Top 10. I mean, how hard is it even to hack an API.

Hacking 52

Hacking Mobile Authentication Internet 52

Security Affairs

AUGUST 10, 2018

Security researchers when analyzing a hacking campaign attempt to attribute it to a specific threat actor also evaluating the code reuse. Each node represents a malware family or a hacking tool (“ Brambul ,” “ Fallchill ,” etc.) Each node represents a malware family or a hacking tool (“ Brambul ,” “ Fallchill ,” etc.)

Malware 45

Malware Hacking Advertising Accountability 45

Security Affairs

MARCH 24, 2021

Founded in 2009, FBS is an international online forex broker with more than 400,000 partners and 16 million traders spanning over 190 countries. A German User’s Account. An Australian User’s Account. Account Takeover. SecurityAffairs – hacking, Microsoft Exchange). Who is FBS. User ID and Credit Card Photo Uploads.

Passwords 125

Passwords Accountability Media Identity Theft 125

Security Affairs

OCTOBER 1, 2019

The experts found an unprotected Elasticsearch cluster that was containing personally identifiable information on Russian citizens spanning from 2009 to 2016. “The first database contained more than 14 million personal and tax records from 2010 to 2016, and the second included over 6 million from 2009 to 2015.”

Identity Theft 74

Identity Theft Scams Advertising Risk 74

Security Affairs

FEBRUARY 9, 2023

District Court for the District of New Jersey charging Kovalev with conspiracy to commit bank fraud and eight counts of bank fraud in connection with a series of intrusions into victim bank accounts held at various U.S.-based based financial institutions that occurred in 2009 and 2010, predating his involvement in Dyre or the Trickbot Group.

Banking 84

Banking Ransomware Cybercrime Malware 84

Security Affairs

NOVEMBER 5, 2019

In 2017, a hacker group known as the Shadow Brokers stolen malware and hacking tools from the arsenal of the NSA-Linked Equation Group , then it published online the data dump called “ Lost in Translation.” The DarkUniverse has been active at least from 2009 until 2017. Attackers used C2 servers on cloud storage at mydrive.

Malware 49

Malware Advertising Accountability Phishing 49

Security Affairs

MARCH 15, 2023

Knowing them, a threat actor could be able to hijack the session and therefore the account. If attackers had access to this key, they could create an admin account and have privileged access to a website. The unidentified hackers allegedly attempted to map the company’s computer system between 2009 and 2010.

Manufacturing 88

Manufacturing Media Accountability Risk 88

Security Affairs

JUNE 17, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. SecurityAffairs – Operation In(ter)reception , hacking). Collins Aerospace and General Dynamics). ” continues the report.

Advertising 75

Advertising Malware Passwords Accountability 75

Security Affairs

OCTOBER 3, 2018

The US-CERT has released a joint technical alert from the DHS, the FBI, and the Treasury warning about a new ATM cash-out scheme, dubbed “ FASTCash ,” being used by the prolific North Korean APT hacking group known as Hidden Cobra (aka Lazarus Group and Guardians of Peace).

Banking 88

Banking Retail Advertising Malware 88

Security Affairs

JULY 9, 2019

” Threat actors accessed to files stored in the Literacy Works Information System that are dated back 2009, 2010, and 2014. The Department is notifying the impacted customers, potentially affected users have to carefully monitor their accounts. SecurityAffairs – Maryland Depar t ment of Labor , hacking).

Data breaches 74

Data breaches Insurance Advertising Technology 74

Thales Cloud Protection & Licensing

NOVEMBER 14, 2017

The modern era of mass data breaches perhaps began in 2009, with the hack of 32 million account credentials held by software developer RockYou, in which a SQL injection attack revealed that passwords were simple held in cleartext in a database table. The following year saw a leak from Gawker Media’s servers, with another 1.5

Passwords 99

Passwords Internet Internet Data breaches 99

Security Affairs

JULY 26, 2018

.” The experts discovered that the flaw was first discovered in 2007 and it was publicly disclosed in 2009 during the CanSecWest security conference. “The original issue was disclosed on stage at CanSec 2009 ( [link] ).” ” reads the analysis published by Trustwave. ” continues Trustwave.

Advertising 49

Advertising Architecture Authentication Accountability 49

Security Affairs

JUNE 18, 2020

Qbot , aka Qakbot , is a data stealer worm with backdoor capabilities that was first detected by Symantec back in 2009. The bot also makes lateral movements via network share exploits to infect other systems on the same network and leverage brute-force attacks to target Active Directory admin accounts. ” concludes the report.

Banking 101

Banking Malware Advertising Financial Services 101

Security Affairs

JUNE 10, 2019

In the fraud scheme, the criminals impersonate Chinese authorities and attempt to trick victims into transferring money to accounts controlled by the scammers. “The callers typically masquerade as Chinese authorities and pressure or persuade the victims to transfer money to the scammers’ accounts.”

Scams 67

Scams Advertising Accountability Government 67

Security Affairs

SEPTEMBER 22, 2018

Bondars is one of the two hackers found to have been running Scan4you from 2009 to 2016, its service was very popular in the cybercrime community and was used by malware developers to test their malicious codes. “In issuing the sentence, the court found a loss amount of $20.5 In addition to the term of imprisonment, U.S.

Malware 92

Malware Antivirus Retail Advertising 92

Security Affairs

MAY 7, 2019

The APT3 cyberespionage group had been active since at least 2009 and its last operation was uncovered in mid-2017. In November 2017, US authorities charged three China-based hackers for stealing sensitive information from US-based companies, including Siemens AG, and accessing a high-profile email account at Moody’s.

Advertising 77

Advertising Hacking Cyber threats Malware 77

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Shah provides her expertise in hacking, software development, and kernel development and advocates for open source initiatives. — Dave Kennedy (@HackingDave) July 15, 2020. .

Accountability 134

Accountability Cybersecurity Penetration Testing InfoSec 134