2009, Hacking and Information Security - Cyber Security Informer

AusCERT and the Award for Information Security Excellence

Troy Hunt

MAY 31, 2018

At the gala dinner last night, without any warning beforehand, I somehow walked away with this: #AusCERT2018 Award for Information Security Excellence goes to @troyhunt @AusCERT 2018 Gala Dinner pic.twitter.com/9lxmwX0tdR — ValdemarJakobsen???? jamver) May 31, 2018. Yes, that guy is wearing a cape, it was a Star Wars thing.).

Information Security

Information Security Data breaches Hacking

More than 16,000 Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894

Security Affairs

APRIL 6, 2024

Most of the vulnerable systems are in the US (4686 at the time of this writing), followed by Japan (2009), and UK (1032). We are now scanning/reporting Ivanti Connect Secure instances vulnerable to CVE-2024-21894 (heap overflow potentially leading to RCE) & others described in [link] ~16 500 likely vulnerable (~4.6K

VPN

VPN Internet Internet Hacking

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. SocksEscort began in 2009 as “ super-socks[.]com Image: Lumen’s Black Lotus Labs.

Malware

Malware VPN Internet Internet

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Security Affairs

JUNE 23, 2019

NASA Office of Inspector General revealed that the Agency’s network was hacked in April 2018, intruders exfiltrated roughly 500 MB of data related to Mars missions. Unfortunately, this was not the first time hackers broke into JPL , it has already happened back in 2009, 2011, 2014, 2016 and 2017. The post NASA hacked!

Hacking

Hacking Data breaches Advertising Firewall

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Security Affairs

FEBRUARY 17, 2024

The popular investigator Brian Krebs reported that Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham, noted in 2014 that Tank told co-conspirators in a JabberZeus chat on July 22, 2009 that his daughter, Miloslava, was and told him Miloslava birth weight.

Malware

Malware Cybercrime Banking Hacking

SimJacker attack allows hacking any phone with just an SMS

Security Affairs

SEPTEMBER 12, 2019

According to the researchers, almost any mobile phone model is vulnerable to the SimJacker attack because it leverages a component on SIM cards and its specifications are the same since 2009. SecurityAffairs – SimJacker, hacking). ” states the post. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Mobile Spyware Manufacturing

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

At the time of this writing, no ransomware group has claimed responsibility for the security breach. CDHE provides free access to the identify theft monitoring Experian IdentityWorks SM for 24 months.

Education

Education Data breaches Ransomware Hacking

Orchard botnet uses Bitcoin Transaction info to generate DGA domains

Security Affairs

AUGUST 8, 2022

“It’s worth pointing out that the wallet address is the miner reward receiving address of the Bitcoin Genesis Block , which occurred on January 3, 2009, and is believed to be held by Nakamoto.” SecurityAffairs – hacking, domain name system). .” reads the analysis published by the researchers.

Accountability

Accountability Cryptocurrency Malware Hacking

North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro

Security Affairs

NOVEMBER 15, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. SecurityAffairs – hacking, Operation Cyclone). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Cybersecurity

Cybersecurity Engineering Software Malware

ENISA provides data related to major telecom security incidents in 2021

Security Affairs

JULY 28, 2022

Every European telecom operator that suffers a security incident, notifies its national authorities which share a summary of these reports to ENISA at the start of every calendar year. The reporting of security incidents has been part of the EU’s regulatory framework for telecoms since the 2009 reform of the telecoms package.

Authentication

Authentication Hacking Accountability Information Security

FBI seized other domains used by the shadow eBook library Z-Library

Security Affairs

MAY 6, 2023

The library has been active since 2009, it offers e-book files in a variety of file formats, stripped of their copyright protections. The Federal Bureau of Investigation (FBI) seized multiple domains used by the illegal shadow eBook library Z-Library. Z-Library operates as a complex network of approximately 249 interrelated web domains.

Accountability

Accountability Hacking Cybersecurity Cybercrime

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

. “TAG observed a North Korean government-backed attacker group that previously targeted security researchers posing as recruiters at Samsung and sending fake job opportunities to employees at multiple South Korean information security companies that sell anti-malware solutions.” Pierluigi Paganini.

Malware

Malware Phishing Antivirus Hacking

PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web

Security Affairs

OCTOBER 23, 2023

billion Aadhaars issued by the UIDAI since this ID service launched in 2009, this system represents one of the largest biometric ID programs on the planet, according to a report published by think tank Brookings Institution. With roughly 1.4

Identity Theft

Identity Theft Banking Data breaches Malware

PwnKit: Local Privilege Escalation bug affects major Linux distros

Security Affairs

JANUARY 26, 2022

The flaw, dubbed PwnKit, was introduced more than 12 years ago (May 2009) since the initial commit of pkexec, this means that all the versions are affected. SecurityAffairs – hacking, PwnKit). The post PwnKit: Local Privilege Escalation bug affects major Linux distros appeared first on Security Affairs. Pierluigi Paganini.

Architecture

Architecture Hacking Information Security

China-linked APT10 Target Taiwan’s financial trading industry

Security Affairs

FEBRUARY 22, 2022

The group (also known as Cicada, Stone Panda , MenuPass group, Bronze Riverside, and Cloud Hopper ) has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide.

Technology

Technology Hacking Passwords Software

10-year-old vulnerability in Avaya VoIP Phones finally fixed

Security Affairs

AUGUST 10, 2019

Security experts at McAfee discovered that a stack-based buffer overflow flaw in the Dynamic Host Configuration Protocol (DHCP) client discovered and fixed ten years ago is still affecting several Avaya phones. SecurityAffairs – Avaya, hacking). The vulnerability could be exploited using a specially crafted DHCP response. Only the H.323

Firmware

Firmware IoT Advertising Software

Administrators of bulletproof hosting sentenced to prison in the US

Security Affairs

OCTOBER 21, 2021

The two individuals, Aleksandr Skorodumov (33) of Lithuania, and Pavel Stassi (30) of Estonia, administrated the bulletproof hosting service between 2009 and 2015. SecurityAffairs – hacking, cyber security). The post Administrators of bulletproof hosting sentenced to prison in the US appeared first on Security Affairs.

System Administration

System Administration Malware Accountability Marketing

China-linked APT10 leverages ZeroLogon exploits in recent attacks

Security Affairs

NOVEMBER 18, 2020

The group, also known as Cicada, Stone Panda , and Cloud Hopper , has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide. ” Pierluigi Paganini.

Manufacturing

Manufacturing Hacking Engineering Malware

North Korea-linked Lazarus APT targets the IT supply chain

Security Affairs

OCTOBER 27, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. SecurityAffairs – hacking, supply chain attack). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Malware

Malware System Administration Hacking Media

Taiwan Government websites suffered DDoS attacks during the Nancy Pelosi visit

Security Affairs

AUGUST 4, 2022

The presidential office said it would up its monitoring in the face of “hybrid information warfare by external forces” In August 2020, Chinese hackers gained access to around 6,000 email accounts belonging to at least 10 Taiwan government agencies, officials said. SecurityAffairs – hacking, Taiwan). Pierluigi Paganini.

DDOS

DDOS Government Cyber Attacks Hacking

CISA urges to fix actively exploited Firefox zero-days by March 21

Security Affairs

MARCH 8, 2022

SecurityAffairs – hacking, SIM swapping). The post CISA urges to fix actively exploited Firefox zero-days by March 21 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Authentication

Authentication Hacking Cybersecurity Risk

Personal info of 90k hikers leaked by French tourism company La Malle Postale

Security Affairs

MAY 13, 2023

The leaked information included names, phone numbers, emails, private communication via SMS messages, passwords, and employees’ credentials. Founded in 2009, the company provides luggage and passenger transportation services on many popular hiking routes, including the famous Santiago de Compostela pilgrimage trail.

Passwords

Passwords Identity Theft Scams Social Engineering

North Korea-linked Lazarus APT targets the COVID-19 research

Security Affairs

DECEMBER 25, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, North Korea).

Cryptocurrency

Cryptocurrency Malware Hacking Phishing

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

Security Affairs

JULY 6, 2021

According to Group-IB’s Threat Intelligence team, the suspect, dubbed Dr HeX by Group-IB based on one of the nicknames that he used, has been active since at least 2009 and is responsible for a number of cybercrimes, including phishing, defacing, malware development, fraud, and carding that resulted in thousands of unsuspecting victims.

Cybercrime

Cybercrime Phishing Banking Telecommunications

North Korea-linked Lazarus APT used Windows Update client and GitHub in recent attacks

Security Affairs

JANUARY 27, 2022

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. SecurityAffairs – hacking, Lazarus APT). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Malware

Malware Hacking Phishing Ransomware

RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries

Security Affairs

JUNE 7, 2021

SecurityAffairs – hacking, RockYou2021). billion entries appeared first on Security Affairs. About the author: Edvardas Mikalauskas. Edvardas is a Senior Writer and Researcher at CyberNews. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Passwords

Passwords Data breaches Accountability Password Management

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

Security Affairs

NOVEMBER 25, 2022

that dates back to 2009. “We see an urgent need for an extra layer of SBOM Validation when it comes to compiled code to validate on the binary level, the list of third-party dependency information that matches the actual SBOM provided by the vendor,” concludes the report. SecurityAffairs – hacking, firmware).

Firmware

Firmware Manufacturing Hacking Software

Belgium telecom operators Proximus and Orange drop Huawei

Security Affairs

OCTOBER 10, 2020

Orange Belgium is using Huawei equipment since 2007 for its mobile network in Belgium and Luxembourg, while the collaboration between Proximus and the Shenzhen-based company started in 2009 for the progressive upgrading of its network. SecurityAffairs – hacking, Proximus). Pierluigi Paganini.

Mobile

Mobile Manufacturing Wireless Internet

538 Million Weibo users’ records being sold on Dark Web

Security Affairs

MARCH 23, 2020

Weibo is a popular Chinese micro-blogging ( weibo ) website, it was launched by Sina Corporation on 14 August 2009, it claimed over 445 million monthly active users as of Q3 2018. . The company confirmed that the data were obtained in 2019 due to credential stuffing attacks and other information gathered online.

Accountability

Accountability Passwords Advertising Internet

EU has imposed sanctions on foreign actors for the first time ever

Security Affairs

JULY 31, 2020

The group has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide. SecurityAffairs – hacking, EU sanctions). ” conclude the EU.

Cyber Attacks

Cyber Attacks Hacking Advertising Government

Tank, the leader of the Zeus cybercrime gang, was arrested by the Swiss police

Security Affairs

NOVEMBER 17, 2022

Krebs reported that Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham, noted in 2014 that Tank told co-conspirators in a JabberZeus chat on July 22, 2009 that his daughter, Miloslava, was and told him Miloslava birth weight. SecurityAffairs – hacking, Zeus). Pierluigi Paganini.

Cybercrime

Cybercrime Banking Identity Theft Hacking

The US Treasury placed sanctions on North Korea linked APT Groups

Security Affairs

SEPTEMBER 13, 2019

The US Treasury placed sanctions on three North Korea-linked hacking groups, the Lazarus Group, Bluenoroff, and Andarial. The US Treasury sanctions on three North Korea-linked hacking groups, the Lazarus Group , Bluenoroff , and Andarial. SecurityAffairs – North Korea, hacking). ” continues the US Treasury.

Cyber Attacks

Cyber Attacks Cryptocurrency Hacking Banking

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Security Affairs

JUNE 27, 2019

. “Teams of hackers connected to the Chinese Ministry of State Security had penetrated HPE’s cloud computing service and used it as a launchpad to attack customers, plundering reams of corporate and government secrets for years in what U.S. “The hacking campaign, known as “ Cloud Hopper ,” was the subject of a U.S.

Identity Theft

Identity Theft Hacking System Administration Advertising

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Security Affairs

SEPTEMBER 9, 2019

The targets of the two groups show significant overlap, Billbug also targeted organizations many military and government organizations in South Asia since at least January 2009. Security experts at Symantec speculate that Thrip is a sub-group of Billbug. Billbug is a long-established espionage group, active since at least January 2009.

Government

Government Telecommunications Advertising Malware

Lazarus malware delivered to South Korean users via supply chain attacks

Security Affairs

NOVEMBER 16, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. SecurityAffairs – hacking, Lazarus). by specifying hashes of binaries in the VeraPort configuration).”

Malware

Malware Software Cryptocurrency Financial Services

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Security Affairs

MARCH 3, 2020

“ Two Chinese nationals were charged with laundering over $100 million worth of cryptocurrency from a hack of a cryptocurrency exchange. The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack. million from another exchange.

Cryptocurrency

Cryptocurrency Banking Hacking Accountability

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Security Affairs

FEBRUARY 25, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, Lazarus).

Malware

Malware Cryptocurrency Password Management Encryption

0v1ru$ hackers breach FSB contractor SyTech and expose Russian intel projects

Security Affairs

JULY 20, 2019

SyTech , a contractor for the Federal Security Service of the Russian Federation (FSB) has been hacked, attackers stole data about interna l projects. Attackers have hacked SyTech, a contractor for the Federal Security Service of the Russian Federation (FSB), and exfiltrated data about interna l projects.

Data breaches

Data breaches Hacking Advertising Media

Microsoft: North Korea-linked Zinc APT targets security experts

Security Affairs

JANUARY 29, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. “For proactive prevention of this type of attack, it is recommended that security professionals use an isolated environment (e.g.,

Malware

Malware Antivirus Hacking Accountability

Experts found 20 Million tax records for Russian citizens exposed online

Security Affairs

OCTOBER 1, 2019

Security experts from Comparitech along with security researcher Bob Diachenko discovered 20 million tax records belonging to Russian citizens exposed online in clear text and without protection. “A database of more than 20 million Russian tax records was found on an unsecured server, accessible to anyone with a web browser.”

Identity Theft

Identity Theft Scams Advertising Risk

Network Solutions data breach – hacker accessed data of more 22 Million accounts

Security Affairs

OCTOBER 30, 2019

.” The company, a Web.com subsidiary, discovered the security breach on October 16, the security incident likely took place in August 2019. According to the company, attackers hacked a “limited number” of systems that allowed them to access the huge trove of data. SecurityAffairs – data breach, hacking).

Data breaches

Data breaches Accountability Advertising Encryption

North Korea-linked Lazarus APT hides malicious code within BMP image to avoid detection

Security Affairs

APRIL 20, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. ” If you want to receive the weekly Security Affairs Newsletter for free subscribe here. Pierluigi Paganini.

Phishing

Phishing Hacking Cryptocurrency Encryption

US and UK sanctioned seven Russian members of Trickbot gang

Security Affairs

FEBRUARY 9, 2023

based financial institutions that occurred in 2009 and 2010, predating his involvement in Dyre or the Trickbot Group. District Court for the District of New Jersey charging Kovalev with conspiracy to commit bank fraud and eight counts of bank fraud in connection with a series of intrusions into victim bank accounts held at various U.S.-based

Banking

Banking Ransomware Cybercrime Malware

The Hacker Mind Podcast: Learn Competitive Hacking with picoCTF

ForAllSecure

SEPTEMBER 10, 2021

Learn how even someone mid career in security can play on their own, and even fill in gaps on their own learning, all year round. Vamosi: Welcome to the hacker mind, and original podcast from for all secure, it's about challenging our expectations about the people who hack for a living. And they attack the problem differently.

Hacking

Hacking Education InfoSec Engineering

AusCERT and the Award for Information Security Excellence

More than 16,000 Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894

Trending Sources

Who and What is Behind the Malware Proxy Service SocksEscort?

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

SimJacker attack allows hacking any phone with just an SMS

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Orchard botnet uses Bitcoin Transaction info to generate DGA domains

North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro

ENISA provides data related to major telecom security incidents in 2021

FBI seized other domains used by the shadow eBook library Z-Library

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web

PwnKit: Local Privilege Escalation bug affects major Linux distros

China-linked APT10 Target Taiwan’s financial trading industry

10-year-old vulnerability in Avaya VoIP Phones finally fixed

Administrators of bulletproof hosting sentenced to prison in the US

China-linked APT10 leverages ZeroLogon exploits in recent attacks

North Korea-linked Lazarus APT targets the IT supply chain

Taiwan Government websites suffered DDoS attacks during the Nancy Pelosi visit

CISA urges to fix actively exploited Firefox zero-days by March 21

Personal info of 90k hikers leaked by French tourism company La Malle Postale

North Korea-linked Lazarus APT targets the COVID-19 research

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

North Korea-linked Lazarus APT used Windows Update client and GitHub in recent attacks

RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

Belgium telecom operators Proximus and Orange drop Huawei

538 Million Weibo users’ records being sold on Dark Web

EU has imposed sanctions on foreign actors for the first time ever

Tank, the leader of the Zeus cybercrime gang, was arrested by the Swiss police

The US Treasury placed sanctions on North Korea linked APT Groups

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Lazarus malware delivered to South Korean users via supply chain attacks

US officials charge two Chinese men for laundering cryptocurrency for North Korea

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

0v1ru$ hackers breach FSB contractor SyTech and expose Russian intel projects

Microsoft: North Korea-linked Zinc APT targets security experts

Experts found 20 Million tax records for Russian citizens exposed online

Network Solutions data breach – hacker accessed data of more 22 Million accounts

North Korea-linked Lazarus APT hides malicious code within BMP image to avoid detection

US and UK sanctioned seven Russian members of Trickbot gang

The Hacker Mind Podcast: Learn Competitive Hacking with picoCTF

Stay Connected