2009, Hacking, Information Security and Internet

More than 16,000 Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894

Security Affairs

APRIL 6, 2024

Shadowserver researchers have scanned the Internet for instances vulnerable to CVE-2024-21894 and reported that about 16,500 are still vulnerable. Most of the vulnerable systems are in the US (4686 at the time of this writing), followed by Japan (2009), and UK (1032).

VPN

VPN Internet Internet Hacking

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort[.]com com , is what’s known as a “SOCKS Proxy” service.

Malware

Malware VPN Internet Internet

Belgium telecom operators Proximus and Orange drop Huawei

Security Affairs

OCTOBER 10, 2020

Orange Belgium is using Huawei equipment since 2007 for its mobile network in Belgium and Luxembourg, while the collaboration between Proximus and the Shenzhen-based company started in 2009 for the progressive upgrading of its network. The Chinese giant was already excluded by several countries from building their 5G internet networks.

Mobile

Mobile Manufacturing Wireless Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

538 Million Weibo users’ records being sold on Dark Web

Security Affairs

MARCH 23, 2020

107 million records include personal data and basic account information such as the user ID, number of Weibo tweets, number of followers and accounts users are following, account gender, geographic location and more. “Internet users found that 538 million Weibo user records are being sold on dark web marketplace.

Accountability

Accountability Passwords Advertising Internet

0v1ru$ hackers breach FSB contractor SyTech and expose Russian intel projects

Security Affairs

JULY 20, 2019

SyTech , a contractor for the Federal Security Service of the Russian Federation (FSB) has been hacked, attackers stole data about interna l projects. Attackers have hacked SyTech, a contractor for the Federal Security Service of the Russian Federation (FSB), and exfiltrated data about interna l projects.

Data breaches

Data breaches Hacking Advertising Media

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Security Affairs

FEBRUARY 25, 2021

.” The malware was able to steal data from both office IT networks and a restricted network (one containing mission-critical assets and computers with highly sensitive data and no internet access). If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, Lazarus).

Malware

Malware Cryptocurrency Password Management Encryption

Russian spies are attempting to tap transatlantic undersea cables

Security Affairs

MARCH 1, 2020

Ireland is a strategic place for intercontinental communications because it represents the place where undersea cables which carry internet traffic connect to Europe. SecurityAffairs – hacking, undersea cables). The post Russian spies are attempting to tap transatlantic undersea cables appeared first on Security Affairs.

Wireless

Wireless Surveillance Telecommunications Advertising

Maryland Department of Labor discloses a data breach

Security Affairs

JULY 9, 2019

” Threat actors accessed to files stored in the Literacy Works Information System that are dated back 2009, 2010, and 2014. . SecurityAffairs – Maryland Depar t ment of Labor , hacking). The post Maryland Department of Labor discloses a data breach appeared first on Security Affairs. Pierluigi Paganini.

Data breaches

Data breaches Insurance Advertising Technology

FTC extends deadline by six months for compliance with some changes to financial data security rules

CyberSecurity Insiders

MARCH 21, 2023

AT&T does not adopt or endorse any of the views, positions, or information provided by the author in this article. In a highly connected, internet-powered world, transactions take place online, in person, and even somewhere in between. Since 2009, more than 6,600 distinct cryptocurrencies have been released.

Cryptocurrency

Cryptocurrency Identity Theft Authentication Banking

Key aerospace player Safran Group leaks sensitive data

Security Affairs

MARCH 15, 2023

It is crucial to ensure that leaked keys are in longer bit-lengths and encoded using secure encryption/hashing algorithms. Additionally, the company should consider whether the platform needs to be accessible through the internet or only through a VPN, which would provide an additional layer of security.

Manufacturing

Manufacturing Media Accountability Risk

The Hacker Mind Podcast: Learn Competitive Hacking with picoCTF

ForAllSecure

SEPTEMBER 10, 2021

Learn how even someone mid career in security can play on their own, and even fill in gaps on their own learning, all year round. Vamosi: Welcome to the hacker mind, and original podcast from for all secure, it's about challenging our expectations about the people who hack for a living. And they attack the problem differently.

Hacking

Hacking Education InfoSec Engineering

Billions of FBS Records Exposed in Online Trading Broker Data Leak

Security Affairs

MARCH 24, 2021

Forex trading may be dominated by banks and global financial services but, thanks to the Internet, the average person can today dabble directly in forex, securities and commodities trading. User information on online trading platforms should be well secured to prevent similar data leaks. Who is FBS. Pierluigi Paganini.

Passwords

Passwords Accountability Media Identity Theft

Telehealth: A New Frontier in Medicine—and Security

SecureList

FEBRUARY 1, 2022

Number of data leaks from medical organizations, 2009–2020. Let’s see if there are any informational security issues with these wearables. For the user, this means that if the wearable device is openly connected to the internet, then attackers can easily intercept the data it sends. Source: HIPAA Journal.

Phishing

Phishing Healthcare IoT Authentication

Experts attribute NukeSped RAT to North Korea-Linked hackers

Security Affairs

OCTOBER 24, 2019

For example, the “Common SMB module” that was part of the WannaCry Ransomware (2017) was similar to the code used the malware Mydoom (2009), Joanap , and DeltaAlfa.

Malware

Malware Encryption Advertising Internet

The Platinum APT group adds the Titanium backdoor to its arsenal

Security Affairs

NOVEMBER 9, 2019

Security experts at Kaspersky Lab have spotted a new backdoor, tracked as Titanium, that was used by the Platinum APT group in attacks in the wild, the malicious code implements sophisticated evasion techniques. The malware can also get proxy settings from Internet Explorer.

Encryption

Encryption Passwords Malware Software

North Korea-linked APT group BeagleBoyz targets banks

Security Affairs

AUGUST 29, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. “North Korea’s intelligence apparatus controls a hacking team dedicated to robbing banks through remote internet access.

Banking

Banking Malware Advertising Hacking

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

The Last Watchdog

AUGUST 15, 2019

Meanwhile, the advanced hacking collectives invest in innovation and press forward. However, the operational imperatives in today’s world of internet-centric commerce often boil down to survival math, especially for SMBs. 2017: WannaCry – Attackers leverage hacking tools stolen from the NSA. The median was $10,310.

Ransomware

Ransomware Internet Internet Hacking

The Hacker Mind Podcast: Reverse Engineering Smart Meters

ForAllSecure

MAY 13, 2022

For example, in 2009, the Obama administration provided financial incentives to utilities in the United States. Vamosi: Welcome to the hacker mind and original podcast from for all secure. It's about challenging her expectations about the people who hack reliving. Vamosi: Hash initially didn't start out hacking smart meters.

Engineering

Engineering Energy and Utilities Computers and Electronics Firmware

Happy 10th anniversary & Kali's story.so far

Kali Linux

MARCH 28, 2023

In February 2009, at Shmoocon, BackTrack 4 “Beta” was released using Ubuntu. A graphical one happened in BackTrack 4 “Pre-Final” in June 2009. In information security (infosec) there is the need to be on the latest version. It allowed for package updates to easily be applied to people systems.

InfoSec

InfoSec Penetration Testing Architecture Software

Cyber Security Informer

More than 16,000 Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894

Who and What is Behind the Malware Proxy Service SocksEscort?

Webinars

Trending Sources

Belgium telecom operators Proximus and Orange drop Huawei

Webinars

538 Million Weibo users’ records being sold on Dark Web

0v1ru$ hackers breach FSB contractor SyTech and expose Russian intel projects

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Russian spies are attempting to tap transatlantic undersea cables

Maryland Department of Labor discloses a data breach

FTC extends deadline by six months for compliance with some changes to financial data security rules

Key aerospace player Safran Group leaks sensitive data

The Hacker Mind Podcast: Learn Competitive Hacking with picoCTF

Billions of FBS Records Exposed in Online Trading Broker Data Leak

Telehealth: A New Frontier in Medicine—and Security

Experts attribute NukeSped RAT to North Korea-Linked hackers

The Platinum APT group adds the Titanium backdoor to its arsenal

North Korea-linked APT group BeagleBoyz targets banks

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

The Hacker Mind Podcast: Reverse Engineering Smart Meters

Happy 10th anniversary & Kali's story.so far

Stay Connected