2010, Hacking and Information Security - Cyber Security Informer

BORN Ontario data breach impacted 3.4 million newborns and pregnancy care patients

Security Affairs

SEPTEMBER 26, 2023

BORN Ontario hired cybersecurity experts to mitigate the threat, secure its infrastructure, and investigate the scope of the incident. The organization confirmed that it was the victim of the massive hacking campaign targeting Progress MOVEit transfer systems that was conducted by the Clop ransomware group.

Data breaches

Data breaches Healthcare Ransomware Hacking

PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack

Security Affairs

JULY 23, 2020

depending on the Windows version), SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 , SharePoint Server 2010 Service Pack 2, SharePoint Server 2019, Visual Studio 2017 version 15.9, SecurityAffairs – hacking, CVE-2020-1147). The CVE-2020-1147 vulnerability impacts.NET Core 2.1,NET NET Framework 2.0

Hacking

Hacking Advertising Software Information Security

CIA elite hacking unit was not able to protect its tools and cyber weapons

Security Affairs

JUNE 17, 2020

A CIA elite hacking unit that developed cyber-weapons failed in protecting its operations, states an internal report on the Vault 7 data leak. In March, Joshua Schulte , a former CIA software engineer that was accused of stealing the agency’s hacking tools and leaking them to WikiLeaks, was convicted of only minor charges.

Hacking

Hacking Engineering Data breaches Advertising

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

A joint security advisory published by The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) revealed that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. SecurityAffairs – hacking, Energetic Bear). Pierluigi Paganini.

Government

Government Hacking Advertising Passwords

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

JANUARY 24, 2023

First advertised in the cybercrime underground in 2014, RSOCKS was the web-based storefront for hacked computers that were sold as “proxies” to cybercriminals looking for ways to route their Web traffic through someone else’s device. “Thanks to you, we are now developing in the field of information security and anonymity!,”

Cybercrime

Cybercrime Advertising IoT Malware

The cybersecurity researcher Dan Kaminsky has died

Security Affairs

APRIL 24, 2021

Dan Kaminsky was very active in the cyber security community, he was a regular speaker at major cybersecurity and hacking conferences, including Black Hat and DEFCON. On June 16, 2010, he was named by Internet Corporation for Assigned Names and Numbers (ICANN) as one of the Trusted Community Representatives for the DNSSEC root.

Cybersecurity

Cybersecurity InfoSec DNS Hacking

Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison

Security Affairs

FEBRUARY 2, 2024

Olsen, the Assistant Attorney General for National Security; and James Smith, the Assistant Director in Charge of the New York Field Office of the Federal Bureau of Investigation (“FBI”), announced today that JOSHUA ADAM SCHULTE was sentenced to 40 years in prison by U.S. District Judge Jesse M.

Computers and Electronics

Computers and Electronics Engineering Hacking Data breaches

CISA adds Stuxnet bug to its Known Exploited Vulnerabilities Catalog

Security Affairs

SEPTEMBER 17, 2022

CVE-2010-2568 Microsoft Windows – Microsoft Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. The older issue added to the catalog in this turn is the CVE-2010-2568 which is the issue used in the Stuxnet attack.

Hacking

Hacking Cybersecurity Risk Information Security

CISA shares a catalog of 306 actively exploited vulnerabilities

Security Affairs

NOVEMBER 4, 2021

The catalog includes vulnerabilities for products from Adobe, Apple, Atlassian, Cisco, Google, IBM, Microsoft, Nagios, Netgear, Oracle, Pulse Secure, and many other companies. The oldest vulnerability included in the catalog is the CVE-2010-5326? RCE in SAP NetWeaver Application Server and dates back to 2010. Pierluigi Paganini.

Risk

Risk Cyber Attacks Cybersecurity Hacking

Volvo Cars suffers a data breach. Is it a ransomware attack?

Security Affairs

DECEMBER 10, 2021

In 2010, Volvo Cars became a subsidiary of the Chinese manufacturer Geely Holding Group, which confirmed that it “has become aware that one of its file repositories has been illegally accessed by a third party.” SecurityAffairs – hacking, IKEA). appeared first on Security Affairs. percent in Stockholm, to 72.44

Data breaches

Data breaches Ransomware Manufacturing Hacking

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

Security Affairs

OCTOBER 22, 2023

BlackTech is a Chinese APT group that has been active since at least 2010 and that known for conducting cyber espionage campaigns in Asia aimed at entities in Hong Kong, Japan, and Taiwan. The group relies on tools built into the operating system, along with some legitimate software.

Telecommunications

Telecommunications Technology Government Firmware

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. Authorities in the United States, Germany, the Netherlands and the U.K.

Advertising

Advertising Cybercrime System Administration Hacking

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

Krebs on Security

SEPTEMBER 24, 2022

Denis Emelyantsev , as the apparent owner of RSOCKS, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. “Thanks to you, we are now developing in the field of information security and anonymity!

Cybercrime

Cybercrime Data breaches Malware Ransomware

100,000 WordPress sites using the Contact Form 7 Datepicker plugin are exposed to hack

Security Affairs

APRIL 3, 2020

March 2010 – A critical privilege escalation flaw in the WordPress SEO Plugin – Rank Math plugin can allow registered users to gain administrator privileges. The post 100,000 WordPress sites using the Contact Form 7 Datepicker plugin are exposed to hack appeared first on Security Affairs. Pierluigi Paganini.

Hacking

Hacking Advertising Authentication Accountability

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Security Affairs

DECEMBER 7, 2021

APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including defense, high tech, energy, government, aerospace, and manufacturing. “The Microsoft Digital Crimes Unit (DCU) has disrupted the activities of a China-based hacking group that we call Nickel.

VPN

VPN Manufacturing Government Hacking

ChromeLoader campaign uses VHD files disguised as cracked games and pirated software

Security Affairs

FEBRUARY 27, 2023

These VHD files are disguised as applications and hacks or cracks for popular Nintendo and Steam games, including ELDEN RING, Dark Souls 3, Red Dead Redemption 2, Call of Duty Deluxe Edition, Minecraft, The Legend of Zelda, Pokemon Ultra Moon, Animal Crossing New Horizons, Mario Kart 8 Deluxe, Microsoft Office 2010 and more.

Software

Software Malware Advertising Hacking

British Court rejects the US’s request to extradite Julian Assange

Security Affairs

JANUARY 4, 2021

Wikileaks founder is currently facing extradition to the United States for his role in one of the largest compromises of classified information in the history of the United States. He published thousands of classified diplomatic and military documents on WikiLeaks in 2010. SecurityAffairs – hacking, Julian Assange).

Government

Government Risk Passwords Hacking

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

At the time of this writing, no ransomware group has claimed responsibility for the security breach.

Education

Education Data breaches Ransomware Hacking

Hospitality Chain McMenamins discloses data breach after ransomware attack

Security Affairs

JANUARY 4, 2022

According to the company, threat actors have stolen data of individuals employed between July 1, 2010, and December 12, 2021. SecurityAffairs – hacking, ransomware). The post Hospitality Chain McMenamins discloses data breach after ransomware attack appeared first on Security Affairs. Pierluigi Paganini.

Data breaches

Data breaches Ransomware Insurance Banking

NATO Chief calls for a new strategic to address new challenges

Security Affairs

OCTOBER 9, 2020

. “My thought is that the existing Strategic Concept, which we agreed in 2010, has served NATO well. Having said that, I think we all have to realise that since we agreed the Strategic Concept back in 2010, the world has fundamentally changed.” SecurityAffairs – hacking, K-Electric). Pierluigi Paganini.

Artificial Intelligence

Artificial Intelligence Technology Advertising Marketing

Colombian authorities arrested hacker behind the Gozi Virus

Security Affairs

JUNE 30, 2021

Kuzmin was arrested by Us law enforcement in November 2010 and pleaded guilty to various computer crimes. SecurityAffairs – hacking, Gozi ). The post Colombian authorities arrested hacker behind the Gozi Virus appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Banking

Banking Malware Hacking Information Security

330K stolen payment cards and 895K stolen gift cards sold on dark web

Security Affairs

APRIL 8, 2021

A crook has sold 895,000 gift cards and over 300,000 payment cards, for a total of US$38 million, on a top-tier Russian-language hacking forum on the dark web. The actor has offered in the past large lots of stolen payment card data, compromised databases, and the personally identifiable information (PII) of United States residents.

Cybercrime

Cybercrime Hacking Banking Information Security

China-linked APT BlackTech was spotted hiding in Cisco router firmware

Security Affairs

SEPTEMBER 27, 2023

US and Japanese authorities warn that a China-linked APT BlackTech planted backdoor in Cisco router firmware to hack the businesses in both countries. BlackTech is a Chinese APT group that has been active since at least 2010 and that known for conducting cyber espionage campaigns in Asia aimed at entities in Hong Kong, Japan, and Taiwan.

Firmware

Firmware Telecommunications System Administration Malware

Former CIA employee Joshua Schulte was convicted of Vault 7 massive leak

Security Affairs

JULY 14, 2022

The former CIA programmer Joshua Schulte (33) was found guilty in New York federal court of stealing the agency’s hacking tools and leaking them to WikiLeaks in 2017. The huge trove of data, called “ Vault 7 ,” exposed the hacking capabilities of the US Intelligence Agency and its internal infrastructure. Pierluigi Paganini.

Engineering

Engineering Hacking Mobile IoT

German intelligence agency warns of China-linked APT27 targeting commercial organizations

Security Affairs

JANUARY 26, 2022

. “The Federal Office for the Protection of the Constitution ( BfV ) has information about an ongoing cyber espionage campaign by the cyber attack group APT27 using the malware variant HYPERBRO against German commercial companies.” SecurityAffairs – hacking, APT27). Follow me on Twitter: @securityaffairs and Facebook.

Financial Services

Financial Services Surveillance Malware Cyber Attacks

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Security Affairs

DECEMBER 17, 2021

and above 2010 Workspace ONE UEM patch 20.10.0.23 SecurityAffairs – hacking, VMware Workspace ONE UEM). The post VMware fixes critical SSRF flaw in Workspace ONE UEM Console appeared first on Security Affairs. and above 2105 Workspace ONE UEM patch 21.5.0.37 and above 2102 Workspace ONE UEM patch 21.2.0.27 Pierluigi Paganini.

Authentication

Authentication Hacking Software Information Security

Journalist Matthew Keys is now charged with an attack on a magazine

Security Affairs

APRIL 29, 2020

Matthew Keys, a former Reuters journalist, who was sentenced to 2 years in prison for hacking attacks on California media is now charged with an attack on a magazine. When Keys left Tribune Company-owned Sacramento KTXL Fox 40 in 2010, he shared login credentials of the CMS used by the website with members of Anonymous.

Hacking

Hacking Advertising Accountability Media

Payment solutions giant Edenred announces malware infection

Security Affairs

NOVEMBER 22, 2019

The Group is independent since June 2010 following the split with Accor. SecurityAffairs – malware, hacking). The post Payment solutions giant Edenred announces malware infection appeared first on Security Affairs. Edenred is a French company specialized in prepaid corporate services. Pierluigi Paganini.

Malware

Malware Mobile Advertising Government

Russian authorities arrested the kingpin of cybercrime Infraud Organization

Security Affairs

JANUARY 24, 2022

The group has been active since 2010 and was created in Ukraine by Svyatoslav Bondarenko. Russia’s FSB and law enforcement have detained four members of the Infraud Organization hacking group. SecurityAffairs – hacking, cybercrime). According to th experts, the activities of the gang caused $530 million in losses.

Cybercrime

Cybercrime Hacking Cryptocurrency Ransomware

China-linked Budworm APT returns to target a US entity

Security Affairs

OCTOBER 13, 2022

The China-linked APT27 group has been active since 2010, it targeted organizations worldwide, including U.S. SecurityAffairs – hacking, Budworm APT). The post China-linked Budworm APT returns to target a US entity appeared first on Security Affairs. based organization. The group also targeted a hospital in South East Asia.

Penetration Testing

Penetration Testing Financial Services Surveillance Manufacturing

Russia-linked Energetic Bear APT behind San Francisco airport attacks

Security Affairs

APRIL 15, 2020

Security researchers from ESET revealed that the infamous Russian hacker group known as Energetic Bear is behind the hack of two San Francisco International Airport (SFO) websites. The Energetic Bear APT group has been active since at least 2010 most of the victims of the group are organizations in the energy and industrial sectors.

Data breaches

Data breaches Passwords Telecommunications Advertising

The author of FastPOS PoS malware pleads guilty

Security Affairs

AUGUST 1, 2020

The group is active since 2010, when it created in Ukraine by Svyatoslav Bondarenko. The main website was a crime forum that was founded in 2010, it first operated at infraud.cc SecurityAffairs – hacking, FastPOS). The post The author of FastPOS PoS malware pleads guilty appeared first on Security Affairs.

Malware

Malware Advertising Cybercrime Hacking

Dragon Breath APT uses double-dip DLL sideloading strategy

Security Affairs

MAY 7, 2023

“DLL sideloading, first identified in Windows products in 2010 but prevalent across multiple platforms, continues to be an effective and appealing tactic for threat actors.” The malware is also able to steal cryptocurrency from the MetaMask crypto (Ethereum) wallet extension for Google Chrome. ” concludes the post.

Malware

Malware Cryptocurrency Encryption Phishing

The Hacker Mind Podcast: Hacking Teslas

ForAllSecure

JUNE 8, 2022

Welcome to The Hacker Mind, an original podcast from for all secure. It's about challenging our expectations about the people who hack for a living. And in this episode, I'm talking about hacking Tesla's or rather new product called Tesla key that prevents somebody from hacking into cars. I'm Robert Vamosi. Very unlikely.

Hacking

Hacking Manufacturing Encryption Wireless

Magecart hackers hide stolen credit card data into images and bogus CSS files

Security Affairs

JULY 12, 2021

Security firms have monitored the activities of a dozen groups at least since 2010. SecurityAffairs – hacking, credit card data). The post Magecart hackers hide stolen credit card data into images and bogus CSS files appeared first on Security Affairs. ” Follow me on Twitter: @securityaffairs and Facebook.

Malware

Malware Software Marketing Hacking

CISA adds Ruckus bug and another six flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

MAY 16, 2023

CVE-2010-3904 – Linux Kernel contains an improper input validation vulnerability in the Reliable Datagram Sockets (RDS) protocol implementation that allows local users to gain privileges via crafted use of the sendmsg and recvmsg system calls.

Wireless

Wireless DDOS Cybersecurity Hacking

REMnux 7, a Linux toolkit for malware analysts released

Security Affairs

JULY 26, 2020

The toolkit was first released in 2010 by SANS fellow researcher Lenny Zeltser , who is still maintaining the software. REMnux is a Linux toolkit for reverse-engineering and dissecting software, it includes a collection of free tools created by the community that allows researchers to investigate malware.

Malware

Malware Advertising Software Engineering

The OpenSSL Project addressed three vulnerabilities

Security Affairs

FEBRUARY 18, 2021

In 2010, the Open SSL project addressed three vulnerabilities, including two DDoS issues rated high severity. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, encryption). The issue affects servers using OpenSSL 1.0.2 Pierluigi Paganini.

DDOS

DDOS Encryption Hacking Information Security

Experts linked ransomware attacks to China-linked APT27

Security Affairs

JANUARY 4, 2021

The APT group has been active since 2010, targeted organizations worldwide, including U.S. Analyzing the attacks revealed malware samples linked to DRBControl , a campaign described earlier this year in a report from Trend Micro and attributed to APT27 and Winnti, both groups active since at least 2010 and associate with Chinese hackers.

Ransomware

Ransomware Malware Financial Services Encryption

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

Security Affairs

APRIL 23, 2020

A security expert uncovered an old APT operation, tracked Nazar, by analyzing the NSA hacking tools included in the dump leaked by Shadow Brokers in 2017. The analysis of the submissions times in VirusTotal for the artifacts employed in the Nazar campaign allowed the expert to date the campaign between 2010 and 2013.

Hacking

Hacking Advertising Malware Engineering

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

Security Affairs

NOVEMBER 25, 2022

that dates back 2010, while the three vendors (Lenovo, Dell, HP) were observed using version 0.9.8w SecurityAffairs – hacking, firmware). The post Devices from Dell, HP, and Lenovo used outdated OpenSSL versions appeared first on Security Affairs. that dates back to 2009. Some Lenovo devices used the version 1.0.0a

Firmware

Firmware Manufacturing Hacking Software

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Security Affairs

NOVEMBER 11, 2022

APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including defense, high tech, energy, government, aerospace, and manufacturing. SecurityAffairs – hacking, Uyghurs). ” concludes the report. Pierluigi Paganini.

Surveillance

Surveillance Spyware Malware Mobile

Naikon APT group uses new Nebulae backdoor in attacks aimed at military orgs

Security Affairs

APRIL 28, 2021

The Naikon APT group is a China-linked cyber espionage group that has been active at least since 2010 and that remained under the radar since 2015 while targeting entities in Asia-Pacific (APAC) region. . If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, APT).

Backups

Backups Malware Mobile Passwords

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Security Affairs

JUNE 27, 2019

. “Teams of hackers connected to the Chinese Ministry of State Security had penetrated HPE’s cloud computing service and used it as a launchpad to attack customers, plundering reams of corporate and government secrets for years in what U.S. “The hacking campaign, known as “ Cloud Hopper ,” was the subject of a U.S.

Identity Theft

Identity Theft Hacking System Administration Advertising

BORN Ontario data breach impacted 3.4 million newborns and pregnancy care patients

PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack

Trending Sources

CIA elite hacking unit was not able to protect its tools and cyber weapons

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Administrator of RSOCKS Proxy Botnet Pleads Guilty

The cybersecurity researcher Dan Kaminsky has died

Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison

CISA adds Stuxnet bug to its Known Exploited Vulnerabilities Catalog

CISA shares a catalog of 306 actively exploited vulnerabilities

Volvo Cars suffers a data breach. Is it a ransomware attack?

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

Meet the Administrators of the RSOCKS Proxy Botnet

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

100,000 WordPress sites using the Contact Form 7 Datepicker plugin are exposed to hack

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

ChromeLoader campaign uses VHD files disguised as cracked games and pirated software

British Court rejects the US’s request to extradite Julian Assange

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Hospitality Chain McMenamins discloses data breach after ransomware attack

NATO Chief calls for a new strategic to address new challenges

Colombian authorities arrested hacker behind the Gozi Virus

330K stolen payment cards and 895K stolen gift cards sold on dark web

China-linked APT BlackTech was spotted hiding in Cisco router firmware

Former CIA employee Joshua Schulte was convicted of Vault 7 massive leak

German intelligence agency warns of China-linked APT27 targeting commercial organizations

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Journalist Matthew Keys is now charged with an attack on a magazine

Payment solutions giant Edenred announces malware infection

Russian authorities arrested the kingpin of cybercrime Infraud Organization

China-linked Budworm APT returns to target a US entity

Russia-linked Energetic Bear APT behind San Francisco airport attacks

The author of FastPOS PoS malware pleads guilty

Dragon Breath APT uses double-dip DLL sideloading strategy

The Hacker Mind Podcast: Hacking Teslas

Magecart hackers hide stolen credit card data into images and bogus CSS files

CISA adds Ruckus bug and another six flaws to its Known Exploited Vulnerabilities catalog

REMnux 7, a Linux toolkit for malware analysts released

The OpenSSL Project addressed three vulnerabilities

Experts linked ransomware attacks to China-linked APT27

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

Devices from Dell, HP, and Lenovo used outdated OpenSSL versions

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Naikon APT group uses new Nebulae backdoor in attacks aimed at military orgs

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Stay Connected