2011, Hacking and Information Security - Cyber Security Informer

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

Security Affairs

NOVEMBER 10, 2024

US CFPB warns employees to avoid work-related mobile calls and texts following China-linked Salt Typhoon hack over security concerns. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.” and its allies for hacking activities in July.

Hacking

Hacking Internet Internet Government

PlayStation Network outage has been going on for over 24 hours

Security Affairs

FEBRUARY 8, 2025

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Sony) The PSN breach exposed the data of millions of users, costing Sony $15 million in settlements and a year of identity theft protection for subscribers.

Identity Theft

Identity Theft Hacking Cyber Attacks Accountability

Three Italian universities hacked by LulzSec_ITA collective

Security Affairs

FEBRUARY 13, 2020

The popular Italian hacktivist collective LulzSec ITA claimed via Twitter to have hacked three Italian universities. The popular Italian hacktivist collective LulzSec ITA has announced via Twitter the hack of three Italian universities, highlighting the importance of the cybersecurity for our society. Pierluigi Paganini.

Hacking

Hacking Data breaches Advertising Education

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Balaban This ransomware was doing the rounds over spam generated by the Gameover ZeuS botnet, which had been originally launched in 2011 as a toolkit for stealing victim’s banking credentials and was repurposed for malware propagation. The big names that pioneered in these targeted attacks are Sodinokibi (aka REvil) and Ryuk.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Critical bug in decoder used by popular chipsets exposes 2/3 of Android devices to hack

Security Affairs

APRIL 21, 2022

Security researchers at Check Point Research have discovered a critical remote code execution that affects the implementation of the Apple Lossless Audio Codec (ALAC) in Android devices running on Qualcomm and MediaTek chipsets. ALAC was developed in 2004 and Apple open-sourced it in 2011, since then many third-party vendors used it.

Hacking

Hacking Media Malware Cybersecurity

Russians charged with hacking Mt. Gox exchange and operating BTC-e

Security Affairs

JUNE 9, 2023

Two Russian nationals have been charged with the hack of the cryptocurrency exchange Mt. Gox in 2011 and money laundering. Russian nationals Alexey Bilyuchenko (43) and Aleksandr Verner (29) have been charged with the hack of the cryptocurrency exchange Mt. Gox ) The post Russians charged with hacking Mt.

Hacking

Hacking Cryptocurrency Advertising Banking

New Leak Shows Business Side of China’s APT Menace

Krebs on Security

FEBRUARY 22, 2024

A new data leak that appears to have come from one of China’s top private cybersecurity firms provides a rare glimpse into the commercial side of China’s many state-sponsored hacking groups. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government

Government Hacking Cyber threats Mobile

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. This week, Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data. SecurityAffairs – Mitsubishi Electric, hacking).

Antivirus

Antivirus Hacking Advertising Media

Anonymous hacked Russian PSCB Commercial Bank and companies in the energy sector

Security Affairs

APRIL 29, 2022

OpRussia continues, less than a week after my last update Anonymous has hacked other Russian companies and leaked their data via DDoSecrets. The financial institution was hacked by Anonymous’s affiliate Network Battalion 65, one of the most active hacking groups since the beginning of the invasion. million emails (1.7

Banking

Banking Hacking Government Data breaches

Lenovo Solution Centre flaw allows hacking Windows laptop in 10 minutes

Security Affairs

AUGUST 23, 2019

Security experts at Pen Test Partners (PTP) discovered a privilege-escalation vulnerability in Lenovo Solution Centre (LSC) that exists since 2011. ” read the security advisory published by Lenovo. SecurityAffairs – Lenovo Solution Centre, hacking). Pierluigi Paganini.

Hacking

Hacking Advertising Authentication Software

A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e

Security Affairs

FEBRUARY 6, 2024

“According to the indictment, between 2011 and July 2017, Aliaksandr Klimenka, 42, allegedly controlled BTC-e, a digital currency exchange, with Alexander Vinnik and others.” The authorities reported that since 2011, 7 million Bitcoin had gone into the BTC-e exchange and 5.5 ” reads the press release published by DoJ.

Cryptocurrency

Cryptocurrency Spyware Cybercrime Hacking

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Security Affairs

JUNE 23, 2019

NASA Office of Inspector General revealed that the Agency’s network was hacked in April 2018, intruders exfiltrated roughly 500 MB of data related to Mars missions. Unfortunately, this was not the first time hackers broke into JPL , it has already happened back in 2009, 2011, 2014, 2016 and 2017. The post NASA hacked!

Hacking

Hacking Data breaches Advertising Firewall

Security Affairs newsletter Round 284

Security Affairs

OCTOBER 4, 2020

SecurityAffairs – hacking, newsletter). The post Security Affairs newsletter Round 284 appeared first on Security Affairs. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. . Pierluigi Paganini.

Ransomware

Ransomware Advertising Firmware Insurance

US DoJ indicts four members of China-linked APT40 cyberespionage group

Security Affairs

JULY 19, 2021

US DoJ indicted four members of the China-linked cyberespionage group known as APT40 for hacking various entities between 2011 and 2018. Three of the defendants are said to be officers in a provincial arm of the MSS and one was an employee of a front company that was used to obfuscate the government’s role in the hacking campaigns.

Hacking

Hacking Technology Government Malware

Email accounts of the International Monetary Fund compromised

Security Affairs

MARCH 18, 2024

This isn’t the first incident suffered by IMF, the agency suffered a major security breach in 2011. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, International Monetary Fund)

Accountability

Accountability Hacking Cybersecurity Data breaches

Iran-linked Phosphorous APT hacked emails of security conference attendees

Security Affairs

OCTOBER 29, 2020

Iran-linked APT group Phosphorus successfully hacked into the email accounts of multiple high-profile individuals and security conference attendees. “Phosphorus, an Iranian actor, has targeted with this scheme potential attendees of the upcoming Munich Security Conference and the Think 20 (T20) Summit in Saudi Arabia.”

Hacking

Hacking Security Intelligence Advertising Accountability

CISA adds 12 new flaws to its Known Exploited Vulnerabilities Catalog

Security Affairs

SEPTEMBER 9, 2022

SecurityAffairs – hacking, CISA). The post CISA adds 12 new flaws to its Known Exploited Vulnerabilities Catalog appeared first on Security Affairs. Last week, Google rolled out emergency fixes to address a vulnerability, tracked as CVE-2022-3075 , in the Chrome web browser that is being actively exploited in the wild.

Passwords

Passwords Hacking Ransomware Risk

Unknown FinSpy Mac and Linux versions found in Egypt

Security Affairs

SEPTEMBER 27, 2020

Since 2011 it was employed in attacks aimed at Human Rights Defenders (HRDs) in many countries, including Bahrain, Ethiopia, UAE, and more. The new versions of FinSpy spyware were used by a new unknown hacking group, Amnesty International speculates the involvement of a nation-state actor that employed them since September 2019.

Spyware

Spyware Surveillance Advertising Mobile

Happy 10th Birthday, Security Affairs

Security Affairs

NOVEMBER 15, 2021

I launched Security Affairs for passion in 2011 and millions of readers walked with me. Ten years ago I launched Security Affairs, the blog over the past decade obtained important successes in the cyber security community, but the greatest one is your immense affection. SecurityAffairs – hacking, Security Affairs).

Cybercrime

Cybercrime Hacking Cybersecurity Data breaches

Alexander Vinnik, the popular cyber criminal goes on trial in Paris

Security Affairs

OCTOBER 19, 2020

Alexander Vinnik allegedly headed the Bitcoin exchange BTC-e, he is charged with different hacking crimes in Russia, France, and the United States. The authorities reported that since 2011, 7 million Bitcoin went into the BTC-e exchange and 5.5 SecurityAffairs – hacking, cybercrime). million withdrawn. Pierluigi Paganini.

Advertising

Advertising Hacking Cybercrime Cryptocurrency

US Treasury FinCEN linked $5.2 billion in BTC transactions to ransomware payments

Security Affairs

OCTOBER 16, 2021

FinCEN analyzed a data set composed of 2,184 SARs filed between 1 January 2011 and 30 June 2021 and identified 177 CVC (convertible virtual currency) wallets addresses that were used in ransomware operations associated with the above ransomware variants. SecurityAffairs – hacking, FinCEN). Pierluigi Paganini.

Ransomware

Ransomware Cryptocurrency Hacking Cybercrime

Hackers threaten to leak a copy of the World-Check database used to assess potential risks associated with entities

Security Affairs

APRIL 22, 2024

The threat actors shared a portion of the stolen data with TechCrunch as proof of the hack, it includes records on current and former government officials, diplomats, and politically exposed people. Curiously, in 2011, Thomson Reuters acquired World-Check, then in October 2018, Thomson Reuters closed a deal with The Blackstone Group.

Risk

Risk Spyware Hacking Accountability

ENISA published “Proactive detection – Measures and information sources” report

Security Affairs

MAY 31, 2020

.” The EU agency launched this project to improve the detection of network security incidents in the EU, by: Providing an inventory of available measures and information sources; Identifying good practices; Recommending possible areas for development. 2- Report – Measures and information sources.

Network Security

Network Security Advertising Cybersecurity Information Security

Air India suffered a data breach, 4.5 million customers impacted

Security Affairs

MAY 22, 2021

million of its customers, two months after its Passenger Service System provider SITA was hacked. million of its customers, exposed data includes the personal information of customers registered between August. 26, 2011 and February. SecurityAffairs – hacking, Air India). Pierluigi Paganini.

Data breaches

Data breaches Passwords Hacking Cyber Attacks

Multiple cybersecurity agencies warn of China-linked APT40 ‘s capabilities

Security Affairs

JULY 10, 2024

Justice Department (DoJ) indicted four members of the cyber espionage group APT40 (aka TEMP.Periscope , TEMP.Jumper , and Leviathan ) for hacking tens of government organizations, private businesses and universities around the world between 2011 and 2018. They prioritize obtaining valid credentials for subsequent activities.

Cybersecurity

Cybersecurity Hacking Software Government

Palo Alto Networks addresses tens of serious issues in PAN-OS

Security Affairs

MAY 15, 2020

The vendor also fixed a high-severity vulnerability, tracked as CVE-2020-2011 , that could be exploited by a remote, unauthenticated attacker to trigger a denial-of-service (DoS) condition to all Panorama services by sending specially crafted registration requests. . SecurityAffairs – PaloAlto Networks, hacking). Pierluigi Paganini.

Firewall

Firewall Authentication Advertising VPN

US man sentenced to 4 years in prison for his role in Infraud scheme

Security Affairs

MAY 29, 2022

He joined the gang in August 2011 and worked for the organization for five-and-a-half years, DoJ states that he was among the most prolific and active members of the gang. Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. SecurityAffairs – hacking, cybercrime).

Cybercrime

Cybercrime Hacking Malware Cybersecurity

Russia-linked threat actors targets critical infrastructure, US authorities warn

Security Affairs

JANUARY 12, 2022

Some of the hacking campaigns that were publicly attributed to Russian state-sponsored APT actors by U.S. Russian state-sponsored APT actors’ global Energy Sector intrusion campaign, 2011 to 2018. SecurityAffairs – hacking, Russia-linked threat actors). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Malware

Malware Cyber threats Government Hacking

Windows Defender identified Chromium, Electron apps as Hive Ransomware

Security Affairs

SEPTEMBER 5, 2022

It has already happened in the past that the popular antivirus software has identified Chrome as a malicious code, the website The Register reported a similar problem in 2011. SecurityAffairs – hacking, Windows Defender). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Ransomware

Ransomware Antivirus Malware Software

Command injection flaw in PHP Composer allowed supply-chain attacks

Security Affairs

APRIL 29, 2021

According to the researchers who discovered the issue, the flaw was introduced in November 2011. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, PHP Composer). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Hacking

Hacking Software Information Security Malware

German authorities raid the offices of the FinFisher surveillance firm

Security Affairs

OCTOBER 14, 2020

Since 2011 it was employed in attacks aimed at Human Rights Defenders (HRDs) in many countries, including Bahrain, Ethiopia, UAE, and more. The new versions of FinSpy spyware were used by a new unknown hacking group, Amnesty International speculates the involvement of a nation-state actor that employed them since September 2019.

Surveillance

Surveillance Spyware Advertising Software

France ANSSI agency warns of APT31 campaign against French organizations

Security Affairs

JULY 21, 2021

Justice Department (DoJ) indicted four members of the China-linked cyber espionage group APT40 (aka TEMP.Periscope , TEMP.Jumper , and Leviathan ) for hacking tens of government organizations, private businesses and universities around the world between 2011 and 2018. SecurityAffairs – hacking, APT31). This week the U.S.

Hacking

Hacking Government Information Security Cybersecurity

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

Across the years, the researchers found analyzed multiple backdoors and hacking tools composing the arsenal of the cyberespionage group. Researchers at company firm Symantec reportedly linked the CIA hacking tools to a number of cyber attacks launched in recent years by a threat actor the company identified as the Longhorn group. “The

Malware

Malware Hacking Government Telecommunications

Iran’s Mahan Air claims it has failed a cyber attack, hackers say the opposite

Security Affairs

NOVEMBER 22, 2021

The US had sanctioned Mahan Air in 2011 for providing financial, material, or technological support to Iran’s Islamic Revolutionary Guard Corps. SecurityAffairs – hacking, Iran’s Mahan Air). The post Iran’s Mahan Air claims it has failed a cyber attack, hackers say the opposite appeared first on Security Affairs.

Cyber Attacks

Cyber Attacks Media Hacking Government

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Security Affairs

DECEMBER 17, 2021

and above 2011 Workspace ONE UEM patch 20.11.0.40 SecurityAffairs – hacking, VMware Workspace ONE UEM). The post VMware fixes critical SSRF flaw in Workspace ONE UEM Console appeared first on Security Affairs. and above 2105 Workspace ONE UEM patch 21.5.0.37 and above 2102 Workspace ONE UEM patch 21.2.0.27 Pierluigi Paganini.

Authentication

Authentication Hacking Software Information Security

PyMICROPSIA Windows malware includes checks for Linux and macOS

Security Affairs

DECEMBER 15, 2020

AridViper is an Arabic speaking APT group that is active in the Middle East since at least 2011. SecurityAffairs – hacking, Arid Viper). The post PyMICROPSIA Windows malware includes checks for Linux and macOS appeared first on Security Affairs. ” Pierluigi Paganini.

Malware

Malware Hacking Information Security

US Treasury imposes sanctions on a Russian research institute behind Triton malware

Security Affairs

OCTOBER 24, 2020

Some of the TEMP.Veles hacking tools were tested using an unnamed online scan service. The experts discovered that a PDB path contained in a tested file included a string that appears to be an online moniker associated with a Russia-based individual active in Russian information security communities since at least 2011.

Malware

Malware Government Hacking Cyber Attacks

Crypto security breaches cause $4.25 billion losses worth of cryptos in 2021

Security Affairs

JANUARY 2, 2022

It is estimated that the cryptocurrencies stolen between January 2011 and December 2021 amount to $12.1 SecurityAffairs – hacking, crypto security breaches). The post Crypto security breaches cause $4.25 billion losses worth of cryptos in 2021 appeared first on Security Affairs. PancakeBunny, $200M .

Cryptocurrency

Cryptocurrency Scams Marketing Hacking

Russian Alexander Vinnik sentenced in Paris to five years in prison for money laundering

Security Affairs

DECEMBER 8, 2020

Alexander Vinnik allegedly headed the Bitcoin exchange BTC-e, he is charged with different hacking crimes in Russia, France, and the United States. The authorities reported that since 2011, 7 million Bitcoin went into the BTC-e exchange and 5.5 SecurityAffairs – hacking, Alexander Vinnik). million withdrawn.

Cryptocurrency

Cryptocurrency Hacking Ransomware Cybercrime

Google disrupts the Glupteba botnet

Security Affairs

DECEMBER 7, 2021

The blockchain-enabled botnet has been active since at least 2011, researchers estimate that the Glupteba botnet is currently composed of more than 1 million Windows PCs around the world. SecurityAffairs – hacking, Glupteba botnet). The post Google disrupts the Glupteba botnet appeared first on Security Affairs.

Backups

Backups Advertising Accountability Malware

Mitsubishi Electric discloses data breach, media blame China-linked APT

Security Affairs

JANUARY 20, 2020

.” The security breach was discovered after Mitsubishi Electric staff found a suspicious file on one of the company’s servers, further investigation allowed the company to determine that hack of an employee account. SecurityAffairs – data breach, hacking). ” reported Kyodo News. ” reported Kyodo News. .

Data breaches

Data breaches Media Computers and Electronics Cyber Attacks

Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering

Security Affairs

MAY 6, 2024

Alexander Vinnik , a Russian national, pleaded guilty to conspiracy to commit money laundering for his involvement in operating the cryptocurrency exchange BTC-e from 2011 to 2017. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Alexander Vinnik)

Cryptocurrency

Cryptocurrency Computers and Electronics Identity Theft Hacking

KashmirBlack, a new botnet in the threat landscape that rapidly grows

Security Affairs

OCTOBER 26, 2020

SecurityAffairs – hacking, KashmirBlack botnet). The post KashmirBlack, a new botnet in the threat landscape that rapidly grows appeared first on Security Affairs. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Advertising

Advertising Cryptocurrency Internet Internet

Iranian Charming Kitten APT targets various entities in Brazil, Israel, and the U.A.E. using a new backdoor

Security Affairs

SEPTEMBER 11, 2023

Microsoft has been tracking the threat actors at least since 2013, but experts believe that the cyberespionage group has been active since at least 2011 targeting journalists and activists in the Middle East, as well as organizations in the United States, and entities in the U.K., using a new backdoor appeared first on Security Affairs.

Internet

Internet Internet Healthcare Education

U.S. agency cautions employees to limit phone use due to Salt Typhoon hack of telco providers

PlayStation Network outage has been going on for over 24 hours

Trending Sources

Three Italian universities hacked by LulzSec_ITA collective

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Critical bug in decoder used by popular chipsets exposes 2/3 of Android devices to hack

Russians charged with hacking Mt. Gox exchange and operating BTC-e

New Leak Shows Business Side of China’s APT Menace

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Anonymous hacked Russian PSCB Commercial Bank and companies in the energy sector

Lenovo Solution Centre flaw allows hacking Windows laptop in 10 minutes

A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Security Affairs newsletter Round 284

US DoJ indicts four members of China-linked APT40 cyberespionage group

Email accounts of the International Monetary Fund compromised

Iran-linked Phosphorous APT hacked emails of security conference attendees

CISA adds 12 new flaws to its Known Exploited Vulnerabilities Catalog

Unknown FinSpy Mac and Linux versions found in Egypt

Happy 10th Birthday, Security Affairs

Alexander Vinnik, the popular cyber criminal goes on trial in Paris

US Treasury FinCEN linked $5.2 billion in BTC transactions to ransomware payments

Hackers threaten to leak a copy of the World-Check database used to assess potential risks associated with entities

ENISA published “Proactive detection – Measures and information sources” report

Air India suffered a data breach, 4.5 million customers impacted

Multiple cybersecurity agencies warn of China-linked APT40 ‘s capabilities

Palo Alto Networks addresses tens of serious issues in PAN-OS

US man sentenced to 4 years in prison for his role in Infraud scheme

Russia-linked threat actors targets critical infrastructure, US authorities warn

Windows Defender identified Chromium, Electron apps as Hive Ransomware

Command injection flaw in PHP Composer allowed supply-chain attacks

German authorities raid the offices of the FinFisher surveillance firm

France ANSSI agency warns of APT31 campaign against French organizations

Purple Lambert, a new malware of CIA-linked Lambert APT group

Iran’s Mahan Air claims it has failed a cyber attack, hackers say the opposite

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

PyMICROPSIA Windows malware includes checks for Linux and macOS

US Treasury imposes sanctions on a Russian research institute behind Triton malware

Crypto security breaches cause $4.25 billion losses worth of cryptos in 2021

Russian Alexander Vinnik sentenced in Paris to five years in prison for money laundering

Google disrupts the Glupteba botnet

Mitsubishi Electric discloses data breach, media blame China-linked APT

Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering

KashmirBlack, a new botnet in the threat landscape that rapidly grows

Iranian Charming Kitten APT targets various entities in Brazil, Israel, and the U.A.E. using a new backdoor

Stay Connected