2012, Cyber Attacks and Hacking - Cyber Security Informer

A cyber attack hit Thyssenkrupp Automotive Body Solutions business unit

Security Affairs

FEBRUARY 26, 2024

The company did not disclose details of the attack, however the decision to shut down the IT systems suggests it was the victim of a ransomware attack. This isn’t the first time that the company was the victim of a cyber attack. In 2016, alleged Asian threat actors targeted ThyssenKrupp to steal company secrets.

Cyber Attacks

Cyber Attacks Ransomware Engineering Banking

Australia takes a vow to hack the hackers

CyberSecurity Insiders

NOVEMBER 16, 2022

After a cyber attack on national telecom operator Optus and Insurance company Medibank, the Australian government has hacked the hackers in order to bring them to knees. For this reason, it has begun the work to track the criminals and hack their servers to siphon the information they possess about millions of customers.

Hacking

Hacking Cyber Attacks Insurance Cyber threats

Aoquin Dragon from China hacking Australian Government Servers

CyberSecurity Insiders

JUNE 13, 2022

A newly detected hacking group named Aoquin Dragon from China has been found infiltrating servers from Southeast Asia and Australia. Countries like China, Russia, and the United States spy on foreign nations since 2012. The post Aoquin Dragon from China hacking Australian Government Servers appeared first on Cybersecurity Insiders.

Government

Government Hacking Cyber Attacks Cybersecurity

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Krebs on Security

SEPTEMBER 17, 2020

Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. Image: FBI.

Antivirus

Antivirus Hacking Government Software

Russia-linked actors may be behind an explosion at a liquefied natural gas plant in Texas

Security Affairs

JUNE 26, 2022

A Russian hacking group may be responsible for a cyber attack against a liquefied natural gas plant in Texas that led to its explosion on June 8. Experts speculate a cyber attack may have turned off the industrial safety controls at the natural gas facility. SecurityAffairs – hacking, liquefied natural gas plant).

Cyber Attacks

Cyber Attacks Hacking Malware Government

New Cyber Attack Campaign Leverages the COVID-19 Infodemic

Security Affairs

FEBRUARY 26, 2020

Finally, all the loot is sent to the remote command and control hosted at 66.154.98.108, operated by “Total server solutions LLC”, an US hosting provider operating since 2012. New Cyber Attack Campaign Leverages the COVID-19 Infodemic. Figure 8: Path and file containing the sensitive information about the victim.

Cyber Attacks

Cyber Attacks Malware Social Engineering Advertising

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

FBI spoofs 2012 – 2013. This quirk made the attack look more trustworthy and added a layer of flexibility to these scams. It surfaced in November 2012 and was making thousands of victims a day. WannaCry and NotPetya cyber-attacks have since been attributed to state-funded threat actors.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Cyber attack hit the Italian oil and gas services company Saipem

Security Affairs

DECEMBER 12, 2018

Some of the servers of the Italian oil and gas services company Saipem were hit by a cyber attack early this week. The attack has been identified out of India on Monday and primarily affected the servers in the Middle East, including Saudi Arabia, the United Arab Emirates, and Kuwait. “The Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Advertising Backups Media

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. According to ZDNet, the hackers involved in the attack against the Mitsubishi Electric have exploited a zero-day vulnerability in Trend Micro OfficeScan to infect company servers.

Antivirus

Antivirus Hacking Advertising Media

Up to Georgia 2,000 websites have been hit by cyber attacks

Security Affairs

OCTOBER 28, 2019

A wave of cyber attacks hit 2,000 websites in Georgia, including the sites of the president, courts, and local media. A mysterious wave of cyber attacks hit some 2,000 websites in Georgia, including the websites of the president, courts, and media. SecurityAffairs – Georgia, hacking). Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Media Advertising Government

Vietnam-linked Ocean Lotus hacked BMW and Hyundai networks

Security Affairs

DECEMBER 7, 2019

” The APT32 group, also known as OceanLotus Group, has been active since at least 2012 targeting organizations across multiple industries and foreign governments, dissidents, and journalists. The post Vietnam-linked Ocean Lotus hacked BMW and Hyundai networks appeared first on Security Affairs. Pierluigi Paganini.

Hacking

Hacking Manufacturing Advertising Media

The head of the Federal Cyber Security Authority (BSI) faces dismissal

Security Affairs

OCTOBER 10, 2022

According to an investigation conducted by broadcaster ZDF, Schoenbohm was in contact with Russia through an association that he co-founded in 2012, the Cyber Security Council of Germany. Germany has repeatedly accused Russia-linked threat actors of cyber attacks against its Parliament and infrastructure.

Government

Government Cyber Attacks Media Hacking

620 million accounts stolen from 16 hacked websites available for sale on the dark web

Security Affairs

FEBRUARY 11, 2019

620 million accounts stolen from 16 hacked websites (Dubsmash, Armor Games, 500px, Whitepages, ShareThis) available for sale on the dark web. The Register revealed in exclusive that some 617 million online account details stolen from 16 hacked websites are available for sale on the dark web. I started hacking a long time ago.

Accountability

Accountability Hacking Advertising Data breaches

German industrial giant ThyssenKrupp targeted in a new cyberattack

Security Affairs

DECEMBER 21, 2022

. “At the present time, no damage has been done, nor are there any indications that data has been stolen or modified,” This isn’t the first attack suffered by the company, in 2012, the company was targeted by another cyber attack that was classified as “heavy” and of “exceptional quality.”.

Engineering

Engineering Data breaches Ransomware Banking

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

Security Affairs

JULY 19, 2021

Threat actors that goes online with the moniker ZeroX claim to have stolen 1 TB of sensitive data from the Saudi Arabian petroleum and natural gas giant end it is offering for sale it on multiple hacking forums. SecurityAffairs – hacking, Saudi Aramco). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Engineering

Engineering Telecommunications Wireless Data breaches

Mitsubishi Electric Corp. was hit by a new cyberattack

Security Affairs

NOVEMBER 20, 2020

was hit by a new cyber attack that may have caused the leakage of information related to its business partners. The two media outlets attribute the cyber attack to a China-linked cyber espionage group tracked as Tick (aka Bronze Butler ). SecurityAffairs – hacking, malware). Mitsubishi Electric Corp.

Banking

Banking Cyber Attacks Accountability Media

Critical Microsoft Windows Vulnerability found

CyberSecurity Insiders

JULY 7, 2021

Or else they are on the verge of getting hacked by cyber crooks that could then install programs, view or delete data or even create new user accounts of a PC without the knowledge of the user or the system administration if/when on network. .

System Administration

System Administration Cyber Attacks Engineering Accountability

Group-IB: $49.4 million of damage caused to Russia’s financial sector from cyber attacks

Security Affairs

OCTOBER 10, 2018

Security firm Group-IB has estimated that in H2 2017-H1 2018 cyber attacks caused $49.4 Group-IB, an international company that specializes in preventing cyber attacks, has estimated that in H2 2017-H1 2018 cyber attacks caused $49.4 million (2.96 billion rubles) of damage to Russia’s financial sector.

Cyber Attacks

Cyber Attacks Banking Cyber threats Phishing

GAO report reveals new Pentagon weapon systems vulnerable to hack

Security Affairs

OCTOBER 10, 2018

According to a new report published by the Government Accountability Office (GAO) almost any new weapon systems in the arsenal of the Pentagon is vulnerable to hack. The new generation of weapon systems developed by the Pentagon is heavily computerized and for this reason more exposed to cyber attacks. Pierluigi Paganini.

Hacking

Hacking Passwords Password Management Advertising

North Korea ScarCruft APT used previously undetected Dolphin Backdoor against South Korea

Security Affairs

DECEMBER 1, 2022

ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. SecurityAffairs – hacking, Dolphin backdoor). Pierluigi Paganini.

Accountability

Accountability Malware Cyber Attacks Media

Mitsubishi Electric discloses data breach, media blame China-linked APT

Security Affairs

JANUARY 20, 2020

” “Mitsubishi Electric, a major general electronics maker , has been hit by a large-scale cyber attack , and it has been found that information about public and private business partners such as highly confidential defense-related and important social infrastructure such as electric power and railroad may leak out.”

Data breaches

Data breaches Media Computers and Electronics Cyber Attacks

Security Affairs newsletter Round 355

Security Affairs

FEBRUARY 28, 2022

Anonymous breached the internal network of Belarusian railways Feb 7- Feb 27 Ukraine – Russia the silent cyber conflict Ukraine: Volunteer IT Army is going to hit tens of Russian targets from this list Chipmaker giant Nvidia hit by a ransomware attack Fileless SockDetour backdoor targets U.S.-based Pierluigi Paganini.

Ransomware

Ransomware Malware Encryption Phishing

Is there a link between Microsoft Exchange exploits and PoC code the company shared with partner security firms?

Security Affairs

MARCH 16, 2021

It is not the first time that such kind of leak has happened, in May 2012, Microsoft cut off Hangzhou DPtech Technologies Co. a MAPP partner company based in China, for leaking data related to CVE-2012-0002. SecurityAffairs – hacking, Microsoft Exchange). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Antivirus

Antivirus Cyber Attacks Hacking Accountability

Japan suspects HGV missile data leak in Mitsubishi security breach

Security Affairs

MAY 21, 2020

In January, the two media outlets attributed the cyber attack to a China-linked cyber espionage group tracked as Tick (aka Bronze Butler ). Other Japanese defense contractors were hit by cyber attacks, including NEC Corp. SecurityAffairs – Mitsubishi, hacking). China, and Russia. Pasco Corp.

Media

Media Cyber Attacks Advertising Manufacturing

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

Security Affairs

FEBRUARY 7, 2020

The breach was detected almost eight months ago, on June 28, 2019, with the delay being attributed to the increased complexity of the investigation caused by the attackers deleting activity logs. Two Japanese media outlets attributed the cyber attack to a China-linked cyber espionage group tracked as Tick (aka Bronze Butler ).

Manufacturing

Manufacturing Data breaches Advertising Antivirus

Who Is the Network Access Broker ‘Babam’?

Krebs on Security

DECEMBER 3, 2021

Verified was hacked at least twice in the past five years, and its user database posted online. All of these domains date back to between 2012 and 2013. At some point, mindjolt.com apparently also was hacked, because a copy of its database at Constella says the bo3dom@gmail.com used two passwords at that site: lebeda1 and a123456.

Ransomware

Ransomware Passwords Accountability Cybercrime

Platinum APT and leverages steganography to hide C2 communications

Security Affairs

JUNE 6, 2019

The Platinum cyber espionage group uses steganographic technique to hide communications with the Command and Control Servers (C&C). Experts from Kaspersky have linked the Platinum APT group with cyber attacks involving an elaborate, and new steganographic technique used to hide communications with C2 servers.

Encryption

Encryption Government Advertising Cyber Attacks

Cobalt Strike Enabled Cyberattacks Skyrocket

SecureWorld News

JUNE 30, 2021

Cobalt Strike was first released in 2012 to address perceived gaps in an existing Red Team tool, the Metasploit Framework. In December 2020, the Cobalt Strike Beacon was discovered to be one of the tools Russian-based threat actors used in the SolarWinds hack. By 2016, Proofpoint observed Cobalt being used by threat actors.

Threat Detection

Threat Detection Malware Hacking Engineering

Cobalt Strike Enabled Cyberattacks Skyrocket

SecureWorld News

JUNE 30, 2021

Cobalt Strike was first released in 2012 to address perceived gaps in an existing Red Team tool, the Metasploit Framework. In December 2020, the Cobalt Strike Beacon was discovered to be one of the tools Russian-based threat actors used in the SolarWinds hack. By 2016, Proofpoint observed Cobalt being used by threat actors.

Threat Detection

Threat Detection Malware Hacking Engineering

A new variant of Shamoon was uploaded to Virus Total while Saipem was under attack

Security Affairs

DECEMBER 12, 2018

A new variant of the Shamoon malware, aka DistTrack, was uploaded to VirusTotal from Italy this week, but experts haven’t linked it to a specific attack yet. Shamoon was first observed in 2012 when it infected and wiped more than 30,000 systems at Saudi Aramco and other oil companies in the Middle East.

Malware

Malware Advertising Cyber Attacks Encryption

New Cyber Operation Targets Italy: Digging Into the Netwire Attack Chain

Security Affairs

JUNE 5, 2020

Info stealer malware confirms to be one of the most adopted weapons of cyber actors. One of them is Netwire ( MITRE S0198 ), a multiplatform remote administration tool (RAT) that has been used by criminals and espionage groups at least since 2012. Hacking Tool #1: Patching the AmsiScanBuffer. Hacking Tool #2: The Injector.

Malware

Malware Manufacturing Advertising Hacking

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

The Last Watchdog

NOVEMBER 26, 2018

The first Cyber Range training and testing hub opened at Eastern Michigan University in late 2012. It can host training, such as capture the flag exercises, demonstrate how known hacks play out, test defensive responses and be utilized for software security testing. They answered, yes. Shoring up weak links.

Cybersecurity

Cybersecurity Education Cyber threats Government

The number of cyber attacks on Saudi Aramco is increasing

Security Affairs

FEBRUARY 9, 2020

Saudi Aramco, the Saudi Arabian national p etroleum and natural gas company, revealed that it has seen an increase in attempted cyber attacks since the Q4 2019. The energy industry is under attack, Saudi Aramco announced it has seen an increase in attempted cyber attacks since the final quarter of 2019.

Cyber Attacks

Cyber Attacks Malware Advertising Information Security

US accuses four Russian Government Officials for launching Cyber Attacks

CyberSecurity Insiders

MARCH 25, 2022

United States Justice Department has accused four Russian government officials for launching cyber attacks on the critical infrastructure of the Joe Biden led nation between 2012 to 2018. The post US accuses four Russian Government Officials for launching Cyber Attacks appeared first on Cybersecurity Insiders.

Cyber Attacks

Cyber Attacks Government Energy and Utilities Hacking

MY TAKE: COVID-19’s silver lining could turn out to be more rapid, wide adoption of cyber hygiene

The Last Watchdog

MAY 11, 2020

Somewhat quietly since about 2012 or so, nation states in that region, led by Saudi Arabia and the United Arab Emirates, commenced a quiet surge to the forefront of implementing comprehensive cybersecurity regulations. Ransomware hacking groups extorted at least $144.35 Cyber hygiene isn’t difficult. million from U.S.

Computers and Electronics

Computers and Electronics Data privacy Encryption Media

North Korea-linked ScarCruft APT adds Bluetooth Harvester to its arsenal

Security Affairs

MAY 14, 2019

ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. Kaspersky first documented the operations of the group in 2016.

Malware

Malware Advertising Government Healthcare

U.S. CISA Agency warns of possible cyber attacks from Iran

Security Affairs

JANUARY 4, 2020

US Government fears a new wave of cyber attacks from Iran as retaliation for the airstrike that killed Maj. Krebs, Director of Cybersecurity and Infrastructure Security Agency (CISA) warned of a potential new wave of cyber attacks carried out by Iran-linked hacker groups targeting U.S. Iran, hacking). The post U.S.

Cyber Attacks

Cyber Attacks Backups Passwords Government

Growing Cyber Threats to the Energy and Industrial Sectors

NopSec

DECEMBER 7, 2016

Remember Shamoon, the malware that disabled some 35,000 computers at one of the world’s largest oil companies in 2012? The Impact of Cyber Attacks on Energy and Industrial Infrastructure It’s hard to understand the damage that can happen as a result of a successful cyber attack on energy and industrial infrastructure.

Cyber threats

Cyber threats Cyber Attacks Ransomware Manufacturing

WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

Security Affairs

OCTOBER 20, 2018

(This won’t protect from an NAS attack, but it will protect you from other cyber attacks). WD: The vulnerability report CVE-2018-18472 affects My Book Live devices originally introduced to the market between 2010 and 2012. The original report is available here.

Firmware

Firmware IoT VPN Authentication

Russian citizen behind JPMorgan Chase and Dow Jones attacks has been extradited to US

Security Affairs

SEPTEMBER 8, 2018

Andrei Tyurin, the man that is accused to be the responsible for major cyber attacks against financial institutions, including JPMorgan Chase, was extradited to the United States from Georgia. Andrei Tyurin is accused of being the mastermind of the organization that targeted the US financial institution from 2012 to mid-2015.

Identity Theft

Identity Theft Advertising Cybercrime Hacking

Iran-linked APT is exploiting the Zerologon flaw in attacks

Security Affairs

OCTOBER 6, 2020

Microsoft researchers reported that Iranian cyber espionage group MuddyWater is exploiting the Zerologon vulnerability in attacks in the wild. Microsoft published a post and a series of tweets to warn of cyber attacks exploiting the Zerologon vulnerability carried out by the Iran-linked APT group known as MuddyWater , aka Mercury.

Authentication

Authentication Advertising Architecture Security Intelligence

RedTorch Formed from Ashes of Norse Corp.

Krebs on Security

MARCH 22, 2021

the company behind the interactive “pew-pew” cyber attack map shown in the image below? Flushed with venture capital funding in 2012, Norse’s founders started hiring dozens of talented cybersecurity professionals. Remember Norse Corp. , Last month, the U.S.

Surveillance

Surveillance Computers and Electronics Internet Internet

Iranian Threat Actors: Preliminary Analysis

Security Affairs

JANUARY 15, 2020

Just like Charming Kitten ( which is not included into this report since it is a quite ongoing mistery even if a great report from Clear Sky is available ), Cleaver is a threat group that is responsible of one of the first most advanced and silent cyber attack attributed to Iran known until now ( OpCleaver , by Cylance).

Computers and Electronics

Computers and Electronics Penetration Testing Malware Government

NYT Report: U.S. Cyber units planted destructive Malware in Russian Power Grid

Security Affairs

JUNE 17, 2019

cyber army is targeting the Russian power grid since at least 2012 with reconnaissance operations, but recently it also carried out more offensive operations. According to the officials, US cyber soldiers attempted to deploy destructive malware inside the Russian power grid. SecurityAffairs – Russian power grid, hacking).

Malware

Malware Energy and Utilities Cyber Attacks Advertising

A cyber attack hit Thyssenkrupp Automotive Body Solutions business unit

Australia takes a vow to hack the hackers

Trending Sources

Aoquin Dragon from China hacking Australian Government Servers

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Russia-linked actors may be behind an explosion at a liquefied natural gas plant in Texas

New Cyber Attack Campaign Leverages the COVID-19 Infodemic

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Cyber attack hit the Italian oil and gas services company Saipem

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Up to Georgia 2,000 websites have been hit by cyber attacks

Vietnam-linked Ocean Lotus hacked BMW and Hyundai networks

The head of the Federal Cyber Security Authority (BSI) faces dismissal

620 million accounts stolen from 16 hacked websites available for sale on the dark web

German industrial giant ThyssenKrupp targeted in a new cyberattack

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

Mitsubishi Electric Corp. was hit by a new cyberattack

Critical Microsoft Windows Vulnerability found

Group-IB: $49.4 million of damage caused to Russia’s financial sector from cyber attacks

GAO report reveals new Pentagon weapon systems vulnerable to hack

North Korea ScarCruft APT used previously undetected Dolphin Backdoor against South Korea

Mitsubishi Electric discloses data breach, media blame China-linked APT

Security Affairs newsletter Round 355

Is there a link between Microsoft Exchange exploits and PoC code the company shared with partner security firms?

Japan suspects HGV missile data leak in Mitsubishi security breach

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

Who Is the Network Access Broker ‘Babam’?

Platinum APT and leverages steganography to hide C2 communications

Cobalt Strike Enabled Cyberattacks Skyrocket

Cobalt Strike Enabled Cyberattacks Skyrocket

A new variant of Shamoon was uploaded to Virus Total while Saipem was under attack

New Cyber Operation Targets Italy: Digging Into the Netwire Attack Chain

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

The number of cyber attacks on Saudi Aramco is increasing

US accuses four Russian Government Officials for launching Cyber Attacks

MY TAKE: COVID-19’s silver lining could turn out to be more rapid, wide adoption of cyber hygiene

North Korea-linked ScarCruft APT adds Bluetooth Harvester to its arsenal

U.S. CISA Agency warns of possible cyber attacks from Iran

Growing Cyber Threats to the Energy and Industrial Sectors

WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

Russian citizen behind JPMorgan Chase and Dow Jones attacks has been extradited to US

Iran-linked APT is exploiting the Zerologon flaw in attacks

RedTorch Formed from Ashes of Norse Corp.

Iranian Threat Actors: Preliminary Analysis

NYT Report: U.S. Cyber units planted destructive Malware in Russian Power Grid

Stay Connected