2013, Cybercrime, Information Security and Malware

New ZLoader malware campaign hit more than 2000 victims across 111 countries

Security Affairs

JANUARY 10, 2022

A malware campaign spreads ZLoader malware by exploiting a Windows vulnerability that was fixed in 2013 but in 2014 Microsoft revised the fix. Experts from Check Point Research uncovered a new ZLoader malware campaign in early November 2021. banking Trojan and was used to spread Zeus-like banking trojan (i.e.

Malware

Malware Banking Software Cybercrime

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

.” The DOJ’s statement doesn’t mention that RSOCKS has been in operation since 2014, when access to the web store for the botnet was first advertised on multiple Russian-language cybercrime forums. “Something new was required and I decided to leave Omsk and try to live in the States,” Kloster wrote in 2013.

Advertising

Advertising Cybercrime System Administration Hacking

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

Krebs on Security

SEPTEMBER 24, 2022

A native of Omsk, Russia, Kloster came into focus after KrebsOnSecurity followed clues from the RSOCKS botnet master’s identity on the cybercrime forums to Kloster’s personal blog , which featured musings on the challenges of running a company that sells “security and anonymity services to customers around the world.”

Cybercrime

Cybercrime Data breaches Malware Ransomware

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The epidemic went truly mainstream with the release of CryptoLocker back in 2013, and it has since transformed into a major dark web economy spawning the likes of Sodinokibi, Ryuk, and Maze lineages that are targeting the enterprise on a huge scale in 2020. FBI spoofs 2012 – 2013. File encryption 2013 – 2015.

Ransomware

Ransomware Hacking Encryption Penetration Testing

The parabola of a prolific cyber-criminal known as Dton

Security Affairs

MARCH 17, 2020

The man is active at least since 2013 and already earned at least $100,000 US from his ‘work,’ but researchers believe he has earned several times that amount. The experts were able to identify the man, his name is Bill Henry (25) from Benin City, Nigeria, his criminal activity include the theft of credit cards, phishing and malware attacks.

Cybercrime

Cybercrime Malware Advertising Phishing

Threat actor has been targeting the aviation industry since at least 2018

Security Affairs

SEPTEMBER 18, 2021

The group is suspected to have been running successful malware campaigns for more than five years. The attackers have used off-the-shelf malware since the beginning of their operations and have never developed their own malware. SecurityAffairs – hacking, malware). ” reads the analysis published by Cisco Talos.

Malware

Malware Phishing DNS Cybercrime

A member of the FIN7 group was sentenced to 10 years in prison

Security Affairs

APRIL 18, 2021

The Carbanak gang (aka FIN7 , Anunak or Cobalt ) stole over a billion euros from banks across the world, the name “Carbanak” comes with the name of the malware they used to compromise computers at banks, other financial institutions, restaurants, and other industries. ” reads the press release published by DoJ.

System Administration

System Administration Penetration Testing Malware Banking

BotenaGo botnet targets millions of IoT devices using 33 exploits

Security Affairs

NOVEMBER 11, 2021

Beta, D6220, D6400, D7000 CVE-2018-10561, CVE-2018-10562 GPON home routers CVE-2013-3307 Linksys X3000 1.0.03 d26m CVE-2013-5223 D-Link DSL-2760U Gateway CVE-2020-8958 Guangzhou 1GE ONU V2801RW 1.9.1-181203 “To deliver its exploit, the malware first queries the target with a simple “GET” request. A2pvI042j1.d26m

IoT

IoT Firmware Malware Wireless

CERT-UA warns of an ongoing SmokeLoader campaign

Security Affairs

MAY 8, 2023

Ukraine’s CERT-UA warns of an ongoing phishing campaign aimed at distributing the SmokeLoader malware in the form of a polyglot file. CERT-UA warns of an ongoing phishing campaign that is distributing the SmokeLoader malware in the form of a polyglot file. ” reads the alert published by Ukraine’s CERT.

Malware

Malware Phishing VPN Accountability

HawkEye Keylogger is involved in attacks against business users

Security Affairs

MAY 28, 2019

Malware attacks leveraging a new variant of the HawkEye keylogger have been observed by experts at Talos. The malware has been under active development since at least 2013 and it is offered for sale on various hacking forums as a keylogger and stealer. It allows to monitor systems and exfiltrate information.

Cybercrime

Cybercrime Malware Advertising Healthcare

3 of the Worst Data Breaches in the World That Could Have Been Prevented

Security Affairs

DECEMBER 1, 2022

In 2013, Yahoo suffered one of the worst data breaches in history, exposing over 3 billion user accounts. Near the holiday season of 2013, hackers exposed the credit and debit card information of over 110 million Target customers. Here are three of the worst data breaches that could have been avoided: Yahoo. Pierluigi Paganini.

Data breaches

Data breaches Passwords Social Engineering Encryption

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

CDHE provides free access to the identify theft monitoring Experian IdentityWorks SM for 24 months.

Education

Education Data breaches Ransomware Hacking

Pakistani man sentenced to 12 years of prison for his role in AT&T hacking scheme

Security Affairs

SEPTEMBER 19, 2021

In 2013, AT&T implemented a new system to monitor the activity of the employees, for this reason, the Pakistani man corrupted the employees to install malware and other tools on the infrastructure of the company to unlock the devices remotely. SecurityAffairs – hacking, malware). Secret Service, IRS-CI and the U.S.

Hacking

Hacking Malware Cybercrime Information Security

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Security Affairs

DECEMBER 1, 2020

The OceanLotus APT group is a state-sponsored group that has been active since at least 2013. The APT32 also targeted peripheral network security and technology infrastructure corporations, and security firms that may have connections with foreign investors. ” Microsoft said.

Cryptocurrency

Cryptocurrency Antivirus Manufacturing Government

Play ransomware attacks use a new exploit to bypass ProxyNotShell mitigations on Exchange servers

Security Affairs

DECEMBER 21, 2022

they impact Exchange Server 2013, 2016, and 2019, an authenticated attacker can trigger them to elevate privileges to run PowerShell in the context of the system and gain arbitrary or remote code execution on vulnerable servers. The ProxyNotShell flaws are: CVE-2022-41040 – Microsoft Exchange Server Elevation of Privilege Vulnerability.

Ransomware

Ransomware Authentication Hacking Cybercrime

US CISA appointed Kiersten Todt as new chief of staff

Security Affairs

SEPTEMBER 14, 2021

She was also a member of the team supporting the National Institute of Standards and Technology (NIST) in the development of the Voluntary Cybersecurity Framework called for in President Obama’s 2013 Executive Order 13636 on cybersecurity.

Small Business

Small Business Government Cybersecurity Hacking

FBI arrested a Russian citizen suspected to be the mastermind of Deer.io

Security Affairs

MARCH 10, 2020

platform since October 2013. international financial and corporate data, Personally Identifiable Information (PII), and compromised user accounts from many U.S. The Russian man also advertised the platform on other hacking forums. Firsov was arrested at the John F. ” reported ZDNet. . storefront.” ” The DEER.IO

Accountability

Accountability Advertising Passwords Hacking

Prominent Carding Marketplace UniCC announced it’s shutting down

Security Affairs

JANUARY 15, 2022

The site was launched in 2013 and according to the Elliptic Threat Intel about $358 million (across Bitcoin, Litecoin, Ether and Dash) in purchases were made through the platform. One of the biggest underground carding marketplaces, UniCC, announced it’s shutting down its operations.

Marketing

Marketing Retail Cryptocurrency Banking

Cyber Security Roundup for April 2021

Security Boulevard

MARCH 31, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, March 2021. At the start of March 2021, Microsoft rushed out patches for a critical zero-day Vulnerability in Exchange Server (2010, 2013, 2016, and 2019). Stay safe and secure.

Energy and Utilities

Energy and Utilities Ransomware Banking Hacking

Rackspace: Play Ransomware gang used a previously unknown exploit to access its Hosted Exchange email environment

Security Affairs

JANUARY 6, 2023

they impact Exchange Server 2013, 2016, and 2019, an authenticated attacker can trigger them to elevate privileges to run PowerShell in the context of the system and gain arbitrary or remote code execution on vulnerable servers. The ProxyNotShell flaws are: CVE-2022-41040 – Microsoft Exchange Server Elevation of Privilege Vulnerability.

Ransomware

Ransomware Data breaches Authentication Hacking

Ticketmaster will pay $10 Million fine over hacking a competitor

Security Affairs

JANUARY 2, 2021

The intrusions into the competitor’s systems took place repeatedly between 2013 and 2015. The attacks aimed at stealing information to gain an advantage over CrowdSurge, which was acquired by Warner Music Group (WMG) in 2017.

Hacking

Hacking Passwords Accountability Cybercrime

Growing Cyber Threats to the Energy and Industrial Sectors

NopSec

DECEMBER 7, 2016

Remember Shamoon, the malware that disabled some 35,000 computers at one of the world’s largest oil companies in 2012? When the malware hit Saudi Aramco four years ago, it propelled the company into a technological dark age, forcing the company to rely on typewriters and faxes while it recovered.

Cyber threats

Cyber threats Cyber Attacks Ransomware Manufacturing

Australian man charged with creating and selling the Imminent Monitor spyware

Security Affairs

AUGUST 1, 2022

The man created the malicious code, a remote access trojan (RAT), when he was 15 years old, and maintained its infrastructure from 2013 to 2019. In November 2019, Europol announced to have dismantled the global organized cybercrime ring behind the Imminent Monitor RAT.

Spyware

Spyware Malware Cybercrime Hacking

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Brian Krebs is an independent investigative reporter known for his coverage of technology, malware , data breaches , and cybercrime developments. Eva Galperi n | @evacide.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

The man behind Cardplanet credit card market sentenced to 9 years in prison

Security Affairs

JUNE 27, 2020

The man operated the Cardplanet site between at least early 2009 through at least August 2013. Burkov was also operating another invite-only cybercrime forum, to obtain membership prospective members needed three existing members to “vouch” for their good reputation in the cybercrime community.

Marketing

Marketing Cybercrime Advertising Insurance

Interview With the Guy Who Tried to Frame Me for Heroin Possession

Krebs on Security

SEPTEMBER 25, 2019

In April 2013, I received via U.S. But the plan failed and the Ukrainian mastermind behind it soon after was imprisoned for unrelated cybercrime offenses. After the heroin showed up, I gave the drugs to the local police and wrote about the experience in Mail From the Velvet Cybercrime Underground.

Cybercrime

Cybercrime Identity Theft Accountability Passwords

Why Were the Russians So Set Against This Hacker Being Extradited?

Krebs on Security

NOVEMBER 18, 2019

Burkov calls himself a specialist in information security and denies having committed the crimes for which he’s been charged. A screen shot from the Mazafaka cybercrime forum, circa 2011. K0pa also was a top staff member at Verified , among the oldest and most venerated of Russian language cybercrime forums.

Cybercrime

Cybercrime Government Hacking Banking

Cyber Security Informer

New ZLoader malware campaign hit more than 2000 victims across 111 countries

Meet the Administrators of the RSOCKS Proxy Botnet

Webinars

Trending Sources

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

Webinars

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The parabola of a prolific cyber-criminal known as Dton

Threat actor has been targeting the aviation industry since at least 2018

A member of the FIN7 group was sentenced to 10 years in prison

BotenaGo botnet targets millions of IoT devices using 33 exploits

CERT-UA warns of an ongoing SmokeLoader campaign

HawkEye Keylogger is involved in attacks against business users

3 of the Worst Data Breaches in the World That Could Have Been Prevented

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Pakistani man sentenced to 12 years of prison for his role in AT&T hacking scheme

Vietnam-linked Bismuth APT leverages coin miners to stay under the radar

Play ransomware attacks use a new exploit to bypass ProxyNotShell mitigations on Exchange servers

US CISA appointed Kiersten Todt as new chief of staff

FBI arrested a Russian citizen suspected to be the mastermind of Deer.io

Prominent Carding Marketplace UniCC announced it’s shutting down

Cyber Security Roundup for April 2021

Rackspace: Play Ransomware gang used a previously unknown exploit to access its Hosted Exchange email environment

Ticketmaster will pay $10 Million fine over hacking a competitor

Growing Cyber Threats to the Energy and Industrial Sectors

Australian man charged with creating and selling the Imminent Monitor spyware

Top Cybersecurity Accounts to Follow on Twitter

The man behind Cardplanet credit card market sentenced to 9 years in prison

Interview With the Guy Who Tried to Frame Me for Heroin Possession

Why Were the Russians So Set Against This Hacker Being Extradited?

Stay Connected