Security Affairs

MAY 28, 2020

The Ke3chang hacking group added a new malware dubbed Ketrum to its arsenal, it borrows portions of code and features from older backdoors. ” Back in 2013, the security researchers at FireEye spotted a group of China-Linked hackers that conducted an espionage campaign on foreign affairs ministries in Europe.

Hacking 67

Hacking Malware Advertising Government 67

Security Affairs

SEPTEMBER 19, 2021

A Pakistani national has been sentenced to 12 years of prison in the US for his role in a hacking scheme against the telecom giant AT&T. “Later in the conspiracy, Fahd had the bribed employees install custom malware and hacking tools that allowed him to unlock phones remotely from Pakistan. ” Pierluigi Paganini.

Hacking 113

Hacking Malware Cybercrime Information Security 113

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. Authorities in the United States, Germany, the Netherlands and the U.K.

Advertising 259

Advertising Cybercrime System Administration Hacking 259

Security Affairs

DECEMBER 13, 2020

Palo Alto Networks Unit42 researchers believe that PGMiner can potentially be disruptive due to the popularity of the PostgreSQL, they warn that with additional effort, the malware could target all major operating systems. SecurityAffairs – hacking, PGminer). ” reads the analysis published by Palo Alto Networks Unit42.

Hacking 135

Hacking Cryptocurrency Authentication Passwords 135

Security Affairs

NOVEMBER 2, 2020

North Korea-linked APT group Kimsuky was recently spotted using a new piece of malware in attacks on government agencies and human rights activists. The new malware appears to have been developed recently, but threat actors might have used Backdating, or timestomping to thwart analysis attempts (anti-forensics).

Malware 108

Malware Spyware Advertising Government 108

Security Affairs

NOVEMBER 23, 2023

The attackers used a malware-laced version of a legitimate CyberLink application installer that was signed using a valid certificate issued to CyberLink Corp. Microsoft has yet to identify “hands-on-keyboard activity” carried out by the attackers after the compromise via this malware.

Software 111

Software Malware Media Internet 111

Security Affairs

SEPTEMBER 23, 2019

Kaspersky experts spotted a new piece of ATM malware, dubbed ATMDtrack, that was developed and used by North Korea-linked hackers. Kaspersky researchers discovered a new piece of ATM malware, tracked as ATMDtrack, that was developed and used by North Korea-linked hackers. SecurityAffairs – APT, hacking). Pierluigi Paganini.

Malware 85

Malware Banking Advertising Encryption 85

Krebs on Security

JANUARY 8, 2024

From January 2005 to April 2013, there were two primary administrators of the cybercrime forum Spamdot (a.k.a In December 2023, KrebsOnSecurity published new details about the identity of “Rescator,” a Russian cybercriminal who is thought to be closely connected to the 2013 data breach at Target.

Cybercrime 203

Cybercrime Banking Computers and Electronics DDOS 203

Krebs on Security

OCTOBER 1, 2022

In customer guidance released Thursday, Microsoft said it is investigating two reported zero-day flaws affecting Microsoft Exchange Server 2013, 2016, and 2019. ” These web-based backdoors offer attackers an easy-to-use, password-protected hacking tool that can be accessed over the Internet from any browser.

Hacking 176

Hacking Passwords Internet Internet 176

SiteLock

AUGUST 27, 2021

Want to infect computers with data-stealing malware? Looking to hack into someone else’s website or steal their data? A date of birth costs just $11. That will cost you around $20 for 1,000 computers and $250 to infect 15,000 computers. Need someone to develop a Trojan to plant on those infected computers?

Data breaches 40

Data breaches Banking Identity Theft Accountability 40

Security Affairs

OCTOBER 28, 2018

Belgian newspaper reported that investigators had found proof that the Belgacom hack was the work of the UK GCHQ intelligence agency. Back to September 2013, Belgacom (now Proximus), the largest telecommunications company in Belgium and primarily state-owned, announced its IT infrastructure had suffered a malware-based attack.

Hacking 85

Hacking Spyware Telecommunications Malware 85

Security Affairs

JULY 23, 2020

depending on the Windows version), SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 , SharePoint Server 2010 Service Pack 2, SharePoint Server 2019, Visual Studio 2017 version 15.9, SecurityAffairs – hacking, CVE-2020-1147). The CVE-2020-1147 vulnerability impacts.NET Core 2.1,NET NET Framework 2.0

Hacking 108

Hacking Advertising Software Information Security 108

Krebs on Security

MARCH 2, 2020

A large number of French critical infrastructure firms were hacked as part of an extended malware campaign that appears to have been orchestrated by at least one attacker based in Morocco, KrebsOnSecurity has learned. ‘FATAL’ ERROR.

DNS 253

DNS Penetration Testing Malware Hacking 253

Security Affairs

FEBRUARY 13, 2020

Microsoft is recommending administrators to disable the SMBv1 network communication protocol on Exchange servers to prevent malware attacks. Microsoft is urging administrators to disable the SMBv1 protocol on Exchange servers as a countermeasure against malware threats like TrickBot and Emotet. ” continues Microsoft.

Authentication 137

Authentication Malware Advertising Hacking 137

Krebs on Security

JULY 28, 2022

Launched in 2013, Microleaves is a service that allows customers to route their Internet traffic through PCs in virtually any country or city around the globe. The very first discussion thread started by the new user Microleaves on the forum BlackHatWorld in 2013 sought forum members who could help test and grow the proxy network.

Advertising 209

Advertising Software Computers and Electronics Internet 209

Security Affairs

MAY 8, 2023

Ukraine’s CERT-UA warns of an ongoing phishing campaign aimed at distributing the SmokeLoader malware in the form of a polyglot file. CERT-UA warns of an ongoing phishing campaign that is distributing the SmokeLoader malware in the form of a polyglot file. ” reads the alert published by Ukraine’s CERT.

Malware 94

Malware Phishing VPN Accountability 94

Security Affairs

JUNE 12, 2020

The group was first discovered by Symantec and TrendMicro in 2015 but evidence of its activities has been dated back to 2013. “We have seen this module implemented in two different languages: C# and VBScript” The arsenal of the group includes also multiple malware, most of them downloaders and backdoors. Pierluigi Paganini.

Malware 108

Malware Phishing Advertising Government 108

Security Affairs

JANUARY 2, 2021

Ticketmaster agreed to pay a $10 million fine for hacking into the computer system of the startup rival CrowdSurge. The intrusions into the competitor’s systems took place repeatedly between 2013 and 2015. The intrusions into the competitor’s systems took place repeatedly between 2013 and 2015. Pierluigi Paganini.

Hacking 89

Hacking Passwords Accountability Cybercrime 89

CyberSecurity Insiders

MARCH 2, 2022

Dubbed as Bvp47 and linked to Equation Group-an NSA funded threat actor was first detected by anti-virus firm Virus Total in 2013. In the year 2013, Edward Snowden, a former employee of NSA, revealed some startling facts about the activities taking place inside the agency in the name of National Integrity.

Education 84

Education Malware Engineering Internet 84

WIRED Threat Level

OCTOBER 17, 2018

Security researchers have discovered a new instance code associated with APT1, a notorious Chinese hacking group that disappeared in 2013.

Malware 61

Malware Hacking 61

Security Affairs

AUGUST 6, 2023

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, data breach) The post Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack appeared first on Security Affairs.

Education 87

Education Data breaches Ransomware Hacking 87

Security Affairs

OCTOBER 10, 2019

New espionage malware found targeting Russian-speaking users in Eastern Europe. ESET found an advanced malware piece of malware named Attor, targeting diplomats and high-profile Russian-speaking users in Eastern Europe. Threat actors have been using Attor since 2013, the malicious code remained under the radar until last year.

Malware 80

Malware Encryption Advertising Mobile 80

Security Affairs

NOVEMBER 11, 2021

Beta, D6220, D6400, D7000 CVE-2018-10561, CVE-2018-10562 GPON home routers CVE-2013-3307 Linksys X3000 1.0.03 d26m CVE-2013-5223 D-Link DSL-2760U Gateway CVE-2020-8958 Guangzhou 1GE ONU V2801RW 1.9.1-181203 “To deliver its exploit, the malware first queries the target with a simple “GET” request. A2pvI042j1.d26m

IoT 125

IoT Firmware Malware Wireless 125

Security Affairs

DECEMBER 1, 2022

In 2013, Yahoo suffered one of the worst data breaches in history, exposing over 3 billion user accounts. While no plaintext passwords or financial data was stolen, the hack did expose answers to security questions. Weak passwords are the easiest way hackers can hack into a system. SecurityAffairs – hacking, data breaches).

Data breaches 97

Data breaches Passwords Social Engineering Encryption 97

Security Affairs

APRIL 23, 2020

A security expert uncovered an old APT operation, tracked Nazar, by analyzing the NSA hacking tools included in the dump leaked by Shadow Brokers in 2017. Guerrero-Saade discovered that the SIG37 campaign references hacking activities dated back as far as 2008 that was carried out by an unknown threat actor, the expert tracked it as Nazar.

Hacking 106

Hacking Advertising Malware Engineering 106

Security Affairs

FEBRUARY 23, 2022

The Bvp47 backdoor was first discovered in 2013 while conducting a forensic investigation into a security breach suffered by a Chinese government organization. In 2016 and 2017, the hacking group The Shadow Brokers l eaked a bunch of data allegedly stolen from the Equation Group, including many hacking tools and exploits.

Encryption 116

Encryption Hacking Government Engineering 116

Security Affairs

FEBRUARY 11, 2021

Confucius is a pro-India APT group that has been active since 2013, it mainly focused on Pakistani and other South Asian targets. Since 2018, the hackers started targeting mobile users with an Android surveillance malware ChatSpy. The malware can download content from FTP shares and run arbitrary commands as root.

Spyware 114

Spyware Surveillance Malware Mobile 114

Security Affairs

APRIL 18, 2021

The Carbanak gang (aka FIN7 , Anunak or Cobalt ) stole over a billion euros from banks across the world, the name “Carbanak” comes with the name of the malware they used to compromise computers at banks, other financial institutions, restaurants, and other industries. SecurityAffairs – hacking, FIN7). Pierluigi Paganini.

System Administration 119

System Administration Penetration Testing Malware Banking 119

Security Affairs

JANUARY 1, 2022

Microsoft Exchange on-premise servers cannot deliver emails starting on January 1st, 2022, due to a bug in the FIP-FS anti-malware scanning engine dubbed Y2k22 bug. FIP-FS is the anti-malware scanning engine used by Microsoft to protect its users, it was used starting with Exchange Server 2013. SecurityAffairs – hacking, Y2k22).

Engineering 110

Engineering Malware Hacking Information Security 110

Security Affairs

JULY 19, 2021

US DoJ indicted four members of the China-linked cyberespionage group known as APT40 for hacking various entities between 2011 and 2018. The APT40 group has been active since at least 2013 and appears to be focused on supporting naval modernization efforts of the Government of Beijing. Ltd. (????) and Zhu Yunmin (???),

Hacking 114

Hacking Technology Government Malware 114

Krebs on Security

SEPTEMBER 24, 2022

Denis Emelyantsev , as the apparent owner of RSOCKS, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. ” Kloster’s blog even included a group photo of RSOCKS employees.

Cybercrime 200

Cybercrime Data breaches Malware Ransomware 200

SC Magazine

MARCH 9, 2021

Following widespread hacking from the Hafnium group and, perhaps, other groups , Microsoft is now offering the same patch for the no-longer-supported Exchange Server 2010 that it introduced last week for all newer editions. Patches for Exchange Servers 2010, 2013, 2016 and 2019 can be downloaded here. Microsoft).

Media 77

Media Malware Hacking Internet 77

Security Affairs

APRIL 5, 2022

ua,” the campaign aims at infecting the target systems with malware. The Gamaredon group was first discovered by Symantec and TrendMicro in 2015, but evidence of its activities has been dated back to 2013. SecurityAffairs – hacking, Armageddon). The phishing messages have been sent from “vadim_melnik88@i[.]ua,”

Phishing 118

Phishing Government Hacking Malware 118

Security Affairs

NOVEMBER 19, 2021

The TA406 cyber espionage group was first spotted by Kaspersky researchers in 2013. TA406 doesn’t usually employ malware in its campaigns, however, researchers tracked two campaigns that were attempting to distribute information-stealer malware. SecurityAffairs – hacking, North Korea). Pierluigi Paganini.

Cryptocurrency 88

Cryptocurrency Malware Government Education 88

Security Affairs

DECEMBER 16, 2020

Security experts spotted a new malware strain, named Goontact, that allows its operators to spy on both Android and iOS users. The malware allows operators to retrieve phone identifiers and steal contacts, SMS messages, photos, and even location data. SecurityAffairs – hacking, Goontact). ” conclude the experts. .

Spyware 116

Spyware Mobile Surveillance Malware 116

Security Affairs

AUGUST 16, 2022

Russia-linked Gamaredon APT group targets Ukrainian entities with PowerShell info-stealer malware dubbed GammaLoad. Russia-linked Gamaredon APT group (aka Shuckworm , Actinium , Armageddon , Primitive Bear , and Trident Ursa) targets Ukrainian entities with PowerShell info-stealer malware dubbed GammaLoad, Symantec warns.

Malware 86

Malware Phishing Hacking Government 86

Security Affairs

SEPTEMBER 14, 2020

The project was launched in September 2019 and as of August 2020, the experts collected 680 records of ransomware attacks that took place since November 2013. now has 687 records assembled from publicly disclosed incidents between November 2013 and August 2020.” SecurityAffairs – hacking, ransomware). Pierluigi Paganini.

Ransomware 113

Ransomware Advertising Data collection Healthcare 113