article thumbnail

Chinese Hackers Stole an NSA Windows Exploit in 2014

Schneier on Security

2014-2015: China’s hacking team code-named APT31, aka Zirconium, developed Jian by, one way or another, cloning EpMe. This allows someone with a foothold on a machine to commandeer the whole box. Early 2017: The Equation Group’s tools were teased and then leaked online by a team calling itself the Shadow Brokers.

article thumbnail

Booter Boss Interviewed in 2014 Pleads Guilty

Krebs on Security

net prior to our phone call in 2014. In February 2014, KrebsOnSecurity reached out to Usatyuk’s father Peter Usatyuk , an assistant professor at the University of Illinois at Chicago. Usatyuk of Orland Park, Ill. in , quezstresser[.]com com , betabooter[.]com com , databooter[.]com com , instabooter[.]com com , polystress[.]com

DDOS 196
Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

The ASA flaw CVE-2014-2120 is being actively exploited in the wild

Security Affairs

Cisco warns customers that a decade-old ASA vulnerability, tracked as CVE-2014-2120, is being actively exploited in the wild. Cisco warns that the decade-old ASA vulnerability CVE-2014-2120 is being actively exploited in attacks in the wild, and urges customers to review the updated advisory. ” reads the advisory.

Software 117
article thumbnail

FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy

Krebs on Security

An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and selling the data on the dark web.

article thumbnail

Who’s Behind Monday’s 14-State 911 Outage?

Krebs on Security

On April 6, 2014, some 11 million people across the United States were disconnected from 911 services for eight hours thanks to an “entirely preventable” software error tied to Intrado’s systems. million for the multi-state 2014 outage. 2018 outage that lasted 65 minutes.

article thumbnail

Cryptanalyzing a Pair of Russian Encryption Algorithms

Schneier on Security

It's just not the kind of mistake you make by accident, not in 2014. A pair of Russia-designed cryptographic algorithms -- the Kuznyechik block cipher and the Streebog hash function -- have the same flawed S-box that is almost certainly an intentional backdoor.

article thumbnail

Adconion Execs Plead Guilty in Federal Anti-Spam Case

Krebs on Security

The government alleged that between December 2010 and September 2014, the defendants engaged in a conspiracy to identify or pay to identify blocks of Internet Protocol (IP) addresses that were registered to others but which were otherwise inactive. Adconion was acquired in June 2014 by Amobee , a Redwood City, Calif.