2014 - Cyber Security Informer

Chinese Hackers Stole an NSA Windows Exploit in 2014

Schneier on Security

MARCH 4, 2021

2014-2015: China’s hacking team code-named APT31, aka Zirconium, developed Jian by, one way or another, cloning EpMe. This allows someone with a foothold on a machine to commandeer the whole box. Early 2017: The Equation Group’s tools were teased and then leaked online by a team calling itself the Shadow Brokers.

System Administration

System Administration Government Hacking

Booter Boss Interviewed in 2014 Pleads Guilty

Krebs on Security

FEBRUARY 28, 2019

net prior to our phone call in 2014. In February 2014, KrebsOnSecurity reached out to Usatyuk’s father Peter Usatyuk , an assistant professor at the University of Illinois at Chicago. Usatyuk of Orland Park, Ill. in , quezstresser[.]com com , betabooter[.]com com , databooter[.]com com , instabooter[.]com com , polystress[.]com

DDOS

DDOS Computers and Electronics Internet Internet

Top Suspect in 2015 Ashley Madison Hack Committed Suicide in 2014

Security Boulevard

JULY 7, 2023

The post Top Suspect in 2015 Ashley Madison Hack Committed Suicide in 2014 appeared first on Security Boulevard. , there was just one problem with that theory: Their top suspect had killed himself more than a year before the hackers began publishing stolen user data.

Hacking

Hacking Media

Lab Walkthrough?—?Shockin’ Shells: ShellShock [CVE-2014–6271]

Pentester Academy

APRIL 27, 2023

Lab Walkthrough — Shockin’ Shells: ShellShock [CVE-2014–6271] In our lab walkthrough series, we go through selected lab exercises on our INE Platform. Introduction Around mid-September 2014, the security community experienced a seemingly simple, yet nuanced bug in the popular shell interpreter bash. Originally published at [link].

Risk

Risk Hacking Technology InfoSec

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

Security Affairs

NOVEMBER 25, 2020

million settlement in a multi-state investigation of the data breach that the company suffered in 2014. million settlement over the 2014 data breach. In 2014, Home Depot revealed that the data breach impacted 56 million customers across the US and Canada. Retail giant Home Depot has agreed to a $17.5 Pierluigi Paganini.

Retail

Retail Data breaches Penetration Testing Password Management

CISA Adds Five ‘New’ Exploits to KEV Catalog, Including 2014’s Heartbleed Vulnerability

Security Boulevard

MAY 5, 2022

Three of the entries were originally disclosed in 2014, including the infamous Heartbleed vulnerability (CVE-2014-0160). The post CISA Adds Five ‘New’ Exploits to KEV Catalog, Including 2014’s Heartbleed Vulnerability appeared first on Flashpoint.

Cybersecurity

Cybersecurity Risk

Unc0ver is the first jailbreak that works on all recent iOS versions since 2014

Security Affairs

MAY 24, 2020

will be a big milestone for jailbreaking because it is the first zero-day jailbreak released since iOS 8 that was released in September 2014. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pwn20wnd states that #unc0ver v5.0.0

Advertising

Advertising Mobile Software Information Security

2014 Marriott Data Breach Exposed, 500M Guests Impacted

Threatpost

NOVEMBER 30, 2018

The hackers had access to the impacted database since 2014.

Data breaches

UK ICO proposes a $123 million fine for Marriott 2014 data breach

Security Affairs

JULY 9, 2019

The UK’s data privacy regulator plans to fine giant hotel chain Marriott International with a £99 million ($123 million) under GDPR over 2014 data breach. The UK’s data privacy regulator announced that the giant hotel chain Marriott International faces a £99 million ($123 million) fines under GDPR over 2014 data breach.

Data breaches

Data breaches Data privacy Advertising Encryption

10 Takeaways From The 2014 Verizon Breach Report

SiteLock

AUGUST 27, 2021

Every year about this time, Verizon comes out with an annual review of the results of its investigations into thousands of data breaches and security incidents from around the world. The report can be very data heavy and even a little depressing, but we can learn great things from it. Here are just ten: 1.

Retail

Retail Data breaches Passwords DDOS

If China Hacked Marriott, 2014 Marked a Full-on Assault

WIRED Threat Level

DECEMBER 12, 2018

It increasingly appears that China was behind the Marriott hack, making 2014 a landmark year in cyberattacks against the US.

Hacking

Imgur Confirms 2014 Breach of 1.7 Million User Accounts

Threatpost

NOVEMBER 27, 2017

Researcher Troy Hunt is credited for tipping image sharing site Imgur off to a 2014 breach of 1.7 million user accounts.

Accountability

Accountability Data breaches Passwords Hacking

The Worst Passwords of 2014

Spinone

JANUARY 21, 2015

million leaked passwords during the year of 2014. Since we are left only a month and a half till the Valentine’s Day it’s rather obvious to claim that password “iloveyou” is one of the nine passwords from 2013-2014. The post The Worst Passwords of 2014 first appeared on SpinOne.

Passwords

Passwords Password Management Backups Hacking

TheMoon Botnet Resurfaces, Exploiting EoL Devices to Power Criminal Proxy

The Hacker News

MARCH 29, 2024

TheMoon, which emerged in 2014, has been operating quietly while growing to over 40,000 bots from 88 countries in January and February of 2024," the Black Lotus Labs team at Lumen

IoT

Russian National Extradited for 2014 JP Morgan Hack

Dark Reading

SEPTEMBER 10, 2018

Andrei Tyurin was arrested for his involvement in a hacking campaign targeting US financial institutions, financial news publishers, brokerage firm, and other companies.

Hacking

LitterDrifter USB Worm

Schneier on Security

NOVEMBER 24, 2023

The group—known by many names, including Gamaredon, Primitive Bear, ACTINIUM, Armageddon, and Shuckworm—has been active since at least 2014 and has been attributed to Russia’s Federal Security Service by the Security Service of Ukraine. A new worm that spreads via USB sticks is infecting computers in Ukraine and beyond.

Malware

Malware Government

FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy

Krebs on Security

JUNE 18, 2020

An information technology specialist at the Federal Emergency Management Agency (FEMA) was arrested this week on suspicion of hacking into the human resource databases of University of Pittsburgh Medical Center (UPMC) in 2014, stealing personal data on more than 65,000 UPMC employees, and selling the data on the dark web.

Identity Theft

Identity Theft Healthcare Hacking Technology

Who’s Behind the Botnet-Based Service BHProxies?

Krebs on Security

FEBRUARY 24, 2023

The account didn’t resume posting on the forum until April 2014. Shotliff said he sold his BHProxies account to another Black Hat World forum user from Egypt back in 2014. He also shared a PayPal receipt and snippets of Facebook Messenger logs showing conversations in March 2014 with legendboy2050@yahoo.com. com on Mar.

Accountability

Accountability Advertising Marketing Malware

NIST CSF: A “Fellowship” for Your Cybersecurity Journey to 2.0

Security Boulevard

APRIL 10, 2024

The original version was released in 2014, one year after Executive Order 13636 was signed on February 12, 2013. By Samuel Lewis, Senior Security Consultant The National Institute of Standards and Technology (NIST) released version 2.0 of the Cybersecurity Framework (CSF) on February 26, 2024. appeared first on CISO Global.

Cybersecurity

Cybersecurity CISO Technology

TheMoon” Malware Returns: Thousands of Routers Compromised

Penetration Testing

MARCH 26, 2024

Researchers at Lumen Technologies’ Black Lotus Labs have uncovered a newly updated version of the “TheMoon” malware, dating back to 2014.

Malware

Malware Penetration Testing Technology

Heimdal’s 10th Anniversary – Our Finest Hours

Heimadal Security

MARCH 12, 2024

On Heimdal’s 10th Birthday, we want to thank everyone who shaped our journey from 2014 to today, and the future. Ours is a story of perseverance, innovation, and the relentless pursuit of excellence through community empowerment. What better way to celebrate than by sharing that story with you? 2011 – Heimdal® wins CTF Championship.

OWASP discloses a data breach

Security Affairs

APRIL 1, 2024

The incident impacted OWASP members from 2006 to around 2014 who provided their resumes as part of joining OWASP. “OWASP collected resumes as part of the early membership process, whereby members were required in the 2006 to 2014 era to show a connection to the OWASP community.

Data breaches

Data breaches Mobile Software Media

Who’s Behind Monday’s 14-State 911 Outage?

Krebs on Security

SEPTEMBER 29, 2020

On April 6, 2014, some 11 million people across the United States were disconnected from 911 services for eight hours thanks to an “entirely preventable” software error tied to Intrado’s systems. million for the multi-state 2014 outage. 2018 outage that lasted 65 minutes.

Telecommunications

Telecommunications Software

Zero-Day Vulnerabilities Are on the Rise

Schneier on Security

APRIL 27, 2022

Google: 2021 included the detection and disclosure of 58 in-the-wild 0-days, the most ever recorded since Project Zero began tracking in mid-2014. We’ve tracked publicly known in-the-wild 0-day exploits in this spreadsheet since mid-2014.

Ransomware

Ransomware Risk Malware Hacking

Cybercrime Costs for Financial Sector up 40% Since 2014

Dark Reading

FEBRUARY 14, 2018

increase just in the past year, and denial-of-service attacks are partly to blame.

Cybercrime

UK Electoral Commission data breach exposes 8 years of voter data

Bleeping Computer

AUGUST 8, 2023

The UK Electoral Commission disclosed a massive data breach exposing the personal information of anyone who registered to vote in the United Kingdom between 2014 and 2022. [.]

Data breaches

Data breaches Government

Adconion Execs Plead Guilty in Federal Anti-Spam Case

Krebs on Security

JUNE 10, 2022

The government alleged that between December 2010 and September 2014, the defendants engaged in a conspiracy to identify or pay to identify blocks of Internet Protocol (IP) addresses that were registered to others but which were otherwise inactive. Adconion was acquired in June 2014 by Amobee , a Redwood City, Calif.

Government

Government Marketing Internet Internet

From Cybercrime Saul Goodman to the Russian GRU

Krebs on Security

FEBRUARY 7, 2024

In a retrospective post published to Livejournal in 2014 titled, “Mazafaka, from conception to the present day,” Stalker said Djamix had become a core member of the community. Those include several websites about life in and around Sochi , Russia, the site of the 2014 Winter Olympics, as well as a nearby coastal town called Adler.

Cybercrime

Cybercrime Accountability Identity Theft Hacking

Cryptanalyzing a Pair of Russian Encryption Algorithms

Schneier on Security

MAY 10, 2019

It's just not the kind of mistake you make by accident, not in 2014. A pair of Russia-designed cryptographic algorithms -- the Kuznyechik block cipher and the Streebog hash function -- have the same flawed S-box that is almost certainly an intentional backdoor.

Encryption

Malware Masquerade: HubSpot, Veeam, Xero – Carbanak Lures Victims with Trust

Penetration Testing

DECEMBER 27, 2023

According to the monthly threat analysis by NCC Group, the banking malware Carbanak, known since 2014, has updated its methods and is now actively used in ransomware attacks.

Penetration Testing

Penetration Testing Malware Banking Ransomware

Google will pay $391M to settle Android location tracking lawsuit

Bleeping Computer

NOVEMBER 14, 2022

states alleging that the search giant tracked Android users' locations since at least 2014 even when they thought location tracking was disabled. [.]. Google has agreed to pay $391.5 million to settle a lawsuit filed by a coalition of attorneys general from 40 U.S.

It's Windows XP's 20th birthday and way too many still use it

Bleeping Computer

OCTOBER 25, 2021

?Today is the 20th anniversary of Windows XP, and although the operating system reached the end of support in 2014, way too many people continue to use the insecure version of Windows. [.].

Software

Updates on NIST’s Interagency International Cybersecurity Standardization Working Group

NSTIC

FEBRUARY 28, 2024

Our charge, from the Cybersecurity Enhancement Act of 2014, was to build a coordination mechanism for government agencies to discuss international cybersecurity standardization issues, consistent with agencies’ responsibilities under OMB Circular A-119.

Cybersecurity

Cybersecurity Government

Bitcoin mixer owner pleads guilty to laundering over $300 million

Bleeping Computer

AUGUST 18, 2021

Larry Dean Harmon, the owner of a dark web cryptocurrency laundering service known as Helix, pleaded guilty today of laundering over $300 million worth of bitcoins between 2014 and 2017. [.].

Cryptocurrency

Two Russian Nationals Charged for Masterminding Mt. Gox Crypto Exchange Hack

The Hacker News

JUNE 13, 2023

Department of Justice (DoJ) has charged two Russian nationals in connection with masterminding the 2014 digital heist of the now-defunct cryptocurrency exchange Mt.

Cryptocurrency

Cryptocurrency Hacking

UK Electoral Commission Data Breach Exposes Information of 40 Million Voters

Heimadal Security

AUGUST 9, 2023

The UK Electoral Commission revealed a cyberattack that exposed the personal data of all registered voters between 2014 and 2022. The attack took place in August 2021, but the Commission only discovered the breach in October 2022.

Data breaches

Data breaches Cybersecurity

Marriott Confirms Data Breach

Heimadal Security

JULY 7, 2022

An incident that occurred in 2014 but was not discovered until September 2018 led to a fine of £14.4 The recent incident at Marriott is not the first time the company has been the victim of a massive data breach. million ($24 million) from the Information Commissioner’s Office in the United Kingdom. Names, mailing addresses, […].

Data breaches

Data breaches Cybersecurity

Understanding the Key Updates in NIST Cybersecurity Framework 2.0

Security Boulevard

MARCH 18, 2024

When the guys at the National Institute of Standards and Technology (NIST) released the inaugural Cybersecurity Framework in February 2014, it did not include a batch of questions that were almost certainly on their minds but not in the framework. appeared first on Centraleyes.

Cybersecurity

Cybersecurity Technology

Growing Tension Between Russia and Ukraine: Should you be concerned?

Digital Shadows

FEBRUARY 9, 2022

Russia and Ukraine have had a particularly tense relationship since Russia’s annexation of Crimea in 2014. In the past weeks, The post Growing Tension Between Russia and Ukraine: Should you be concerned? first appeared on Digital Shadows.

Cybercrime

Cybercrime Ransomware

Report: Data breach numbers may not actually be declining, and reporting them is getting slower

Tech Republic Security

FEBRUARY 4, 2022

Flashpoint and Risk Based Security’s report found that, despite early reports, the total number of breaches is likely much higher than reported, with the time it takes to report a breach the longest since 2014.

Data breaches

Data breaches Risk

Ukraine links members of Gamaredon hacker group to Russian FSB

Bleeping Computer

NOVEMBER 4, 2021

SSU and the Ukrainian secret service say they have identified five members of the Gamaredon hacking group, a Russian state-sponsored operation known for targeting Ukraine since 2014. [.].

Hacking

Data privacy: a look ahead at 2014

Privacy and Cybersecurity Law

JANUARY 10, 2014

So as the latest Snowdon revelations (oh … and the New Year Holiday fun has subsided) how about we look […].

Data privacy

Data privacy Data breaches

How Mobile Networks Have Become a Front in the Battle for Ukraine

Dark Reading

MAY 17, 2022

Since 2014's annexation of Crimea, Ukrainian mobile operators have taken multiple, proactive steps to defend networks in the country and ensure their resilience.

Mobile

Crimeware server used by NetWalker ransomware seized and shut down

Naked Security

AUGUST 14, 2023

The site was running from 2014 and allegedly raked in more than $20m, which the DOJ is seeking to claw back…

Ransomware

Ransomware Phishing

Chinese Hackers Stole an NSA Windows Exploit in 2014

Booter Boss Interviewed in 2014 Pleads Guilty

Trending Sources

Top Suspect in 2015 Ashley Madison Hack Committed Suicide in 2014

Lab Walkthrough?—?Shockin’ Shells: ShellShock [CVE-2014–6271]

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

CISA Adds Five ‘New’ Exploits to KEV Catalog, Including 2014’s Heartbleed Vulnerability

Unc0ver is the first jailbreak that works on all recent iOS versions since 2014

2014 Marriott Data Breach Exposed, 500M Guests Impacted

UK ICO proposes a $123 million fine for Marriott 2014 data breach

10 Takeaways From The 2014 Verizon Breach Report

If China Hacked Marriott, 2014 Marked a Full-on Assault

Imgur Confirms 2014 Breach of 1.7 Million User Accounts

The Worst Passwords of 2014

TheMoon Botnet Resurfaces, Exploiting EoL Devices to Power Criminal Proxy

Russian National Extradited for 2014 JP Morgan Hack

LitterDrifter USB Worm

FEMA IT Specialist Charged in ID Theft, Tax Refund Fraud Conspiracy

Who’s Behind the Botnet-Based Service BHProxies?

NIST CSF: A “Fellowship” for Your Cybersecurity Journey to 2.0

TheMoon” Malware Returns: Thousands of Routers Compromised

Heimdal’s 10th Anniversary – Our Finest Hours

OWASP discloses a data breach

Who’s Behind Monday’s 14-State 911 Outage?

Zero-Day Vulnerabilities Are on the Rise

Cybercrime Costs for Financial Sector up 40% Since 2014

UK Electoral Commission data breach exposes 8 years of voter data

Adconion Execs Plead Guilty in Federal Anti-Spam Case

From Cybercrime Saul Goodman to the Russian GRU

Cryptanalyzing a Pair of Russian Encryption Algorithms

Malware Masquerade: HubSpot, Veeam, Xero – Carbanak Lures Victims with Trust

Google will pay $391M to settle Android location tracking lawsuit

It's Windows XP's 20th birthday and way too many still use it

Updates on NIST’s Interagency International Cybersecurity Standardization Working Group

Bitcoin mixer owner pleads guilty to laundering over $300 million

Two Russian Nationals Charged for Masterminding Mt. Gox Crypto Exchange Hack

UK Electoral Commission Data Breach Exposes Information of 40 Million Voters

Marriott Confirms Data Breach

Understanding the Key Updates in NIST Cybersecurity Framework 2.0

Growing Tension Between Russia and Ukraine: Should you be concerned?

Report: Data breach numbers may not actually be declining, and reporting them is getting slower

Ukraine links members of Gamaredon hacker group to Russian FSB

Data privacy: a look ahead at 2014

How Mobile Networks Have Become a Front in the Battle for Ukraine

Crimeware server used by NetWalker ransomware seized and shut down

Stay Connected