2014, Accountability and DDOS - Cyber Security Informer

German encrypted email service Tutanota suffers DDoS attacks

Security Affairs

SEPTEMBER 19, 2020

The popular encrypted email service Tutanota was hit with a series of DDoS attacks this week targeting its website fist and its DNS providers later. Encrypted email service, Tutanota suffered a series of DDoS attacks that initially targeted the website and later its DNS providers. ” reads a blog post published by Tutanota.

DDOS

DDOS Encryption DNS Advertising

SANDMAN AND FINEPROXY BEHIND THE DDOS ATTACKS AGAINST TIMETV.LIVE

Security Affairs

APRIL 28, 2020

Timetv.live is the latest Azeri news site targeted by Denial of Service (DDoS) attacks launched by Sandman threat actor, the attack took place on March 21, 2020. Just like many other DDoS attacks we have seen in the past against Azeri media, the attacker monitors the success of the floods using the HostTracker service.

DDOS

DDOS Media VPN Advertising

Man Who Mass-Extorted Psychotherapy Patients Gets Six Years

Krebs on Security

APRIL 30, 2024

. “This seems like a short sentence when taking into account the gravity of his actions and the life-altering consequences to thousands of people, but it’s almost the maximum the law allows for,” Kurittu said. Kivimäki was 15 years old at the time.

DDOS

DDOS Cybercrime Hacking Passwords

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. Chaput said that at one point last week the volume of bot accounts being registered for the crypto spam campaign started overwhelming the servers that handle new signups at Mastodon.social.

Scams

Scams DDOS Cryptocurrency Accountability

10 Takeaways From The 2014 Verizon Breach Report

SiteLock

AUGUST 27, 2021

WordPress, or Drupal) to gain control of servers for use in DDoS campaigns.”. accounting for the biggest number of incidents by far – 54% of incidents compared to the next highest which was South Korea at just 6%. State-sponsored cyber espionage accounted for nearly 90% of the attacks, with just 11% attributed to criminals.

Retail

Retail Data breaches DDOS Passwords

Hacker who disrupted Sony gaming gets a 27-months jail sentence

Security Affairs

JULY 4, 2019

Austin Thompson (23) from Utah, the hacker who carried out massive DDoS attacks on Sony, EA, and Steam gets a 27-months prison sentence. The hacker who brought offline with massive DDoS attacks online gaming networks between December 2013 and January 2014 has been sentenced to 27 months in prison. SecurityAffairs – Sony, DDoS).

DDOS

DDOS Computers and Electronics Advertising Internet

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

As detailed in my 2014 book, Spam Nation , Spamdot was home to crooks controlling some of the world’s nastiest botnets, global malware contagions that went by exotic names like Rustock , Cutwail , Mega-D , Festi , Waledac , and Grum. bank accounts. This post is an attempt to remedy that omission. The domain wmpay.ru

Cybercrime

Cybercrime Banking Computers and Electronics DDOS

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Krebs on Security

FEBRUARY 12, 2019

11, when the company’s Twitter account started fielding reports from users who said they were no longer receiving messages. VFEmail’s Twitter account responded that “external facing systems, of differing OS’s and remote authentication, in multiple data centers are down.” 9], username “aktv.”).

Hacking

Hacking DDOS Backups Accountability

Google warned users of 33,015 nation-state attacks since January

Security Affairs

OCTOBER 17, 2020

Google delivered 33,015 alerts to its users during the first three quarters of 2020 to warn them of phishing attacks, launched by nation-state actors, targeting their accounts. The threat actor behind this campaign was primarily acquiring or hijacking existing accounts and using them to spread content crafted for their intent.

DDOS

DDOS Phishing Advertising Accountability

Anonymous Belgium hacker identified after dropping USB drive while throwing Molotov cocktail

Security Affairs

JUNE 25, 2019

The Anonymous member is a 35-year-old man from Roeselare, Belgium, was arrested after throwing a Molotov cocktail at the Crelan Bank office in Rumbeke, back in 2014. The member of Anonymous was also involved in DDoS attacks against online banking system of the Crelan Bank that shut down the portal on numerous occasions.

DDOS

DDOS Banking Computers and Electronics Cybercrime

Ukraine Nabs Suspect in 773M Password ?Megabreach?

Krebs on Security

MAY 19, 2020

The SBU said they found on Sanix’s computer records showing he sold databases with “logins and passwords to e-mail boxes, PIN codes for bank cards, e-wallets of cryptocurrencies, PayPal accounts, and information about computers hacked for further use in botnets and for organizing distributed denial-of-service (DDoS) attacks.”

Passwords

Passwords Accountability Hacking Password Management

Security Affairs newsletter Round 282

Security Affairs

SEPTEMBER 20, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

DDOS

DDOS Ransomware Data breaches Advertising

Finland’s Most-Wanted Hacker Nabbed in France

Krebs on Security

FEBRUARY 5, 2023

Kivimäki initially gained notoriety as a self-professed member of the Lizard Squad , a mainly low-skilled hacker group that specialized in DDoS attacks. The DDoS-for-hire service allegedly operated by Kivimäki in 2012. Kivimäki was 15 years old at the time.

Cybercrime

Cybercrime DDOS Hacking Accountability

Kaiji, a new Linux malware targets IoT devices in the wild

Security Affairs

MAY 5, 2020

Security researchers spotted a new piece of DDoS bot dubbed Kaiji that is targeting IoT devices via SSH brute-force attacks. The malicious code was designed to target Linux-based servers and Internet of Things (IoT) devices and use them as part of a DDoS botnet. You may want to block #C2 at: 1[.]versionday[.]xyz versionday[.]xyz

IoT

IoT Malware DDOS Advertising

The Mystery of Fbot

Security Affairs

JANUARY 21, 2020

This article explains what we have learned about the Fbot traced back from the year of 2014. This wave is a significant timeline as a technology step-up for DDoS botnet and IoT malware development. Figure 1 – Vamp’s account on Twitter). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

DDOS

DDOS IoT Malware Advertising

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. According to the researchers, in the last months of 2019, the botnet was mainly involved in DDoS attacks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

IoT

IoT DDOS Architecture Passwords

Dark web Grey Market still down, users speculate possible Exit Scam

Security Affairs

DECEMBER 31, 2019

you can mark Market as scam exited and ban all our official accounts” reads the message published by the Market admin. Some users speculate that several black marketplaces, including the Grey Market, were hit by powerful DDoS attacks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Iran, hacking).

Marketing

Marketing Scams DDOS Advertising

Roboto, a new P2P botnet targets Linux Webmin servers

Security Affairs

NOVEMBER 21, 2019

.” The analysis of the bot revealed that it supports seven functions: reverse shell, self-uninstall, gather process’ network information, gather Bot information, execute system commands, run encrypted files specified in URLs, DDoS attack, etc. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

DDOS

DDOS System Administration Advertising DNS

Security Affairs newsletter Round 260

Security Affairs

APRIL 19, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – newsletter, hacking). adrotate banner=”13″].

Scams

Scams Phishing Advertising DDOS

Reassessing cyberwarfare. Lessons learned in 2022

SecureList

DECEMBER 14, 2022

For instance, according to the New York Times, in 2003, the United States made plans for a huge cyberattack to freeze billions of dollars in Saddam Hussein’s bank accounts and cripple his government before the invasion of Iraq. Taking sides: professional ransomware groups, hacktivists, and DDoS attacks.

DDOS

DDOS Ransomware Government Energy and Utilities

Security Affairs newsletter Round 243

Security Affairs

DECEMBER 8, 2019

Twitter account of Huawei Mobile Brazil hacked. A flaw in Microsoft OAuth authentication could lead Azure account takeover. China used the Great Cannon DDoS Tool against forum used by Hong Kong protestors. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Advertising

Advertising DDOS VPN Authentication

Apollon Darknet market is allegedly pulling an exit scam

Security Affairs

FEBRUARY 2, 2020

The Apollon market, one of the largest marketplaces, is likely exit scamming after the administrators have locked vendors’ accounts. Users on Reddit are reporting that vendors can’t withdrawal funds nor sign into their account, only buyers are still able to sign onto their accounts. ” continues Darknetstats.

Marketing

Marketing Scams DDOS Accountability

Ukrainian police dismantled a bot farm involved in multiple spam campaigns

Security Affairs

OCTOBER 3, 2019

With this resource, it was possible to buy activated accounts in large numbers to various mail resources, social networks, payment systems and more. At the same time, verified accounts were also sold, the cost of which was much higher.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cybercrime

Cybercrime VPN Advertising Accountability

There was no data breach in the cyberattack against Minneapolis Police

Security Affairs

JUNE 2, 2020

Last week a massive distributed denial-of-service (DDoS) attack shut down the websites and systems of Minneapolis, but there is no evidence of a breach. But some security experts argued that the data were not obtained as result of a security breach occurred during the DDoS attack. ” reads the Hunt’s analysis.

Data breaches

Data breaches DDOS Passwords Advertising

Exclusive – MalwareMustDie Team analyzed the Cayosin Botnet and its criminal ecosystem

Security Affairs

FEBRUARY 9, 2019

One of them is the Layer 7 (HTTP) Attack reported in the picture below documenting how this kind of malware can evade the anti-DDoS solutions like Cloudfare. You can learn more about these tools by following the various Instagram accounts of the crew.

DDOS

DDOS IoT Advertising Penetration Testing

Security Affairs newsletter Round 250

Security Affairs

FEBRUARY 9, 2020

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks. Facebooks official Twitter and Instagram accounts hacked by OurMine. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. .

Banking

Banking Advertising Ransomware DDOS

Security Affairs newsletter Round 253

Security Affairs

MARCH 1, 2020

Slickwraps discloses data leak that impacted 850,000 user accounts. Silence Hacking Crew threatens Australian banks of DDoS attacks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Lampion malware v2 February 2020.

Banking

Banking Malware Advertising Ransomware

Security Service of Ukraine arrested the popular hacker Sanix who sold billions of stolen credentials

Security Affairs

MAY 20, 2020

Stolen credentials were bought by fraudsters, hackers, and scammers to carry out a broad range of malicious activities, such as launching malspam campaign or take over users’ accounts. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – Sanix, hacking).

Cybercrime

Cybercrime Passwords Advertising Hacking

Security Affairs newsletter Round 261

Security Affairs

APRIL 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Spyware

Spyware Hacking Advertising Antivirus

IPStorm botnet evolves to infect Android, Linux, and Mac devices

Security Affairs

OCTOBER 2, 2020

“The Linux variant has adjusted some features in order to account for the fundamental differences that exist between this operating system and Windows.” Curiously, until now, the researchers have not seen the IPStorm operators doing malicious activities, such as performing DDoS attacks or relaying malicious traffic.

Advertising

Advertising DDOS Architecture Passwords

A new Adwind variant involved in attacks on US petroleum industry

Security Affairs

OCTOBER 1, 2019

The Adwind RAT was first discovered early 2012, the experts dubbed it Frutas RAT and later it was identified with other names, Unrecom RAT (February 2014), AlienSpy (October 2014), and recently JSocket RAT (June 2015). DDoS attacks, brute-forcing attacks). ” continues the a nalysis. . ” conclude the expert.

Malware

Malware Advertising DDOS Cybercrime

SSNDOB marketplace shut down by global law enforcement operation

Malwarebytes

JUNE 8, 2022

DDoS attacks from rivals are common, so several domains working together keeps things ticking over. Joker’s Stash, trading since 2014 , received more than $100,000 in Bitcoin from SSNDOB. One breach taking your login from a gaming forum can quickly become something that exposes Government service logins or bank accounts.

DDOS

DDOS Cryptocurrency Scams Data breaches

Multiple threat actors are targeting Elasticsearch Clusters

Security Affairs

FEBRUARY 27, 2019

and lower) to compromise them and install the malicious code the exploit the CVE-2014-3120 and CVE-2015-1427 vulnerabilities. These attacks leverage CVE-2014-3120 and CVE-2015-1427, both of which are only present in old versions of Elasticsearch and exploit the ability to pass scripts to search queries.” Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Advertising DDOS Malware

Security Affairs newsletter Round 210 – News of the week

Security Affairs

APRIL 21, 2019

Attackers hacked support agent to access Microsoft Outlook email accounts. A new DDoS technique abuses HTML5 Hyperlink Audit Ping in massive attacks. A new DDoS technique abuses HTML5 Hyperlink Audit Ping in massive attacks. Gnosticplayers round 5 – 65 Million+ fresh accounts from 6 security breaches available for sale.

Computers and Electronics

Computers and Electronics Spyware Data breaches Advertising

Security Affairs newsletter Round 224 – News of the week

Security Affairs

JULY 28, 2019

Twitter account of Scotland Yard hacked and posted bizarre messages. WizzAir informed customers it forced a password reset on their accounts. Imperva blocked the largest Layer 7 DDoS attack it has ever seen. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Antivirus

Antivirus Spyware Advertising Hacking

Fileless PowerGhost cryptocurrency miner leverages EternalBlue exploit to spread

Security Affairs

JULY 30, 2018

Then the malware uses the Mimikatz tool to get the user account credentials from the machine and use it to attempt lateral movements inside the target network. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency

Cryptocurrency DDOS Advertising Malware

QSnatch malware already infected thousands of QNAP NAS devices

Security Affairs

NOVEMBER 4, 2019

DDoS attack, cryptocurrency miner, data harvesting). One of the first attacks against QNAP is dated back 2014, at the time security experts at Sans Institute discovered a worm that exploits the popular Shellshock flaw to compromise QNAP systems in the wild. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Firmware Advertising Encryption

Evolution of threat landscape for IoT devices – H1 2018

Security Affairs

SEPTEMBER 19, 2018

percent of all the data collected, followed by TP-Link that accounted for 9.07%. “More and more exploits are being weaponized by cybercriminals, and infected devices are used to steal personal data and mine cryptocurrencies, on top of traditional DDoS attacks. ” concludes Kaspersky. Pierluigi Paganini.

IoT

IoT Passwords Malware Advertising

Experts analyzed the evolution of the Emotet supply chain

Security Affairs

OCTOBER 11, 2022

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Other modules seen in early versions of Emotet included a distributed denial-of-service (DDoS) module and a banking module. ” continues the report.

Banking

Banking Malware DDOS Accountability

API Security and Hackers: What?s the Need?

Security Affairs

MAY 30, 2020

To limit access to your accounts, use IP Whitelist and IP Blacklist where possible. A good manager takes accountability, and a fantastic API does so too. Instead of creating an account on a website, you can connect via credentials from another provider, such as Facebook or Google. OAuth & OpenID Connect. OWASP top 10.

Authentication

Authentication Firewall Encryption Passwords

Security Affairs newsletter Round 182 – News of the week

Security Affairs

SEPTEMBER 30, 2018

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches IoT Advertising Banking

HiddenWasp, a sophisticated Linux malware borroes from Mirai and Azazel

Security Affairs

MAY 31, 2019

“Unlike common Linux malware, HiddenWasp is not focused on crypto-mining or DDoS activity. The script allows the malware to achieve persistence, it creates a new system’s user account and to update older variants if the system was already compromised. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Advertising DDOS Architecture

Pay it safe: Group-IB aids Paxful in repelling a series of web-bot attacks

Security Affairs

OCTOBER 20, 2020

Group-IB , a global threat hunting and intelligence company headquartered in Singapore, has assisted Paxful , an international peer-to-peer cryptocurrency marketplace, in countering a wave of web-bot and social engineering attacks, and customer account takeovers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency

Cryptocurrency Social Engineering eCommerce Engineering

The Death botnet grows targeting AVTech devices with a 2-years old exploit

Security Affairs

JULY 25, 2018

The latest version of payload used by EliteLands is adding accounts with a lifespan of five minutes that execute his payload and then is deleted from the device. “This is like a burner account,” Anubhav told Bleeping Computer. “Usually people don’t make new user accounts with access of only 5 minutes.”

Firmware

Firmware Passwords IoT Advertising

German encrypted email service Tutanota suffers DDoS attacks

SANDMAN AND FINEPROXY BEHIND THE DDOS ATTACKS AGAINST TIMETV.LIVE

Webinars

Trending Sources

Man Who Mass-Extorted Psychotherapy Patients Gets Six Years

Webinars

Interview With a Crypto Scam Investment Spammer

10 Takeaways From The 2014 Verizon Breach Report

Hacker who disrupted Sony gaming gets a 27-months jail sentence

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Google warned users of 33,015 nation-state attacks since January

Anonymous Belgium hacker identified after dropping USB drive while throwing Molotov cocktail

Ukraine Nabs Suspect in 773M Password ?Megabreach?

Security Affairs newsletter Round 282

Finland’s Most-Wanted Hacker Nabbed in France

Kaiji, a new Linux malware targets IoT devices in the wild

The Mystery of Fbot

Mozi Botnet is responsible for most of the IoT Traffic

Dark web Grey Market still down, users speculate possible Exit Scam

Roboto, a new P2P botnet targets Linux Webmin servers

Security Affairs newsletter Round 260

Reassessing cyberwarfare. Lessons learned in 2022

Security Affairs newsletter Round 243

Apollon Darknet market is allegedly pulling an exit scam

Ukrainian police dismantled a bot farm involved in multiple spam campaigns

There was no data breach in the cyberattack against Minneapolis Police

Exclusive – MalwareMustDie Team analyzed the Cayosin Botnet and its criminal ecosystem

Security Affairs newsletter Round 250

Security Affairs newsletter Round 253

Security Service of Ukraine arrested the popular hacker Sanix who sold billions of stolen credentials

Security Affairs newsletter Round 261

IPStorm botnet evolves to infect Android, Linux, and Mac devices

A new Adwind variant involved in attacks on US petroleum industry

SSNDOB marketplace shut down by global law enforcement operation

Multiple threat actors are targeting Elasticsearch Clusters

Security Affairs newsletter Round 210 – News of the week

Security Affairs newsletter Round 224 – News of the week

Fileless PowerGhost cryptocurrency miner leverages EternalBlue exploit to spread

QSnatch malware already infected thousands of QNAP NAS devices

Evolution of threat landscape for IoT devices – H1 2018

Experts analyzed the evolution of the Emotet supply chain

API Security and Hackers: What?s the Need?

Security Affairs newsletter Round 182 – News of the week

HiddenWasp, a sophisticated Linux malware borroes from Mirai and Azazel

Pay it safe: Group-IB aids Paxful in repelling a series of web-bot attacks

The Death botnet grows targeting AVTech devices with a 2-years old exploit

Stay Connected