2014, Data collection and Hacking - Cyber Security Informer

The Role of Differential Privacy in Protecting Sensitive Information in the Era of Artificial Intelligence

Security Affairs

MARCH 7, 2025

According to Erlingsson (2014), Google’s RAPPOR system collects user data while maintaining anonymity. Similarly, Abowd(2018) examined its integration with a census data collection framework, ensuring confidentiality. More recent research has focused on applying differential privacy in various domains.

Artificial Intelligence

Artificial Intelligence Healthcare Data privacy Banking

Poland and Lithuania fear that data collected via FaceApp could be misused

Security Affairs

JULY 19, 2019

Many security experts are warning of the risks of using the popular app, threat actors could be potentially interested in data collected by FaceApp. He pointed out that most of the photos collected by the users are deleted from its servers within 48 hours and that is not used for other purposes. Pierluigi Paganini.

Data collection

Data collection Wireless Advertising Risk

Protonmail hacked …. a very strange scam attempt

Security Affairs

NOVEMBER 17, 2018

A hacker going online by the moniker AmFearLiathMor is claiming to have hacked the most popular end-to-end encrypted email service ProtonMail. At the time it is not clear if the hacker belongs to a cyber crime gang, it claims to have stolen a “significant” amounts of data from the company. The ransom demand ( archive.is

Scams

Scams Hacking Data collection Advertising

Hacking Wi-Fi networks by exploiting a flaw in Philips Smart Light Bulbs

Security Affairs

FEBRUARY 6, 2020

based specification for a suite of high-level communication protocols used to create personal area networks with small, low-power digital radios, such as for home automation, medical device data collection, and other low-power low-bandwidth needs, designed for small scale projects which need wireless connection. Pierluigi Paganini.

Hacking

Hacking IoT Wireless Firmware

Over 100 flaws in management and access control systems expose buildings to hack

Security Affairs

MAY 11, 2019

The extent of the flaw is wide, according to data collected by Krstic during the study, the vulnerabilities could impact up to 10 million people and 30,000 doors at 200 facilities. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – buildings, hacking). Pierluigi Paganini.

Hacking

Hacking Surveillance Data collection Advertising

Confessions of an ID Theft Kingpin, Part I

Krebs on Security

AUGUST 26, 2020

Ngo got his treasure trove of consumer data by hacking and social engineering his way into a string of major data brokers. By the time the Secret Service caught up with him in 2013, he’d made over $3 million selling fullz data to identity thieves and organized crime rings operating throughout the United States.

Identity Theft

Identity Theft Computers and Electronics Hacking Accountability

Twitter, Facebook, and Instagram blocked in Turkey as Idlib military crisis escalates

Security Affairs

FEBRUARY 28, 2020

Network data collected by the NetBlocks internet observatory confirm that Turkey has blocked access to social media as Idlib military crisis escalates. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Media

Media Data collection Internet Internet

Hackers targeted the US Census Bureau network, DHS report warns

Security Affairs

OCTOBER 11, 2020

Data collected by the agency is used by the federal government to allocate over $675 billion in federal funds to tribal, local, and state governments every year. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Government

Government Advertising Hacking Data collection

CIRWA Project tracks ransomware attacks on critical infrastructure

Security Affairs

SEPTEMBER 14, 2020

Data collected by the researchers are very interesting and very useful for future research projects on the security of the critical infrastructure. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. . Pierluigi Paganini.

Ransomware

Ransomware Data collection Advertising Healthcare

Threat Report Portugal: Q2 2020

Security Affairs

AUGUST 14, 2020

The Threat Report Portugal: Q2 2020 compiles data collected on the malicious campaigns that occurred from April to Jun, Q2, of 2020. The Portuguese Abuse Open Feed 0xSI_f33d is an open sharing database with the ability to collect indicators from multiple sources, developed and maintained by Segurança-Informática.

Threat Reports

Threat Reports Phishing Banking Data collection

Operation North Star – North-Korea hackers targeted US defense and aerospace companies

Security Affairs

JULY 30, 2020

“The data collected from the target machine could be useful in classifying the value of the target. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, North Korea). ” states the report published by the experts. Pierluigi Paganini.

Data collection

Data collection Advertising Malware Phishing

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

Krebs on Security

SEPTEMBER 4, 2018

Less than a week ago, security researcher Nitish Shah directed KrebsOnSecurity to an open database on the Web that allowed anyone to query up-to-the-minute mSpy records for both customer transactions at mSpy’s site and for mobile phone data collected by mSpy’s software. In September 2014, U.S.

Spyware

Spyware Mobile Advertising Software

Russian spies are attempting to tap transatlantic undersea cables

Security Affairs

MARCH 1, 2020

Attacks against undersea cables are not a novelty, in 2014 The Register published information on a secret British spy base located at Seeb on the northern coast of Oman, a strategic position that allows the British Government to tap to various undersea cables passing through the Strait of Hormuz into the Persian/Arabian Gulf.

Wireless

Wireless Surveillance Telecommunications Advertising

FTC charged Avast with selling users’ browsing data to advertising companies

Security Affairs

FEBRUARY 22, 2024

The company claimed their software would “block[] annoying tracking cookies that collect data on your browsing activities” and “[p]rotect your privacy by preventing. ” Avast subsidiary Jumpshot sold the collected information to over 100 third parties between 2014 and 2020. .” FTC will also fine Avast $16.5

Advertising

Advertising Antivirus Data collection Software

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

Security Affairs

NOVEMBER 16, 2018

Thirteen exchanges were hacked in 2017 and in the first three quarters of 2018, amounting to a total loss of $877 million. GIB Threat Intelligence cyber threats data collection system has been named one of the best in class by Gartner, Forrester, and IDC. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cybercrime

Cybercrime Hacking Banking Phishing

Silent Night Zeus botnet available for sale in underground forums

Security Affairs

MAY 23, 2020

Data collected by the malware are then transferred to the operator’s command-and-control (C2) server. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – Silent Night, hacking).

Banking

Banking Advertising Malware Data collection

Threat Report Portugal Q1 2020

Security Affairs

APRIL 20, 2020

The Threat Report Portugal: Q1 2020 compiles data collected on the malicious campaigns that occurred from January to March, Q1, of 2020. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Read more here.

Threat Reports

Threat Reports Phishing Banking Malware

Evolution of threat landscape for IoT devices – H1 2018

Security Affairs

SEPTEMBER 19, 2018

percent of all the data collected, followed by TP-Link that accounted for 9.07%. The Chimay Red hacking tool leverages 2 exploits, the Winbox Any Directory File Read (CVE-2018-14847) and Webfig Remote Code Execution Vulnerability. Let me suggest to read to read the report , is full of interesting data. Pierluigi Paganini.

IoT

IoT Passwords Malware Data collection

Russian cybercriminal Aleksandr Brovko sentenced to 8 years in jail

Security Affairs

NOVEMBER 3, 2020

The scripts developed by the cyber criminal were used to parse log data collected from botnet and searched for personally identifiable information (PII) and account credentials. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Aleksandr Brovko).

Accountability

Accountability Banking Advertising Data collection

Russia-Linked Turla APT group Hijacked C2 of the Iranian OilRig

Security Affairs

JUNE 21, 2019

Experts at Symantec observed in the last eighteen months at least three distinct campaigns, each using a different set of hacking tools. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – Turla, hacking).

Government

Government Hacking Advertising Data collection

USB drives are primary vector for destructive threats to industrial facilities

Security Affairs

NOVEMBER 5, 2018

Experts from Honeywell analyzed data collected with the Secure Media Exchange (SMX) , a product it has launched in 2017 and that was designed to protect industrial facilities from USB-borne threats. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware IoT Advertising Data collection

IBM experts warn of malicious abuses of Apple Siri Shortcuts

Security Affairs

FEBRUARY 2, 2019

Attackers can also automate data collection from the device (user’s current physical address, IP address, contents of the clipboard, stored pictures/videos, contact information and more) and send them to the victims to scare them. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Social Engineering

Social Engineering Hacking Advertising Data collection

XKCD forum data breach impacted 562,000 subscribers

Security Affairs

SEPTEMBER 3, 2019

The data breach impacted 562,000 subscribers, the forum has been taken offline after the incident. We’ve been alerted that portions of the PHPBB user table from our forums showed up in a leaked data collection.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Data breaches

Data breaches Passwords Data collection Advertising

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

Internal Revenue Service website for months: Anyone seeking to create an account to view their tax records online would soon be required to provide biometric data to a private company in Virginia — ID.me. It emerges that email marketing giant Mailchimp got hacked. In 2016, while the U.S.

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

Google Chronicle announced Backstory to protect businesses

Security Affairs

MARCH 5, 2019

Companies could use this data to quickly detect malicious activities. Backstory aims at detecting patterns of malicious activities, it also compares data against “threat intelligence” data collected from other sources and partners (i.e. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

DNS

DNS Cyber threats Advertising Data collection

Android Apps containing Clicker Trojan installed on over 100M devices

Security Affairs

AUGUST 10, 2019

Data collected by the malware include manufacturer and model, OS version, country of residence of the user, the default language of the system, user agent identifier, name of mobile operator, type of internet connection, screen options, time zone, and information about the tainted application containing the Trojan. Pierluigi Paganini.

Mobile

Mobile Advertising Malware Antivirus

Number of hacktivist attacks declined by 95 percent since 2015

Security Affairs

MAY 18, 2019

Even if in Italy the cells of the popular Anonymous collective are very active , the overall number of hacktivist attacks that caused in quantifiable damage to the victim has declined by 95 percent since 2015. Researchers analyzed data collected by IBM’s X-Force threat intelligence unit between 2015 and 2019. Pierluigi Paganini.

Advertising

Advertising Data collection DDOS Healthcare

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Security Affairs

SEPTEMBER 18, 2020

CERT-GIB’s report is based on data collected and analyzed by the Threat Detection System (TDS) Polygon as part of operations to prevent and detect threats distributed online in H1 2020. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, ransomware).

Phishing

Phishing Ransomware Spyware Banking

Too much UPnP-enabled connected devices still vulnerable to cyber attacks

Security Affairs

MARCH 7, 2019

Data collected by the expert showed that 16 percent of those devices with UPnP enabled utilize the MiniUPnPd library, and only 0.39% is running the latest release 2.1. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cyber Attacks

Cyber Attacks Advertising Firmware Data collection

Security Affairs newsletter Round 223 – News of the week

Security Affairs

JULY 21, 2019

Israel surveillance firm NSO group can mine data from major social media. Poland and Lithuania fear that data collected via FaceApp could be misused. Former NSA contractor sentenced to 9 years for stealing classified data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Small Business

Small Business Spyware Media DNS

Google to Pay a record $391M fine for misleading users about the collection of location data

Security Affairs

NOVEMBER 15, 2022

The authorities started the investigation into Google collection practice following a 2018 Associated Press article that revealed Google “records your movements even when you explicitly tell it not to.”. However, location data can be used to expose a person’s identity and routines, and even infer personal details. Pierluigi Paganini.

Consumer Protection

Consumer Protection Accountability Data collection Advertising

Google will pay $29.5M to settle two lawsuits over its location tracking practices

Security Affairs

JANUARY 2, 2023

The authorities started the investigation into Google collection practice following a 2018 Associated Press article that revealed Google “records your movements even when you explicitly tell it not to.”. Google violated state consumer protection laws by misleading consumers about its location tracking practices since at least 2014.

Consumer Protection

Consumer Protection Surveillance Data collection Accountability

Russia-linked Sofacy APT developed a new ‘Go’ variant of Zebrocy tool

Security Affairs

DECEMBER 19, 2018

The Go variant of Zebrocy initially starts collecting info on the compromised system, then sends it to the command and control server. The data collected by the malware includes a list of running processes, information gathered via the ” systeminfo ” command, local disk information, and a screenshot of the desktop.

Malware

Malware Advertising Data collection Phishing

Two hacker groups attacked Russian banks posing as the Central Bank of Russia

Security Affairs

NOVEMBER 15, 2018

The group also carries out attacks through intermediaries by hacking banks’ partners, IT companies, and financial product providers. GIB Threat Intelligence cyber threats data collection system has been named one of the best in class by Gartner, Forrester, and IDC. years of silent operations”. Pierluigi Paganini.

Banking

Banking Computers and Electronics Phishing Cybercrime

Nation-state actor uses new LookBack RAT to target US utilities

Security Affairs

AUGUST 2, 2019

The communications module transmits data collected by the RAT to the proxy tool. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Once the function is executed, the?SodomNormal?communications SodomNormal?communications

Phishing

Phishing Malware Advertising Data collection

Security experts disclosed Wyze data leak

Security Affairs

DECEMBER 29, 2019

.” Song pointed out that several of the things reported by Twelve are not true, for example he denied that Wyze sends data to Alibaba Cloud in China. Song also added that Wyze only collected health data from 140 users who were beta-testing a new smart scale product, the claims of a massive data collection were fake.

IoT

IoT Accountability Advertising Wireless

Security Affairs - Untitled Article

Security Affairs

OCTOBER 30, 2019

Attached pic is data collection from #KKNPP #Dtrack malware (a few other bits not pictured). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – KNPP, hacking). Pierluigi Paganini.

Malware

Malware Cyber Attacks Advertising Data collection

Threat Report Portugal: Q3 2020

Security Affairs

NOVEMBER 6, 2020

The Threat Report Portugal: Q3 2020 compiles data collected on the malicious campaigns that occurred from July to August, Q3, of 2020. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Threat Reports

Threat Reports Phishing Malware Banking

Apple Mail stores parts of encrypted emails in plaintext DB

Security Affairs

NOVEMBER 10, 2019

” Gendler explained that Siri uses a process named “ suggestd ” to collect contact information from various apps. Data collected by the process are stored in the snippets. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – encryption, hacking).

Encryption

Encryption Advertising Data collection Hacking

New set of Pakistani banks’ card dumps goes on sale on the dark web

Security Affairs

NOVEMBER 17, 2018

GIB Threat Intelligence cyber threats data collection system has been named one of the best in class by Gartner, Forrester, and IDC. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Banking

Banking Cybercrime Advertising Data collection

Online market for counterfeit goods in Russia has reached $1,5 billion

Security Affairs

OCTOBER 15, 2018

GIB Threat Intelligence cyber threats data collection system has been named one of the best in class by Gartner, Forrester, and IDC. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Marketing

Marketing Phishing Media Engineering

Group-IB: $49.4 million of damage caused to Russia’s financial sector from cyber attacks

Security Affairs

OCTOBER 10, 2018

They were helped in one of their attacks by members of the group Anunak , which had not conducted at attack of this kind since 2014. GIB Threat Intelligence cyber threats data collection system has been named one of the best in class by Gartner, Forrester, and IDC. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Banking Phishing Cyber threats

Payment data of thousands of customers of UK and US online stores could have been compromised

Security Affairs

MARCH 14, 2019

The domain name used for the sniffer’s codes storage and as a gate for stolen data collection was registered on May 7, 2018. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – payment data, cybercrime ).

eCommerce

eCommerce Marketing Data breaches Advertising

Operation Night Fury: Group-IB helps take down a cybergang behind the infection of hundreds of websites all over the world

Security Affairs

JANUARY 27, 2020

To access their servers for stolen data collection and their JS-sniffers’ control, they always used VPN to hide their real location and identity. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Cybercrime

Cybercrime Marketing eCommerce Advertising

The Role of Differential Privacy in Protecting Sensitive Information in the Era of Artificial Intelligence

Poland and Lithuania fear that data collected via FaceApp could be misused

Trending Sources

Protonmail hacked …. a very strange scam attempt

Hacking Wi-Fi networks by exploiting a flaw in Philips Smart Light Bulbs

Over 100 flaws in management and access control systems expose buildings to hack

Confessions of an ID Theft Kingpin, Part I

Twitter, Facebook, and Instagram blocked in Turkey as Idlib military crisis escalates

Hackers targeted the US Census Bureau network, DHS report warns

CIRWA Project tracks ransomware attacks on critical infrastructure

Threat Report Portugal: Q2 2020

Operation North Star – North-Korea hackers targeted US defense and aerospace companies

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

Russian spies are attempting to tap transatlantic undersea cables

FTC charged Avast with selling users’ browsing data to advertising companies

Group-IB presented latest cybercrime and nation-state hacking trends in Asia

Silent Night Zeus botnet available for sale in underground forums

Threat Report Portugal Q1 2020

Evolution of threat landscape for IoT devices – H1 2018

Russian cybercriminal Aleksandr Brovko sentenced to 8 years in jail

Russia-Linked Turla APT group Hijacked C2 of the Iranian OilRig

USB drives are primary vector for destructive threats to industrial facilities

IBM experts warn of malicious abuses of Apple Siri Shortcuts

XKCD forum data breach impacted 562,000 subscribers

Happy 13th Birthday, KrebsOnSecurity!

Google Chronicle announced Backstory to protect businesses

Android Apps containing Clicker Trojan installed on over 100M devices

Number of hacktivist attacks declined by 95 percent since 2015

Ransomware en masse on the wane: top threats inside web-phishing in H1 2020

Too much UPnP-enabled connected devices still vulnerable to cyber attacks

Security Affairs newsletter Round 223 – News of the week

Google to Pay a record $391M fine for misleading users about the collection of location data

Google will pay $29.5M to settle two lawsuits over its location tracking practices

Russia-linked Sofacy APT developed a new ‘Go’ variant of Zebrocy tool

Two hacker groups attacked Russian banks posing as the Central Bank of Russia

Nation-state actor uses new LookBack RAT to target US utilities

Security experts disclosed Wyze data leak

Security Affairs - Untitled Article

Threat Report Portugal: Q3 2020

Apple Mail stores parts of encrypted emails in plaintext DB

New set of Pakistani banks’ card dumps goes on sale on the dark web

Online market for counterfeit goods in Russia has reached $1,5 billion

Group-IB: $49.4 million of damage caused to Russia’s financial sector from cyber attacks

Payment data of thousands of customers of UK and US online stores could have been compromised

Operation Night Fury: Group-IB helps take down a cybergang behind the infection of hundreds of websites all over the world

Stay Connected