2014, Hacking and Information Security - Cyber Security Informer

The ASA flaw CVE-2014-2120 is being actively exploited in the wild

Security Affairs

DECEMBER 3, 2024

Cisco warns customers that a decade-old ASA vulnerability, tracked as CVE-2014-2120, is being actively exploited in the wild. Cisco warns that the decade-old ASA vulnerability CVE-2014-2120 is being actively exploited in attacks in the wild, and urges customers to review the updated advisory. ” reads the advisory.

Software

Software Hacking Information Security

Mazda Connect flaws allow to hack some Mazda vehicles

Security Affairs

NOVEMBER 9, 2024

The vulnerabilities impact the Mazda Connect Connectivity Master Unit (CMU) system installed in multiple car models, including the Mazda 3 model year 2014-2021. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Mazda Connect) ” reads the advisory.

Hacking

Hacking Firmware Software Manufacturing

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

Security Affairs

NOVEMBER 25, 2020

million settlement in a multi-state investigation of the data breach that the company suffered in 2014. million settlement over the 2014 data breach. In 2014, Home Depot revealed that the data breach impacted 56 million customers across the US and Canada. SecurityAffairs – hacking, Data breach). ” . .

Retail

Retail Data breaches Penetration Testing Information Security

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals. In 2019, a Canadian company called Defiant Tech Inc.

Hacking

Hacking Accountability Data breaches Marketing

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The CryptoLocker wave went into a decline in June 2014 as a result of the so-called Operation Tovar , an initiative orchestrated by law enforcement agencies from multiple countries. The newsmaking emergence of CTB-Locker in 2014 and the CryptoWall ransomware in 2015 fully demonstrated this multi-pronged shift.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Over 6,000 email accounts belonging to Taiwan government agencies hacked by Chinese hacked

Security Affairs

AUGUST 19, 2020

Chinese hackers have hacked thousands of Taiwan Government email accounts belonging at least 10 Taiwan government agencies, officials said. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Taiwan).

Government

Government Hacking Accountability Advertising

REvil ransomware gang hacked gaming firm Gaming Partners International

Security Affairs

OCTOBER 31, 2020

The REvil ransomware operators made the headlines again, this time the gang claims to have hacked the Gaming Partners International (GPI). “Absolutely all servers and working computers of the company are hacked and encrypted. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Hacking

Hacking Ransomware Advertising Encryption

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Security Affairs

APRIL 16, 2025

It is not a first time that smartphones come with pre-installed malware, earlier 2015, the security firm Bluebox discovered a preinstalled malware , many malicious apps, and a series of security holes on the Xiaomi Mi 4 smartphone.

Malware

Malware Manufacturing Mobile Spyware

Alleged Activision hack, 500,000 Call Of Duty players impacted

Security Affairs

SEPTEMBER 21, 2020

Over 500,000 Activision accounts may have been hacked in a new data breach that the gaming firm suffered on September 20. “All Call of Duty players should be on notice after a major Activision hack has left millions of accounts in limbo.” Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Data breaches Accountability Passwords

FBI deleted China-linked PlugX malware from over 4,200 US computers

Security Affairs

JANUARY 14, 2025

The malware was operated by a China-linked threat actor, known as Mustang Panda (aka Twill Typhoon, to steal sensitive information from victim computers. According to court documents, the Chinese government paid Mustang Panda to develop PlugX malware, used since 2014 to target U.S., European, and Asian entities.

Malware

Malware Government Hacking Cybersecurity

Thousands of Canadian government accounts hacked, Treasury Board of Canada Secretariat say

Security Affairs

AUGUST 17, 2020

The Treasury Board of Canada Secretariat confirmed that thousands of user accounts for online Canadian government services were recently hacked. According to a press release issued by the Treasury Board of Canada Secretariat, thousands of user accounts for online government services were recently hacked. Pierluigi Paganini.

Government

Government Accountability Hacking Advertising

Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators

Security Affairs

AUGUST 21, 2020

During the ordinary monitoring of Deepweb and Darkweb , researchers at Cyble came across the leak disclosure post published by the Maze ransomware operators that claim the hack of the Hoa Sen Group. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Maze Ransomware Operators).

Ransomware

Ransomware Hacking Advertising Backups

Thousands of WordPress WooCommerce stores potentially exposed to hack

Security Affairs

AUGUST 22, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Discount Rules). The post Thousands of WordPress WooCommerce stores potentially exposed to hack appeared first on Security Affairs.

Hacking

Hacking Advertising Information Security Malware

Threat actor leaked data for U.S. gun exchange site on hacking forum

Security Affairs

AUGUST 13, 2020

To check if your information has been exposed in this and other data leaks, you can search for your email using the Cyble’s “ Am I Breached” data breach monitoring service. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, gun exchange). Pierluigi Paganini.

Hacking

Hacking Data breaches Cybercrime Passwords

Flaws in ‘Find My Mobile’ exposed Samsung phones to hack

Security Affairs

AUGUST 11, 2020

Below the speech made by the experts last week at DEF CON 28SM hacking virtual conference. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Samsung Find My Mobile). Pierluigi Paganini.

Mobile

Mobile Hacking Advertising Cybersecurity

Security Affairs newsletter Round 501 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 8, 2024

Now He Wants to Help You Escape, Too Dozens of Countries Hit in Chinese Telecom Hacking Campaign, Top U.S. officials urge Americans to use encrypted apps amid unprecedented cyberattack The Great Pokmon Go Spy Panic Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,newsletter)

Artificial Intelligence

Artificial Intelligence Spyware Hacking Ransomware

HP Device Manager flaws expose Windows systems to hack

Security Affairs

OCTOBER 4, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, HP). The post HP Device Manager flaws expose Windows systems to hack appeared first on Security Affairs. Pierluigi Paganini.

Hacking

Hacking Accountability Passwords Advertising

The Mask APT is back after 10 years of silence

Security Affairs

DECEMBER 18, 2024

Kaspersky first identified the APT group in 2014, but experts believe the cyber espionage campaign had already been active for over five years. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,APT)

Cyber Attacks

Cyber Attacks Hacking Government Malware

OpenSSH bugs allows Man-in-the-Middle and DoS Attacks

Security Affairs

FEBRUARY 19, 2025

Introduced in December 2014 (OpenSSH 6.8p1), this flaw remained active, with FreeBSD enabling VerifyHostKeyDNS by default from 2013 to 2023, increasing exposure. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,DoS)

Authentication

Authentication System Administration DNS Hacking

Russia-linked Gamaredon targets Ukraine with Remcos RAT

Security Affairs

MARCH 31, 2025

The APT group has been launching cyber-espionage campaigns against Ukraine since at least 2014. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Ukraine) The threat actor is using troop-related lures to deploy the Remcos RAT via PowerShell downloader.

Phishing

Phishing Antivirus Encryption Hacking

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

.” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Energetic Bear). Pierluigi Paganini.

Government

Government Hacking Advertising Passwords

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

JANUARY 24, 2023

First advertised in the cybercrime underground in 2014, RSOCKS was the web-based storefront for hacked computers that were sold as “proxies” to cybercriminals looking for ways to route their Web traffic through someone else’s device. “Thanks to you, we are now developing in the field of information security and anonymity!,”

Cybercrime

Cybercrime Advertising IoT Malware

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. Authorities in the United States, Germany, the Netherlands and the U.K.

Advertising

Advertising Cybercrime System Administration Hacking

University of Utah pays a $457,000 ransom to ransomware gang

Security Affairs

AUGUST 21, 2020

The university notified appropriate law enforcement entities, and the university’s Information Security Office (ISO) investigated and resolved the incident in consultation with an external firm that specializes in responding to ransomware attacks.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Cyber Insurance Insurance Advertising

Israel announced to have foiled an attempted cyber-attack on defence firms

Security Affairs

AUGUST 13, 2020

’ The Lazarus APT is linked to North Korea, the activity of the Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. In September, the US Treasury placed sanctions on three North Korea-linked hacking groups, the Lazarus Group, Bluenoroff, and Andarial. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Manufacturing Hacking Advertising

German police seized eXch crypto exchange

Security Affairs

MAY 11, 2025

The crypto exchange has been active since 2014, enabling anonymous crypto swaps via clearnet and darknet , avoiding Anti Money Laundering rules. billionUSdollars stolen from the crypto exchange Bybit , which was hacked on February 21, 2025, is said tohave been exchanged via eXch.” ” reads the press release published by BKA.

Hacking

Hacking Cybercrime Cryptocurrency Information Security

Hackers stole a six-figure amount from Swiss universities

Security Affairs

OCTOBER 5, 2020

Threat actors have hacked at least three Swiss universities, including the University of Basel and managed to drain employee salary transfers. According to our information, several universities in Switzerland have been affected,” explained Martina Weiss, Secretary General of the Rectors’ Conference of the Swiss Universities. .

Advertising

Advertising Phishing Cybercrime Hacking

A data breach broker is selling account databases of 17 companies

Security Affairs

NOVEMBER 1, 2020

The availability of the huge trove of account data was first reported by BleepingComputer , the threat actor told them that it is only acting as a broker and did not hack the seventeen companies. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, account databases).

Data breaches

Data breaches Accountability Advertising Passwords

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Security Affairs

NOVEMBER 4, 2020

It is still unclear if the funds were transferred by the owner themselves, or if someone has hacked the wallet. The wallet was monitored since 2015 because it was associated with hacking activities, it had been “ dormant ” since 2015. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency

Cryptocurrency Passwords Advertising Hacking

Hackers stole $5.4 million from cryptocurrency exchange ETERBASE

Security Affairs

SEPTEMBER 10, 2020

Slovak cryptocurrency exchange ETERBASE disclosed a security breach, the hackers stole Bitcoin, Ether, ALGO, Ripple, Tezos, and TRON assets worth $5.4 The company disclosed the hack on Thursday, threat actors have stolen various cryptocurrencies from its hot wallets, it also suspended all the transactions until September 10.

Cryptocurrency

Cryptocurrency Data breaches Advertising Hacking

Researchers found alleged sensitive documents of NATO and Turkey

Security Affairs

OCTOBER 12, 2020

“Based on the message body of the leak, the cyber attack indicates hacktivism, but last year, around May 23, 2019, UK warned NATO allies of hacking activities of Russia -> Link. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Manufacturing Hacking Cyber Attacks

Russian APT Nomadic Octopus hacked Tajikistani carrier

Security Affairs

MAY 1, 2023

Russian APT group Nomadic Octopus hacked a Tajikistani carrier to spy on government officials and public service infrastructures. The Nomadic Octopus APT has been active since at least 2014, it focuses on entities in Central Asia and former Soviet Union countries.

Hacking

Hacking Telecommunications Government Firewall

HOW OPERATORS USE SANDVINE TO BLOCK INDEPENDENT MEDIA IN EGYPT

Security Affairs

SEPTEMBER 23, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, DPI). The post HOW OPERATORS USE SANDVINE TO BLOCK INDEPENDENT MEDIA IN EGYPT appeared first on Security Affairs. Pierluigi Paganini.

Media

Media Advertising Internet Internet

SANS Institute Email Breach – 28,000 User Records exposed

Security Affairs

AUGUST 12, 2020

On August 6, during a review of email configuration and rules, the staff at the SANS Institute discovered a security breach. 28,000 records of personally identifiable information (PII) have been forwarded to an unknown email address. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Accountability Advertising Information Security

Hackers claim to have compromised 50,000 home cameras and posted footage online

Security Affairs

OCTOBER 19, 2020

A hacker collective claims to have hacked over 50,000 home security cameras and published their footage online, some of them on adult sites. A group of hackers claims to have compromised over 50,000 home security cameras and published their private footage online. SecurityAffairs – hacking, IP cameras).

IoT

IoT Internet Internet Hacking

UberEats data leaked on the dark web

Security Affairs

AUGUST 4, 2020

UberEats is an American online food ordering and delivery platform launched by Uber in 2014. “During our research process, the Cyble Research Team got hold of some informative details related to this leak.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Banking

Banking Data breaches Advertising Mobile

Hackers stole more than $150 million from KuCoin cryptocurrency exchange

Security Affairs

SEPTEMBER 26, 2020

Singapore-based cryptocurrency exchange KuCoin disclosed a major security incident, the hackers breached its hot wallets and stole all the funds, around $150 million. It seems #Kucoin got hacked. Usually, after being hacked, the $BTC outflow increases rapidly and then becomes zero. SecurityAffairs – hacking, Norway).

Cryptocurrency

Cryptocurrency Hacking Advertising Internet

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Security Affairs

NOVEMBER 5, 2021

“They are officers of the ‘Crimean’ FSB and traitors who defected to the enemy during the occupation of the peninsula in 2014. This ‘line of work’ is coordinated by the FSB’s 18th Center (Information Security Center) based in Moscow.” SecurityAffairs – hacking, Gamaredon). Pierluigi Paganini.

Government

Government Software Cyber threats Cyber Attacks

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

A China-linked threat actor used UEFI malware based on code from Hacking Team in attacks aimed at organizations with an interest in North Korea. The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. Pierluigi Paganini.

Firmware

Firmware Spyware Surveillance Hacking

North Korea-linked APT group BeagleBoyz targets banks

Security Affairs

AUGUST 29, 2020

The BeagleBoyz APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. “North Korea’s intelligence apparatus controls a hacking team dedicated to robbing banks through remote internet access. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Banking

Banking Malware Advertising Hacking

Staples discloses data breach exposing customer order data

Security Affairs

SEPTEMBER 14, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Staples). The post Staples discloses data breach exposing customer order data appeared first on Security Affairs. Pierluigi Paganini.

Data breaches

Data breaches Retail Identity Theft Advertising

The British government aims at improving its offensive cyber capability

Security Affairs

OCTOBER 13, 2020

The news is not surprising for people working in the cyber security sector, the British military claims to have had an offensive cyber capability for a decade. Intelligence experts pointed out that the British government already conducted offensive hacking operations, including the one that targeted the ISIS in 2017.

Government

Government Advertising Hacking Cyber Attacks

City of Lafayette (Colorado) paid $45,000 ransom after ransowmare attack

Security Affairs

AUGUST 12, 2020

The City did not disclose technical details of the hack either the family of ransomware that infected its systems, it only stated that it does not believe any data was stolen. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Backups

Backups Advertising Ransomware Hacking

OpenSSL to fix the second critical flaw ever

Security Affairs

OCTOBER 26, 2022

This is the second critical vulnerability ever addressed by the OpenSSL Project after the critical Heartbleed vulnerability (CVE-2014-0160) in 2014. version is respected to be released next week, on November 1, with the maintainers that defined it as a ‘security-fix release.’. SecurityAffairs – hacking, encryption ).

Encryption

Encryption Hacking Information Security

The ASA flaw CVE-2014-2120 is being actively exploited in the wild

Mazda Connect flaws allow to hack some Mazda vehicles

Trending Sources

Retail giant Home Depot agrees to a $17.5 million settlement over 2014 data breach

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Over 6,000 email accounts belonging to Taiwan government agencies hacked by Chinese hacked

REvil ransomware gang hacked gaming firm Gaming Partners International

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Alleged Activision hack, 500,000 Call Of Duty players impacted

FBI deleted China-linked PlugX malware from over 4,200 US computers

Thousands of Canadian government accounts hacked, Treasury Board of Canada Secretariat say

Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators

Thousands of WordPress WooCommerce stores potentially exposed to hack

Threat actor leaked data for U.S. gun exchange site on hacking forum

Flaws in ‘Find My Mobile’ exposed Samsung phones to hack

Security Affairs newsletter Round 501 by Pierluigi Paganini – INTERNATIONAL EDITION

HP Device Manager flaws expose Windows systems to hack

The Mask APT is back after 10 years of silence

OpenSSH bugs allows Man-in-the-Middle and DoS Attacks

Russia-linked Gamaredon targets Ukraine with Remcos RAT

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Meet the Administrators of the RSOCKS Proxy Botnet

University of Utah pays a $457,000 ransom to ransomware gang

Israel announced to have foiled an attempted cyber-attack on defence firms

German police seized eXch crypto exchange

Hackers stole a six-figure amount from Swiss universities

A data breach broker is selling account databases of 17 companies

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Hackers stole $5.4 million from cryptocurrency exchange ETERBASE

Researchers found alleged sensitive documents of NATO and Turkey

Russian APT Nomadic Octopus hacked Tajikistani carrier

HOW OPERATORS USE SANDVINE TO BLOCK INDEPENDENT MEDIA IN EGYPT

SANS Institute Email Breach – 28,000 User Records exposed

Hackers claim to have compromised 50,000 home cameras and posted footage online

UberEats data leaked on the dark web

Hackers stole more than $150 million from KuCoin cryptocurrency exchange

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Second-ever UEFI rootkit used in North Korea-themed attacks

North Korea-linked APT group BeagleBoyz targets banks

Staples discloses data breach exposing customer order data

The British government aims at improving its offensive cyber capability

City of Lafayette (Colorado) paid $45,000 ransom after ransowmare attack

OpenSSL to fix the second critical flaw ever

Stay Connected