2015, Hacking and Information Security - Cyber Security Informer

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals. pleaded guilty to running LeakedSource[.]com

Hacking

Hacking Accountability Data breaches Marketing

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

File encryption 2013 – 2015. The newsmaking emergence of CTB-Locker in 2014 and the CryptoWall ransomware in 2015 fully demonstrated this multi-pronged shift. RaaS rollout 2015 – 2018. Another fundamental tweak was the onset of Ransomware-as-a-Service (RaaS) in May 2015.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Security Affairs

FEBRUARY 2, 2025

A joint law enforcement operation led to the seizure of 39 domains tied to a Pakistan-based HeartSender cybercrime group (aka Saim Raza and Manipulators Team) known for selling hacking and fraud tools. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,HeartSender group)

Cybercrime

Cybercrime Advertising Phishing Hacking

Over 6,000 email accounts belonging to Taiwan government agencies hacked by Chinese hacked

Security Affairs

AUGUST 19, 2020

Chinese hackers have hacked thousands of Taiwan Government email accounts belonging at least 10 Taiwan government agencies, officials said. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Taiwan). Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Government

Government Hacking Accountability Advertising

Russia-linked APT Star Blizzard targets WhatsApp accounts

Security Affairs

JANUARY 16, 2025

The Star Blizzard group, aka “ Callisto “, Seaborgium , ColdRiver , and TA446, targeted government officials, military personnel,journalists and think tanks since at least 2015. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Russia)

Accountability

Accountability Phishing Government Hacking

New Atrium Health data breach impacts 585,000 individuals

Security Affairs

DECEMBER 6, 2024

Atrium Health launched an investigation into the security breach and discovered that from January 2015 to July 2019, certain online tracking technologies were active on its MyAtriumHealth (formerly MyCarolinas) Patient Portal, accessible via web and mobile. The company notified the US Department of Health and Human Services (HHS).

Data breaches

Data breaches Identity Theft Accountability Technology

Experts hacked a fully patched iOS 15 running on iPhone 13 at China’s Tianfu Cup hacking contest

Security Affairs

OCTOBER 17, 2021

million at the Tianfu Cup hacking contest by finding vulnerabilities in popular software. The Tianfu Cup is the most important hacking contest held in China, this year white hat hackers earned $1.88 First time since 2015 as I remembered [link] — mj0011 (@mj0011sec) October 16, 2021. White hat hackers earned $1.88

Hacking

Hacking Software Media Information Security

REvil ransomware gang hacked gaming firm Gaming Partners International

Security Affairs

OCTOBER 31, 2020

The REvil ransomware operators made the headlines again, this time the gang claims to have hacked the Gaming Partners International (GPI). “Absolutely all servers and working computers of the company are hacked and encrypted. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Hacking

Hacking Ransomware Advertising Encryption

FBI seized the notorious BreachForums hacking forum

Security Affairs

MAY 15, 2024

An international law enforcement operation coordinated by the FBI led to the seizure of the notorious BreachForums hacking forum. BreachForums is a cybercrime forum used by threat actors to purchase, sell, and exchange stolen data, including credentials, and personal and financial information. In March 2023, U.S.

Hacking

Hacking Cybercrime Information Security

Ransomware attack hit Indian multinational Tata Technologies

Security Affairs

FEBRUARY 1, 2025

“Pursuant to Regulation 30 of the SEBI (Listing Obligations and Disclosure Requirements) Regulations, 2015, this is to inform you that the Company has become aware of a ransomware incident that has affected a few of our IT assets.” Company client delivery services were not impacted by the attack.

Technology

Technology Ransomware Engineering Manufacturing

Alleged Activision hack, 500,000 Call Of Duty players impacted

Security Affairs

SEPTEMBER 21, 2020

Over 500,000 Activision accounts may have been hacked in a new data breach that the gaming firm suffered on September 20. “All Call of Duty players should be on notice after a major Activision hack has left millions of accounts in limbo.” SecurityAffairs – hacking, data breach). Pierluigi Paganini.

Hacking

Hacking Data breaches Accountability Passwords

Hacking IoT & RF Devices with BürtleinaBoard

Security Affairs

JULY 28, 2020

Yet another Multipurpose Breakout Board to hack hardware in a clean and easy way! How to hack IoT & RF Devices with BürtleinaBoard. Despite FocacciaBoard is extremely useful during my night-to-night hardware hacking needs… there is another set of tools I cannot live without: pin enumeration ones. UART, JTAG, SWD, SPI, I2C).

IoT

IoT Hacking Firmware Advertising

New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows

Security Affairs

APRIL 2, 2025

” FIN7is a Russian criminalgroup (aka Carbanak ) that has been active since mid-2015, it focuses on restaurants, gambling, and hospitality industries in the US to harvest financial information that was used in attacks or sold in cybercrime marketplaces.

Antivirus

Antivirus Cybercrime Malware Encryption

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

Security Affairs

MARCH 5, 2025

Ransomware group Hunters International claims to have hacked Tata Technologies, threatening to leak 1.4 “Pursuant to Regulation 30 of the SEBI (Listing Obligations and Disclosure Requirements) Regulations, 2015, this is to inform you that the Company has become aware of a ransomware incident that has affected a few of our IT assets.”

Technology

Technology Ransomware Engineering Manufacturing

Thousands of Canadian government accounts hacked, Treasury Board of Canada Secretariat say

Security Affairs

AUGUST 17, 2020

The Treasury Board of Canada Secretariat confirmed that thousands of user accounts for online Canadian government services were recently hacked. According to a press release issued by the Treasury Board of Canada Secretariat, thousands of user accounts for online government services were recently hacked. Pierluigi Paganini.

Government

Government Accountability Hacking Advertising

Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators

Security Affairs

AUGUST 21, 2020

During the ordinary monitoring of Deepweb and Darkweb , researchers at Cyble came across the leak disclosure post published by the Maze ransomware operators that claim the hack of the Hoa Sen Group. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Maze Ransomware Operators).

Ransomware

Ransomware Hacking Advertising Backups

Thousands of WordPress WooCommerce stores potentially exposed to hack

Security Affairs

AUGUST 22, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Discount Rules). The post Thousands of WordPress WooCommerce stores potentially exposed to hack appeared first on Security Affairs. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Advertising Information Security Malware

Threat actor leaked data for U.S. gun exchange site on hacking forum

Security Affairs

AUGUST 13, 2020

To check if your information has been exposed in this and other data leaks, you can search for your email using the Cyble’s “ Am I Breached” data breach monitoring service. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, gun exchange). Pierluigi Paganini.

Hacking

Hacking Data breaches Cybercrime Passwords

Russian APT28 hacker accused of the NATO think tank hack in Germany

Security Affairs

JUNE 20, 2022

German investigators believe that Kozachek is a member of the Russia-linked APT28 group (aka Fancy Bear), which is the same group that hacked the German Bundestag in 2015. Kozachek hacked the computed of the NATO think tank in 2017 and installed a keylogger to spy on the organization. SecurityAffairs – hacking, APT28).

Hacking

Hacking Accountability Malware Cybersecurity

Flaws in ‘Find My Mobile’ exposed Samsung phones to hack

Security Affairs

AUGUST 11, 2020

Below the speech made by the experts last week at DEF CON 28SM hacking virtual conference. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Samsung Find My Mobile). Testing code that relies on the existence of files in public places should be eliminated.”.

Mobile

Mobile Hacking Advertising Cybersecurity

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Security Affairs

APRIL 16, 2025

It is not a first time that smartphones come with pre-installed malware, earlier 2015, the security firm Bluebox discovered a preinstalled malware , many malicious apps, and a series of security holes on the Xiaomi Mi 4 smartphone.

Malware

Malware Manufacturing Mobile Spyware

HP Device Manager flaws expose Windows systems to hack

Security Affairs

OCTOBER 4, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, HP). The post HP Device Manager flaws expose Windows systems to hack appeared first on Security Affairs. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Hacking

Hacking Accountability Passwords Advertising

Alleged Extortioner of Psychotherapy Patients Faces Trial

Krebs on Security

NOVEMBER 16, 2023

In a 2,200-page report, Finnish authorities laid out how they connected the extortion spree to Kivimäki, a notorious hacker who was convicted in 2015 of perpetrating tens of thousands of cybercrimes, including data breaches, payment fraud, operating a botnet and calling in bomb threats.

Cybercrime

Cybercrime Hacking Data breaches Banking

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Security Affairs

NOVEMBER 4, 2020

It is still unclear if the funds were transferred by the owner themselves, or if someone has hacked the wallet. The wallet was monitored since 2015 because it was associated with hacking activities, it had been “ dormant ” since 2015. 2015* apparently, maybe the owner? Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Passwords Advertising Hacking

Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug

Security Affairs

OCTOBER 16, 2022

It invokes cpio and CVE-2015-1197 is triggered. SecurityAffairs – hacking, Zimbra). The post Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug appeared first on Security Affairs. On receiving the e-mail, Zimbra submits it to Amavis for spam and malware inspection. Pierluigi Paganini.

Hacking

Hacking Antivirus Telecommunications Engineering

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

.” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Energetic Bear). The post FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack appeared first on Security Affairs. Pierluigi Paganini.

Government

Government Hacking Advertising Passwords

Experts Demonstrated How to Hack a Utility and Take Over a Smart Meter

Security Affairs

APRIL 19, 2021

Among the most clamorous attacks against industrial organizations, there is the 2015 attack against the electric grid in Ukraine and the 2017 Triton attack against a Saudi petrochemical plant. ” If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, smart meters).

Hacking

Hacking Accountability Phishing Internet

TalkTalk confirms data breach involving a third-party platform

Security Affairs

JANUARY 27, 2025

UK telecommunications firm TalkTalk disclosed a data breach after a threat actor announced the hack on a cybercrime forum. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,data breach) A threat actor named “b0nd” claimed the theft of data of over 18.8

Data breaches

Data breaches Telecommunications Cybercrime Hacking

Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoor

Security Affairs

JUNE 23, 2022

The Tropic Trooper APT has been active at least since 2012, it was first spotted by security experts at Trend Micro in 2015, when the threat actors targeted government ministries and heavy industries in Taiwan and the military in the Philippines. SecurityAffairs – hacking, Tropic Trooper). Pierluigi Paganini.

Hacking

Hacking Wireless Encryption Passwords

Russia-linked ColdRiver used LostKeys malware in recent attacks

Security Affairs

MAY 9, 2025

The ColdRiver APT (aka Seaborgium , Callisto, Star Blizzard, TA446) is a Russian cyberespionage group that has been targeting government officials, military personnel, journalists and think tanks since at least 2015. Their main goal is intelligence gathering for Russian interests, with occasional hack-and-leak operations.

Malware

Malware Government Hacking Phishing

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

A China-linked threat actor used UEFI malware based on code from Hacking Team in attacks aimed at organizations with an interest in North Korea. The experts were investigating several suspicious UEFI firmware images when discovered four components, some of which were borrowing the source code a Hacking Team spyware. Pierluigi Paganini.

Firmware

Firmware Spyware Surveillance Hacking

The German BSI agency recommends replacing Kaspersky antivirus software

Security Affairs

MARCH 15, 2022

German Federal Office for Information Security agency, also known as BSI, recommends consumers not to use Kaspersky anti-virus software. The German Federal Office for Information Security agency, aka BSI, recommends consumers uninstall Kaspersky anti-virus software. SecurityAffairs – hacking, BSI).

Antivirus

Antivirus Software Manufacturing Information Security

North Korea-linked APT group BeagleBoyz targets banks

Security Affairs

AUGUST 29, 2020

The BeagleBoyz APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. “North Korea’s intelligence apparatus controls a hacking team dedicated to robbing banks through remote internet access. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Banking

Banking Malware Advertising Hacking

NailaoLocker ransomware targets EU healthcare-related entities

Security Affairs

FEBRUARY 20, 2025

ShadowPad is a modular backdoor considered a hallmark of China-linked APT groupssince at least 2015. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,ransomware) The attackers used a new variant of ShadowPad supporting sophisticated evasion and anti-debug features.

Healthcare

Healthcare Ransomware VPN Malware

Is Russian group APT28 behind the cyber attack on the German air traffic control agency (DFS)?

Security Affairs

SEPTEMBER 5, 2024

“Our office connection was hacked, and we are now taking protective measures.” DFS immediately reported the attack to national security authorities. DFS immediately reported the attack to national security authorities. ” DFS is working to minimise the consequences of the incident.”

Cyber Attacks

Cyber Attacks Hacking Government Accountability

University of Utah pays a $457,000 ransom to ransomware gang

Security Affairs

AUGUST 21, 2020

The university notified appropriate law enforcement entities, and the university’s Information Security Office (ISO) investigated and resolved the incident in consultation with an external firm that specializes in responding to ransomware attacks.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Cyber Insurance Insurance Advertising

Israel announced to have foiled an attempted cyber-attack on defence firms

Security Affairs

AUGUST 13, 2020

.’ The Lazarus APT is linked to North Korea, the activity of the Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. In September, the US Treasury placed sanctions on three North Korea-linked hacking groups, the Lazarus Group, Bluenoroff, and Andarial. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Manufacturing Hacking Advertising

Hackers stole a six-figure amount from Swiss universities

Security Affairs

OCTOBER 5, 2020

Threat actors have hacked at least three Swiss universities, including the University of Basel and managed to drain employee salary transfers. According to our information, several universities in Switzerland have been affected,” explained Martina Weiss, Secretary General of the Rectors’ Conference of the Swiss Universities. .

Advertising

Advertising Phishing Cybercrime Hacking

Hackers targeted the US Census Bureau network, DHS report warns

Security Affairs

OCTOBER 11, 2020

” In the past, the US Census has been hit by attacks, such as hacks and DDoS attacks during a 2018 test of census systems attributed to Russia-linked hackers and a 2015 hack attributed to the Anonymous collective. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Government

Government Advertising Hacking Data collection

Microsoft Patch Tuesday security updates for September 2024 addressed four actively exploited zero-days

Security Affairs

SEPTEMBER 11, 2024

Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 (initial version released July 2015). The complete list of flaws fixed with Microsoft Patch Tuesday security updates for September 2024 is available here.

Social Engineering

Social Engineering IoT Engineering Authentication

A data breach broker is selling account databases of 17 companies

Security Affairs

NOVEMBER 1, 2020

The availability of the huge trove of account data was first reported by BleepingComputer , the threat actor told them that it is only acting as a broker and did not hack the seventeen companies. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, account databases).

Data breaches

Data breaches Accountability Advertising Passwords

Hackers stole $5.4 million from cryptocurrency exchange ETERBASE

Security Affairs

SEPTEMBER 10, 2020

Slovak cryptocurrency exchange ETERBASE disclosed a security breach, the hackers stole Bitcoin, Ether, ALGO, Ripple, Tezos, and TRON assets worth $5.4 The company disclosed the hack on Thursday, threat actors have stolen various cryptocurrencies from its hot wallets, it also suspended all the transactions until September 10.

Cryptocurrency

Cryptocurrency Data breaches Advertising Hacking

US DoJ charges Iranian hackers for attacks on US satellite companies

Security Affairs

SEPTEMBER 18, 2020

The US Department of Justice announced the indictment of three Iranian hackers for hacking US aerospace and satellite companies. The hackers were employed in a coordinated campaign of identity theft and hacking on behalf of Iran’s Islamic Revolutionary Guard Corps (IRGC), a designated foreign terrorist organization. Pierluigi Paganini.

Hacking

Hacking VPN Identity Theft Accountability

CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

Security Affairs

FEBRUARY 11, 2022

” The US agency also added the CVE-2015-2051 remote code execution flaw impacting D-Link DIR-645 routers. SecurityAffairs – hacking, CISA). The post CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook.

IoT

IoT Accountability Authentication Hacking

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Trending Sources

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Over 6,000 email accounts belonging to Taiwan government agencies hacked by Chinese hacked

Russia-linked APT Star Blizzard targets WhatsApp accounts

New Atrium Health data breach impacts 585,000 individuals

Experts hacked a fully patched iOS 15 running on iPhone 13 at China’s Tianfu Cup hacking contest

REvil ransomware gang hacked gaming firm Gaming Partners International

FBI seized the notorious BreachForums hacking forum

Ransomware attack hit Indian multinational Tata Technologies

Alleged Activision hack, 500,000 Call Of Duty players impacted

Hacking IoT & RF Devices with BürtleinaBoard

New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

Thousands of Canadian government accounts hacked, Treasury Board of Canada Secretariat say

Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators

Thousands of WordPress WooCommerce stores potentially exposed to hack

Threat actor leaked data for U.S. gun exchange site on hacking forum

Russian APT28 hacker accused of the NATO think tank hack in Germany

Flaws in ‘Find My Mobile’ exposed Samsung phones to hack

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

HP Device Manager flaws expose Windows systems to hack

Alleged Extortioner of Psychotherapy Patients Faces Trial

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Threat actors hacked hundreds of servers by exploiting Zimbra CVE-2022-41352 bug

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Experts Demonstrated How to Hack a Utility and Take Over a Smart Meter

TalkTalk confirms data breach involving a third-party platform

Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoor

Russia-linked ColdRiver used LostKeys malware in recent attacks

Second-ever UEFI rootkit used in North Korea-themed attacks

The German BSI agency recommends replacing Kaspersky antivirus software

North Korea-linked APT group BeagleBoyz targets banks

NailaoLocker ransomware targets EU healthcare-related entities

Is Russian group APT28 behind the cyber attack on the German air traffic control agency (DFS)?

University of Utah pays a $457,000 ransom to ransomware gang

Israel announced to have foiled an attempted cyber-attack on defence firms

Hackers stole a six-figure amount from Swiss universities

Hackers targeted the US Census Bureau network, DHS report warns

Microsoft Patch Tuesday security updates for September 2024 addressed four actively exploited zero-days

A data breach broker is selling account databases of 17 companies

Hackers stole $5.4 million from cryptocurrency exchange ETERBASE

US DoJ charges Iranian hackers for attacks on US satellite companies

CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

Stay Connected