2016, Hacking and Information Security - Cyber Security Informer

Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison

Security Affairs

NOVEMBER 15, 2024

Bitfinex hacker, Ilya Lichtenstein , who stole 1 billion worth of Bitcoins from Bitfinex in 2016, has been sentenced to five years in prison. Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex. billion in cryptocurrency (roughly 95,000 of the stolen crypto assets) linked to that hack.

Cryptocurrency

Cryptocurrency Hacking Government Accountability

AusCERT and the Award for Information Security Excellence

Troy Hunt

MAY 31, 2018

At the gala dinner last night, without any warning beforehand, I somehow walked away with this: #AusCERT2018 Award for Information Security Excellence goes to @troyhunt @AusCERT 2018 Gala Dinner pic.twitter.com/9lxmwX0tdR — ValdemarJakobsen???? jamver) May 31, 2018. Yes, that guy is wearing a cape, it was a Star Wars thing.).

Information Security

Information Security Data breaches Hacking

Cyber thieves move $760 million stolen in the 2016 Bitfinex heist

Security Affairs

APRIL 15, 2021

Over $760 million worth of Bitcoin that were stolen from cryptocurrency exchange Bitfinex in 2016 were moved to new accounts. More than $760 million worth of Bitcoin, stolen from Asian cryptocurrency exchange Bitfinex in 2016 , were moved on Wednesday to new accounts. SecurityAffairs – hacking, bitcoin). Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Hacking Accountability Marketing

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Security Affairs

NOVEMBER 24, 2024

PopeyeTools was a dark web marketplace specializing in selling stolen credit cards and cybercrime tools, facilitating fraud and illicit online activities since 2016. Stolen information offered for sale on the carding website included bank account, credit card, and debit card numbers and associated information for conducting transactions.

Cybercrime

Cybercrime Cryptocurrency Banking Accountability

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The infamous Locky ransomware was first spotted in the wild in February 2016. CryptXXX, another major family discovered in April 2016 and later rebranded as UltraCrypter, relied on exploit kits that used software vulnerabilities to infiltrate systems. The first viable Mac ransomware called KeRanger was spotted in the spring of 2016.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Over 6,000 email accounts belonging to Taiwan government agencies hacked by Chinese hacked

Security Affairs

AUGUST 19, 2020

Chinese hackers have hacked thousands of Taiwan Government email accounts belonging at least 10 Taiwan government agencies, officials said. ” The Taiwanese Government accuses the Chinese government of continues cyber incursions since 2016 when President Tsai Ing-wen was elected. SecurityAffairs – hacking, Taiwan).

Government

Government Hacking Accountability Advertising

Telco service provider giant Syniverse had unauthorized access since 2016

Security Affairs

OCTOBER 5, 2021

Syniverse service provider discloses a security breach, threat actors have had access to its databases since 2016 and gained some customers’ credentials. The company is a privileged target for threat actors that could hit the firm to access their customers’ information. SecurityAffairs – hacking, cyberespionage).

Mobile

Mobile Telecommunications Business Services Cybersecurity

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals. In 2019, a Canadian company called Defiant Tech Inc.

Hacking

Hacking Accountability Data breaches Marketing

International Civil Aviation Organization (ICAO) and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists

Security Affairs

FEBRUARY 5, 2025

In the updated statement published by ICAO, the agency said it is actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations. ” reads the statement published by the International Civil Aviation Organization.

Data breaches

Data breaches Information Security Hacking Marketing

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. ” In 2016, Deniskloster.com featured a post celebrating three years in operation.

Advertising

Advertising Cybercrime System Administration Hacking

Uber hacked, internal systems and confidential documents were allegedly compromised

Security Affairs

SEPTEMBER 16, 2022

According to the New York Times , the threat actors hacked an employee’s Slack account and used it to inform internal personnel that the company had “suffered a data breach” and provided a list of allegedly hacked internal databases. “I SecurityAffairs – hacking, Uber). states the message.

Hacking

Hacking Data breaches Information Security Engineering

Ahold Delhaize experienced a cyber incident affecting several of its U.S. brands

Security Affairs

NOVEMBER 12, 2024

Its name comes from the 2016 merger of two companies: Ahold (Dutch) and Delhaize Group (Belgian), which both have origins in the 1800s. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, cyber attack)

eCommerce

eCommerce Cyber Attacks Retail Hacking

Personal health information of 42M Americans leaked between 2016 and 2021

Security Affairs

DECEMBER 31, 2022

Crooks have had access to the medical records of 42 million Americans since 2016 as the number of hacks on healthcare organizations doubled. Medical records of 42 million Americans are being sold on the dark web since 2016, this information comes from cyberattacks on healthcare providers. million in 2016 to close to 16.5

Healthcare

Healthcare Ransomware Backups Hacking

New Triada Trojan comes preinstalled on Android devices

Security Affairs

APRIL 2, 2025

In March 2018, security researchers at Antivirus firmDr.Web discovered that 42 models of low-cost Android smartphones were shipped with the Android.Triada.231 The Triada Trojan was spotted for the first time in 2016 by researchers at Kaspersky Lab who considered it the most advanced mobile threat seen to the date of the discovery.

Malware

Malware Cryptocurrency Mobile Firmware

Esperts found new DoNot Team APT group’s Android malware

Security Affairs

JANUARY 20, 2025

The Donot Team (aka APT-C-35 and Origami Elephant) has been active since 2016, it focuses ongovernment and military organizations, ministries of foreign affairs, and embassies in India, Pakistan, Sri Lanka, Bangladesh, and other South Asian countries.

Malware

Malware Cyber Attacks Mobile Phishing

Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016

Security Affairs

AUGUST 4, 2023

A married couple from New York pleaded guilty this week to laundering billions of dollars stolen from Bitfinex in 2016. The couple pleaded guilty to money laundering charges in connection with the hack of the cryptocurrency stock exchange Bitfinex that took place in 2016. Law enforcement also seized over $3.6

Cryptocurrency

Cryptocurrency Hacking Accountability Banking

U.S. CISA adds Adobe ColdFusion and Oracle Agile PLM flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

FEBRUARY 25, 2025

is a Java deserialization vulnerability in the Apache BlazeDS library in Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, CISA )

Hacking

Hacking Cybersecurity Risk Cybercrime

Source code of Dharma ransomware now surfacing on public hacking forums

Security Affairs

MARCH 29, 2020

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware , is up for sale on two Russian-language hacking forums. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Hacking Advertising Malware

France links Russian APT28 to attacks on dozen French entities

Security Affairs

APRIL 30, 2025

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Government

Government Phishing DNS VPN

CIA elite hacking unit was not able to protect its tools and cyber weapons

Security Affairs

JUNE 17, 2020

A CIA elite hacking unit that developed cyber-weapons failed in protecting its operations, states an internal report on the Vault 7 data leak. In March, Joshua Schulte , a former CIA software engineer that was accused of stealing the agency’s hacking tools and leaking them to WikiLeaks, was convicted of only minor charges.

Hacking

Hacking Engineering Data breaches Advertising

Kosovo authorities extradited admin of the cybercrime marketplace BlackDB.cc

Security Affairs

MAY 15, 2025

The Rydox marketplace has been active since February 2016, it facilitated over 7,600 sales of stolen PII, access devices, and cybercrime tools, generating $230,000 since 2016. It offered over 321,000 products to 18,000 users, including names, social security numbers, and hacking tools. Thousands of U.S.

Cybercrime

Cybercrime Identity Theft Cryptocurrency Hacking

Microsoft Patch Tuesday security updates for March 2025 fix six actively exploited zero-days

Security Affairs

MARCH 12, 2025

but also affects Windows 10 (build 1809 and earlier) and Server 2016. 1/4 pic.twitter.com/qCOgYiltfs — ESET Research (@ESETresearch) March 11, 2025 The full list of vulnerabilities addressed by Microsoft Patch Tuesday security updates for March 2025 is available here.

DNS

DNS Hacking Information Security

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Security Affairs

FEBRUARY 6, 2025

In the updated statement published by ICAO, the agency said it is actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations.

Cybercrime

Cybercrime Government Data breaches Information Security

Taiwan Government faces 5 Million hacking attempts daily

Security Affairs

NOVEMBER 10, 2021

Around five million cyber attacks hit Taiwan’s government agencies every day, and most of the hacking attempts are originated from China. Cyber security department director Chien Hung-wei told parliament representatives that government infrastructure faces “five million attacks and scans a day” . Pierluigi Paganini.

Government

Government Hacking Cyber Attacks Information Security

U.S. authorities charged an Iranian national for long-running hacking campaign

Security Affairs

MARCH 2, 2024

Department of Justice (DoJ) charged Iranian national Alireza Shafie Nasab (39) for multi-year hacking campaign targeting U.S. According to DoJ, from at least in or about 2016 through or about April 2021, Nasab and other co-conspirators carried out a coordinated multi-year campaign to breach computers worldwide. ” concludes DoJ.

Hacking

Hacking Identity Theft Social Engineering Accountability

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Security Affairs

DECEMBER 4, 2021

The Hancitor downloader has been active since at least 2016 for dropping Pony and Vawtrak. SecurityAffairs – hacking, ransomware). The post Cuba ransomware gang hacked 49 US critical infrastructure organizations appeared first on Security Affairs. The alert includes indicators of compromise and mitigations.

Ransomware

Ransomware Hacking Malware Encryption

TrickGate, a packer used by malware to evade detection since 2016

Security Affairs

JANUARY 31, 2023

TrickGate is a shellcode-based packer offered as a service, which is used at least since July 2016, to hide malware from defense programs. TrickGate is a shellcode-based packer offered as a service to malware authors to avoid detection, CheckPoint researchers reported.

Malware

Malware Antivirus Manufacturing Healthcare

Hikvision cameras could be remotely hacked due to critical flaw

Security Affairs

SEPTEMBER 22, 2021

. “ “This permits an attacker to gain full control of device with an unrestricted root shell, which is far more access than even the owner of the device has as they are restricted to a limited “protected shell” (psh) which filters input to a predefined set of limited, mostly informational commands.” Pierluigi Paganini.

Hacking

Hacking Firmware IoT Internet

Millions of devices could be hacked exploiting flaws targeted by tools stolen from FireEye

Security Affairs

DECEMBER 24, 2020

91541, 91534 CVE-2014-1812 05/13/2014 Microsoft Windows Group Policy Preferences Password Elevation of Privilege Vulnerability (KB2962486) 9 91148, 90951 CVE-2020-0688 02/11/2020 Microsoft Exchange Server Security Update for February 2020 8.8 50098 CVE-2016-0167 04/12/2016 Microsoft Windows Graphics Component Security Update (MS16-039) 7.8

Hacking

Hacking Cyber Attacks Passwords Software

PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack

Security Affairs

JULY 23, 2020

depending on the Windows version), SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 , SharePoint Server 2010 Service Pack 2, SharePoint Server 2019, Visual Studio 2017 version 15.9, SecurityAffairs – hacking, CVE-2020-1147). The CVE-2020-1147 vulnerability impacts.NET Core 2.1,NET NET Framework 2.0

Hacking

Hacking Advertising Software Information Security

Crooks are reviving the Grandoreiro banking trojan

Security Affairs

MARCH 28, 2025

The Trojan has been active since 2016, it initially targeted Brazil but expanded to Mexico, Portugal, and Spain since 2020. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,malware) ” concludes the report that includes Indicators of compromise (IoCs).

Banking

Banking Phishing Malware Passwords

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

JANUARY 24, 2023

First advertised in the cybercrime underground in 2014, RSOCKS was the web-based storefront for hacked computers that were sold as “proxies” to cybercriminals looking for ways to route their Web traffic through someone else’s device. “Thanks to you, we are now developing in the field of information security and anonymity!,”

Cybercrime

Cybercrime Advertising IoT Malware

DoD Announces Third 'Hack the Pentagon' Bug Bounty Program

SecureWorld News

JANUARY 18, 2023

Department of Defense (DoD) is turning to the private sector to bolster its cyber defenses with the launch of the third iteration of its "Hack the Pentagon" bug bounty program. The third installment of the "Hack the Pentagon" bug bounty program comes almost five years after the second one, which was unveiled in April 2018.

Hacking

Hacking Government Information Security Cybersecurity

CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog

Security Affairs

MAY 25, 2022

Some of the flaws added to the catalog in this turn are dated back to 2016, such as the issues affecting Apple ( CVE-2016-4655 , CVE-2016-4656 , CVE-2016-4657 ), Microsoft ( CVE-2016-0162 , CVE-2016-3351 , CVE-2016-3298 ) and Cisco Devices ( CVE-2016-6366 , CVE-2016-6367 ).

Software

Software Hacking Cybersecurity Risk

Ukrainian Cyber Alliance destroyed the connectivity of Russian ISP Nodex

Security Affairs

JANUARY 9, 2025

Ukrainian Cyber Alliance hacked Russian ISP Nodex, stole sensitive data, and wiped systems, highlighting their cyberattack capabilities. The Ukrainian Cyber Alliance has been active since 2016, the Pro-Ukraine group has targeted Russian entities since the invasion of Ukraine. ” reported The Record Media.

Backups

Backups Internet Internet Hacking

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. This week, Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data. SecurityAffairs – Mitsubishi Electric, hacking).

Antivirus

Antivirus Hacking Advertising Media

Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails

Security Affairs

JANUARY 20, 2024

The Midnight Blizzard group (aka APT29 , SVR group , Cozy Bear , Nobelium , BlueBravo , and The Dukes ) along with APT28 cyber espionage group was involved in the Democratic National Committee hack and the wave of attacks aimed at the 2016 US Presidential Elections.

Hacking

Hacking Passwords Accountability Authentication

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Security Affairs

AUGUST 16, 2024

The app has been present since August 2016 [ 1 , 2 ], but there is no evidence that this vulnerability has been exploited in the wild. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Android)

Hacking

Hacking Firmware Mobile Penetration Testing

Former Uber CISO Faces Prison Time For Mishandling Cyberattack: Justice, Scapegoating, or Both?

Joseph Steinberg

OCTOBER 6, 2022

A jury yesterday found former Uber security chief Joe Sullivan guilty of covering up a massive data breach; the conviction makes Sullivan likely to become the first executive to face prison time over the mishandling of a cyberattack. Serving as a Chief Information Security Officer is a daunting task. 0001% get through.

CISO

CISO Artificial Intelligence Data breaches Cybersecurity

Over 80,000 Hikvision cameras can be easily hacked

Security Affairs

AUGUST 23, 2022

“This permits an attacker to gain full control of device with an unrestricted root shell, which is far more access than even the owner of the device has as they are restricted to a limited “protected shell” (psh) which filters input to a predefined set of limited, mostly informational commands.”. SecurityAffairs – hacking, Hikvision).

Hacking

Hacking Firmware Internet Internet

Russia-linked APT group Midnight Blizzard hacked Hewlett Packard Enterprise (HPE)

Security Affairs

JANUARY 25, 2024

The Midnight Blizzard group (aka APT29 , SVR group , Cozy Bear , Nobelium , BlueBravo , and The Dukes ) along with APT28 cyber espionage group was involved in the Democratic National Committee hack and the wave of attacks aimed at the 2016 US Presidential Elections.

Hacking

Hacking Accountability Passwords Marketing

Russia-linked group APT29 likely breached TeamViewer’s corporate network

Security Affairs

JUNE 30, 2024

Russia-linked APT group, reportedly APT29, is suspected to be behind a hack of TeamViewer ‘s corporate network. The popular Ars Technica reporter Dan Goodin reported that an alert issued by security firm NCC Group reports a “significant compromise of the TeamViewer remote access and support platform by an APT group.”

Accountability

Accountability Hacking Architecture Malware

Microsoft rolled out emergency updates to fix Windows Server auth failures

Security Affairs

NOVEMBER 15, 2021

These issues impacts Windows Server 2019 and lower versions, including Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2. SecurityAffairs – hacking, Operation Cyclone). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Authentication

Authentication Hacking Information Security

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Security Affairs

FEBRUARY 13, 2020

. “To make sure that your Exchange organization is better protected against the latest threats (for example Emotet, TrickBot or WannaCry to name a few) we recommend disabling SMBv1 if it’s enabled on your Exchange (2013/2016/2019) server.” Please see this KB for more information. ” continues Microsoft.

Authentication

Authentication Malware Advertising Hacking

Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison

AusCERT and the Award for Information Security Excellence

Trending Sources

Cyber thieves move $760 million stolen in the 2016 Bitfinex heist

DoJ seized credit card marketplace PopeyeTools and charges its administrators

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Over 6,000 email accounts belonging to Taiwan government agencies hacked by Chinese hacked

Telco service provider giant Syniverse had unauthorized access since 2016

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

International Civil Aviation Organization (ICAO) and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists

Meet the Administrators of the RSOCKS Proxy Botnet

Uber hacked, internal systems and confidential documents were allegedly compromised

Ahold Delhaize experienced a cyber incident affecting several of its U.S. brands

Personal health information of 42M Americans leaked between 2016 and 2021

New Triada Trojan comes preinstalled on Android devices

Esperts found new DoNot Team APT group’s Android malware

Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016

U.S. CISA adds Adobe ColdFusion and Oracle Agile PLM flaws to its Known Exploited Vulnerabilities catalog

Source code of Dharma ransomware now surfacing on public hacking forums

France links Russian APT28 to attacks on dozen French entities

CIA elite hacking unit was not able to protect its tools and cyber weapons

Kosovo authorities extradited admin of the cybercrime marketplace BlackDB.cc

Microsoft Patch Tuesday security updates for March 2025 fix six actively exploited zero-days

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Taiwan Government faces 5 Million hacking attempts daily

U.S. authorities charged an Iranian national for long-running hacking campaign

Cuba ransomware gang hacked 49 US critical infrastructure organizations

TrickGate, a packer used by malware to evade detection since 2016

Hikvision cameras could be remotely hacked due to critical flaw

Millions of devices could be hacked exploiting flaws targeted by tools stolen from FireEye

PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack

Crooks are reviving the Grandoreiro banking trojan

Administrator of RSOCKS Proxy Botnet Pleads Guilty

DoD Announces Third 'Hack the Pentagon' Bug Bounty Program

CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog

Ukrainian Cyber Alliance destroyed the connectivity of Russian ISP Nodex

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Russia-linked Midnight Blizzard APT hacked Microsoft corporate emails

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Former Uber CISO Faces Prison Time For Mishandling Cyberattack: Justice, Scapegoating, or Both?

Over 80,000 Hikvision cameras can be easily hacked

Russia-linked APT group Midnight Blizzard hacked Hewlett Packard Enterprise (HPE)

Russia-linked group APT29 likely breached TeamViewer’s corporate network

Microsoft rolled out emergency updates to fix Windows Server auth failures

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Stay Connected