Security Affairs

NOVEMBER 16, 2018

In 2017-2018 hackers’ interest in cryptocurrency exchanges ramped up. Thirteen exchanges were hacked in 2017 and in the first three quarters of 2018, amounting to a total loss of $877 million. GIB Threat Intelligence cyber threats data collection system has been named one of the best in class by Gartner, Forrester, and IDC.

Cybercrime 82

Cybercrime Hacking Banking Phishing 82

Security Affairs

JULY 30, 2020

The Techniques, Tactics, and Procedures (TTPs) of the Operation North Star operations are very similar to those observed in 2017 and 2019 campaigns that targeted key military and defense technologies. “Our analysis indicates that one of the purposes of the activity in 2020 was to install data gathering implants on victims’ machines.

Advertising 96

Advertising Data collection Malware Phishing 96

Security Affairs

SEPTEMBER 19, 2018

The first data that emerged from the study is that threat actors continue to look at the IoT devices with increasing interest. In the first six months of 2018, the experts observed a number of malware samples that was up three times as many samples targeting IoT devices as in the whole of 2017. Pierluigi Paganini.

IoT 80

IoT Passwords Malware Advertising 80

Security Affairs

NOVEMBER 28, 2020

Experts from threat intelligence firm KELA , speculate the threat actor could have obtained the credentials buying “Azor logs,” which are lots of data stolen from computers infected with the AzorUlt info-stealer trojan. SecurityAffairs – hacking, executive). Pierluigi Paganini.

Accountability 103

Accountability Cybercrime Hacking Retail 103

Security Affairs

NOVEMBER 3, 2020

The scripts developed by the cyber criminal were used to parse log data collected from botnet and searched for personally identifiable information (PII) and account credentials. SecurityAffairs – hacking, Aleksandr Brovko). Brovko was involved in the illegal practice between 2007 and 2019. Pierluigi Paganini.

Accountability 99

Accountability Banking Advertising Data collection 99

Schneier on Security

SEPTEMBER 26, 2019

While it's unlikely that China would bother spying on commuters using subway cars, it would be much less surprising if a tech company offered free Internet on subways in exchange for surveillance and data collection. That's an easier, and more fruitful, attack path. China denied having done so , of course. The United States does it.

Surveillance 218

Surveillance Wireless Government Internet 218

Krebs on Security

JULY 18, 2022

net available at the Wayback Machine shows that in 2016 this domain was used for the “ ExE Bucks ” affiliate program, a pay-per-install business which catered to people already running large collections of hacked computers or compromised websites. In a 2017 discussion on fl.l33t[.]su A cached copy of flashupdate[.]net

VPN 313

VPN Computers and Electronics Antivirus Software 313

Security Affairs

NOVEMBER 5, 2018

Experts from Honeywell analyzed data collected with the Secure Media Exchange (SMX) , a product it has launched in 2017 and that was designed to protect industrial facilities from USB-borne threats.

Malware 88

Malware IoT Advertising Data collection 88

SecureList

AUGUST 8, 2022

Microsoft Word documents attached to the phishing emails contained malicious code that exploits the CVE-2017-11882 vulnerability. The Ladon hacking utility (which is popular in China) is used as the main lateral movement tool. Transfer of stolen data from infected systems. These servers were also used as stage one CnC servers.

Malware 91

Malware Phishing Passwords Data collection 91

Security Affairs

OCTOBER 10, 2018

Security firm Group-IB has estimated that in H2 2017-H1 2018 cyber attacks caused $49.4 Group-IB, an international company that specializes in preventing cyber attacks, has estimated that in H2 2017-H1 2018 cyber attacks caused $49.4 In December 2017, Group-IB published the first report on this group: “MoneyTaker: 1.5

Cyber Attacks 82

Cyber Attacks Banking Cyber threats Phishing 82

Security Affairs

MARCH 7, 2019

The campaign observed by Akamai in December tracked as EternalSilence, was targeting millions of machines living behind the vulnerable routers by leveraging the EternalBlue and EternalRed (CVE-2017-7494) exploits. allows attackers to cause a denial of service (DoS) • CVE-2017-1000494 , an uninitialized stack variable flaw in MiniUPnPd.

Cyber Attacks 81

Cyber Attacks Advertising Firmware Data collection 81

Krebs on Security

MAY 2, 2023

The leaked records indicate the network’s chief technology officer in Pakistan has been hacked for the past year, and that the entire operation was created by the principals of a Tennessee-based telemarketing firm that has promoted USPS employment websites since 2016. The call center — which operates as Nextlevelsupportcenters[.]com

Marketing 274

Marketing Advertising Scams Telecommunications 274

SC Magazine

APRIL 9, 2021

The recent news about the SolarWinds hack has put software supply-chain attacks back in the limelight. Security pros may recall the 2017 NotPetya attack on tax accounting software by M.E. The major public cloud providers have facilities that let teams do event and data collection without agents.

Software 86

Software Data collection Malware Risk 86

Security Boulevard

JUNE 15, 2023

Mystic Stealer web admin control panel login page Crimeware control panels allow operators to configure settings and access data collected from deployed malware and typically serve as the interface for criminal users to interact with the software. 171:15555 Size ~234 KB Compiler: EP:Microsoft Visual C/C++ (2017 v.15.5-6)

Cryptocurrency 52

Cryptocurrency Password Management Malware DNS 52

Security Affairs

NOVEMBER 15, 2018

The group also carries out attacks through intermediaries by hacking banks’ partners, IT companies, and financial product providers. In December 2017, Group-IB published its first report on the group: “MoneyTaker: 1.5 years of silent operations”. About the author Group-IB.

Banking 98

Banking Computers and Electronics Phishing Cybercrime 98

CyberSecurity Insiders

APRIL 27, 2022

The term UEBA was first used in 2017 by tech consultancy firm Gartner. The most common use case of UBA is the protection of sensitive data (namely in the financial, government, and healthcare sectors). Make sure to look for B2B loyalty programs that offer data-driven insights in addition to the security aspect of UEBA. .

Cybersecurity 99

Cybersecurity Threat Detection Marketing B2B 99

Security Affairs

NOVEMBER 17, 2018

Group-IB Threat Intelligence continuously detects and analyses data uploaded to card shops all over the world,” – said Dmitry Shestakov, Head of Group-IB ?ybercrime According to Group-IB’s annual Hi-Tech Crime Trends 2018 report, on average, from June 2017 to August 2018, 1.8 ybercrime research unit.

Banking 91

Banking Cybercrime Advertising Data collection 91

Troy Hunt

OCTOBER 19, 2017

For the last 4 years, I've also run a free service called Have I Been Pwned (HIBP) which aggregates data breaches and presently contains about 4.8 — Troy Hunt (@troyhunt) October 17, 2017. This was the result: My original import of the South African "Master Deeds" data didn't complete.

Data breaches 210

Data breaches Government Backups Internet 210

Security Affairs

OCTOBER 15, 2018

billion in 2017, compared to $1.2 GIB Threat Intelligence cyber threats data collection system has been named one of the best in class by Gartner, Forrester, and IDC. This information was first made public by experts from Group-IB’s Brand Protection team at the CyberCrimeCon 2018 international cybersecurity conference.

Marketing 79

Marketing Phishing Media Engineering 79

eSecurity Planet

MAY 19, 2023

It specializes in detecting and preventing the exposure of API keys, credentials, certificates and other confidential data.

Software 103

Software Risk Encryption Marketing 103

Security Affairs

NOVEMBER 19, 2019

CERT-GIB’s report is based on data collected and analyzed by the Threat Detection System (TDS) Polygon as part of operations to prevent and detect threats distributed online in H1 2019 in more than 60 countries. In 2017, password-protected archives accounted for only 0.08% of all malicious objects. rar archive files.

Ransomware 69

Ransomware Antivirus Malware Banking 69

Security Affairs

MAY 27, 2020

An interesting point is that one day after data collection, on 2020/05/21, most of the samples were removed from the server by the malware operators, but the sample targeting Portugal was kept available for the next days. Figure 6: Metrics collected from the server on May 21st, 2020 with the Portuguese sample kept by crooks.

Malware 65

Malware Banking Advertising Data collection 65

SecureList

MARCH 29, 2021

For example, in July of 2017, the data of 14 million Verizon users was breached due to incorrectly configured buckets. This was exactly the technique used for the Twitter hack in the summer of 2020. Tracking pixel. Cybercriminals may resort to various technical tricks to obtain information relevant to their particular goals.

Identity Theft 94

Identity Theft Phishing Accountability Banking 94

SecureList

FEBRUARY 16, 2023

Scammers sent a link to that page from hacked accounts, asking users to vote for their friends’ kids’ works. Both can be used to steal user data, collect information about the corporate network, and spread additional malware, such as ransomware. Scammers created a page on the telegra.ph

Phishing 96

Phishing Scams Accountability Energy and Utilities 96