Security Affairs

JUNE 15, 2021

The source code for the Paradise Ransomware has been released on a hacking forum allowing threat actors to develop their customized variant. The source code for the Paradise Ransomware has been released on the hacking forum XSS allowing threat actors to develop their own customized ransomware operation. Pierluigi Paganini.

Ransomware 132

Ransomware Hacking Encryption Malware 132

Security Affairs

JUNE 10, 2019

The spam messages are sent in various European languages, threat actors are exploiting the Microsoft Office and Wordpad CVE-2017-11882 vulnerability. pic.twitter.com/Ac6dYG9vvw — Microsoft Security Intelligence (@MsftSecIntel) June 7, 2019. Windows Defender ATP detects the documents as Exploit:O97M/CVE-2017-11882.AD

Security Intelligence 75

Security Intelligence Advertising Malware Information Security 75

Security Affairs

DECEMBER 24, 2020

91541, 91534 CVE-2014-1812 05/13/2014 Microsoft Windows Group Policy Preferences Password Elevation of Privilege Vulnerability (KB2962486) 9 91148, 90951 CVE-2020-0688 02/11/2020 Microsoft Exchange Server Security Update for February 2020 8.8 50098 CVE-2016-0167 04/12/2016 Microsoft Windows Graphics Component Security Update (MS16-039) 7.8

Hacking 116

Hacking Cyber Attacks Passwords Software 116

Security Affairs

SEPTEMBER 21, 2019

US authorities have indicted two men for hacking the exchange EtherDelta in December 2017, one of them was also accused of TalkTalk hack. US authorities have indicted two men, Elliot Gunton and Anthony Tyler Nashatka, for hacking the cryptocurrency exchange EtherDelta in 2017. Six days later, on December 19, 2017.

Hacking 81

Hacking DNS Cryptocurrency Accountability 81

Security Affairs

FEBRUARY 10, 2020

The United States Department of Justice charged 4 Chinese military hackers with hacking into credit reporting agency Equifax. The United States Department of Justice officially charged 4 members of the China’s PLA’s 54th Research Institute, a division of the Chinese military, with hacking into credit reporting agency Equifax.

Hacking 102

Hacking Data breaches Advertising Encryption 102

Security Affairs

APRIL 13, 2021

The Swedish Sports Confederation organization was compromised in 2017-18 by hackers working for Russian military intelligence, officials said. The information has been published openly and, based on these details, Swedish media have written articles which follow GRU’s narrative of discrediting athletes and sports organisations in the West.”.

Hacking 65

Hacking Media Government Information Security 65

Security Affairs

FEBRUARY 8, 2020

The social network giant Facebook is still the target of hackers, its Facebook and Instagram accounts have been hijacked by the popular hacking group Our M ine. Yesterdat the popular hacking group OurMine hacked the Twitter and Instagram accounts for Facebook and Messenger. SecurityAffairs – OurMine, hacking).

Accountability 118

Accountability Hacking Media Advertising 118

Security Affairs

FEBRUARY 2, 2024

Olsen, the Assistant Attorney General for National Security; and James Smith, the Assistant Director in Charge of the New York Field Office of the Federal Bureau of Investigation (“FBI”), announced today that JOSHUA ADAM SCHULTE was sentenced to 40 years in prison by U.S. District Judge Jesse M.

Computers and Electronics 103

Computers and Electronics Engineering Hacking Data breaches 103

Security Affairs

JANUARY 2, 2021

Ticketmaster agreed to pay a $10 million fine for hacking into the computer system of the startup rival CrowdSurge. The attacks aimed at stealing information to gain an advantage over CrowdSurge, which was acquired by Warner Music Group (WMG) in 2017. ” Both Mead and Zaidi were fired by Ticketmaster in 2017.

Hacking 94

Hacking Passwords Accountability Cybercrime 94

Security Affairs

SEPTEMBER 1, 2021

Securities and Exchange Commission (SEC) announced sanctions against several organizations over email account hacking. Securities and Exchange Commission (SEC) announced sanctions against eight entities belonging to three companies over email account hacking due to cybersecurity failures. Pierluigi Paganini.

Accountability 89

Accountability Hacking Financial Services Cybersecurity 89

Security Affairs

JANUARY 6, 2024

billion insurance claim for the losses caused by the NotPetya attack that took place in 2017. In August 2017, the pharmaceutical company revealed that the massive NotPetya cyberattack disrupted its worldwide operations. Merck filed a $1.4

Insurance 118

Insurance Manufacturing Ransomware Healthcare 118

Security Affairs

FEBRUARY 6, 2024

“According to the indictment, between 2011 and July 2017, Aliaksandr Klimenka, 42, allegedly controlled BTC-e, a digital currency exchange, with Alexander Vinnik and others.” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, commercial spyware )

Cryptocurrency 109

Cryptocurrency Spyware Cybercrime Hacking 109

Security Affairs

FEBRUARY 15, 2024

The office said it has been monitoring and defending against “constant” hacking attempts presumed to be related to North Korea but “it’s not that the presidential office’s security system got hacked.” South Korea is a privileged target of cyber espionage operations carried out by North Korea-linked APT groups. Recently, a U.N.

Hacking 101

Hacking Government Accountability Information Security 101

The Last Watchdog

JUNE 21, 2020

The WannaCry and NotPetya outbreaks in May and June 2017, respectively, were the most devastating in history. In many cases, the crooks hack managed service providers (MSPs) first and then use this access to compromise the partnering organizations. The first viable Mac ransomware called KeRanger was spotted in the spring of 2016.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

OCTOBER 31, 2019

Two hackers have pleaded guilty to hacking Uber and LinkedIn’s Lynda.com service in 2016 and attempted to extort money from the two companies. Brandon Charles Glover and Vasile Mereacre are two hackers that have pleaded guilty to hacking Uber and LinkedIn’s Lynda.com service in 2016. Pierluigi Paganini. SecurityAffairs –.

Data breaches 70

Data breaches Hacking Advertising Accountability 70

Security Affairs

AUGUST 11, 2023

A variant of the Gafgyt botnet is actively attempting to exploit a vulnerability, tracked as CVE-2017-18368 (CVSS v3: 9.8), impacting the end-of-life Zyxel P660HN-T1A router. Zyxel addressed the vulnerability in 2017 with the release of new firmware, however, the vendor warned that a Gafgyt variant was exploiting the flaw in 2019.

Firmware 81

Firmware Hacking Cybercrime Information Security 81

Security Affairs

FEBRUARY 17, 2020

The popular hacker group OurMine has hacked the official Twitter account of the FC Barcelona, along with the accounts of Olympics and the International Olympic Committee (IOC). The popular hacker group has hacked the official Twitter account of the FC Barcelona, along with the accounts of and the International Olympic Committee (IOC).

Accountability 95

Accountability Hacking Advertising Media 95

Security Affairs

APRIL 19, 2021

Among the most clamorous attacks against industrial organizations, there is the 2015 attack against the electric grid in Ukraine and the 2017 Triton attack against a Saudi petrochemical plant. ” If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, smart meters).

Hacking 121

Hacking Phishing Accountability Internet 121

Security Affairs

OCTOBER 30, 2023

Further analysis revealed that the malware has been used since at least 2017. Kaspersky discovered that the detections between 2017 and 2022 had previously misclassified as a cryptocurrency miner. Kaspersky researchers discovered that over one million updates have been downloaded from the C2 infrastructure since 2017.

Malware 127

Malware Cryptocurrency Ransomware Hacking 127

Security Affairs

MARCH 29, 2020

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware , is up for sale on two Russian-language hacking forums. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 114

Ransomware Hacking Advertising Malware 114

Security Affairs

JUNE 3, 2019

A teen opted out to hack it twice. Unfortunately, the teen was identified and he has been found guilty of hacking twice into Apple’s infrastructure in 2015 and 2017. . “The boy, who is now 17, faced the Adelaide Youth Court and pleaded guilty to multiple computer hacking charges.” Pierluigi Paganini.

Hacking 81

Hacking Advertising Technology Cybersecurity 81

Security Affairs

AUGUST 9, 2020

Paige Thompson is a transgender woman suspected to be the hacker behind the Capital One hack and attacks on 30 other organizations, in August 2019 he has been indicted on wire fraud and computer fraud. SecurityAffairs – hacking, Capital One). Thompson (33). Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking 87

Hacking Banking Data breaches Advertising 87

Security Affairs

JULY 23, 2020

depending on the Windows version), SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 , SharePoint Server 2010 Service Pack 2, SharePoint Server 2019, Visual Studio 2017 version 15.9, SecurityAffairs – hacking, CVE-2020-1147). The CVE-2020-1147 vulnerability impacts.NET Core 2.1,NET NET Framework 2.0

Hacking 114

Hacking Advertising Software Information Security 114

Security Affairs

JUNE 17, 2020

A CIA elite hacking unit that developed cyber-weapons failed in protecting its operations, states an internal report on the Vault 7 data leak. In March, Joshua Schulte , a former CIA software engineer that was accused of stealing the agency’s hacking tools and leaking them to WikiLeaks, was convicted of only minor charges.

Hacking 118

Hacking Engineering Data breaches Advertising 118

Security Affairs

AUGUST 13, 2021

The news was first reported by TheRecord website, the master decryption keys work for victims that were infected between July 2017 and early 2021. “The keys have been verified as authentic by Michael Gillespie , a malware analyst at security firm Emsisoft and the creator of the ID-Ransomware service.” Pierluigi Paganini.

Ransomware 140

Ransomware Authentication Malware Hacking 140

Security Affairs

JANUARY 25, 2020

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. This week, Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data. SecurityAffairs – Mitsubishi Electric, hacking).

Antivirus 132

Antivirus Hacking Advertising Media 132

Security Affairs

DECEMBER 7, 2023

The software engineer Tillie Kottmann was informed by an anonymous source that the Git server was exposed online and accessible to anyone using the default login credentials admin/admin. In December 2017, Nissan Finance Canada was hacked , personal information of 1.13

Cyber Attacks 122

Cyber Attacks Financial Services Scams Data breaches 122

Security Affairs

APRIL 3, 2021

Thompson for the security breach. THOMPSON posted about the Capital One hack on GitHub, she exploited a misconfigured web application firewall to get access to the data. On July 17, 2019, Capital One was informed of the incident by a GitHub user who saw the post. SecurityAffairs – hacking, Capital One).

Hacking 77

Hacking Data breaches Banking Small Business 77

Security Affairs

JULY 14, 2022

Former CIA programmer, Joshua Schulte, was convicted in a US federal court of the 2017 leak of a massive leak to WikiLeaks. The former CIA programmer Joshua Schulte (33) was found guilty in New York federal court of stealing the agency’s hacking tools and leaking them to WikiLeaks in 2017. SecurityAffairs – hacking, Vault7).

Engineering 100

Engineering Hacking Mobile IoT 100

Security Affairs

OCTOBER 5, 2022

Narelle Devine, the company’s chief information security officer for the Asia Pacific region, added that no customer account information was stored on the third-party platform. It seems that the security breach also impacted other companies. SecurityAffairs – hacking, Telstra Telecom). Pierluigi Paganini.

Data breaches 93

Data breaches Telecommunications Accountability Information Security 93

Security Affairs

SEPTEMBER 24, 2023

The man was extradited from Canada to the United States on April 12, 2023. “According to his plea agreement, from February 2017 until at least July 2017, Simon-Ebo conspired with others to perpetrate a BEC scheme.” According to the US authorities, fraudulent activities caused losses of more than $6 million to the victims.

Accountability 117

Accountability Banking Hacking Cybercrime 117

Security Affairs

APRIL 29, 2024

.” The FCC’s Enforcement Bureau launched an investigation after Missouri Sheriff Cory Hutcheson misused a “location-finding service” provided by Securus, a communications service provider for correctional facilities, to access the location data of wireless carrier customers without their consent from 2014 to 2017.

Wireless 85

Wireless Telecommunications Insurance Mobile 85

Security Affairs

FEBRUARY 11, 2022

SecurityAffairs – hacking, CISA). The post CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog appeared first on Security Affairs. With the addition of these 15 vulnerabilities, the number of flaws in the CISA’s Known Exploited Vulnerabilities Catalog reached 368. Pierluigi Paganini.

IoT 119

IoT Accountability Authentication Hacking 119

Security Affairs

FEBRUARY 22, 2021

The Chinese APT group had access to an NSA Equation Group, NSA hacking tool and used it years before it was leaked online by Shadow Brokers group. used a tool dubbed Jian, which is a clone of NSA Equation Group ‘s “EpMe” hacking tool years before it was leaked online by Shadow Brokers hackers.

Hacking 77

Hacking Malware Software Information Security 77

Security Affairs

JANUARY 7, 2024

Researchers from Dutch security firm Hunt & Hackett observed Sea Turtle cyber espionage group (aka Teal Kurma, Marbled Dust, SILICON and Cosmic Wolf) targeting telco, media, ISPs, IT service providers, and Kurdish websites in the Netherlands. Between 2017 and 2019, the APT group mainly used DNS hijacking in its campaigns.

Media 121

Media Accountability Telecommunications Government 121

Security Affairs

FEBRUARY 6, 2020

Below the attack chain that was visible in the video PoC: The attacker takes control over the smart bulb by exploiting a vulnerability in smart light bulbs in 2017. SecurityAffairs – Smart Light Bulbs, hacking). The post Hacking Wi-Fi networks by exploiting a flaw in Philips Smart Light Bulbs appeared first on Security Affairs.

Hacking 127

Hacking IoT Wireless Firmware 127

Security Affairs

MARCH 15, 2022

German Federal Office for Information Security agency, also known as BSI, recommends consumers not to use Kaspersky anti-virus software. The German Federal Office for Information Security agency, aka BSI, recommends consumers uninstall Kaspersky anti-virus software. SecurityAffairs – hacking, BSI).

Antivirus 108

Antivirus Software Manufacturing Information Security 108