2017, Hacking, Information Security and Passwords

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] com , a service that sold access to billions of passwords and other data exposed in countless data breaches. In 2019, a Canadian company called Defiant Tech Inc. Abusewith[.]us

Hacking

Hacking Accountability Data breaches Marketing

Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes

Security Affairs

AUGUST 6, 2022

Slack is resetting passwords for approximately 0.5% of its users after a bug exposed salted password hashes when users created or revoked a shared invitation link for their workspace. Slack announced that it is resetting passwords for about 0.5% SecurityAffairs – hacking, Slack). Pierluigi Paganini.

Passwords

Passwords Password Management Antivirus Encryption

Ticketmaster will pay $10 Million fine over hacking a competitor

Security Affairs

JANUARY 2, 2021

Ticketmaster agreed to pay a $10 million fine for hacking into the computer system of the startup rival CrowdSurge. The attacks aimed at stealing information to gain an advantage over CrowdSurge, which was acquired by Warner Music Group (WMG) in 2017. ” Both Mead and Zaidi were fired by Ticketmaster in 2017.

Hacking

Hacking Passwords Accountability Cybercrime

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Millions of devices could be hacked exploiting flaws targeted by tools stolen from FireEye

Security Affairs

DECEMBER 24, 2020

91541, 91534 CVE-2014-1812 05/13/2014 Microsoft Windows Group Policy Preferences Password Elevation of Privilege Vulnerability (KB2962486) 9 91148, 90951 CVE-2020-0688 02/11/2020 Microsoft Exchange Server Security Update for February 2020 8.8 If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Hacking

Hacking Cyber Attacks Passwords Software

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

Security Affairs

SEPTEMBER 21, 2019

US authorities have indicted two men for hacking the exchange EtherDelta in December 2017, one of them was also accused of TalkTalk hack. US authorities have indicted two men, Elliot Gunton and Anthony Tyler Nashatka, for hacking the cryptocurrency exchange EtherDelta in 2017. Six days later, on December 19, 2017.

Hacking

Hacking DNS Cryptocurrency Accountability

TP-Link Archer routers allow remote takeover without passwords

Security Affairs

DECEMBER 17, 2019

TP-Link has addressed a critical vulnerability impacting some TP-Link Archer routers that could allow attackers to login without passwords. “In such an event, the victim could lose access to the console and even a shell, and thereby would not be able to re-establish a new password.” ” continues the post.

Passwords

Passwords Advertising Firmware Authentication

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Security Affairs

JANUARY 7, 2024

Researchers from Dutch security firm Hunt & Hackett observed Sea Turtle cyber espionage group (aka Teal Kurma, Marbled Dust, SILICON and Cosmic Wolf) targeting telco, media, ISPs, IT service providers, and Kurdish websites in the Netherlands. Between 2017 and 2019, the APT group mainly used DNS hijacking in its campaigns.

Media

Media Accountability Telecommunications Government

Alleged FruitFly malware creator ruled incompetent to stand trial

Malwarebytes

JANUARY 16, 2024

On January 4, 2017, Case Western Reserve University (CWRU), located in Cleveland, Ohio, became aware of an infection on more than 100 of its computers. The university was notified by an undisclosed third party, who provided information to help the team find and identify the malware. The FBI found a laptop in Durachinsky’s room.

Malware

Malware Passwords Identity Theft Data collection

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The Archiveus Trojan from 2006 was the first one to use RSA cipher, but it was reminiscent of a proof of concept and used a static 30-digit decryption password that was shortly cracked. The WannaCry and NotPetya outbreaks in May and June 2017, respectively, were the most devastating in history. None of these early threats went pro.

Ransomware

Ransomware Hacking Encryption Penetration Testing

TA547 targets German organizations with Rhadamanthys malware

Security Affairs

APRIL 12, 2024

TA547 is a financially motivated threat actor that has been active since at least November 2017, it was observed conducting multiple campaigns to deliver a variety of Android and Windows malware, including DanaBot , Gootkit , Lumma stealer , NetSupport RAT , Ursnif , and ZLoader. ” The report includes Indicators of compromise (IoCs).

Malware

Malware Social Engineering Retail Engineering

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

Russia-linked APT group Sandworm has hacked eleven telecommunication service providers in Ukraine between since May 2023. The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. ” reads the advisory published by the CERT-UA.

Telecommunications

Telecommunications Authentication Data collection Passwords

New Lucifer DDoS botnet targets Windows systems with multiple exploits

Security Affairs

JUNE 26, 2020

A new botnet, tracked as Lucifer, appeared in the threat landscape, it leverages close to a dozen exploits to hack Windows systems. Strong passwords are also encouraged to prevent dictionary attacks.” SecurityAffairs – hacking, 5G). ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

DDOS

DDOS Malware Advertising Passwords

CIA elite hacking unit was not able to protect its tools and cyber weapons

Security Affairs

JUNE 17, 2020

A CIA elite hacking unit that developed cyber-weapons failed in protecting its operations, states an internal report on the Vault 7 data leak. In March, Joshua Schulte , a former CIA software engineer that was accused of stealing the agency’s hacking tools and leaking them to WikiLeaks, was convicted of only minor charges.

Hacking

Hacking Engineering Data breaches Advertising

Chinese actors behind attacks on industrial enterprises and public institutions

Security Affairs

AUGUST 9, 2022

The emails used weaponized Microsoft Word documents exploiting the CVE-2017-11882 vulnerability. The CVE-2017-11882 flaw is a memory-corruption issue that affects all versions of Microsoft Office released between 2000 and 2017. SecurityAffairs – hacking, industrial enterprises). ” concludes the report.

Encryption

Encryption Antivirus Malware Hacking

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

Security Affairs

JANUARY 19, 2020

This is the biggest leak of Telnet passwords even reported. According to ZDNet that first published the news, the list was leaked on a popular hacking forum by the operator of a DDoS booter service. The list includes the IP address, username and password for the Telnet service for each device. ” reported ZDNet.

IoT

IoT DDOS InfoSec Internet

PurpleFox malware infected at least 2,000 computers in Ukraine

Security Affairs

FEBRUARY 2, 2024

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. The malware uses exploits for known vulnerabilities and password brute-forcing attacks for self-propagation.

Malware

Malware Internet Internet DDOS

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

Experts observed the bot attempting to gain access to the device by using a combination of eight common usernames and 130 passwords for IoT devices over SSH and telnet on ports 23 and 2323. Adopt a comprehensive IoT security solution. SecurityAffairs – hacking, botnet). “Since the release of Zerobot 1.1,

IoT

IoT DDOS Malware Firmware

Hackers claim to have compromised 50,000 home cameras and posted footage online

Security Affairs

OCTOBER 19, 2020

A hacker collective claims to have hacked over 50,000 home security cameras and published their footage online, some of them on adult sites. A group of hackers claims to have compromised over 50,000 home security cameras and published their private footage online. ” reported The New Paper.”

IoT

IoT Internet Internet Hacking

Uptick in RPA Software Adoption Reveals Need for Anti-Hacking Training

Security Affairs

APRIL 23, 2020

It’s become evident that many businesses lack the necessary anti-hacking training. billion between 2017 and 2019 alone. By automating password generation and access windows, companies can ensure they have exclusive, secure access to their RPA. SecurityAffairs – RPA software, hacking). Rising RPA Adoption.

Software

Software Hacking Data breaches Cybersecurity

LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC

Security Affairs

JULY 1, 2023

The LockBit ransomware gang claims to have hacked Taiwan Semiconductor Manufacturing Company (TSMC). The LockBit ransomware group this week claimed to have hacked the Taiwan Semiconductor Manufacturing Company ( TSMC ) and $70 million ransom. ” reads the announcement published by Lockbit operators on their leak site.

Manufacturing

Manufacturing Ransomware Hacking Security Awareness

Admins of Genesis Market marketplace sold their infrastructure on a hacker forum

Security Affairs

JULY 17, 2023

In April, the FBI seized the Genesis Market , a black marketplace for stolen credentials that was launched in 2017. The admins of the darkweb Genesis Market announced the sale of their platform to a threat actor that will restart operations next month. The data offered by the administrators included: device fingerprints (e.g.

Marketing

Marketing Accountability Cybercrime Passwords

China-linked BlackTech APT uses new Flagpro malware in recent attacks

Security Affairs

DECEMBER 29, 2021

The spear-phishing messages use a password-protected ZIP or RAR attachment and the password is included in the content of the email. ” reads the analysis published by NTT Security. checks whether both username and password are filled in a dialog as an additional feature before clicking the OK button.”

Malware

Malware Phishing Passwords Media

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyber attacks against individual users or affiliated organizations.” Crooks obtain the information by conducting spear-phishing and ransomware attacks, or other means. To nominate, please visit:?.

Cybercrime

Cybercrime Education Accountability Phishing

Necro Python bot now enhanced with new VMWare, server exploits

Security Affairs

JUNE 4, 2021

Talos experts noticed that a version released on May 18 included Python versions of EternalBlue ( CVE-2017-0144 ) and EternalRomance ( CVE-2017-0147 ) exploits with a Windows download command line as the payload. SecurityAffairs – hacking, Necro Python bot). ” reads the analysis published by Talos. Pierluigi Paganini.

Malware

Malware Passwords DDOS IoT

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

JANUARY 28, 2019

The end game for this particular hacking ring is to install crypto currency mining routines on compromised Linux servers. Xbash gets rolling by infecting one device, which then serves as the launch pad for deeper hacking forays limited only by the attacker’s initiative. Use a password manager. Secure your phone.

Passwords

Passwords Password Management Antivirus Internet

HinataBot, a new Go-Based DDoS botnet in the threat landscape

Security Affairs

MARCH 17, 2023

The sample captured by the experts abuses old vulnerabilities and weak credentials, the researchers reported that it attempts to exploit flaws in the miniigd SOAP service on Realtek SDK devices ( CVE-2014-8361 ), Huawei HG532 routers ( CVE-2017-17215 ), and exposed Hadoop YARN servers (CVE N/A).

DDOS

DDOS Passwords Engineering Hacking

New Spook.Js attack allows to bypass Google Chrome Site Isolation protections

Security Affairs

SEPTEMBER 13, 2021

. “An attacker-controlled webpage can know which other pages from the same websites a user is currently browsing, retrieve sensitive information from these pages, and even recover login credentials (e.g., to recover the password. SecurityAffairs – hacking, Spook.Js). ” The experts deployed Spook.js

Passwords

Passwords Hacking Technology Information Security

Harvard Business Publishing licensee hit by ransomware

Security Affairs

OCTOBER 9, 2022

In total, the database leaked over 152,000 pieces of information pertaining to customers, such as emails, names, links to LinkedIn, Twitter, and Facebook profiles, and hashed passwords. The instance also contained 15 employee emails, names, and passwords protected by a weak SHA1-128bit hash. Dangerous leak. Pierluigi Paganini.

Ransomware

Ransomware Passwords Encryption Identity Theft

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Security Affairs

JUNE 22, 2021

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. “Recently, a new infection vector that cracks Windows machines through SMB password brute force is on the rise” reads the analysis published by AVAST. Pierluigi Paganini.

DNS

DNS Cryptocurrency Internet Internet

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Security Affairs

NOVEMBER 5, 2021

This ‘line of work’ is coordinated by the FSB’s 18th Center (Information Security Center) based in Moscow.” In the period 2017-2021 this group implemented the most numerous cyberintelligence actions on various vectors of public administration. SecurityAffairs – hacking, Gamaredon). “The SSU Cyber ??

Government

Government Software Cyber threats Cyber Attacks

China-linked APT10 Target Taiwan’s financial trading industry

Security Affairs

FEBRUARY 22, 2022

The group (also known as Cicada, Stone Panda , MenuPass group, Bronze Riverside, and Cloud Hopper ) has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide.

Technology

Technology Hacking Passwords Software

Developer of DDoS Mirai based botnets sentenced to prison

Security Affairs

JUNE 26, 2020

On August 2018, Schuchman has been indicted on federal computer hacking charges after rival hackers fingered him as the creator of a Mirai variant dubbed Satori that infected at least 500,000 internet routers around the word. Schuchman, Vamp, and Drake created the Satori botnet in between July and August 2017. Pierluigi Paganini.

DDOS

DDOS IoT Advertising Internet

NightLion hacker is selling details of 142 million MGM Resorts hotel guests

Security Affairs

JULY 14, 2020

million users who stayed at MGM Resorts hotels have been published on a hacking forum this week. The hacker claims to have obtained the database from the hack of the DataViper monitoring service operated by the security firm Night Lion Security. SecurityAffairs – hacking, data breach). ” reported ZDNet.

Data breaches

Data breaches Advertising Hacking Cybercrime

Hacking eCommerce sites based on OXID eShop by chaining 2 flaws

Security Affairs

JULY 30, 2019

Researchers at RIPS Technologies discovered vulnerabilities in the OXID eShop platform that could expose eCommerce websites to hack. Since the underlying database driver is per default set to PDO, an attacker can make use of stacked queries to insert a brand new admin user with a password of his choice. Pierluigi Paganini.

eCommerce

eCommerce Hacking Advertising Software

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Security Affairs

APRIL 14, 2022

According to the advisory that was issued with the help of leading cybersecurity firms (Dragos, Mandiant, Microsoft, Palo Alto Networks, and Schneider Electric), nation-state hacking groups were able to hack multiple industrial systems using a new ICS-focused malware toolkit dubbed PIPEDREAM that was discovered in early 2022.

Passwords

Passwords Architecture Backups Cyber Attacks

DirtyMoe modules expand the bot using worm-like techniques

Security Affairs

MARCH 21, 2022

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. SecurityAffairs – hacking, botnet). The post DirtyMoe modules expand the bot using worm-like techniques appeared first on Security Affairs. Pierluigi Paganini.

Malware

Malware Passwords DDOS Internet

Texas man sentenced to 145 months in federal prison for hacking Los Angeles Superior Court

Security Affairs

OCTOBER 23, 2019

A Texas man found guilty of hacking the Los Angeles Superior Court (LASC) computer system and used it to send out phishing emails. A Texas man, Oriyomi Sadiq Aloba (33), was found guilty of hacking the Los Angeles Superior Court (LASC) computer system and abusing it to send out roughly 2 million phishing messages. Pierluigi Paganini.

Hacking

Hacking Phishing Identity Theft Advertising

Data from Sephora and StreetEasy data breaches added to HIBP

Security Affairs

OCTOBER 7, 2019

The StreetEasy data breach took place in the mid-2016 and exposed 988k records that included names, usernames, email addresses and SHA-1 password hashes. Impacted data includes names, usernames, email addresses and SHA-1 password hashes. “In approximately January 2017, the beauty store Sephora suffered a data breach.

Data breaches

Data breaches Passwords Advertising Cybercrime

Threat actors are offering for sale 550 million stolen user records

Security Affairs

MAY 15, 2020

million January 2017 CafeMom.com 2.6 million October 2017 ModaOperandi.com 1.3 Those who have their account exposed in one of the above incidents are recommended to change their password. SecurityAffairs – threat actors, hacking). million December 2018 Shein.com 42 million June 2018 Fotolog.com 33.5 Pierluigi Paganini.

Data breaches

Data breaches Advertising Passwords Hacking

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

It uses a list of hardcoded username/password combinations to login into devices in the attempt to access systems using weak or default credentials. Please vote for Security Affairs and Pierluigi Paganini in every category that includes them (e.g. SecurityAffairs – hacking, EnemyBot). LFI CVE-2018-16763 Fuel CMS 1.4.1

Malware

Malware DDOS IoT Cybercrime

Security Affairs newsletter Round 318

Security Affairs

JUNE 13, 2021

SecurityAffairs – hacking, newsletter). The post Security Affairs newsletter Round 318 appeared first on Security Affairs. million customers impacted. million customers impacted. million customers impacted. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Data breaches

Data breaches Hacking Cryptocurrency Scams

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

After identifying a critical Remote Authentication Dial-In User Service (RADIUS) server, the cyber actors gained credentials to access the underlying Structured Query Language (SQL) database [ T1078 ] and utilized SQL commands to dump the credentials [ T1555 ], which contained both cleartext and hashed passwords for user and administrative accounts.”

Telecommunications

Telecommunications Authentication Passwords Accountability

BlueCharlie changes attack infrastructure in response to reports on its activity

Security Affairs

AUGUST 6, 2023

The APT group has been active since at least 2017, its campaigns involve persistent phishing and credential theft campaigns leading to intrusions and data theft. The APT primarily targets NATO countries, but experts also observed campaigns targeting the Baltics, Nordics, and Eastern Europe regions, including Ukraine.

Phishing

Phishing Social Engineering Authentication Cryptocurrency

American Insurance firm State Farm victim of credential stuffing attacks

Security Affairs

AUGUST 7, 2019

This kind of attacks is very efficient due to the bad habit of users of reusing the same password over multiple services. During our investigation, we determined that the bad actor possessed the user ID and password for your State Farm online account.” The experts detected 8.3 billion per month.

Insurance

Insurance Data breaches Financial Services Passwords

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes

Webinars

Trending Sources

Ticketmaster will pay $10 Million fine over hacking a competitor

Webinars

Millions of devices could be hacked exploiting flaws targeted by tools stolen from FireEye

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

TP-Link Archer routers allow remote takeover without passwords

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Alleged FruitFly malware creator ruled incompetent to stand trial

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

TA547 targets German organizations with Rhadamanthys malware

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

New Lucifer DDoS botnet targets Windows systems with multiple exploits

CIA elite hacking unit was not able to protect its tools and cyber weapons

Chinese actors behind attacks on industrial enterprises and public institutions

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

PurpleFox malware infected at least 2,000 computers in Ukraine

A new Zerobot variant spreads by exploiting Apache flaws

Hackers claim to have compromised 50,000 home cameras and posted footage online

Uptick in RPA Software Adoption Reveals Need for Anti-Hacking Training

LockBit gang demands a $70 million ransom to the semiconductor manufacturing giant TSMC

Admins of Genesis Market marketplace sold their infrastructure on a hacker forum

China-linked BlackTech APT uses new Flagpro malware in recent attacks

FBI: Compromised US academic credentials available on various cybercrime forums

Necro Python bot now enhanced with new VMWare, server exploits

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

HinataBot, a new Go-Based DDoS botnet in the threat landscape

New Spook.Js attack allows to bypass Google Chrome Site Isolation protections

Harvard Business Publishing licensee hit by ransomware

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

China-linked APT10 Target Taiwan’s financial trading industry

Developer of DDoS Mirai based botnets sentenced to prison

NightLion hacker is selling details of 142 million MGM Resorts hotel guests

Hacking eCommerce sites based on OXID eShop by chaining 2 flaws

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

DirtyMoe modules expand the bot using worm-like techniques

Texas man sentenced to 145 months in federal prison for hacking Los Angeles Superior Court

Data from Sephora and StreetEasy data breaches added to HIBP

Threat actors are offering for sale 550 million stolen user records

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs newsletter Round 318

China-linked threat actors have breached telcos and network service providers

BlueCharlie changes attack infrastructure in response to reports on its activity

American Insurance firm State Farm victim of credential stuffing attacks

Stay Connected