Krebs on Security

MAY 22, 2025

government today unsealed criminal charges against 16 individuals accused of operating and selling DanaBot , a prolific strain of information-stealing malware that has been sold on Russian cybercrime forums since 2018. DanaBot’s features, as promoted on its support site. Image: welivesecurity.com.

Malware 267

Malware Cybercrime Government Banking 267

Security Boulevard

APRIL 9, 2025

NIST, which for more than a year has been struggling to address a backlog of CVEs in its database following budget cuts, is now putting pre-2018 vulnerabilities on the back burner to give itself more time to address the rapidly growing number of new software security flaws.

Software 71

Software Security Awareness Mobile Risk 71

Schneier on Security

NOVEMBER 5, 2024

I’ve been writing about the possibility of AIs automatically discovering code vulnerabilities since at least 2018. This is an ongoing area of research: AIs doing source code scanning, AIs finding zero-days in the wild, and everything in between. The AIs aren’t very good at it yet, but they’re getting better.

Software 311

Software Artificial Intelligence 311

Adam Shostack

JANUARY 2, 2025

The 2018 Gavle Goat is up and tweeting at @gavelebocken. The Gavle Goat is up. Previously.

130

130

Adam Shostack

JANUARY 2, 2025

What would you like me to cover in my Blackhat talk, " Threat Modeling in 2018 ?" So this week's threat model Thursday is simply two requests: What would you like to see in the series? Attacks always get better, and that means your threat modeling needs to evolve.

Media 130

Media Engineering 130

Adam Shostack

JANUARY 2, 2025

Check out my talk from Blackhat 2018 Blackhat has released all the 2018 US conference videos. My threat modeling in 2018 video is, of course, amongst them. Slides are linked here.

130

130

Adam Shostack

JANUARY 2, 2025

STRIDE Machine Learning Conflict And of course, because it's 2018, there's cat videos and emoji to augment logic. The current core outline is: What are we working on The fast moving world of cyber The agile world Models are scary What can go wrong? Threats evolve! Yeah, that's the word. Wednesday, August 8 at 2:40 PM. *

130

130

Adam Shostack

JANUARY 2, 2025

The slides from my Blackhat talk, " Threat Modeling in 2018: Attacks, Impacts and Other Updates " are now available either as a PDF or online viewer. The slides from my Blackhat talk are now available.

130

130

Krebs on Security

JUNE 25, 2021

” Western Digital’s brief advisory includes a link to an entry in the National Vulnerability Database for CVE-2018-18472. Examine the CVE attached to this flaw and you’ll notice it was issued in 2018. We are actively investigating the issue and will provide an updated advisory when we have more information.”

Internet 343

Internet Internet Backups Small Business 343

Digital Shadows

MARCH 17, 2025

Key Findings Even years after their disclosure, VPN-related vulnerabilities like CVE-2018-13379 and CVE-2022-40684 remain essential tools for attackers, driving large-scale campaigns of credential theft and administrative control. CVE-2018-13379: The Eternal Exploit What is CVE-2018-13379?

VPN 133

VPN Authentication Ransomware Risk 133

Krebs on Security

DECEMBER 19, 2024

But a review of this Araneida nickname on the cybercrime forums shows they have been active in the criminal hacking scene since at least 2018. That user, “ Exorn ,” has posts dating back to August 2018. THE TURKISH CONNECTION Silent Push notes that the website where Araneida is being sold — araneida[.]co

Hacking 259

Hacking Cybercrime Advertising Data breaches 259

Malwarebytes

OCTOBER 18, 2024

The vulnerability, tracked as CVE-2024-44133 was fixed in the September 16 update for Mac Studio (2022 and later), iMac (2019 and later), Mac Pro (2019 and later), Mac Mini (2018 and later), MacBook Air (2020 and later), MacBook Pro (2018 and later), and iMac Pro (2017 and later).

Adware 143

Adware Spyware Mobile Technology 143

Schneier on Security

APRIL 5, 2024

The FCC has also asked carriers to detail any exploits of the protocols since 2018. The regulator wants to know the date(s) of the incident(s), what happened, which vulnerabilities were exploited and with which techniques, where the location tracking occurred, and ­ if known ­ the attacker’s identity.

Surveillance 329

Surveillance Telecommunications 329

The Hacker News

FEBRUARY 20, 2025

Cisco has confirmed that a Chinese threat actor known as Salt Typhoon gained access by likely abusing a known security flaw tracked as CVE-2018-0171, and by obtaining legitimate victim login credentials as part of a targeted campaign aimed at major U.S. telecommunications companies.

Telecommunications 125

Telecommunications 125

Troy Hunt

APRIL 29, 2021

You can read more about government access in the initial post from 2018. Romania joins a steadily growing number of governments across the globe to have free and unrestricted access to API-based domain searches for their assets in HIBP.

Government 363

Government Data breaches 363

Troy Hunt

MARCH 6, 2024

Back in 2018, we started making Have I Been Pwned domain searches freely available to national government cybersecurity agencies responsible for protecting their nations' online infrastructure. Today, we're very happy to welcome Germany as the 35th country to use this service, courtesy of their CERTBund department.

Government 348

Government Data breaches Cybersecurity 348

Adam Shostack

JANUARY 2, 2025

[no description provided] I'm at the OWASP AppSec Cali event, and while there's now there'll be video , I'm taking notes: Context for the talk What fails during the development process? Incomplete requirements, non-secure design, lack of security mindset, leaky development These failures are threats which can be mitigated. (eg,

Risk 130

Risk 130

Schneier on Security

JULY 28, 2021

Carriers were caught in 2018 selling real-time location data to brokers , drawing the ire of Congress. The Pillar says it obtained 24 months’ worth of “commercially available records of app signal data” covering portions of 2018, 2019, and 2020, which included records of Grindr usage and locations where the app was used.

Mobile 363

Mobile Advertising Data collection Surveillance 363

Penetration Testing

APRIL 8, 2025

Vidar Stealer, a notorious information-stealing malware that first emerged in 2018, continues to pose a significant threat by employing new distribution methods and evasion techniques. G DATA Security Lab’s analysis has uncovered a recent instance where Vidar Stealer was disguised within a legitimate system information tool.

Malware 115

Malware Cybersecurity 115

Krebs on Security

JULY 23, 2020

Worse still, the DFS found, the vulnerability was discovered in a penetration test First American conducted on its own in December 2018. But in Wednesday’s filing, the DFS said First American was unable to determine whether records were accessed prior to Jun 2018.

Insurance 359

Insurance Financial Services Penetration Testing Scams 359

Krebs on Security

AUGUST 16, 2020

In fact, CVE-2020-1464 was first spotted in attacks used in the wild back in August 2018. The last time that August 2018 file was scanned at VirusTotal (Aug 14, 2020), it was detected as a malicious Java trojan by 28 of 59 antivirus programs. And several researchers informed Microsoft about the weakness over the past 18 months.

Antivirus 363

Antivirus Malware Software 363

Security Affairs

NOVEMBER 1, 2024

ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, CVE-2018-4404) to deliver macOS implants. The experts noticed that a portion of the CVE-2018-4404 exploit is likely borrowed from the Metasploit framework.

Spyware 143

Spyware Media Hacking Malware 143

Adam Shostack

JANUARY 2, 2025

[no description provided] I really enjoyed being part of this panel. I felt we had a good mix of experience and some really interesting conversations.

130

130

Security Affairs

OCTOBER 15, 2024

In November 2018, Symantec first discovered the FastCash Trojan , which was used by the North Korea-linked APT group Lazarus in a series of attacks against ATMs. The cybersecurity researcher HaxRob analyzed a new variant of the FASTCash “payment switch” malware which targets Linux systems. LTS distributions.

Malware 134

Malware Banking Hacking Accountability 134

Krebs on Security

FEBRUARY 4, 2020

The government says Quantum Stresser had more than 80,000 customer subscriptions, and that during 2018 the service was used to conduct approximately 50,000 actual or attempted attacks targeting people and networks worldwide. and international authorities in December 2018 as part of a coordinated takedown targeting attack-for-hire services.

Internet 350

Internet Internet Government Accountability 350

Krebs on Security

FEBRUARY 19, 2020

Networking software giant Citrix Systems says malicious hackers were inside its networks for five months between 2018 and 2019, making off with personal and financial data on company employees, contractors, interns, job candidates and their dependents. 13, 2018 and Mar. 28, 2018, a claim Citrix initially denied but later acknowledged.

VPN 363

VPN Passwords Software Telecommunications 363

Adam Shostack

JANUARY 2, 2025

In the United States in 2018, an estimated 40,000 people lost their lives in car crashes, and 4.5 And while an emergency stop may certainly be a risk minimizing action in some circumstances, describing it as such is surprising, especially when presented in contrast to a "safe stop" maneuver. million people were seriously injured.

Risk 189

Risk Architecture Manufacturing Cybersecurity 189

Schneier on Security

NOVEMBER 30, 2022

Total GDPR fines are over €2 billion (EUR) since 2018. Facebook—Meta—was just fined $276 million (USD) for a data leak that included full names, birth dates, phone numbers, and location. Meta’s total fine by the Data Protection Commission is over $700 million.

270

270

SecureWorld News

NOVEMBER 17, 2024

A multifaceted regulatory environment The Data Protection Act 2018, implementing the EU's GDPR, imposes significant obligations on organizations to handle personal data responsibly. This challenge is especially prevalent for UK small and medium-sized enterprises (SMEs) which account for 99.9% of the UK's business population, 5.5

Cybersecurity 120

Cybersecurity Risk Healthcare Accountability 120

Schneier on Security

MAY 2, 2024

It banned default passwords in 2018, the law taking effect in 2020. The Product Security and Telecommunications Infrastructure Act 2022 (PSTI) introduces new minimum-security standards for manufacturers, and demands that these companies are open with consumers about how long their products will receive security updates for.

Passwords 336

Passwords IoT Manufacturing Telecommunications 336

Krebs on Security

FEBRUARY 17, 2021

million in a 2018 ATM cash out scheme targeting a Pakistani bank; and a total of $112 million in virtual currencies stolen between 2017 and 2020 from cryptocurrency companies in Slovenia, Indonesia and New York. Park was previously charged in 2018 in connection with the WannaCry and Sony Pictures attacks. Image: CISA.

Cryptocurrency 352

Cryptocurrency Financial Services Banking Government 352

Security Affairs

DECEMBER 25, 2024

In 2018, the Lazarus APT group targeted several cryptocurrency exchanges , including the campaign tracked as Operation AppleJeus discovered in August 2018. The FBI will continue to expose and combat the DPRKs use of illicit activitiesincluding cybercrime and virtual currency theftto generate revenue for the regime. FBI concludes.

Cryptocurrency 124

Cryptocurrency Social Engineering Hacking Cybercrime 124

Troy Hunt

JUNE 9, 2021

TB of private data and the first sentence sets the scene: Between 2018 and 2020, a custom Trojan-type malware infiltrated over 3 million Windows-based computers and stole 1.2 (Full disclosure: I'm a strategic advisor for NordVPN who shares the same parent company.) NordLocker has written about the nameless malware that stole 1.2

Malware 363

Malware 363

Schneier on Security

NOVEMBER 30, 2021

After planning began in mid-2018, the Long-Term Retention Lab was up and running in the second half of 2019. The warehouse stores around 3,000 pieces of hardware and software, going back about a decade.

Technology 325

Technology Engineering Software Cybersecurity 325

Schneier on Security

JANUARY 25, 2023

We know Cybercom did similar things in 2018 and 2020, and presumably will again in two years. . “We were doing operations well before the midterms began, and we were doing operations likely on the day of the midterms.” ” And they continued until the elections were certified, he said.

Hacking 305

Hacking Cybersecurity 305

Krebs on Security

SEPTEMBER 14, 2020

Curiously, in May 2018, its WHOIS ownership records switched to a new name with the same initials: one “ Jonathan Bibi ,” with an address in the offshore company haven of Seychelles. Likewise, Mr. Among those is acheterdubitcoin.org , a business that was blacklisted by French regulators in 2018 for promoting cryptocurrency scams.

Scams 359

Scams Cryptocurrency Accountability Technology 359

Troy Hunt

JULY 2, 2025

Partnering with 1Password in 2018 helped, but the impact of data breaches goes well beyond the exposure of passwords, so a couple of months ago, I wrote about finding new partners to help victims "after the breach" , Today, I'm very happy to welcome the first such partner, Truyu.

Data breaches 188

Data breaches Financial Services Passwords Hacking 188