Security Affairs

JULY 15, 2020

CIA orchestrated dozens of hacking operations against targets worldwide, including APT34 and FSB hacks, states an exclusive report from Yahoo News. In 2018, Trump signed the Presidential_finding that authorizes covert operations of the Central Intelligence Agency (CIA). officials with direct knowledge of the matter.”

Banking 100

Banking Hacking Advertising Media 100

Security Affairs

DECEMBER 30, 2020

Customer proprietary network information (CPNI) is the data collected by telecommunications companies about a consumer’s telephone calls. In March 2020, T-Mobile was the victim of a sophisticated cyber attack that targeted its email vendor, the incident exposed customer and financial data. Pierluigi Paganini.

Data breaches 131

Data breaches Mobile Telecommunications Wireless 131

Krebs on Security

SEPTEMBER 23, 2021

In October 2016, media outlets reported that data collected by some of the world’s most renowned cybersecurity experts had identified frequent and unexplained communications between an email server used by the Trump Organization and Alfa Bank , one of Russia’s largest financial institutions. In 2018, U.S.

Banking 363

Banking DNS Internet Internet 363

Security Affairs

NOVEMBER 15, 2022

The authorities started the investigation into Google collection practice following a 2018 Associated Press article that revealed Google “records your movements even when you explicitly tell it not to.”. SecurityAffairs – hacking, privacy). Follow me on Twitter: @securityaffairs and Facebook and Mastodon. Pierluigi Paganini.

Consumer Protection 83

Consumer Protection Accountability Data collection Advertising 83

Security Affairs

JANUARY 2, 2023

The authorities started the investigation into Google collection practice following a 2018 Associated Press article that revealed Google “records your movements even when you explicitly tell it not to.”. SecurityAffairs – hacking, privacy). Follow me on Twitter: @securityaffairs and Facebook and Mastodon. Pierluigi Paganini.

Consumer Protection 88

Consumer Protection Surveillance Data collection Accountability 88

Security Affairs

NOVEMBER 28, 2020

Experts from threat intelligence firm KELA , speculate the threat actor could have obtained the credentials buying “Azor logs,” which are lots of data stolen from computers infected with the AzorUlt info-stealer trojan. SecurityAffairs – hacking, executive). Pierluigi Paganini.

Accountability 103

Accountability Cybercrime Hacking Retail 103

Security Affairs

DECEMBER 10, 2020

Go versions of the backdoor were used since 2018 , they initially start collecting info on the compromised system, and then sends it to the command and control server. SecurityAffairs – hacking, Zebrocy). ” Pierluigi Paganini.

Malware 104

Malware Phishing Government Data collection 104

Security Affairs

MAY 18, 2019

Even if in Italy the cells of the popular Anonymous collective are very active , the overall number of hacktivist attacks that caused in quantifiable damage to the victim has declined by 95 percent since 2015. Researchers analyzed data collected by IBM’s X-Force threat intelligence unit between 2015 and 2019. Pierluigi Paganini.

Advertising 68

Advertising Data collection DDOS Healthcare 68

Security Affairs

JUNE 21, 2019

Experts at Symantec observed in the last eighteen months at least three distinct campaigns, each using a different set of hacking tools. SecurityAffairs – Turla, hacking). In June, ESET researchers observed the Russia-linked cyberespionage group using weaponizing PowerShell scripts in attacks against EU diplomats. Pierluigi Paganini.

Government 78

Government Advertising Hacking Data collection 78

Malwarebytes

JANUARY 16, 2024

He was rumored to have hacked into his high school’s computer system, although those rumors were never confirmed. Following numerous requests by the defense and changes in Durachinsky’s legal representation, he was finally arraigned nearly a year later, on January 19, 2018. The FBI found a laptop in Durachinsky’s room.

Malware 87

Malware Passwords Identity Theft Data collection 87

Krebs on Security

JANUARY 11, 2022

But in more recent years, Wazawaka has focused on peddling access to organizations and to databases stolen from hacked companies. In 2018, Wazawaka registered a slew of domains spoofing the real domain for the Hydra dark web market. “Come, rob, and get dough!,” “Show them who is boss.” ” WHO IS WAZAWAKA?

DDOS 273

DDOS Accountability Cybercrime Ransomware 273

Security Affairs

OCTOBER 10, 2018

Security firm Group-IB has estimated that in H2 2017-H1 2018 cyber attacks caused $49.4 Group-IB, an international company that specializes in preventing cyber attacks, has estimated that in H2 2017-H1 2018 cyber attacks caused $49.4 million (2.96 billion rubles) of damage to Russia’s financial sector. million (2.96 million (2.96

Cyber Attacks 83

Cyber Attacks Banking Cyber threats Phishing 83

Security Affairs

MARCH 7, 2019

” In April 2018, Akamai reported that threat actors compromised 65,000 home routers by exploiting vulnerabilities in Universal Plug’N’Play (UPnP) , experts tracked the botnet as UPnProxy. In December 2018 the company provided an update to its initial analysis revealing a disconcerting scenario, UPnProxy is still up and running.

Cyber Attacks 81

Cyber Attacks Advertising Firmware Data collection 81

Security Affairs

NOVEMBER 19, 2019

CERT-GIB’s report is based on data collected and analyzed by the Threat Detection System (TDS) Polygon as part of operations to prevent and detect threats distributed online in H1 2019 in more than 60 countries. In 2018, their number grew to 3.6%, while in H1 2019 saw an unusual rise of up to 27.8%. The revival of ransomware.

Ransomware 69

Ransomware Antivirus Malware Banking 69

SecureWorld News

JANUARY 26, 2021

In fact, New York's data breach notification law, the New York State Information Security Breach and Notification Act, has been active since December 2005. And recently, the data breach notification law has been amended and updated with the passage of the Stop Hacks and Improve Electronic Data Security Act (NY SHIELD Act), N.Y.

Data privacy 92

Data privacy Data collection Data breaches Cybersecurity 92

Security Affairs

MARCH 14, 2019

In the course of further research it was revealed that GMO JS Sniffer has presumably been collecting customer payment data since November 2018. Typically, after customer data is stolen, it is usually resold on underground cardshops. Group-IB’s Threat Intelligence team discovered that GMO has been active since May 2018.

eCommerce 85

eCommerce Marketing Data breaches Advertising 85

Security Affairs

NOVEMBER 15, 2018

According to Group-IB’s report published in September 2018, Silence gang members presumably were or are legally employed as pentesters and reverse engineers. The report “Silence: Moving into the darkside” was published in September 2018 and was the first to describe the group’s tactics and tools. About MoneyTaker.

Banking 98

Banking Computers and Electronics Phishing Cybercrime 98

Krebs on Security

JULY 18, 2022

net available at the Wayback Machine shows that in 2016 this domain was used for the “ ExE Bucks ” affiliate program, a pay-per-install business which catered to people already running large collections of hacked computers or compromised websites. Others are fairly opaque about their data collection and retention policies.

VPN 313

VPN Computers and Electronics Antivirus Software 313

Security Affairs

NOVEMBER 17, 2018

Group-IB Threat Intelligence continuously detects and analyses data uploaded to card shops all over the world,” – said Dmitry Shestakov, Head of Group-IB ?ybercrime According to Group-IB’s annual Hi-Tech Crime Trends 2018 report, on average, from June 2017 to August 2018, 1.8 ybercrime research unit.

Banking 91

Banking Cybercrime Advertising Data collection 91

Malwarebytes

MARCH 3, 2021

Detailed credentials for more than 21 million mobile VPN app users were swiped and advertised for sale online last week, offered by a cyber thief who allegedly stole user data collected by the VPN apps themselves. The data leak of SuperVPN, GeckoVPN, and ChatVPN. link] — Troy Hunt (@troyhunt) February 28, 2021.

VPN 145

VPN Passwords Internet Internet 145

Security Affairs

AUGUST 2, 2019

Proofpoint identified similarities between the macros utilized in this campaign and the attacks targeting Japanese corporations in 2018 and attributed to the China-linked APT10 group. The communications module transmits data collected by the RAT to the proxy tool. txt, and tempsodom.txt) when executed. SodomNormal?communications

Phishing 78

Phishing Malware Advertising Engineering 78

Security Affairs

DECEMBER 19, 2018

We first wrote about the Zebrocy tool in a blog that discussed Sofacy’s parallel attack campaigns during the first quarter of 2018, and more recently during Sofacy attacks in late October and early November. The Go variant of Zebrocy initially starts collecting info on the compromised system, then sends it to the command and control server.

Malware 88

Malware Advertising Data collection Phishing 88

Malwarebytes

JANUARY 28, 2021

The General Data Protection Regulation is a robust set of rules for data protection created by the European Union (EU), replacing much older rules from the 1990s. It was adopted in 2016 and enforcement began in 2018. Crucially, should you get your data protection wrong somewhere along the way, big fines may follow.

Advertising 60

Advertising Data privacy Adware Spyware 60

Security Affairs

JANUARY 27, 2020

JavaScript-sniffers (JS-sniffers) targeting ecommerce websites is a type of malicious JavaScript code, designed to steal customer payment and personal data such as credit card numbers, names, addresses, logins, phone numbers, and credentials from payment systems, and etc. Group-IB has been tracking the GetBilling JS-sniffer family since 2018.

Cybercrime 72

Cybercrime Marketing eCommerce Mobile 72

Security Affairs

OCTOBER 15, 2018

This information was first made public by experts from Group-IB’s Brand Protection team at the CyberCrimeCon 2018 international cybersecurity conference. GIB Threat Intelligence cyber threats data collection system has been named one of the best in class by Gartner, Forrester, and IDC. billion in 2017, compared to $1.2

Marketing 79

Marketing Phishing Media Engineering 79

SecureList

SEPTEMBER 28, 2022

During the carnival of 2016, a Brazilian bank realized that their ATMs had been hacked, with all the cash contained in those machines stolen. The backdoor would allow the attacker to empty the ATM socket by launching the malware interface and typing a code supplied by the mastermind, the code being specific to each ATM being hacked.

Malware 103

Malware Banking Software Encryption 103

Spinone

JULY 3, 2020

and you interact with their data in any way – you fall under the GDPR. You can remember the massive story with Facebook’s misuse of customer information in 2018; other big players like British Airways and Marriott International have also suffered from €200 million and €99 million GDPR fines , respectively.

Data breaches 52

Data breaches Marketing Data collection Antivirus 52

SecureList

FEBRUARY 16, 2023

Scammers sent a link to that page from hacked accounts, asking users to vote for their friends’ kids’ works. Both can be used to steal user data, collect information about the corporate network, and spread additional malware, such as ransomware. Scammers created a page on the telegra.ph

Phishing 96

Phishing Scams Accountability Energy and Utilities 96