2018, Hacking, Internet and Passwords - Cyber Security Informer

When Accounts are "Hacked" Due to Poor Passwords, Victims Must Share the Blame

Troy Hunt

NOVEMBER 7, 2018

It's just another day on the internet when the news is full of headlines about accounts being hacked. This is when hackers try usernames and password combos leaked in data breaches at other companies, hoping that some users might have reused usernames and passwords across services.

Passwords

Passwords Accountability Hacking Education

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

Media coverage understandably focused on GoDaddy’s admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group. But both SMS and app-based codes can be undermined by phishing attacks that simply request this information in addition to the user’s password.

Hacking

Hacking Social Engineering Phishing Scams

M?ris Bot infects MikroTik routers compromised in 2018

Security Affairs

SEPTEMBER 14, 2021

Last week, the Russian Internet giant Yandex has been targeting by the largest DDoS attack in the history of Runet, the Russian Internet designed to be independent of the world wide web and ensure the resilience of the country to an internet shutdown. If somebody got your password in 2018, just an upgrade will not help.

DDOS

DDOS Firewall Passwords Internet

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] com , a service that sold access to billions of passwords and other data exposed in countless data breaches. In 2019, a Canadian company called Defiant Tech Inc. Abusewith[.]us

Hacking

Hacking Accountability Data breaches Marketing

ShinyHunters hacked Pluto TV service, 3.2M accounts exposed

Security Affairs

NOVEMBER 15, 2020

million Pluto TV user accounts on a hacking forum for free, he claims they were stolen by ShinyHunters threat actor. million Pluto TV user records, he also added that the service was hacked by ShinyHunters. The dump includes PLUTO TV’s display name, email address, bcrypt hashed password, birthday, device platform, and IP address.

Accountability

Accountability Hacking Data breaches Passwords

Xwo Malware scans the Internet for Exposed Services, Default Passwords

Security Affairs

APRIL 5, 2019

Researchers at AT&T Alien Labs have spotted a malware called Xwo that is actively scanning the Internet for exposed web services and default passwords. Experts at AT&T Alien Labs discovered a new piece of malware called Xwo that is actively scanning the Internet for exposed web services and default passwords.

Internet

Internet Internet Passwords Malware

Over 23 million breached accounts were using ‘123456’ as password

Security Affairs

APRIL 29, 2019

A cyber survey conducted by the United Kingdom’s National Cyber Security Centre (NCSC) revealed that ‘123456’ is still the most hacked password. million user accounts worldwide were using ‘123456’ as password, while 7.7 The NCSC discovered that 23.2 million users were using ‘123456789’.

Passwords

Passwords Accountability Data breaches Advertising

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The above-mentioned AIDS Trojan hailing from the distant pre-Internet era was the progenitor of the trend, but its real-world impact was close to zero. The Archiveus Trojan from 2006 was the first one to use RSA cipher, but it was reminiscent of a proof of concept and used a static 30-digit decryption password that was shortly cracked.

Ransomware

Ransomware Hacking Encryption Penetration Testing

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

The Last Watchdog

APRIL 4, 2022

They are often unaware of the risks they take on, which can include hacking, fraud, phishing, and more. According to Forbes, “the first half of 2018 was marked by an increase in API-related data breaches, with the 10 largest companies reporting the loss of 63 million personal records.”

Hacking

Hacking Penetration Testing Data breaches Authentication

Evolution of threat landscape for IoT devices – H1 2018

Security Affairs

SEPTEMBER 19, 2018

In the first six months of 2018, the experts observed a number of malware samples that was up three times as many samples targeting IoT devices as in the whole of 2017. Top 10 countries from which Kaspersky traps were hit by Telnet password attacks is led by Brazil, China, and Japan. Security Affairs – IoT devices, hacking ).

IoT

IoT Passwords Malware Advertising

SEC Sanctions Several Companies over Email Account Hacking

Hacker Combat

SEPTEMBER 6, 2021

A statement from the SEC read as follows: “According to SEC, it has penalized eight companies in three actions for negligence of their cyber protection guidelines and procedures that stimulated email account hacks exposing personal data of numerous clients and customers in each firm.” . Often, hackers use phishing emails to target employees.

Accountability

Accountability Hacking Financial Services Data breaches

wget utility potential leaked password via extended filesystem attributes

Security Affairs

JANUARY 2, 2019

GNU Wget is a free software package for retrieving files using HTTP, HTTPS, FTP and FTPS the most widely-used Internet protocols. The flaw, tracked as CVE-2018-20483 , could allow local users to obtain sensitive information (e.g., link] — Hector Martin (@marcan42) December 25, 2018. SecurityAffairs – wget, hacking).

Passwords

Passwords Advertising Internet Internet

PurpleFox malware infected at least 2,000 computers in Ukraine

Security Affairs

FEBRUARY 2, 2024

. “As part of a detailed study of the cyber threat, a study of the received samples of malicious programs was conducted, the peculiarities of the functioning of the management server infrastructure were established, and more than 2,000 affected computers were identified in the Ukrainian segment of the Internet.”

Malware

Malware Internet Internet DDOS

Why 83 Percent of Large Companies Are Vulnerable to This Basic Domain Hack

Adam Levin

JULY 8, 2020

A whopping 97 percent failed to use DNSSEC , a domain security protocol designed to address core vulnerabilities in the foundations of the internet itself. Hackers were also quick to pounce on the disruption caused by the 2018 shutdown of the U.S. ” Hacking campaigns exploiting poor domain name security can be more subtle.

Hacking

Hacking Retail Cyber Insurance Authentication

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

The Last Watchdog

MARCH 4, 2019

Related: We’re in the midst of ‘cyber Pearl Harbor’ Peel back the layers of just about any sophisticated, multi-staged network breach and you’ll invariably find memory hacking at the core. That’s Gartner’s estimate of global spending on cybersecurity in 2017 and 2018. This quickly gets intricately technical.

Hacking

Hacking Energy and Utilities System Administration Accountability

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

Microsoft Threat Intelligence Center (MSTIC) researchers discovered a new variant of the Zerobot botnet (aka ZeroStresser) that was improved with the capabilities to target more Internet of Things (IoT) devices. Ensure secure configurations for devices: Change the default password to a strong one, and block SSH from external access.

IoT

IoT DDOS Malware Firmware

Experts observed the growth of hi-tech crime landscape in Asia in 2018

Security Affairs

MARCH 19, 2019

Security experts at Group-IB presented at Money2020 Asia the results of an interesting analysis of hi-tech crime landscape in Asia in 2018. The number of leaked cards increased in 2018 by 56%. The total underground market value of Singaporean banks’ cards compromised in 2018 is estimated at nearly $640 000.

Banking

Banking Government Passwords Marketing

G Suite users’ passwords stored in plain-text for more than 14 years

Security Affairs

MAY 22, 2019

Google accidentally stored the passwords of its G Suite users in plain-text for 14 years allowing its employees to access them. The news is disconcerting, Google has accidentally stored the passwords of the G Suite users in plain-text for 14 years, this means that every employee in the company was able to access them.

Passwords

Passwords Encryption Advertising Accountability

PlugwalkJoe Does the Perp Walk

Krebs on Security

JULY 26, 2021

One day after last summer’s mass-hack of Twitter , KrebsOnSecurity wrote that 22-year-old British citizen Joseph “PlugwalkJoe” O’Connor appeared to have been involved in the incident. From there, the attackers can reset the password for any online account that allows password resets via SMS. When the U.S.

Media

Media Hacking Accountability Scams

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

Krebs on Security

MARCH 31, 2020

Ueland said after hearing about the escrow.com hack Monday evening he pulled the domain name system (DNS) records for escrow.com and saw they were pointing to an Internet address in Malaysia — 111.90.149[.]49 com was identical to the one displayed by escrow.com while the site’s DNS records were hacked.

Phishing

Phishing DNS Social Engineering Accountability

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

JANUARY 28, 2019

Consider that most of us spend more time navigating the Internet on our laptops and smartphones than we do behind the wheel of a car. The end game for this particular hacking ring is to install crypto currency mining routines on compromised Linux servers. Use a password manager. percent, according to tech consultancy Gartner.

Passwords

Passwords Password Management Antivirus Internet

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Security Affairs

JUNE 22, 2021

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. “Recently, a new infection vector that cracks Windows machines through SMB password brute force is on the rise” reads the analysis published by AVAST. Pierluigi Paganini.

DNS

DNS Cryptocurrency Internet Internet

A Closer Look at the Snatch Data Ransom Group

Krebs on Security

SEPTEMBER 30, 2023

” New York City-based cyber intelligence firm Flashpoint said the Snatch ransomware group was created in 2018, based on Truniger’s recruitment both on Russian language cybercrime forums and public Russian programming boards. ” In at least some of those recruitment ads — like one in 2018 on the forum sysadmins[.]ru

Ransomware

Ransomware Accountability Cybercrime Backups

US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns

Security Affairs

FEBRUARY 10, 2022

The FBI reported that US citizens have lost more than $68 million to SIM swapping attacks in 2021, the number of complaints since 2018 and associated losses have increased almost fivefold. Do not provide your mobile number account information over the phone to representatives that request your account password or pin.

Mobile

Mobile Cryptocurrency Authentication Accountability

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Krebs on Security

JANUARY 22, 2019

In July 2018, email users around the world began complaining of receiving spam which began with a password the recipient used at some point in the past and threatened to release embarrassing videos of the recipient unless a bitcoin ransom was paid. based domain name registrar and hosting provider.

DNS

DNS Internet Internet Computers and Electronics

New Lucifer DDoS botnet targets Windows systems with multiple exploits

Security Affairs

JUNE 26, 2020

A new botnet, tracked as Lucifer, appeared in the threat landscape, it leverages close to a dozen exploits to hack Windows systems. Once compromised the system, the attacker can execute arbitrary commands on the infected device, experts noticed that the bot could target Windows hosts on both the internet and intranet.

DDOS

DDOS Malware Advertising Passwords

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

After identifying a critical Remote Authentication Dial-In User Service (RADIUS) server, the cyber actors gained credentials to access the underlying Structured Query Language (SQL) database [ T1078 ] and utilized SQL commands to dump the credentials [ T1555 ], which contained both cleartext and hashed passwords for user and administrative accounts.”

Telecommunications

Telecommunications Authentication Passwords Accountability

Developer of DDoS Mirai based botnets sentenced to prison

Security Affairs

JUNE 26, 2020

On August 2018, Schuchman has been indicted on federal computer hacking charges after rival hackers fingered him as the creator of a Mirai variant dubbed Satori that infected at least 500,000 internet routers around the word. In April 2018, Schuchman develops a new DDoS botnet alone, it was based on the Qbot malware family.

DDOS

DDOS IoT Advertising Internet

Ticketmaster Hacked Competitor to Steal Data & Analytics, Fined Millions

SecureWorld News

JANUARY 4, 2021

Ticketmaster executives and employees emailed each other about the benefits of these hacks. How did the Ticketmaster hacking scheme get started? And soliciting, as we're about to see, led to 'computer intrusion' or hacking. What did they want? Access to a competitor's data and analytics relating to concert ticket pre-sales.

Hacking

Hacking Passwords Education Internet

Ad Network Sizmek Probes Account Breach

Krebs on Security

MARCH 13, 2019

In a recent posting to a Russian-language cybercrime forum, an individual who’s been known to sell access to hacked online accounts kicked off an auction for “the admin panel of a big American ad platform.” ” PASSWORD SPRAYING. “It seemed like [the screenshots were accounts from] past employees.

Accountability

Accountability Passwords Advertising Penetration Testing

Chaining three critical vulnerabilities allows takeover of D-Link routers

Security Affairs

OCTOBER 17, 2018

The flaws are a Directory Traversal (CVE-2018-10822), Password stored in plaintext (CVE-2018-10824), and a Shell command injection (CVE-2018-10823). Researchers found a directory traversal vulnerability, tracked as CVE-2018-10822, that could be exploited by remote attackers to read arbitrary files using an HTTP request.

Passwords

Passwords Advertising Internet Internet

Millions put at risk by old, out of date routers

Malwarebytes

MAY 7, 2021

a consumer watchdog in the UK, recently released its findings about routers issued by UK Internet Service Providers (ISPs). found: * Weak default passwords. These passwords can be easily guessed by hackers, are common across devices and could grant someone access. Below are the old router vulnerabilities Which?

Risk

Risk Passwords Internet Internet

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

guru show that in 2018 the domains were forwarding incoming email to the address obelisk57@gmail.com. has been associated with the user Kerens on the Russian hacking forum Exploit from 2011 to the present day. has been associated with the user Kerens on the Russian hacking forum Exploit from 2011 to the present day.

Malware

Malware Antivirus Cybercrime Hacking

Information Disclosure flaw allows attackers to find Huawei routers with default credentials

Security Affairs

DECEMBER 23, 2018

The flaw, tracked as CVE-2018-7900, resides in the router administration panel and allows credentials information to leak. An attacker could use IoT search engines such as ZoomEye or Shodan to scan the internet for devices having default passwords. “The attacker does not need to scan the internet for finding the devices.

IoT

IoT Internet Internet Passwords

ZoomEye IoT search engine cached login passwords for tens of thousands of Dahua DVRs

Security Affairs

JULY 16, 2018

A security researcher discovered that the IoT search engine ZoomEye has cached login passwords for tens of thousands of Dahua DVRs. The IoT search engine ZoomEye has cached login passwords for tens of thousands of Dahua DVRs, the discovery was made by security researcher Ankit Anubhav, Principal Researcher at NewSky Security.

IoT

IoT Engineering Passwords Firmware

Why & Where You Should You Plant Your Flag

Krebs on Security

AUGUST 12, 2020

As KrebsOnSecurity observed back in 2018 , many people — particularly older folks — proudly declare they avoid using the Web to manage various accounts tied to their personal and financial data — including everything from utilities and mobile phones to retirement benefits and online banking services. In 2018, the U.S.

Accountability

Accountability Mobile Banking Passwords

ASUS addressed critical flaws in some router models

Security Affairs

JUNE 19, 2023

The firmware released by the company addressed nine vulnerabilities, including CVE-2023-28702, CVE-2023-28703, CVE-2023-31195, CVE-2022-46871, CVE-2022-38105, CVE-2022-35401, CVE-2018-1160, CVE-2022-38393, and CVE-2022-26376. CVE-2018-1160 is an out-of-bounds write issue that resides in dsi_opensess.c.

Firmware

Firmware VPN Wireless Passwords

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

Security Affairs

FEBRUARY 10, 2022

The FBI reported that US citizens have lost more than $68 million to SIM swapping attacks in 2021, the number of complaints since 2018 and associated losses have increased almost fivefold. Do not provide your mobile number account information over the phone to representatives that request your account password or pin.

Banking

Banking Accountability Mobile Cryptocurrency

Russia-linked Energetic Bear APT behind San Francisco airport attacks

Security Affairs

APRIL 15, 2020

Security researchers from ESET revealed that the infamous Russian hacker group known as Energetic Bear is behind the hack of two San Francisco International Airport (SFO) websites. The SFO ITT urges anyone who even visited either website using the Internet Explorer web browser to change the device’s password.

Data breaches

Data breaches Passwords Telecommunications Advertising

Podcast Episode 140: passwords are dying. What will replace them?

The Security Ledger

APRIL 2, 2019

Alpha-numeric passwords have been with us almost since the dawn of the computing age. The post Podcast Episode 140: passwords are. Alpha-numeric passwords have been with us almost since the dawn of the computing age. Half a century later, the password has long since outlived its usefulness. Read the whole entry. »

Passwords

Passwords Authentication Technology IoT

Hanging Up on Mobile in the Name of Security

Krebs on Security

AUGUST 16, 2018

Terpin alleges that crooks stole almost $24 million worth of cryptocurrency after fraudulently executing a “SIM swap” on his mobile phone account at AT&T in early 2018. According to Terpin, this was the second time in six months someone had hacked his AT&T number. On June 11, 2017, Terpin’s phone went dead.

Mobile

Mobile Cryptocurrency Accountability Authentication

Iran-linked DEV-0270 group abuses BitLocker to encrypt victims’ devices

Security Affairs

SEPTEMBER 9, 2022

. “In many of the observed DEV-0270 instances, the actor gained access by exploiting known vulnerabilities in Exchange or Fortinet ( CVE-2018-13379 ). DefaultAccount with a password of P@ssw0rd1234). The group is typically opportunistic in its targeting, it scans the internet to find vulnerable servers and devices.

Encryption

Encryption Internet Internet Firewall

Mysterious custom malware used to steal 1.2TB of data from million PCs

Security Affairs

JUNE 11, 2021

million Windows systems between 2018 and 2020. The software includes illegal Adobe Photoshop 2018, a Windows cracking tool, and several cracked games.” Most of the stolen files (50%+) were text files, some of them containing software logs, passwords, personal notes, and other sensitive information. terabyte of stolen data.

Malware

Malware Computers and Electronics Software Financial Services

DirtyMoe modules expand the bot using worm-like techniques

Security Affairs

MARCH 21, 2022

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. SecurityAffairs – hacking, botnet). Now Avast researchers provided details of a DirtyMoe module that uses worm-like techniques to allow the threat to spread without user interaction.

Malware

Malware Passwords DDOS Internet

When Accounts are "Hacked" Due to Poor Passwords, Victims Must Share the Blame

When Low-Tech Hacks Cause High-Impact Breaches

Webinars

Trending Sources

M?ris Bot infects MikroTik routers compromised in 2018

Webinars

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

ShinyHunters hacked Pluto TV service, 3.2M accounts exposed

Xwo Malware scans the Internet for Exposed Services, Default Passwords

Over 23 million breached accounts were using ‘123456’ as password

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

Evolution of threat landscape for IoT devices – H1 2018

SEC Sanctions Several Companies over Email Account Hacking

wget utility potential leaked password via extended filesystem attributes

PurpleFox malware infected at least 2,000 computers in Ukraine

Why 83 Percent of Large Companies Are Vulnerable to This Basic Domain Hack

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

A new Zerobot variant spreads by exploiting Apache flaws

Experts observed the growth of hi-tech crime landscape in Asia in 2018

G Suite users’ passwords stored in plain-text for more than 14 years

PlugwalkJoe Does the Perp Walk

Phish of GoDaddy Employee Jeopardized Escrow.com, Among Others

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

A Closer Look at the Snatch Data Ransom Group

US citizens lost more than $68M to SIM swap attacks in 2021, FBI warns

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

New Lucifer DDoS botnet targets Windows systems with multiple exploits

China-linked threat actors have breached telcos and network service providers

Developer of DDoS Mirai based botnets sentenced to prison

Ticketmaster Hacked Competitor to Steal Data & Analytics, Fined Millions

Ad Network Sizmek Probes Account Breach

Chaining three critical vulnerabilities allows takeover of D-Link routers

Millions put at risk by old, out of date routers

Why Malware Crypting Services Deserve More Scrutiny

Information Disclosure flaw allows attackers to find Huawei routers with default credentials

ZoomEye IoT search engine cached login passwords for tens of thousands of Dahua DVRs

Why & Where You Should You Plant Your Flag

ASUS addressed critical flaws in some router models

Spanish police dismantled SIM swapping gang who stole money from victims’ bank accounts

Russia-linked Energetic Bear APT behind San Francisco airport attacks

Podcast Episode 140: passwords are dying. What will replace them?

Hanging Up on Mobile in the Name of Security

Iran-linked DEV-0270 group abuses BitLocker to encrypt victims’ devices

Mysterious custom malware used to steal 1.2TB of data from million PCs

DirtyMoe modules expand the bot using worm-like techniques

Stay Connected