2019, Hacking and Internet - Cyber Security Informer

Reading the 2019 Internet Crime Complaint Center (IC3) report

Security Affairs

FEBRUARY 12, 2020

The FBI’s Internal Crime Complaint Center (IC3) released the FBI 2019 Internet Crime Report , a document that outlines cybercrime trends over the past year. Here we are to analyze the annual FBI 2019 Internet Crime Complaint Center (IC3) , one of the most interesting documents on the crime trends observed in the last 12 months.

Internet

Internet Internet Scams Cybercrime

Pwn2Own 2019 Day 3: Experts hacked Tesla 3 browser

Security Affairs

MARCH 23, 2019

Pwn2Own 2019 Day 3 – Experts earned $35,000 and a Tesla Model 3 after hacking the vehicle’s web browser. Pwn2Own 2019 Day 3 – Hackers focused their efforts on car hacking, two teams participated in the competitions but only one of them reached the goal. SecurityAffairs – Pwn2Own 2019, hacking).

Hacking

Hacking Advertising Internet Internet

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Krebs on Security

MARCH 5, 2021

On March 2, Microsoft released emergency security updates to plug four security holes in Exchange Server versions 2013 through 2019 that hackers were actively using to siphon email communications from Internet-facing systems running Exchange. Speaking on condition of anonymity, two cybersecurity experts who’ve briefed U.S.

Hacking

Hacking Software Government Internet

Massive DDoS attack brought down 25% Iranian Internet connectivity

Security Affairs

FEBRUARY 9, 2020

Iran comes under cyber-attack again, a massive offensive brought down a large portion of the Iranian access to the Internet. Iran infrastructures are under attack, a massive cyberattack brought down a large portion of the Iranian access to the Internet, according to the experts the national connectivity fell to 75%.

DDOS

DDOS Internet Internet Telecommunications

Patch Tuesday, August 2019 Edition

Krebs on Security

AUGUST 13, 2019

“According to Microsoft, at least two of these vulnerabilities ( CVE-2019-1181 and CVE-2019-1182 ) can be considered ‘wormable’ and [can be equated] to BlueKeep,” referring to a dangerous bug patched earlier this year that Microsoft warned could be used to spread another WannaCry-like ransomware outbreak.

Backups

Backups Software Authentication Internet

Cybercrime Statistics in 2019

Security Affairs

JANUARY 18, 2020

According to the IC3 Annual Report released in April 2019 financial losses reached $2.7 The total cost of cybercrime for each company in 2019 reached US$13M. According to the 2019 Data Breach Investigations Report , 43% of all nefarious online activities impacted small businesses. Financial losses reached $2.7 billion in 2018.

Cybercrime

Cybercrime Small Business Data breaches Mobile

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Krebs on Security

MARCH 14, 2023

men have been charged with hacking into a U.S. The complaint doesn’t specify which agency portal was hacked, but it does state that the portal included access to law enforcement databases that track narcotics seizures in the United States. federal government portal without authorization.

Hacking

Hacking Government Media Accountability

Reading the FBI IC3’s ‘2020 Internet Crime Report’

Security Affairs

MARCH 18, 2021

The FBI’s Internet Crime Complaint Center has released its annual report, the 2020 Internet Crime Report , which includes data from 791,790 complaints of suspected cybercrimes. billion and authorities observed an increase of more than 300,000 complaints from 2019 (+69%). ” reads 2020 Internet Crime Report.

Internet

Internet Internet Scams Identity Theft

Safer internet day – Cybercrime facts Infographic

Security Affairs

FEBRUARY 11, 2020

Dear readers, I decided to create a simple Infographic that shows Cybercrime facts in 2019, I’ve done it for Safer Internet Day 2020. SecurityAffairs – cybercrime, hacking). The post Safer internet day – Cybercrime facts Infographic appeared first on Security Affairs. Pierluigi Paganini.

Cybercrime

Cybercrime Internet Internet Advertising

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] In 2019, a Canadian company called Defiant Tech Inc. In a legal settlement that is quintessentially Canadian, the matter was resolved in 2019 after Defiant Tech agreed to plead guilty.

Hacking

Hacking Accountability Data breaches Marketing

Microsoft Patch Tuesday updates for February 2019 fixes IE Zero-Day

Security Affairs

FEBRUARY 12, 2019

Microsoft released Patch Tuesday updates for February 2019 that address 77 flaws, including an Internet Explorer issue that has been exploited in attacks. Microsoft released Patch Tuesday updates for February 2019 that address 77 flaws, 20 critical vulnerabilities, 54 important and 3 moderate in severity. Pierluigi Paganini.

Internet

Internet Internet Advertising IoT

Nitrokod crypto miner infected systems across 11 countries since 2019

Security Affairs

AUGUST 29, 2022

The infection chain starts with the installation of a tainted program downloaded from the Internet. SecurityAffairs – hacking, Nitrokod ). The post Nitrokod crypto miner infected systems across 11 countries since 2019 appeared first on Security Affairs. Check Point shared Indicators of Compromise (IoCs) for this campaign.

Malware

Malware Software Internet Internet

5 IoT Security Predictions for 2019

Security Affairs

DECEMBER 21, 2018

2018 was the year of the Internet of Things (IoT), massive attacks and various botnets hit smart devices, These are 5 IoT Security Predictions for 2019. 2019 will continue these trends but at a faster pace. 2019 will continue these trends but at a faster pace. Three IoT Attack Avenues for 2019. IoT Attacks in 2018.

IoT

IoT Manufacturing Internet Internet

A study reveals the list of worst passwords of 2019

Security Affairs

DECEMBER 16, 2019

Another year is ending and this is the right time to discover which are the worst passwords of 2019 by analyzing data leaked in various data breaches. Independent anonymous researchers, compiled and shared with security firm NordPass a list of 200 most popular passwords that were leaked in data breaches during 2019. Pierluigi Paganini.

Passwords

Passwords Data breaches Password Management Advertising

CVE-2019-19781 Citrix flaw exposes 80,000 companies at risk

Security Affairs

DECEMBER 23, 2019

Critical CVE-2019-19781 flaw in Citrix NetScaler ADC and Citrix NetScaler Gateway could be exploited to access company networks, 80,000 companies at risk worldwide. The CVE-2019-19781 vulnerability was discovered by Mikhail Klyuchnikov from Positive Technologies. SecurityAffairs – Citrix, CVE-2019-19781). Pierluigi Paganini.

Risk

Risk Technology Advertising Internet

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

The Last Watchdog

AUGUST 29, 2023

The threat of bad actors hacking into airplane systems mid-flight has become a major concern for airlines and operators worldwide. Back in 2015, a security researcher decided to make that very point when he claimed to have hacked a plane , accessed the thrust system, and made it fly higher than intended.

Software

Software Risk Artificial Intelligence Engineering

The Internet of Things Is Everywhere. Are You Secure?

Security Boulevard

MARCH 18, 2021

From smart homes that enable you to control your thermostat from a distance to sensors on oil rigs that help predict maintenance to autonomous vehicles to GPS sensors implanted in the horns of endangered black rhinos , the internet of things is all around you. In 2019 alone, attacks on IoT devices increased by 300%. Are You Secure?

Internet

Internet Internet IoT Software

Mozilla addresses CVE-2019-17026 Firefox Zero-Day exploited in targeted attacks

Security Affairs

JANUARY 9, 2020

Mozilla has released security updates for Firefox browser that address a zero-day vulnerability (CVE-2019-17026) that has been exploited in targeted attacks. Mozilla has released security updates for Firefox browser that address a zero-day flaw (CVE-2019-17026) that has been exploited in targeted attacks. Bronze President, hacking).

Advertising

Advertising Engineering Internet Internet

Users reported problems with patches for CVE-2019-1367 IE zero-day

Security Affairs

OCTOBER 7, 2019

Patches for Internet Explorer Zero-Day Causing Problems for Many Users. Microsoft released a new set of patches for a zero-day flaw in Internet Explorer recently fixed due to problems reported by users with the previous patch. SecurityAffairs – CVE-2019-1367 , hacking). Pierluigi Paganini.

Internet

Internet Internet Engineering Advertising

MS October 2019 Patch Tuesday updates address 59 flaws

Security Affairs

OCTOBER 8, 2019

Microsoft October 2019 Patch Tuesday addressed a total of 59 vulnerabilities. Microsoft addressed two critical remote code execution flaws , tracked as CVE-2019-1238 and CVE-2019-1239, in the VBScript engine, both tie the way VBScript handles objects in memory. ” reads the security advisory for the CVE 2019-1166.

Engineering

Engineering Advertising Authentication Internet

CVE-2019-15846 Exim mail server flaw allows Remote Code Execution

Security Affairs

SEPTEMBER 6, 2019

The Exim development team has addressed a vulnerability in Exim mail server, tracked as CVE-2019-15846, that could be exploited by local and remote attackers to execute arbitrary code with root privileges. According to Shodan , over 5 million Exim mail servers are exposed on the Internet, most of them the United States.

Advertising

Advertising Malware Internet Internet

CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group

Security Affairs

JUNE 23, 2020

CLOP ransomware operators have allegedly hacked IndiaBulls Group , an Indian conglomerate headquartered in Gurgaon, India. CLOP ransomware operators have allegedly hacked the Indian conglomerate IndiaBulls Group , its primary businesses are housing finance, consumer finance, and wealth management. . Pierluigi Paganini.

Hacking

Hacking Ransomware Banking Mobile

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Security Affairs

SEPTEMBER 1, 2020

Iran-linked APT group Pioneer Kitten is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers. Iran-linked APT group Pioneer Kitten, also known as Fox Kitten or Parisite, is now trying to monetize its efforts by selling access to some of the networks it has hacked to other hackers.

Hacking

Hacking VPN Advertising Financial Services

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

Security Affairs

JUNE 15, 2020

” Between 2018 and 2019 the researchers assessed 28 telecom operators in Europe, Asia, Africa, and South America and verifies the presence of the vulnerabilities in the GTP protocol. phone number) of a real subscriber and impersonate him to access the Internet. SecurityAffairs – hacking, 5G). Pierluigi Paganini.

Mobile

Mobile Internet Internet Wireless

CoinHive Cryptocurrency Mining Service will shut down on March 8, 2019

Security Affairs

FEBRUARY 28, 2019

The popular in-browser cryptocurrency mining service Coinhive has announced that it will shut down on March 8, 2019. Security firms spotted several hacking campaigns aimed at compromising websites to install JavaScript-based Monero (XMR) cryptocurrency mining scripts and monetize their efforts. SecurityAffairs – Coinhive, hacking).

Cryptocurrency

Cryptocurrency Advertising Hacking Marketing

Microsoft Patch Tuesday updates fix CVE-2019-1429 flaw exploited in the wild

Security Affairs

NOVEMBER 13, 2019

Microsoft’s Patch Tuesday updates for November 2019 address over 70 flaws, including an Internet Explorer issue (CVE-2019-1429) that has been exploited in attacks in the wild. The CVE-2019-1429 zero-day is a scripting engine memory corruption vulnerability that affects Internet Explorer 9, 10 and 11.

Internet

Internet Internet Engineering Advertising

Microsoft January 2019 Patch Tuesday updates fix 7 critical vulnerabilities

Security Affairs

JANUARY 9, 2019

Microsoft has released the January 2019 Patch Tuesday updates that address 51 vulnerabilities in Windows OSs and other products. A close look at the list of issues addressed with the Microsoft January 2019 Patch Tuesday reveals that 7 flaws are rated critical, none was exploited in attacks in the wild.

Engineering

Engineering Advertising Internet Internet

FBI: $3.5B Lost in 2019 to Known Cyberscams, Ransomware

Threatpost

FEBRUARY 12, 2020

Cybercriminals double down on successful internet scams, with a focus on phishing, BEC and other defrauding schemes that have proven to work.

Scams

Scams Phishing Internet Internet

AT&T confirmed that a data breach impacted 73 million customers

Security Affairs

MARCH 30, 2024

ShinyHunters is a popular hacking crew that is known to have offered for sale data stolen from tens of major organizations, including Tokopedia , Homechef , Chatbooks.com , Microsoft , and Minted. The company believes that leaked data are from 2019 or earlier. AT&T told CNN. million former account holders.”

Data breaches

Data breaches Telecommunications Cybercrime Hacking

Microsoft released Patch Tuesday security updates for July 2019

Security Affairs

JULY 9, 2019

Microsoft Patch Tuesday updates for July 2019 address a total of 77 vulnerabilities, 14 rated as Critical, 62 as Important, and only 1 as Moderate in severity. Microsoft released Patch Tuesday updates for July 2019 that address a total of 77 vulnerabilities, 14 rated as Critical, 62 as Important, and only 1 as Moderate in severity.

Advertising

Advertising Internet Internet Hacking

New Shodan Monitor service allows tracking Internet-Exposed devices

Security Affairs

MARCH 28, 2019

Shodan IoT search engine announced the launch of a new service called Shodan Monitor designed to help organizations to maintain track of systems connected to the Internet. Shodan Monitor is a precious tool for organizations that can determine their surface of attack assessing their Internet-exposed systems. Pierluigi Paganini.

Internet

Internet Internet IoT Advertising

OT attacks increased by over 2000 percent in 2019, IBM reports

Security Affairs

FEBRUARY 11, 2020

According to IBM, OT attacks increased by over 2000 percent in 2019, most of them involved the Echobot IoT malware. IBM’s 2020 X-Force Threat Intelligence Index report analyzes the threat landscape in 2019, the experts observed a spike in the number of OT attacks. “ OT attacks hit an all-time high. ” continues the report.

Advertising

Advertising Malware IoT Technology

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

Security Affairs

FEBRUARY 3, 2020

L inear eMerge E3 smart building access systems designed by N ortek Security & Control (NSC) are affected by a severe vulnerability (CVE-2019-7256) that has yet to be fixed and attackers are actively scanning the internet for vulnerable devices. CVE-2019-7256 is actively being exploited by DDoS botnet operators.

DDOS

DDOS Hacking Internet Internet

Microsoft Patch Tuesday for August 2019 patch 93 bugs, including 2 dangerous wormable issues

Security Affairs

AUGUST 14, 2019

Microsoft Patches Over 90 Vulnerabilities With August 2019 Updates. Microsoft Patch Tuesday security updates for August 2019 address more than 90 flaws, including two new ‘ wormable ‘ issues in Windows Remote Desktop Services. The vulnerabilities are tracked as CVE-2019-1181, CVE-2019-1182, CVE-2019-1222 and CVE-2019-1226.

Authentication

Authentication Advertising Internet Internet

2020 Likely To Break Records for Breaches

Adam Levin

JULY 10, 2020

For comparison, that’s a 273% increase over the first two quarters of 2019 combined. While the number of publicly reported breaches in Q1 2020 decreased by 58% compared to 2019, the coronavirus pandemic gave cybercriminals new ways to thrive,” wrote Bitdefender researcher and blogger Alina Bizga. MGM Resorts (10.6 Marriott (5.2

Data breaches

Data breaches Social Engineering Antivirus Scams

Source code of Dharma ransomware now surfacing on public hacking forums

Security Affairs

MARCH 29, 2020

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware , is up for sale on two Russian-language hacking forums. The source is offered for a price as low as $2,000, as reported by ZDNet.

Ransomware

Ransomware Hacking Advertising Malware

CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking

Security Affairs

NOVEMBER 14, 2019

Security experts at SafeBreach have discovered a vulnerability in McAfee antivirus software tracked as CVE-2019-3648 that could allow an attacker with Administrator privileges to escalate privileges and execute code with SYSTEM privileges. SecurityAffairs – McAfee, hacking). ” reads the analysis published by SafeBreach. .

Antivirus

Antivirus Advertising Software Internet

Microsoft Patch Tuesday security updates for June 2019 fix 88 flaws

Security Affairs

JUNE 12, 2019

Microsoft releases Patch Tuesday security updates for June 2019 that address 88 vulnerabilities in Windows OS and other products. The flaws were disclosed by the researcher SandboxEscaper over the past weeks, below the list of the issue: CVE-2019-0973 CVE-2019-1053 CVE-2019-1064 CVE-2019-1069. Pierluigi Paganini.

Advertising

Advertising Authentication Encryption Internet

German BSI warns of 17,000 unpatched Microsoft Exchange servers

Security Affairs

MARCH 30, 2024

12 percent of the listed servers are running a version of Exchange Server that is no longer supported, and around 25 percent of all servers use current versions of Exchange 2016 and 2019 that lack of security patches. “Around 45,000 Microsoft Exchange servers in Germany can currently be accessed from the Internet without restrictions.

Information Security

Information Security Internet Internet Healthcare

PoC exploits for Citrix ADC and Gateway CVE-2019-19781 flaw released online

Security Affairs

JANUARY 11, 2020

Experts announced the availability online of proof-of-concept exploit code for CVE-2019-19781 flaw in Citrix NetScaler ADC and Citrix NetScaler Gateway servers. In December Citrix disclosed the critical CVE-2019-19781 vulnerability and explained that it could be exploited by attackers to access company networks. Pierluigi Paganini.

Advertising

Advertising Technology Accountability Risk

China-linked APT used Pulse Secure VPN zero-day to hack US defense contractors

Security Affairs

APRIL 20, 2021

According to coordinated reports published by FireEye and Pulse Secure , two hacking groups have exploited a new zero-day vulnerability in Pulse Secure VPN equipment to break into the networks of US defense contractors and government organizations worldwide. SecurityAffairs – hacking, China). Pierluigi Paganini.

VPN

VPN Hacking Authentication Government

Experts warn of ongoing scans for Citrix servers affected by CVE-2019-19781

Security Affairs

JANUARY 9, 2020

Threat actors are probing Citrix servers in the attempt to exploit the CVE-2019-19781 remote code execution vulnerability. Security researchers are warning of ongoing scans for Citrix Application Delivery Controller (NetScaler ADC) and Citrix Gateway (NetScaler Gateway) servers affected by the CVE-2019-19781 vulnerabilities.

Technology

Technology Advertising Internet Internet

AT&T states that the data breach impacted 51 million former and current customers

Security Affairs

APRIL 10, 2024

ShinyHunters is a popular hacking crew that is known to have offered for sale data stolen from tens of major organizations, including Tokopedia , Homechef , Chatbooks.com , Microsoft , and Minted. The company speculates that leaked data are from 2019 or earlier. AT&T told CNN. ” reads the data breach notification.

Data breaches

Data breaches Telecommunications Identity Theft Hacking

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

FEBRUARY 10, 2020

Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. in 2019 , according to data from S&P Global Market Intelligence.

Hacking

Hacking Identity Theft Government Phishing

Reading the 2019 Internet Crime Complaint Center (IC3) report

Pwn2Own 2019 Day 3: Experts hacked Tesla 3 browser

Trending Sources

At Least 30,000 U.S. Organizations Newly Hacked Via Holes in Microsoft’s Email Software

Massive DDoS attack brought down 25% Iranian Internet connectivity

Patch Tuesday, August 2019 Edition

Cybercrime Statistics in 2019

Two U.S. Men Charged in 2022 Hacking of DEA Portal

Reading the FBI IC3’s ‘2020 Internet Crime Report’

Safer internet day – Cybercrime facts Infographic

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Microsoft Patch Tuesday updates for February 2019 fixes IE Zero-Day

Nitrokod crypto miner infected systems across 11 countries since 2019

5 IoT Security Predictions for 2019

A study reveals the list of worst passwords of 2019

CVE-2019-19781 Citrix flaw exposes 80,000 companies at risk

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

The Internet of Things Is Everywhere. Are You Secure?

Mozilla addresses CVE-2019-17026 Firefox Zero-Day exploited in targeted attacks

Users reported problems with patches for CVE-2019-1367 IE zero-day

MS October 2019 Patch Tuesday updates address 59 flaws

CVE-2019-15846 Exim mail server flaw allows Remote Code Execution

CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group

Iran-linked APT group Pioneer Kitten sells access to hacked networks

Flaws in mobile Internet protocol GTP allow hackers to target 5G users

CoinHive Cryptocurrency Mining Service will shut down on March 8, 2019

Microsoft Patch Tuesday updates fix CVE-2019-1429 flaw exploited in the wild

Microsoft January 2019 Patch Tuesday updates fix 7 critical vulnerabilities

FBI: $3.5B Lost in 2019 to Known Cyberscams, Ransomware

AT&T confirmed that a data breach impacted 73 million customers

Microsoft released Patch Tuesday security updates for July 2019

New Shodan Monitor service allows tracking Internet-Exposed devices

OT attacks increased by over 2000 percent in 2019, IBM reports

Attackers are hacking NSC Linear eMerge E3 building access systems to launch DDoS attacks

Microsoft Patch Tuesday for August 2019 patch 93 bugs, including 2 dangerous wormable issues

2020 Likely To Break Records for Breaches

Source code of Dharma ransomware now surfacing on public hacking forums

CVE-2019-3648 flaw in all McAfee AV allows DLL Hijacking

Microsoft Patch Tuesday security updates for June 2019 fix 88 flaws

German BSI warns of 17,000 unpatched Microsoft Exchange servers

PoC exploits for Citrix ADC and Gateway CVE-2019-19781 flaw released online

China-linked APT used Pulse Secure VPN zero-day to hack US defense contractors

Experts warn of ongoing scans for Citrix servers affected by CVE-2019-19781

AT&T states that the data breach impacted 51 million former and current customers

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Stay Connected