Schneier on Security

JANUARY 24, 2022

Crowdstrike is reporting that malware targeting Linux has increased considerably in 2021: Malware targeting Linux systems increased by 35% in 2021 compared to 2020. Ten times more Mozi malware samples were observed in 2021 compared to 2020. Lots of details in the report.

Malware 343

Malware Accountability 343

Penetration Testing

DECEMBER 11, 2024

for his alleged role in... The post CVE-2020-12271 Exploited: FBI Seeks Chinese Hacker Behind 81,000 Device Breach appeared first on Cybersecurity News. The US Department of Justice announced the unsealing of an indictment against Guan Tianfeng, a Chinese national associated with Sichuan Silence Information Technology Co.

Technology 60

Technology Cybersecurity Firewall 60

Krebs on Security

AUGUST 16, 2020

11’s Patch Tuesday was CVE-2020-1464 , a problem with the way every supported version of Windows validates digital signatures for computer programs. In fact, CVE-2020-1464 was first spotted in attacks used in the wild back in August 2018. One of the 120 security holes Microsoft fixed on Aug. Image: Securityinbits.com.

Antivirus 363

Antivirus Malware Software 363

Security Affairs

FEBRUARY 6, 2025

The vulnerability CVE-2020-15069 (CVSS score of 9.8) is a Remote Code Execution flaw in Microsoft Outlook. . “Successful exploitation of this vulnerability would allow an attacker to bypass the Office Protected View and open in editing mode rather than protected mode.” ” reads the advisory published by Microsoft.

Firewall 121

Firewall Hacking Cybersecurity Risk 121

Tech Republic Security

OCTOBER 1, 2024

A report from insurer QBE predicts that the world will experience 211 significant cyber attacks this year, marking a 105% increase over four years.

Cyber Attacks 203

Cyber Attacks Insurance Artificial Intelligence 203

Krebs on Security

FEBRUARY 26, 2023

But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee. GoDaddy described the incident at the time in general terms as a social engineering attack, but one of its customers affected by that March 2020 breach actually spoke to one of the hackers involved.

Hacking 330

Hacking Social Engineering Phishing Scams 330

Schneier on Security

FEBRUARY 10, 2021

Analyzing cryptocurrency data, a research group has estimated a lower-bound on 2020 ransomware revenue: $350 million, four times more than in 2019.

Ransomware 357

Ransomware Cryptocurrency 357

Malwarebytes

JANUARY 6, 2025

A US chain of dental offices known as Westend Dental LLC denied a 2020 ransomware attack and its associated data breach, instead telling their customers that data was lost due to an accidentally formatted hard drive. In October 2020, Westend Dental was attacked by the Medusa Locker ransomware group.

Data breaches 145

Data breaches Ransomware Passwords Insurance 145

Tech Republic Security

DECEMBER 11, 2024

Chinese cybersecurity firm Sichuan Silence has been sanctioned for exploiting a vulnerability in Sophos firewalls used at critical infrastructure organizations in the U.S.

Cybersecurity 167

Cybersecurity Firewall Ransomware Software 167

Krebs on Security

DECEMBER 19, 2024

In early 2020, Exorn promoted a website called “ orndorks[.]com According to DomainTools, altugsara321@gmail.com was used in 2020 to register the domain name altugsara[.]com. co as one of their projects. That user, “ Exorn ,” has posts dating back to August 2018.

Hacking 245

Hacking Cybercrime Advertising Data breaches 245

Troy Hunt

NOVEMBER 2, 2020

pic.twitter.com/YUJIqgYNXf — Troy Hunt (@troyhunt) November 1, 2020 Beautiful day out! Hope I'm not just jeolous or the Twitter AI — elconas.de (@BugBuster666) November 1, 2020 In my mind I'm hearing this person in his best Ricky Gervais voice grumbling "but I don't f **g like boats"! Just one screen?

Data breaches 363

Data breaches InfoSec Media Technology 363

Tech Republic Security

APRIL 18, 2024

Nearly 10 million devices were infected with data-stealing malware in 2023, with criminals stealing an average of 50.9 credentials per device.

Malware 215

Malware Big data Data breaches Ransomware 215

Krebs on Security

JANUARY 22, 2025

From June 30, 2020 until January 14, 2025, one of the core Internet servers that MasterCard uses to direct traffic for portions of the mastercard.com network was misnamed. The misconfiguration persisted for nearly five years until a security researcher spent $300 to register the domain and prevent it from being grabbed by cybercriminals.

DNS 362

DNS Internet Internet Risk 362

Security Affairs

JANUARY 4, 2025

The botnet has been active since at least May 2020, reaching its peak with 60,000 compromised devices in June 2023. In September 2024, cybersecurity researchers from Lumens Black Lotus Labs discovered a new botnet, named Raptor Train, composed of small office/home office (SOHO) and IoT devices.

Cybersecurity 121

Cybersecurity IoT Hacking Technology 121

Penetration Testing

MAY 2, 2025

In 2020, Microsoft updated its Authenticator app to introduce password-saving and autofill capabilities, effectively transforming Microsoft Authenticator into The post Microsoft Authenticator to Drop Password Manager Features by August 2025 appeared first on Daily CyberSecurity.

Password Management 94

Password Management Authentication Passwords Cybersecurity 94

Schneier on Security

FEBRUARY 15, 2021

More discoveries in November 2019, January 2020, and April 2020 added up to at least five zero-day vulnerabilities being exploited from the same bug class in short order. Microsoft issued a patch and fixed the flaw, sort of. In September 2019, another similar vulnerability was found being exploited by the same hacking group.

Technology 359

Technology Hacking Software 359

Schneier on Security

JANUARY 6, 2022

jump over 2020 (23.6 DuckDuckGo has had a banner year : And yet, DuckDuckGo. The privacy-oriented search engine netted more than 35 billion search queries in 2021 , a 46.4% That’s big.

Engineering 359

Engineering Internet Internet 359

Schneier on Security

NOVEMBER 20, 2020

The attackers extensively use DLL side-loading in this campaign, and were also seen leveraging the ZeroLogon vulnerability that was patched in August 2020. Interesting details about the group’s tactics. News article.

Malware 356

Malware 356

Troy Hunt

OCTOBER 28, 2020

— NordVPN (@NordVPN) October 23, 2020 Ah, tricky! That and slashed zeros, and maybe a warning popup for URLs visually similar to (but different from) popular ones, would go a long way to mitigate it — Jon (@heeerrresjonny) October 25, 2020 So. That’s how [link] became [link]. — Bartek ?wierczy?ski Poor Googie!

Phishing 363

Phishing Password Management Passwords Internet 363

Schneier on Security

FEBRUARY 4, 2022

Lindsey Graham (R-SC) have re-introduced the EARN IT Act , an incredibly unpopular bill from 2020 that was dropped in the face of overwhelming opposition. Senators have reintroduced the EARN IT Act, requiring social media companies (among others) to administer a massive surveillance operation on their users: A group of lawmakers led by Sen.

Surveillance 354

Surveillance Backups Media Technology 354

Krebs on Security

DECEMBER 14, 2020

released between March 2020 and June 2020.” In its own advisory, FireEye said multiple updates poisoned with a malicious backdoor program were digitally signed with a SolarWinds certificate from March through May 2020, and posted to the SolarWindws update website. HF 5 through 2020.2.1, ”

Hacking 363

Hacking Antivirus Software Accountability 363

Krebs on Security

MAY 22, 2025

” According to the FBI, there were at least two major versions of DanaBot; the first was sold between 2018 and June 2020, when the malware stopped being offered on Russian cybercrime forums. Kalinkin is an IT engineer for the Russian state-owned energy giant Gazprom. His Facebook profile name is “Maffiozi.”

Malware 231

Malware Cybercrime Government Banking 231

Krebs on Security

AUGUST 14, 2020

It’s unclear when the intruders first breached R1’s networks, but the ransomware was unleashed more than a week ago, right around the time the company was set to release its 2nd quarter financial results for 2020. R1 RCM declined to discuss the strain of ransomware it is battling or how it was compromised.

Ransomware 363

Ransomware Healthcare Insurance Phishing 363

Security Affairs

NOVEMBER 1, 2024

The experts discovered five active C2 servers linked to the new version, with the latest deployment date listed as October 26, 2022, despite using a vulnerability patched in 2020. The authors utilized the publicly available Safari exploit CVE-2020-9802 for initial access and CVE-2020-3837 for privilege escalation.

Spyware 141

Spyware Media Malware Hacking 141

Krebs on Security

APRIL 6, 2021

Facebook says the data was collected before 2020 when it changed things to prevent such information from being scraped from profiles. 2020) was not in HaveIBeenPwned, but then again Facebook claims to have more than 2.7 A cybercrime forum ad from June 2020 selling a database of 533 Million Facebook users. According to a Jan.

Mobile 357

Mobile Accountability Passwords Authentication 357

Krebs on Security

NOVEMBER 19, 2024

In March 2020, Finastra suffered a ransomware attack that sidelined a number of the company’s core businesses for days. The simplest explanation is that something spooked abyss0 enough for them to abandon a number of pending sales opportunities, in addition to a well-manicured cybercrime persona.

Data breaches 304

Data breaches Banking Cybercrime Advertising 304

Schneier on Security

MAY 2, 2024

It banned default passwords in 2018, the law taking effect in 2020. The Product Security and Telecommunications Infrastructure Act 2022 (PSTI) introduces new minimum-security standards for manufacturers, and demands that these companies are open with consumers about how long their products will receive security updates for.

Passwords 344

Passwords IoT Manufacturing Telecommunications 344

Schneier on Security

JUNE 15, 2021

Really interesting two part analysis of the audit conducted after the 2020 election in Windham, New Hampshire.

Risk 331

Risk 331

Schneier on Security

MARCH 16, 2022

The creation date for the all the weak keys was 2020 or later. Some of the keys are from printers from two manufacturers, Canon and Fujifilm (originally branded as Fuji Xerox). Printer users can use the keys to generate a Certificate Signing Request. The weak Canon keys are tracked as CVE-2022-26351.

Manufacturing 330

Manufacturing Encryption 330

Security Affairs

JANUARY 28, 2025

The EU sanctioned three members of Russia’s GRU Unit 29155 for cyberattacks on Estonia’s government agencies in 2020. “The Council today adopted additional restrictive measures against three Russian individuals responsible for a series of cyberattacks carried out against the Republic of Estonia in 2020. .

Cyber Attacks 89

Cyber Attacks Government Healthcare Financial Services 89

Schneier on Security

MAY 3, 2023

New reporting from Wired reveals that the Department of Justice detected the SolarWinds attack six months before Mandient detected it in December 2020, but didn’t realize what they detected—and so ignored it. In July 2020, with the mystery still unresolved, communication between investigators and SolarWinds stopped.

System Administration 276

System Administration Software Engineering Internet 276

Krebs on Security

APRIL 18, 2022

Conti ravaged the healthcare sector throughout 2020, and leaked internal chats from the Conti ransomware group show the gang had access to more than 400 healthcare facilities in the U.S. alone by October 2020. In June 2021, the HSE’s director general said the recovery costs for that attack were likely to exceed USD $600 million.

Healthcare 346

Healthcare Ransomware Cybersecurity Malware 346

Security Affairs

MAY 13, 2025

DoppelPaymer ransomware has been active since June 2019 ; in November 2020, Microsoft Security Response Center (MSRC) warned customers of the DoppelPaymerransomwareand provided useful information on the threat. The operators behind this ransomware family rely on a double extortion scheme, the gang launched a leak site in early 2020.

Ransomware 105

Ransomware Cybercrime Malware Banking 105

Krebs on Security

OCTOBER 30, 2024

But the Federal Trade Commission notes that the big three bureaus have permanently extended a program enacted in 2020 that lets you check your credit report at each of the agencies once a week for free. By law, everyone is entitled to one free credit report every 12 months from each of the three credit reporting agencies.

Healthcare 298

Healthcare Insurance Computers and Electronics Data breaches 298