Penetration Testing

DECEMBER 11, 2024

for his alleged role in... The post CVE-2020-12271 Exploited: FBI Seeks Chinese Hacker Behind 81,000 Device Breach appeared first on Cybersecurity News. The US Department of Justice announced the unsealing of an indictment against Guan Tianfeng, a Chinese national associated with Sichuan Silence Information Technology Co.

Technology 61

Technology Cybersecurity Firewall 61

Schneier on Security

JANUARY 24, 2022

Crowdstrike is reporting that malware targeting Linux has increased considerably in 2021: Malware targeting Linux systems increased by 35% in 2021 compared to 2020. Ten times more Mozi malware samples were observed in 2021 compared to 2020. Lots of details in the report.

Malware 342

Malware Accountability 342

Krebs on Security

AUGUST 16, 2020

11’s Patch Tuesday was CVE-2020-1464 , a problem with the way every supported version of Windows validates digital signatures for computer programs. In fact, CVE-2020-1464 was first spotted in attacks used in the wild back in August 2018. One of the 120 security holes Microsoft fixed on Aug. Image: Securityinbits.com.

Antivirus 363

Antivirus Malware Software 363

Security Affairs

FEBRUARY 6, 2025

The vulnerability CVE-2020-15069 (CVSS score of 9.8) is a Remote Code Execution flaw in Microsoft Outlook. . “Successful exploitation of this vulnerability would allow an attacker to bypass the Office Protected View and open in editing mode rather than protected mode.” ” reads the advisory published by Microsoft.

Firewall 122

Firewall Hacking Cybersecurity Risk 122

Tech Republic Security

OCTOBER 1, 2024

A report from insurer QBE predicts that the world will experience 211 significant cyber attacks this year, marking a 105% increase over four years.

Cyber Attacks 198

Cyber Attacks Insurance Artificial Intelligence 198

Schneier on Security

FEBRUARY 10, 2021

Analyzing cryptocurrency data, a research group has estimated a lower-bound on 2020 ransomware revenue: $350 million, four times more than in 2019.

Ransomware 356

Ransomware Cryptocurrency 356

Krebs on Security

FEBRUARY 26, 2023

But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee. GoDaddy described the incident at the time in general terms as a social engineering attack, but one of its customers affected by that March 2020 breach actually spoke to one of the hackers involved.

Hacking 324

Hacking Social Engineering Phishing Scams 324

Malwarebytes

JANUARY 6, 2025

A US chain of dental offices known as Westend Dental LLC denied a 2020 ransomware attack and its associated data breach, instead telling their customers that data was lost due to an accidentally formatted hard drive. In October 2020, Westend Dental was attacked by the Medusa Locker ransomware group.

Data breaches 145

Data breaches Ransomware Passwords Insurance 145

Krebs on Security

JANUARY 22, 2025

From June 30, 2020 until January 14, 2025, one of the core Internet servers that MasterCard uses to direct traffic for portions of the mastercard.com network was misnamed. The misconfiguration persisted for nearly five years until a security researcher spent $300 to register the domain and prevent it from being grabbed by cybercriminals.

DNS 361

DNS Internet Internet Risk 361

Tech Republic Security

APRIL 18, 2024

Nearly 10 million devices were infected with data-stealing malware in 2023, with criminals stealing an average of 50.9 credentials per device.

Malware 215

Malware Big data Data breaches Ransomware 215

Troy Hunt

NOVEMBER 2, 2020

pic.twitter.com/YUJIqgYNXf — Troy Hunt (@troyhunt) November 1, 2020 Beautiful day out! Hope I'm not just jeolous or the Twitter AI — elconas.de (@BugBuster666) November 1, 2020 In my mind I'm hearing this person in his best Ricky Gervais voice grumbling "but I don't f **g like boats"! Just one screen?

Data breaches 359

Data breaches InfoSec Media Technology 359

Krebs on Security

DECEMBER 19, 2024

In early 2020, Exorn promoted a website called “ orndorks[.]com According to DomainTools, altugsara321@gmail.com was used in 2020 to register the domain name altugsara[.]com. co as one of their projects. That user, “ Exorn ,” has posts dating back to August 2018.

Hacking 232

Hacking Cybercrime Advertising Data breaches 232

Schneier on Security

JANUARY 6, 2021

“The plaintext password was visible in one of the binaries on the system,” the Dutch researchers said in a report published before the Christmas 2020 holiday. aN_fXp” password.

Firewall 344

Firewall VPN Passwords Accountability 344

Security Affairs

JANUARY 4, 2025

The botnet has been active since at least May 2020, reaching its peak with 60,000 compromised devices in June 2023. In September 2024, cybersecurity researchers from Lumens Black Lotus Labs discovered a new botnet, named Raptor Train, composed of small office/home office (SOHO) and IoT devices.

Cybersecurity 122

Cybersecurity IoT Hacking Technology 122

Tech Republic Security

DECEMBER 11, 2024

Chinese cybersecurity firm Sichuan Silence has been sanctioned for exploiting a vulnerability in Sophos firewalls used at critical infrastructure organizations in the U.S.

Cybersecurity 157

Cybersecurity Firewall Ransomware Software 157

Adam Shostack

JANUARY 2, 2025

At Blackhat this summer, I'll be offering threat modeling training at Blackhat. Last year, these sold out quickly, so don't wait! This hands-on, interactive class will focus on learning to threat model by executing each of the steps.

130

130

Schneier on Security

FEBRUARY 15, 2021

More discoveries in November 2019, January 2020, and April 2020 added up to at least five zero-day vulnerabilities being exploited from the same bug class in short order. Microsoft issued a patch and fixed the flaw, sort of. In September 2019, another similar vulnerability was found being exploited by the same hacking group.

Technology 358

Technology Hacking Software 358

Schneier on Security

JANUARY 6, 2022

jump over 2020 (23.6 DuckDuckGo has had a banner year : And yet, DuckDuckGo. The privacy-oriented search engine netted more than 35 billion search queries in 2021 , a 46.4% That’s big.

Engineering 358

Engineering Internet Internet 358

Troy Hunt

OCTOBER 28, 2020

— NordVPN (@NordVPN) October 23, 2020 Ah, tricky! That and slashed zeros, and maybe a warning popup for URLs visually similar to (but different from) popular ones, would go a long way to mitigate it — Jon (@heeerrresjonny) October 25, 2020 So. That’s how [link] became [link]. — Bartek ?wierczy?ski Poor Googie!

Phishing 363

Phishing Password Management Passwords Internet 363

Schneier on Security

NOVEMBER 20, 2020

The attackers extensively use DLL side-loading in this campaign, and were also seen leveraging the ZeroLogon vulnerability that was patched in August 2020. Interesting details about the group’s tactics. News article.

Malware 353

Malware 353

Schneier on Security

MAY 2, 2024

It banned default passwords in 2018, the law taking effect in 2020. The Product Security and Telecommunications Infrastructure Act 2022 (PSTI) introduces new minimum-security standards for manufacturers, and demands that these companies are open with consumers about how long their products will receive security updates for.

Passwords 340

Passwords IoT Manufacturing Telecommunications 340

Krebs on Security

FEBRUARY 9, 2021

Windows Server users also should be aware that Microsoft this month is enforcing the second round of security improvements as part of a two-phase update to address CVE-2020-1472 , a severe vulnerability that first saw active exploitation back in September 2020.

DNS 337

DNS Backups Software Phishing 337

Schneier on Security

FEBRUARY 4, 2022

Lindsey Graham (R-SC) have re-introduced the EARN IT Act , an incredibly unpopular bill from 2020 that was dropped in the face of overwhelming opposition. Senators have reintroduced the EARN IT Act, requiring social media companies (among others) to administer a massive surveillance operation on their users: A group of lawmakers led by Sen.

Surveillance 353

Surveillance Backups Media Technology 353

Krebs on Security

DECEMBER 14, 2020

released between March 2020 and June 2020.” In its own advisory, FireEye said multiple updates poisoned with a malicious backdoor program were digitally signed with a SolarWinds certificate from March through May 2020, and posted to the SolarWindws update website. HF 5 through 2020.2.1, ”

Hacking 363

Hacking Antivirus Software Accountability 363

Security Affairs

NOVEMBER 1, 2024

The experts discovered five active C2 servers linked to the new version, with the latest deployment date listed as October 26, 2022, despite using a vulnerability patched in 2020. The authors utilized the publicly available Safari exploit CVE-2020-9802 for initial access and CVE-2020-3837 for privilege escalation.

Spyware 142

Spyware Media Malware Hacking 142

Krebs on Security

APRIL 6, 2021

Facebook says the data was collected before 2020 when it changed things to prevent such information from being scraped from profiles. 2020) was not in HaveIBeenPwned, but then again Facebook claims to have more than 2.7 A cybercrime forum ad from June 2020 selling a database of 533 Million Facebook users. According to a Jan.

Mobile 357

Mobile Accountability Passwords Authentication 357

Krebs on Security

AUGUST 14, 2020

It’s unclear when the intruders first breached R1’s networks, but the ransomware was unleashed more than a week ago, right around the time the company was set to release its 2nd quarter financial results for 2020. R1 RCM declined to discuss the strain of ransomware it is battling or how it was compromised.

Ransomware 363

Ransomware Healthcare Insurance Phishing 363

Krebs on Security

NOVEMBER 19, 2024

In March 2020, Finastra suffered a ransomware attack that sidelined a number of the company’s core businesses for days. The simplest explanation is that something spooked abyss0 enough for them to abandon a number of pending sales opportunities, in addition to a well-manicured cybercrime persona.

Data breaches 293

Data breaches Banking Cybercrime Advertising 293

Schneier on Security

JUNE 15, 2021

Really interesting two part analysis of the audit conducted after the 2020 election in Windham, New Hampshire.

Risk 326

Risk 326

Schneier on Security

MARCH 16, 2022

The creation date for the all the weak keys was 2020 or later. Some of the keys are from printers from two manufacturers, Canon and Fujifilm (originally branded as Fuji Xerox). Printer users can use the keys to generate a Certificate Signing Request. The weak Canon keys are tracked as CVE-2022-26351.

Manufacturing 325

Manufacturing Encryption 325

Schneier on Security

MAY 3, 2023

New reporting from Wired reveals that the Department of Justice detected the SolarWinds attack six months before Mandient detected it in December 2020, but didn’t realize what they detected—and so ignored it. In July 2020, with the mystery still unresolved, communication between investigators and SolarWinds stopped.

System Administration 270

System Administration Software Engineering Internet 270

Security Affairs

JANUARY 28, 2025

The EU sanctioned three members of Russia’s GRU Unit 29155 for cyberattacks on Estonia’s government agencies in 2020. “The Council today adopted additional restrictive measures against three Russian individuals responsible for a series of cyberattacks carried out against the Republic of Estonia in 2020. .

Cyber Attacks 85

Cyber Attacks Government Healthcare Financial Services 85

Krebs on Security

OCTOBER 30, 2024

But the Federal Trade Commission notes that the big three bureaus have permanently extended a program enacted in 2020 that lets you check your credit report at each of the agencies once a week for free. By law, everyone is entitled to one free credit report every 12 months from each of the three credit reporting agencies.

Healthcare 294

Healthcare Insurance Computers and Electronics Data breaches 294

Krebs on Security

APRIL 18, 2022

Conti ravaged the healthcare sector throughout 2020, and leaked internal chats from the Conti ransomware group show the gang had access to more than 400 healthcare facilities in the U.S. alone by October 2020. In June 2021, the HSE’s director general said the recovery costs for that attack were likely to exceed USD $600 million.

Healthcare 339

Healthcare Ransomware Cybersecurity Malware 339