Schneier on Security

JANUARY 5, 2021

The New York Times has an in-depth article on the latest information about the SolarWinds hack (not a great name, since it’s much more far-reaching than that). There is also no indication yet that any human intelligence alerted the United States to the hacking. The October files, distributed to customers on Oct. 10, 2019.

Hacking 358

Hacking System Administration Software Surveillance 358

Adam Levin

JULY 10, 2020

2020 is on the path to becoming a record-breaking year for data breaches and compromised personal data. billion records have already been exposed, and that’s only accounting for the first quarter of 2020. million customers of MGM Resorts was found posted on a hacking forum. MGM Resorts (10.6 Marriott (5.2

Data breaches 252

Data breaches Social Engineering Antivirus Scams 252

Krebs on Security

DECEMBER 14, 2020

released between March 2020 and June 2020.” In its own advisory, FireEye said multiple updates poisoned with a malicious backdoor program were digitally signed with a SolarWinds certificate from March through May 2020, and posted to the SolarWindws update website. HF 5 through 2020.2.1, The compromises at the U.S.

Hacking 363

Hacking Antivirus Software Accountability 363

Krebs on Security

JULY 13, 2020

Data Viper , a security startup that provides access to some 15 billion usernames, passwords and other information exposed in more than 8,000 website breaches, has itself been hacked and its user database posted online. An online post by the attackers who broke into Data Viper.

Hacking 363

Hacking Marketing Cybercrime Accountability 363

Krebs on Security

FEBRUARY 26, 2023

Media coverage understandably focused on GoDaddy’s admission that it suffered three different cyberattacks over as many years at the hands of the same hacking group. But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee.

Hacking 330

Hacking Social Engineering Phishing Scams 330

Schneier on Security

AUGUST 14, 2023

The NSA discovered the intrusion in 2020—we don’t know how—and alerted the Japanese. and Japanese officials interviewed, who spoke on the condition of anonymity because of the matter’s sensitivity. […] The 2020 penetration was so disturbing that Gen. Paul Nakasone, the head of the NSA and U.S.

Hacking 243

Hacking Cybersecurity 243

Security Affairs

JANUARY 12, 2025

Sadeghipour made the headlines for other important disclosures, in October 2020 he was part of a team of researchers that received hundreds of thousands of dollars in bug bounties for reporting 55 vulnerabilities as part of the Apple bug bounty program. Other organizations could suffered similar issues.

Hacking 115

Hacking Media Information Security 115

Krebs on Security

MARCH 28, 2021

26, Shadowserver saw an attempt to install a new type of backdoor in compromised Exchange Servers, and with each hacked host it installed the backdoor in the same place: “ /owa/auth/babydraco.aspx. Further reading: A Basic Timeline of the Exchange Mass-Hack. That same list today would be pages long. At Least 30,000 U.S.

Hacking 363

Hacking Cybercrime DNS Internet 363

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking 342

Hacking Cybercrime Phishing Passwords 342

Krebs on Security

DECEMBER 16, 2020

13, cyber incident response firm FireEye published a detailed writeup on the malware infrastructure used in the SolarWinds compromise, presenting evidence that the Orion software was first compromised back in March 2020. FireEye said hacked networks were seen communicating with a malicious domain name — avsvmcloud[.]com

Hacking 362

Hacking Malware Software Cybercrime 362

Krebs on Security

AUGUST 28, 2020

But this also means when a Sendgrid customer account gets hacked and used to send malware or phishing scams, the threat is particularly acute because a large number of organizations allow email from Sendgrid’s systems to sail through their spam-filtering systems. .” ”

Accountability 361

Accountability Hacking Authentication Marketing 361

Krebs on Security

JULY 22, 2020

The New York Times last week ran an interview with several young men who claimed to have had direct contact with those involved in last week’s epic hack against Twitter. ” Twice in the past year, the OGUsers forum was hacked , and both times its database of usernames, email addresses and private messages was leaked online.

Hacking 346

Hacking Accountability Scams Media 346

Security Affairs

DECEMBER 27, 2024

charges for allegedly threatening to release data stolen from a company in a March 2020 security breach. government has charged the Brazilian citizen Junior Barros De Oliveira, 29, with allegedly threatening to release data stolen from a company during a March 2020 security breach. A Brazilian citizen faces U.S. Sellinger announced.”

Hacking 70

Hacking Government Data breaches Information Security 70

Security Affairs

JANUARY 4, 2025

“ Flax Typhoon is a China-linked hacking group that has been active since 2021, it targets critical infrastructure globally, exploiting vulnerabilities for persistent access. According to OFAC, between 2022 and 2023, Flax Typhoon hacked U.S. critical infrastructure sectors.“

Cybersecurity 125

Cybersecurity IoT Hacking Technology 125

Troy Hunt

OCTOBER 2, 2020

— Troy Hunt (@troyhunt) October 1, 2020 I'm conscious that sending a tweet like that elicits all the sorts of responses that inevitably followed it and implies that something cyber is amiss with Grindr. So I tried to find a security contact at Grindr myself: Anyone got a security at @Grindr they can connect me to?

Accountability 364

Accountability Hacking Passwords InfoSec 364

Krebs on Security

FEBRUARY 4, 2021

Facebook told KrebsOnSecurity it seized hundreds of accounts — mainly on Instagram — that have been stolen from legitimate users through a variety of intimidation and harassment tactics, including hacking, coercion, extortion, sextortion , SIM swapping , and swatting. THE MIDDLEMEN.

Accountability 327

Accountability Hacking Media Mobile 327

Security Affairs

FEBRUARY 6, 2025

The vulnerability CVE-2020-15069 (CVSS score of 9.8) Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, CISA Known Exploited Vulnerabilities catalog ) is a Remote Code Execution flaw in Microsoft Outlook. . ” reads the advisory published by Microsoft.

Firewall 125

Firewall Hacking Cybersecurity Risk 125

Krebs on Security

OCTOBER 28, 2020

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware.

Hacking 357

Hacking Ransomware Banking Accountability 357

Krebs on Security

FEBRUARY 9, 2023

A spam email from 2020 containing a Trickbot-infected attachment. “During the height of the COVID-19 pandemic in 2020, Trickbot targeted hospitals and healthcare centers, launching a wave of ransomware attacks against hospitals across the United States,” the sanctions notice continued. Image: Microsoft. This is not the U.S.

Hacking 248

Hacking Cybercrime Ransomware Government 248

The Last Watchdog

JANUARY 25, 2021

Thanks to a couple of milestone hacks disclosed at the close of 2020 and start of 2021, they will forever be associated with putting supply-chain vulnerabilities on the map. Similarly, the SolarWinds and Mimecast hacks are precursors of increasingly clever and deeply-damaging hacks of the global supply chain sure to come.

Hacking 228

Hacking B2B Authentication Software 228

Security Affairs

OCTOBER 23, 2024

The SEC fined Unisys, Avaya, Check Point, and Mimecast for misleading disclosures about the impact of the SolarWinds Orion hack. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, SEC) The SEC fined the four companies for having downplayed the impact of the attack.

Hacking 117

Hacking Risk Cybersecurity Government 117

Security Affairs

FEBRUARY 17, 2024

CISA warns that the Akira Ransomware gang is exploiting the Cisco ASA/FTD vulnerability CVE-2020-3259 (CVSS score: 7.5) Cybersecurity and Infrastructure Security Agency (CISA) added a Cisco ASA and FTD bug, tracked as CVE-2020-3259 (CVSS score: 7.5), to its Known Exploited Vulnerabilities catalog. in attacks in the wild.

Ransomware 143

Ransomware VPN Education Hacking 143

Security Affairs

NOVEMBER 25, 2024

He will allege that Russian state-aligned hacking groups have executed at least nine cyberattacks against NATO nations, targeting critical infrastructure. In September 2024, the FBI, CISA, and NSA linked threat actors from Russia’s GRU Unit 29155 to global cyber operations since at least 2020.

Cyber Attacks 117

Cyber Attacks Government Hacking Cyber threats 117

Joseph Steinberg

DECEMBER 14, 2020

A former Cisco engineer was sentenced this past Wednesday (December 9, 2020) to 24 months in prison (and a $15,000 fine) for accessing Cisco’s network, and subsequently causing a service outage of Cisco’s WebEx Teams video conferencing service. Million in damage (including $1 Million of refunds to impacted customers and $1.4

Engineering 246

Engineering Hacking Accountability Scams 246

Adam Levin

SEPTEMBER 1, 2020

voters have appeared on Russian hacking forums. Cybersecurity researchers have determined the records are authentic and current as of March 2020. State and federal government officials have denied that the data was acquired via hacking and have maintained that the data was available through the Freedom of Information Act (FOIA). “[We]

Hacking 281

Hacking Cyber Attacks Authentication Government 281

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. and its allies for hacking activities in July. Wall Street Journal reported.

Mobile 115

Mobile Telecommunications Data breaches Hacking 115

Krebs on Security

JUNE 27, 2023

Joseph James “PlugwalkJoe” O’Connor , a 24-year-old from the United Kingdom who earned his 15 minutes of fame by participating in the July 2020 hack of Twitter , has been sentenced to five years in a U.S. 02, 2020, pitching O’Connor as a cryptocurrency expert and advisor. They can come arrest me.

Cryptocurrency 277

Cryptocurrency Accountability Mobile Hacking 277

Schneier on Security

FEBRUARY 15, 2021

In September 2019, another similar vulnerability was found being exploited by the same hacking group. More discoveries in November 2019, January 2020, and April 2020 added up to at least five zero-day vulnerabilities being exploited from the same bug class in short order. Microsoft issued a patch and fixed the flaw, sort of.

Technology 358

Technology Hacking Software 358

Security Affairs

NOVEMBER 5, 2024

Canadian authorities arrested a suspect linked to multiple hacks following a breach of cloud data platform Snowflake earlier this year. “Canadian authorities have arrested a man suspected of being behind a string of hacks involving as many as 165 customers of Snowflake Inc., Charges remain undisclosed.

Unstructured Data 124

Unstructured Data Media Cybercrime Hacking 124

Security Affairs

SEPTEMBER 22, 2024

GreyNoise Intelligence firm warns of a mysterious phenomenon observed since January 2020, massive waves of spoofed traffic called Noise Storms. GreyNoise Intelligence has been tracking a mysterious phenomenon since January 2020 consisting of massive waves of spoofed traffic, tracked by the experts as ‘Noise Storms.’

DDOS 138

DDOS Internet Internet Cyber threats 138

Schneier on Security

APRIL 8, 2021

This seems to have been exploited by “Western government operatives actively conducting a counterterrorism operation”: The exploits, which went back to early 2020 and used never-before-seen techniques, were “watering hole” attacks that used infected websites to deliver malware to visitors.

Government 273

Government Hacking Malware Cybersecurity 273

Security Affairs

NOVEMBER 29, 2024

Russian authorities arrested ransomware affiliate Mikhail Matveev, aka Wazawaka, for developing malware and ties to hacking groups. On or about June 25, 2020, Matveev and his LockBit coconspirators targeted a law enforcement agency in Passaic County, New Jersey. The attacks hit law enforcement agencies in Washington, D.C.

Ransomware 120

Ransomware Healthcare Hacking Malware 120

Security Affairs

SEPTEMBER 30, 2024

The Department of Justice charged a British national for hacking into the systems of five U.S. The Department of Justice charged the British national Robert Westbrook (39) for hacking into the systems of five U.S. From January 2019 to May 2020, the man carried out a hack-to-trade scheme, earning over $3 million in profits.

Hacking 139

Hacking Accountability Passwords Cybercrime 139

Security Affairs

MAY 4, 2025

Black Kingdom ransomware was first spotted in late February 2020 by security researcher GrujaRS , the ransomware encrypts files and appends the.DEMON extension to filenames of the encrypted documents. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,ransomware)

Ransomware 116

Ransomware Encryption VPN Malware 116

Security Affairs

NOVEMBER 19, 2024

Evgenii Ptitsyn and others allegedly ran an international hacking scheme since November 2020, deploying Phobos ransomware to extort victims. If convicted, the man could face up to 20 years in prison for each wire fraud count, 10 years for each computer hacking charge, and 5 years for conspiracy to commit computer fraud and abuse.

Cybercrime 117

Cybercrime Ransomware Healthcare Education 117

Security Affairs

NOVEMBER 1, 2024

The experts discovered five active C2 servers linked to the new version, with the latest deployment date listed as October 26, 2022, despite using a vulnerability patched in 2020. The authors utilized the publicly available Safari exploit CVE-2020-9802 for initial access and CVE-2020-3837 for privilege escalation.

Spyware 143

Spyware Media Malware Hacking 143

Krebs on Security

FEBRUARY 19, 2020

10, 2020, Citrix disclosed additional details about the incident. Iranian hackers recently have been blamed for hacking VPN servers around the world in a bid to plant backdoors in large corporate networks. As the Citrix hack shows, if you don’t know you should probably check, and then act on the results accordingly.

VPN 363

VPN Passwords Software Telecommunications 363