2000 and Information Security - Cyber Security Informer

OT attacks increased by over 2000 percent in 2019, IBM reports

Security Affairs

FEBRUARY 11, 2020

According to IBM, OT attacks increased by over 2000 percent in 2019, most of them involved the Echobot IoT malware. According to IBM X-Force, attacks targeting operational technology (OT) infrastructure increased by over 2000 p ercent in 2019 compared to 2018, and most of them involved the Echobot malware. Pierluigi Paganini.

Advertising

Advertising Malware IoT Technology

New ZLoader malware campaign hit more than 2000 victims across 111 countries

Security Affairs

JANUARY 10, 2022

The malware campaign is still active and threat actors have already stolen data and credentials of more than 2000 victims across 111 countries as of 2 Jan 2022. The post New ZLoader malware campaign hit more than 2000 victims across 111 countries appeared first on Security Affairs. Pierluigi Paganini.

Malware

Malware Banking Software Cybercrime

Study shows connections between 2000 malware samples used by Russian APT groups

Security Affairs

SEPTEMBER 26, 2019

The post Study shows connections between 2000 malware samples used by Russian APT groups appeared first on Security Affairs. . ~ Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – Russian APT, hacking).

Malware

Malware Hacking Advertising Ransomware

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Approximately 2000 Citrix NetScaler servers were backdoored in a massive campaign

Security Affairs

AUGUST 16, 2023

Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, NetScaler) The post Approximately 2000 Citrix NetScaler servers were backdoored in a massive campaign appeared first on Security Affairs.

System Administration

System Administration VPN Software Hacking

Romanian energy supplier Electrica Group is facing a ransomware attack

Security Affairs

DECEMBER 9, 2024

Electrica Group was established in 1998 as a division of CONEL, Romania’s largest electricity distribution company, and became independent in 2000 after CONEL’s restructuring. The main activities of the Group are the distribution and supply of electricity to final customers. The company serves over 3.8

Ransomware

Ransomware Cyber Attacks Cybercrime Marketing

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

Security Affairs

FEBRUARY 13, 2025

Seashell Blizzard (aka Sandworm , BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRUs Main Center for Special Technologies (GTsST). The group also created the NotPetya ransomware that hit hundreds of companies worldwide in June 2017.

Telecommunications

Telecommunications DNS Passwords Hacking

A new botnet named M?ris is behind massive DDoS attack that hit Yandex

Security Affairs

SEPTEMBER 9, 2021

The analysis of the sources of the attack revealed that they were devices with open ports 2000 and 5678 (2000 “Bandwidth test server” and port 5678 “Mikrotik Neighbor Discovery Protocol”), a combination that suggests the involvement of Mikrotik systems. ris botnet. million RPS.

DDOS

DDOS Internet Internet Hacking

EU Digital Services and Digital Markets Acts aim at setting new rules for tech giants

Security Affairs

DECEMBER 16, 2020

Eu authorities pointed out that the rules were never revisioned since 2000, the new laws have been anticipated by commissioners Margrethe Vestager and Thierry Breton. ” “Our rules on digital services in Europe – the most coveted single market in the world – date back to 2000.

Marketing

Marketing Hacking Risk Information Security

The Risk-Conscious, Security-Aware Culture: The Forgotten Critical Security Control

Cisco Security

JULY 12, 2021

Chief Information Security Officers (CISOs) across the Global 2000 and Fortune 1000 are obsessed with protecting the workforce endpoints as critical vulnerabilities in the cybersecurity and risk management posture of their enterprises.

Security Awareness

Security Awareness Risk CISO Cybersecurity

Experts disclosed a 22-year-old bug in popular SQLite Database library

Security Affairs

OCTOBER 25, 2022

The security expert Andreas Kellas detailed a high-severity vulnerability, tracked as CVE-2022-35737 (CVSS score: 7.5), in the SQLite database library, which was introduced in October 2000. The CVE-2022-35737 flaw is an integer overflow issue that impacts SQLite versions 1.0.12 through 3.39.1. on July 21, 2022. “SQLite 1.0.12

Hacking

Hacking Information Security

GUEST ESSAY: Supply chain vulnerabilities play out in latest Pentagon personnel records breach

The Last Watchdog

OCTOBER 15, 2018

You’ll recall that in the OPM breach , the cyber intruders stole a a staggering amount of highly sensitive information – deep personnel records for 21.5 In that caper, criminals got away with Social Security numbers, passwords, and in some cases, fingerprints. The OPM breach put most federal workers since the year 2000 are at risk.

Risk

Risk Government Cyber Attacks Passwords

Ukraine’s GUR hacked the Russian Ministry of Defense

Security Affairs

MARCH 4, 2024

Stolen documents include: confidential documents, including orders and reports circulated among over 2000 structural units of the Russian military service. software used by the Russian Ministry of Defense to encrypt and protect its data.

Hacking

Hacking Data breaches Encryption Government

Grandson of FISMA: Why We Desperately Need New Cybsersecurity Legislation from the 117th Congress

Cisco Security

AUGUST 12, 2021

The 47-page report provided significant detail to support the conclusion that “According to agency inspectors general, the average grade of the agencies’ overall information security maturity is C-.”. The Risk Management Framework doesn’t take into account that the human is the new perimeter of the enterprise.

CISO

CISO Information Security Risk Government

GOOGLE FIXED THE FIFTH CHROME ZERO-DAY OF 2023

Security Affairs

SEPTEMBER 28, 2023

Reported by [pwn2car] on 2023-09-05 [$2000][ 1475798 ] High CVE-2023-5187: Use after free in Extensions. Google also addressed this month the following vulnerabilities in the Chrome browser: [$TBD][ 1478889 ] High CVE-2023-5186: Use after free in Passwords.

Surveillance

Surveillance Spyware Passwords Hacking

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall

Security Affairs

MAY 1, 2024

Attackers used “super-aged” domains, usually registered before the year 2000, to avoid DNS blocklists and blending in with old malware at the same time The attackers manipulate MX (Mail Exchange) records by injecting fake responses through China’s Great Firewall.

DNS

DNS Firewall DDOS Hacking

8220 Gang Cloud Botnet infected 30,000 host globally

Security Affairs

JULY 21, 2022

This month, the experts noticed that the number of infected hosts passed from 2000 to around 30,000. The growth is linked to the increased use of Linux and common cloud application vulnerabilities and poorly secured configurations for services such as Docker, Apache WebLogic, and Redis.

Cryptocurrency

Cryptocurrency Malware Internet Internet

Security Affairs newsletter Round 251

Security Affairs

FEBRUARY 16, 2020

OT attacks increased by over 2000 percent in 2019, IBM reports. Netanyahus party Elector app exposes data on over 6.5M Adobe addresses 42 flaws in its five products. Dell SupportAssist flaw exposes computers to hack, patch it asap! Safer internet day – Cybercrime facts Infographic. The Altsbit exchange will exit in May following a hack.

Cyber Attacks

Cyber Attacks Banking Advertising Internet

France agency ANSSI links Russia’s Sandworm APT to attacks on hosting providers

Security Affairs

FEBRUARY 15, 2021

Sandworm (aka BlackEnergy and TeleBots) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). This backdoor is version 3.1.4.

VPN

VPN Software Internet Internet

Britain’s information commissioner fines British Airways for 2018 Hack

Security Affairs

OCTOBER 16, 2020

“The ICO has specific responsibilities set out in the Data Protection Act 2018, the General Data Protection Regulation (GDPR), the Freedom of Information Act 2000, Environmental Information Regulations 2004 and Privacy and Electronic Communications Regulations 2003. ” concludes the ICO.

Hacking

Hacking Data breaches Advertising Information Security

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Security Affairs

JANUARY 5, 2024

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

Mobile

Mobile Cyber Attacks Telecommunications Internet

Security Affairs newsletter Round 433 by Pierluigi Paganini – International edition

Security Affairs

AUGUST 20, 2023

Over 3,000 Android Malware spotted using unsupported/unknown compression methods to avoid detection WinRAR flaw enables remote code execution of arbitrary code #OpFukushima: Anonymous group protests against the plan to dump Fukushima RADIOACTIVE wastewater into Pacific Massive phishing campaign targets users of the Zimbra Collaboration email server (..)

Cybercrime

Cybercrime Hacking Malware Phishing

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Security Affairs

JULY 15, 2021

Below the recommendations provided by the company: SRA 4600/1600 (EOL 2019) Disconnect immediately Reset passwords SRA 4200/1200 (EOL 2016) Disconnect immediately Reset passwords SSL-VPN 200/2000/400 (EOL 2013/2014) Disconnect immediately Reset passwords SMA 400/200 (Still Supported, in Limited Retirement Mode) Update to 10.2.0.7-34

Ransomware

Ransomware Firmware Passwords Mobile

Security Affairs newsletter Round 349

Security Affairs

JANUARY 16, 2022

Threat actors stole $18.7M US NCSC and DoS share best practices against surveillance tools Swiss army asks its personnel to use the Threema instant-messaging app Russian submarines threatening undersea cables, UK defence chief warns.

Ransomware

Ransomware Surveillance Malware Hacking

RansomBoggs Ransomware hit several Ukrainian entities, experts attribute it to Russia

Security Affairs

NOVEMBER 28, 2022

Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). While the malware written in.NET is new, its deployment is similar to previous attacks attributed to #Sandworm.

Ransomware

Ransomware Encryption Telecommunications Malware

Sandworm APT targets Ukraine with new SwiftSlicer wiper

Security Affairs

JANUARY 28, 2023

1/3 pic.twitter.com/pMij9lpU5J — ESET Research (@ESETresearch) January 27, 2023 The Sandworm group has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). The #SwiftSlicer wiper is written in Go programing language.

Telecommunications

Telecommunications Malware Hacking Ransomware

SolarWinds hackers also breached the US NNSA nuclear agency

Security Affairs

DECEMBER 20, 2020

Department of Energy that was established by Congress in 2000. The agency is responsible for enhancing national security through the military application of nuclear science. NNSA maintains and enhances the safety, security, and effectiveness of the U.S. ” NNSA is a semi-autonomous agency within the U.S.

Hacking

Hacking Software Malware Risk

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). ” reads the advisory published by the CERT-UA.

Telecommunications

Telecommunications Authentication Data collection Passwords

Google fixed a new Chrome Zero-Day actively exploited in the wild

Security Affairs

AUGUST 17, 2022

Reported by Nan Wang(@eternalsakura13) and Guang Gong of 360 Alpha Lab on 2022-06-22 [$2000][ 1345193 ] Medium CVE-2022-2860: Insufficient policy enforcement in Cookies. Reported by Sergei Glazunov of Google Project Zero on 2022-08-04 [$3000][ 1338412 ] Medium CVE-2022-2859: Use after free in Chrome OS Shell.

Telecommunications

Telecommunications Mobile Engineering Hacking

US and UK link new Cyclops Blink malware to Russian state hackers?

Security Affairs

FEBRUARY 23, 2022

US and UK cybersecurity and law enforcement agencies published a joint security advisory about a new malware, dubbed Cyclops Blink, that has been linked to the Russian-backed Sandworm APT group. The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017, causing billions worth of damage.

Malware

Malware Firmware Architecture Firewall

Imperva blocked the largest Layer 7 DDoS attack it has ever seen

Security Affairs

JULY 25, 2019

Experts noticed that most of the IPs that were involved in the attack had the same opened ports: 2000 and 7547. The attackers attempted to saturate the authentication component of the streaming site. These ports are usually associated with Mirai infections. Researchers also revealed that the attack originated mainly from Brazil.

DDOS

DDOS Authentication IoT Hacking

Previously unknown Kapeka backdoor linked to Russian Sandworm APT

Security Affairs

APRIL 18, 2024

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). WithSecure believes that Kapeka is likely part of the Sandworm’s arsenal.

Malware

Malware Ransomware Hacking Technology

Chinese actors behind attacks on industrial enterprises and public institutions

Security Affairs

AUGUST 9, 2022

The CVE-2017-11882 flaw is a memory-corruption issue that affects all versions of Microsoft Office released between 2000 and 2017. The emails used weaponized Microsoft Word documents exploiting the CVE-2017-11882 vulnerability. The vulnerability affects the MS Office component EQNEDT32.EXE

Encryption

Encryption Antivirus Malware Hacking

Russian Sandworm disrupts power in Ukraine with a new OT attack

Security Affairs

NOVEMBER 9, 2023

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

Telecommunications

Telecommunications Hacking Technology Internet

19-Year-Old man arrested for misusing leaked record from Optus Breach

Security Affairs

OCTOBER 6, 2022

” The arrest is the result of Operation Guardian led by AFP which became aware of a number of text messages demanding some Optus customers transfer $2000 to a bank account or face their personal information being used for financial crimes.

Data breaches

Data breaches Scams Telecommunications Financial Services

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

FEBRUARY 4, 2024

Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider Data of 750 Million Indian Mobile Subscribers Sold on Hacker Forums Hackers steal $112 million of XRP Ripple cryptocurrency movie2k.to: Ex-operator hands over BTC worth 2 billion euros Portland Man Sentenced to Federal Prison for Role in SIM Swapping Identity (..)

Identity Theft

Identity Theft VPN Malware Ransomware

Sectigo says that most of certificates reported by Chronicle analysis were already revoked

Security Affairs

MAY 26, 2019

“Unfortunately, recent press reports suggest the incorrect conclusion that Chronicle reported nearly 2000 such certificates for Comodo / Sectigo. Below the data provided by Sectigo: Duplicate: 1660 Expired: 70 Previously revoked: 126 In process: 25 Active (now revoked): 127. ” reads the post published by Sectigo.

Malware

Malware Advertising Cybersecurity Information Security

CIA sextortion campaign, analysis of a well-organized scam

Security Affairs

JUNE 10, 2019

“ Crooks claim they are conducting a “ large international operation set to arrest more than 2000 individuals in 27 countries.” “I am one of several people who have access to those documents and I have enough security clearance to amend and remove your details from this case.”

Scams

Scams Advertising Media Authentication

Sandworm APT group hit Ukrainian news agency with five data wipers

Security Affairs

JANUARY 30, 2023

The Sandworm group has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). According to the report, threat actors conducted a reconnaissance of the Ukrinform agency no later than December 7, 2022, and breached its systems on January 17, 2023.

Telecommunications

Telecommunications Malware Hacking Ransomware

Hackers actively targeting unsecured SAP installs, DHS, SAP and Onapsis warn

SC Magazine

APRIL 6, 2021

By the company’s count, 92% of the Forbes Global 2000 use SAP, 91% of utilities in the Global 2000, 82% of total medical devices, 78% of global food distribution and 44 militaries. SAP is among the most popular software providers in the world.

Accountability

Accountability Software Media Information Security

Ukraine cyber police arrested a man for selling data of 300M people

Security Affairs

APRIL 28, 2023

The man had information on passport data, taxpayer numbers, birth certificates, driver’s licenses, and bank account data. Depending on the amount of data offered for sale, the man demanded from 500 to 2000 dollars. ” reads the announcement published by the Ukraine Cyber Police.

Education

Education Accountability Banking Mobile

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Security Affairs

MAY 4, 2023

The Sandworm group (aka BlackEnergy , UAC-0082 , Iron Viking , Voodoo Bear , and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST).

VPN

VPN Education Accountability Cyber Attacks

Developer successfully compiled leaked source code for MS Windows XP and Windows Server 2003 OSs

Security Affairs

SEPTEMBER 30, 2020

The collection of torrent files leaked online is 43GB in size and include the source code for Windows Server 2003 and other older operating systems developed by Microsoft, including: Windows 2000 Windows CE 3 Windows CE 4 Windows CE 5 Windows Embedded 7 Windows Embedded CE Windows NT 3.5 Windows NT 4 MS-DOS 3.30 MS-DOS 6.0.

Advertising

Advertising Hacking Accountability Information Security

Experts warn of critical flaws in Flexlan devices that provide WiFi on airplanes

Security Affairs

SEPTEMBER 19, 2022

“It is found that our wireless products, FLEXLAN FX3000/2000 series, have a firmware vulnerability. There are possibilities of data plagiarism, falsification, and system destruction with malicious programs if this vulnerability was exploited by malicious attackers.” ” reads the advisory published by Contec.

Wireless

Wireless Firmware Passwords Engineering

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Security Affairs

NOVEMBER 11, 2022

Sandworm (aka BlackEnergy and TeleBots ) has been active since 2000, it operates under the control of Unit 74455 of the Russian GRU’s Main Center for Special Technologies (GTsST). In an update provided by Microsoft this week, MSTIC attributed the campaign to the IRIDIUM (aka Sandworm ) cyberespionage group.

Ransomware

Ransomware Telecommunications DNS Hacking

OT attacks increased by over 2000 percent in 2019, IBM reports

New ZLoader malware campaign hit more than 2000 victims across 111 countries

Webinars

Trending Sources

Study shows connections between 2000 malware samples used by Russian APT groups

Webinars

Approximately 2000 Citrix NetScaler servers were backdoored in a massive campaign

Romanian energy supplier Electrica Group is facing a ransomware attack

Russia-linked APT Seashell Blizzard is behind the long running global access operation BadPilot campaign

A new botnet named M?ris is behind massive DDoS attack that hit Yandex

EU Digital Services and Digital Markets Acts aim at setting new rules for tech giants

The Risk-Conscious, Security-Aware Culture: The Forgotten Critical Security Control

Experts disclosed a 22-year-old bug in popular SQLite Database library

GUEST ESSAY: Supply chain vulnerabilities play out in latest Pentagon personnel records breach

Ukraine’s GUR hacked the Russian Ministry of Defense

Grandson of FISMA: Why We Desperately Need New Cybsersecurity Legislation from the 117th Congress

GOOGLE FIXED THE FIFTH CHROME ZERO-DAY OF 2023

Muddling Meerkat, a mysterious DNS Operation involving China’s Great Firewall

8220 Gang Cloud Botnet infected 30,000 host globally

Security Affairs newsletter Round 251

France agency ANSSI links Russia’s Sandworm APT to attacks on hosting providers

Britain’s information commissioner fines British Airways for 2018 Hack

Russia-linked APT Sandworm was inside Ukraine telecoms giant Kyivstar for months

Security Affairs newsletter Round 433 by Pierluigi Paganini – International edition

SonicWall warns of ‘imminent ransomware’ attacks on its EOL products

Security Affairs newsletter Round 349

RansomBoggs Ransomware hit several Ukrainian entities, experts attribute it to Russia

Sandworm APT targets Ukraine with new SwiftSlicer wiper

SolarWinds hackers also breached the US NNSA nuclear agency

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Google fixed a new Chrome Zero-Day actively exploited in the wild

US and UK link new Cyclops Blink malware to Russian state hackers?

Imperva blocked the largest Layer 7 DDoS attack it has ever seen

Previously unknown Kapeka backdoor linked to Russian Sandworm APT

Chinese actors behind attacks on industrial enterprises and public institutions

Russian Sandworm disrupts power in Ukraine with a new OT attack

19-Year-Old man arrested for misusing leaked record from Optus Breach

Security Affairs newsletter Round 457 by Pierluigi Paganini – INTERNATIONAL EDITION

Sectigo says that most of certificates reported by Chronicle analysis were already revoked

CIA sextortion campaign, analysis of a well-organized scam

Sandworm APT group hit Ukrainian news agency with five data wipers

Hackers actively targeting unsecured SAP installs, DHS, SAP and Onapsis warn

Ukraine cyber police arrested a man for selling data of 300M people

Russia-linked Sandworm APT uses WinRAR in destructive attacks on Ukraine’s public sector

Developer successfully compiled leaked source code for MS Windows XP and Windows Server 2003 OSs

Experts warn of critical flaws in Flexlan devices that provide WiFi on airplanes

Russia-linked IRIDIUM APT linked to Prestige ransomware attacks against Ukraine

Stay Connected