2007 - Cyber Security Informer

More Detail on the Juniper Hack and the NSA PRNG Backdoor

Schneier on Security

SEPTEMBER 9, 2021

Here’s me in 2007 on the NSA backdoor. We knew the basics of this story , but it’s good to have more detail. Here’s me in 2015 about this Juniper hack.

Hacking

Hacking Firewall

Airline Passenger Mistakes Vintage Camera for a Bomb

Schneier on Security

OCTOBER 12, 2021

Back in 2007, I called this the “ war on the unexpected.” It turns out the would-be “bomber” was just a vintage camera aficionado and the woman who reported him made a mistake, sources said. Why in the world was the passenger in custody for “several hours”? They didn’t do anything wrong.

Needless Panic Over a Wi-FI Network Name

Schneier on Security

DECEMBER 1, 2017

I am also reminded of my 2007 essay, " The War on the Unexpected." A Turkish Airlines flight made an emergency landing because someone named his wireless network (presumably from his smartphone) "bomb on board.". In 2006, I wrote an essay titled " Refuse to be Terrorized." (I Progress, I suppose.

Wireless

An Untrustworthy TLS Certificate in Browsers

Schneier on Security

NOVEMBER 10, 2022

Vostrom filed papers in 2007 to do business as Packet Forensics, according to Virginia state records. They estimated that those apps were downloaded more than 60 million times, including 10 million downloads of Muslim prayer apps. Measurement Systems’ website was registered by Vostrom Holdings, according to historic domain name records.

Spyware

Spyware Internet Internet Government

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

Prior to that, akafitis@gmail.com was used as the email address for the account “ Fitis ,” which was active on Exploit between September 2006 and May 2007. ru in its early years, but for a brief period in 2007 it appears this website was inadvertently exposing all of its file directories to the Internet. ru in 2008.

Malware

Malware Cybercrime Software Accountability

Putting Undetectable Backdoors in Machine Learning Models

Schneier on Security

FEBRUARY 24, 2023

Second, we demonstrate how to insert undetectable backdoors in models trained using the Random Fourier Features (RFF) learning paradigm (Rahimi, Recht; NeurIPS 2007). Moreover, even if the distinguisher can request backdoored inputs of its choice, they cannot backdoor a new inputa property we call non-replicability.

News alert: SquareX’s “Year of Browser Bugs” project exposes critical cybersecurity blind spots

The Last Watchdog

MARCH 18, 2025

Notable projects included the Month of Browser Bugs (July 2006), Month of Kernel Bugs (November 2006), and Month of Apple Bugs (January 2007). MOB projects played a huge role in improving the gravity at which security and responsible disclosure are taken in these companies. However, unlike H.

Cybersecurity

Cybersecurity Architecture Media Password Management

The Mask APT is back after 10 years of silence

Security Affairs

DECEMBER 18, 2024

The Mask APT has been active since at least 2007, it demonstrated the capability to use complex implants, often delivered through zero-day exploits. Kaspersky first identified the APT group in 2014, but experts believe the cyber espionage campaign had already been active for over five years.

Cyber Attacks

Cyber Attacks Hacking Government Malware

The PCLOB Needs a Director

Schneier on Security

NOVEMBER 20, 2018

The PCLOB was established in 2004 (when it didn't do much), disappeared from 2007-2012, and reconstituted in 2012. So it can examine the program of TSA watchlists, NSA anti-terrorism surveillance, and FBI counterterrorism activities. It issued a major report on NSA surveillance in 2014. It has dwindled since then, having as few as one member.

Surveillance

Estonia's Volunteer Cyber Militia

Schneier on Security

FEBRUARY 19, 2019

Somehow, this model is based on enthusiasm," says Andrus Ansip, who was prime minister during the 2007 attack and now oversees digital affairs for the European Commission. Mostly, the volunteers run weekend drills with troops, doctors, customs and tax agents, air traffic controllers, and water and power officials.

Banking

NJ Man Hired Online to Firebomb, Shoot at Homes Gets 13 Years in Prison

Krebs on Security

OCTOBER 23, 2023

Police found a 2007 Lexus, driven by Patrick McGovern-Allen, 19, that had lost control and left the road, crashing into the eastern end of the 1600 building,” the story recounted. According to a Sept.

Internet

Internet Internet

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

Security Affairs

FEBRUARY 22, 2025

This threat actor was involved in cyber espionage campaigns and sabotage activities to destroy data and disrupt systems.

Cryptocurrency

Cryptocurrency Hacking Banking Cybersecurity

Rain Washes Away Arizona Border Wall… AGAIN

Security Boulevard

AUGUST 24, 2021

Let me start this crazy story by saying in 2007 there was a huge debate in Arizona about water washing away the border wall. In October 2007, … Continue reading Rain Washes Away Arizona Border Wall… AGAIN ?. Yes, you read that right.

Network Security

Researchers Decrypted Qakbot Banking Trojan’s Encrypted Registry Keys

The Hacker News

JANUARY 13, 2022

Qakbot, also known as QBot, QuackBot and Pinkslipbot, has been observed in the wild since 2007. Cybersecurity researchers have decoded the mechanism by which the versatile Qakbot banking trojan handles the insertion of encrypted configuration data into the Windows Registry.

Banking

Banking Encryption Malware Cybersecurity

Oracle and "Responsible Disclosure"

Schneier on Security

NOVEMBER 14, 2018

I've been writing about "responsible disclosure" for over a decade; here's an essay from 2007. Basically, it's a tacit agreement between researchers and software vendors.

Software

How Cyberattacks Are Transforming Warfare

The Hacker News

SEPTEMBER 13, 2023

What began with a high-profile incident back in 2007, when Estonia was hit by hackers targeting its government and commercial sector, has evolved into cyber warfare that is being waged constantly worldwide. There is a new battlefield. It is global and challenging to defend.

Government

The Unattributable "db8151dd" Data Breach

Troy Hunt

MAY 15, 2020

Arranged for carpenter apprentice Devon [redacted last name] to replace bathroom vanity top at [redacted street address], Vancouver, on 02 October 2007. But it's the next class of data in there which makes this particularly interesting and I'm just going to quote a few snippets here: Recommended by Andie [redacted last name].

Data breaches

Data breaches InfoSec

QBot Malware Is Making a Comeback by Replacing IcedID in Malspam Campaigns

Heimadal Security

APRIL 14, 2021

Qbot, also known as “Qakbot” or “Pinkslipbot,” is a banking trojan active since 2007 that’s focusing on stealing user data and banking credentials. In the first months of the year, researchers noticed a malicious email campaign spreading weaponized Office documents that was delivering QBot trojan, and changing the payload after a short while.

Malware

Malware Banking Phishing Ransomware

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Krebs on Security

MARCH 10, 2020

It also was used in 2007 to register xeka[.]ru That same email address was used to register the account “Isis” at several other top Russian-language cybercrime forums, including Damagelab, Zloy, Evilzone and Priv-8. ru , a cybercrime forum in its own right that called itself “ The Antichat Mafia.”

Accountability

Accountability Advertising Hacking Cybercrime

Patch Tuesday, May 2024 Edition

Krebs on Security

MAY 14, 2024

Emerging in 2007 as a banking trojan, QakBot (a.k.a. Meanwhile, Kaspersky Lab , one of two companies credited with reporting exploitation of CVE-2024-30040 to Microsoft, has published a fascinating writeup on how they discovered the exploit in a file shared with Virustotal.com.

Social Engineering

Social Engineering Backups Malware Software

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

Krebs on Security

JULY 1, 2021

a data broker acquired by Equifax in 2007. But these requirements were easily bypassed, as evidenced by a previous breach at Equifax’s employment division. The Work Number is a user-paid verification of employment database created by TALX Corp. ,

Small Business

Small Business Financial Services Government Media

Hacker Wanted in the U.S. for Spreading Gozi Virus Arrested in Colombia

The Hacker News

JUNE 30, 2021

for distributing a virus that infected more than a million computers from 2007 to 2012. Colombian authorities on Wednesday said they have arrested a Romanian hacker who is wanted in the U.S.

The Mask APT Resurfaces with Sophisticated Multi-Platform Malware Arsenal

The Hacker News

DECEMBER 16, 2024

The Mask APT is a legendary threat actor that has been performing highly sophisticated attacks since at least 2007," Kaspersky researchers Georgy Kucherin and Marc Rivero said in an analysis published last week. Their targets

Malware

QBOT – A HTML Smuggling technique to target victims

Quick Heal Antivirus

NOVEMBER 11, 2022

QBot, also known as Qakbot, QuackBot, and Pinkslipbot, is a Banking Trojan that was first observed in 2007. The post QBOT – A HTML Smuggling technique to target victims appeared first on Quick Heal Blog | Latest computer security news, tips, and advice.

Banking

Banking Phishing Cybercrime Ransomware

Threat Modeling Through the JoHari Window

Adam Shostack

JANUARY 2, 2025

This is a problem that has been nagging me since 2007 or so when we built the SDL TM Tool. Second, her analysis shines light on an important problem, which is how do we express how and when tooling helps in threat modeling? What sort of threats will tooling help with?

5 Ways to Increase Security and Compliance Efficiencies in 2023

Security Boulevard

JANUARY 6, 2023

But the reality is many organizations, especially those in technology and similar industries, haven’t really had to focus much on cost-cutting and savings measures since the financial crisis of 2007. . The post 5 Ways to Increase Security and Compliance Efficiencies in 2023 appeared first on Security Boulevard.

Technology

Technology Risk Government Ransomware

Chinese 'Spyder Loader' Malware Spotted Targeting Organizations in Hong Kong

The Hacker News

OCTOBER 18, 2022

Active since at least 2007, Winnti (aka APT41, Barium, Bronze Atlas, and Wicked Panda) is the name designated to a prolific cyber threat group that carries out Chinese state-sponsored espionage activity, predominantly

Cyber threats

Cyber threats Malware Government

Empowering Cybersecurity with AI: The Future of Cisco XDR

Cisco Security

MAY 7, 2024

In 2007, there was a study from the University of Maryland proving that internet-connected systems were attacked every 39 seconds on average. Today, that number has grown more than 60%.

Cybersecurity

Cybersecurity Internet Internet Threat Detection

Estonia blocked cyberattacks claimed by Pro-Russia Killnet group

Security Affairs

AUGUST 19, 2022

Undersecretary for Digital Transformation Luukas Ilves announced that Estonia was hit by the most extensive wave of DDoS attacks it has faced since 2007. Yesterday, Estonia was subject to the most extensive cyber attacks it has faced since 2007. The DDoS attacks targeted both public institutions and the private sector.

DDOS

DDOS Computers and Electronics Digital transformation Government

RRD Suffers Data Theft in a Conti Ransomware Attack

Heimadal Security

JANUARY 20, 2022

Donnelley was the world’s largest commercial printer in 2007. Donnelley is a Fortune 500 integrated communications corporation based in the United States that offers marketing and business communications, commercial printing, and other associated services. What Happened? Threat actors seized data in […].

Ransomware

Ransomware Marketing Cybersecurity

Winnti Threat Group Attacks Government Organizations in Hong Kong and Siri Lanka

Heimadal Security

OCTOBER 19, 2022

The group is active since 2007, and his recent attacks are part of an ongoing campaign dubbed Operation CuckooBees. Winnti, a prolific Chinese threat group, focused his attacks on government organizations from Hong Kong and Siri Lanka, this year.

Government

Government Cybersecurity

QBot Now Attacks Using Black Basta Ransomware

Heimadal Security

JUNE 7, 2022

QBot is a banking virus active since 2007 that steals user data and banking credentials. The malware contains novel distribution methods, C2 tactics, and anti-analysis characteristics. Some campaigns distribute Qbot directly, but it’s also a supplementary payload for Emotet.

Ransomware

Ransomware Banking Malware Cybersecurity

15-Year-Old Python Flaw Slithers into Software Worldwide

Dark Reading

SEPTEMBER 22, 2022

The path traversal-related vulnerability is tracked as CVE-2007-4559. An unpatched flaw in more than 350,000 unique open source repositories leaves software applications vulnerable to exploit.

Software

CVE-2024-34716: Critical Security Vulnerability Uncovered in PrestaShop

Penetration Testing

MAY 16, 2024

The PrestaShop project, a leading open-source e-commerce platform powering over 300,000 web stores globally since 2007, has recently issued a security advisory revealing two significant vulnerabilities.

Penetration Testing

Colombian authorities arrested hacker behind the Gozi Virus

Security Affairs

JUNE 30, 2021

for his key role in the distribution of the Gozi virus that infected more than a million computers from 2007 to 2012. The Gozi banking Trojan is not a new threat, it was first spotted by security researchers in 2007. Colombian officials announced the arrest of the Romanian hacker Mihai Ionut Paunescu who is wanted in the U.S.

Banking

Banking Malware Hacking Information Security

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

Emerging in 2007 as a banking trojan, QakBot (a.k.a. Estrada said Qakbot has been implicated in 40 different ransomware attacks over the past 18 months, intrusions that collectively cost victims more than $58 million in losses.

Hacking

Hacking Malware Ransomware Government

US Facebook users can now claim their share of $725 million Cambridge Analytica settlement

Graham Cluley

APRIL 21, 2023

Were you a US-based Facebook user between May 24 2007 and December 22 2022? If so, I've got some good news for you. Read more in my article on the Hot for Security blog.

Data breaches

Qakbot

Security Boulevard

JUNE 21, 2022

Qakbot malware (also known as: QakBot, Quakbot, Pinkslipbot) is a prevalent information-stealing malware that was discovered in 2007. The post Qakbot appeared first on Cyborg Security. The post Qakbot appeared first on Security Boulevard.

Malware

How security leaders can effectively manage Gen Z staff

CSO Magazine

MARCH 1, 2023

The first iPhone, for example, was launched in January 2007 with its successor coming out in June 2008, creating what would become an almost yearly update that made thousands of people line up in front of Apple stores across the world on release day. This means they grew up experiencing a much faster rate in which technology evolves.

Education

Education Internet Internet Technology

U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania

The Hacker News

SEPTEMBER 10, 2022

Since at least 2007, the MOIS and its cyber actor proxies have conducted malicious cyber operations targeting a range of government and private-sector

Government

LockBit Malware Is Now Used by Evil Corp

Heimadal Security

JUNE 3, 2022

Also known as the Dridex gang or INDRIK SPIDER, the Russian cybercriminal gang Evil Corp has been active since at least 2007 and is known for distributing the Dridex malware. What Happened?

Malware

Malware Cybercrime Cybersecurity

Patch Tuesday June 2022 – Microsoft Releases Several Chromium Security Updates

Heimadal Security

JUNE 14, 2022

This month’s Patch Tuesday has brought us some improvements and fixes for issues associated with Microsoft Edge Stable Channel (Version 102.0.1245.39), which incorporates the latest Security Updates of the Chromium project for CVE-2022-2011, CVE-2022-2010, CVE-2022-2008, and CVE-2022-2007.

LockBit Ransomware operators hit Swiss helicopter maker Kopter

Security Affairs

DECEMBER 6, 2020

Kopter Group is Switzerland-based company that was founded in 2007 that was acquired by Leonardo in April 2020. The helicopter maker Kopter was hit by LockBit ransomware, the attackers compromised its internal network and encrypted the company’s files.

Ransomware

Ransomware VPN Encryption Passwords

FBI Leads Global Onslaught Against Qakbot Malware

ZoneAlarm

AUGUST 30, 2023

Emerging in 2007 as a banking Trojan, Qakbot (or Qbot) evolved … The post FBI Leads Global Onslaught Against Qakbot Malware appeared first on ZoneAlarm Security Blog.

Malware

Malware Banking Ransomware Cybersecurity

More Detail on the Juniper Hack and the NSA PRNG Backdoor

Airline Passenger Mistakes Vintage Camera for a Bomb

Trending Sources

Needless Panic Over a Wi-FI Network Name

An Untrustworthy TLS Certificate in Browsers

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Putting Undetectable Backdoors in Machine Learning Models

News alert: SquareX’s “Year of Browser Bugs” project exposes critical cybersecurity blind spots

The Mask APT is back after 10 years of silence

The PCLOB Needs a Director

Estonia's Volunteer Cyber Militia

NJ Man Hired Online to Firebomb, Shoot at Homes Gets 13 Years in Prison

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

Rain Washes Away Arizona Border Wall… AGAIN

Researchers Decrypted Qakbot Banking Trojan’s Encrypted Registry Keys

Oracle and "Responsible Disclosure"

How Cyberattacks Are Transforming Warfare

The Unattributable "db8151dd" Data Breach

QBot Malware Is Making a Comeback by Replacing IcedID in Malspam Campaigns

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Patch Tuesday, May 2024 Edition

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

Hacker Wanted in the U.S. for Spreading Gozi Virus Arrested in Colombia

The Mask APT Resurfaces with Sophisticated Multi-Platform Malware Arsenal

QBOT – A HTML Smuggling technique to target victims

Threat Modeling Through the JoHari Window

5 Ways to Increase Security and Compliance Efficiencies in 2023

Chinese 'Spyder Loader' Malware Spotted Targeting Organizations in Hong Kong

Empowering Cybersecurity with AI: The Future of Cisco XDR

Estonia blocked cyberattacks claimed by Pro-Russia Killnet group

RRD Suffers Data Theft in a Conti Ransomware Attack

Winnti Threat Group Attacks Government Organizations in Hong Kong and Siri Lanka

QBot Now Attacks Using Black Basta Ransomware

15-Year-Old Python Flaw Slithers into Software Worldwide

CVE-2024-34716: Critical Security Vulnerability Uncovered in PrestaShop

Colombian authorities arrested hacker behind the Gozi Virus

U.S. Hacks QakBot, Quietly Removes Botnet Infections

US Facebook users can now claim their share of $725 million Cambridge Analytica settlement

Qakbot

How security leaders can effectively manage Gen Z staff

U.S. Imposes New Sanctions on Iran Over Cyberattack on Albania

LockBit Malware Is Now Used by Evil Corp

Patch Tuesday June 2022 – Microsoft Releases Several Chromium Security Updates

LockBit Ransomware operators hit Swiss helicopter maker Kopter

FBI Leads Global Onslaught Against Qakbot Malware

Stay Connected