2007, Accountability and Hacking - Cyber Security Informer

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Krebs on Security

MARCH 10, 2020

FBI officials last week arrested a Russian computer security researcher on suspicion of operating deer.io , a vast marketplace for buying and selling stolen account credentials for thousands of popular online services and stores. also is a favored marketplace for people involved in selling phony social media accounts.

Accountability

Accountability Advertising Hacking Cybercrime

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

Emerging in 2007 as a banking trojan, QakBot (a.k.a. According to recent figures from the managed security firm Reliaquest , QakBot is by far the most prevalent malware “loader” — malicious software used to secure access to a hacked network and help drop additional malware payloads.

Hacking

Hacking Malware Ransomware Government

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

That same email address also is tied to two forum accounts for a user with the handle “ O.R.Z.” user account — this one on Verified[.]ru Prior to that, akafitis@gmail.com was used as the email address for the account “ Fitis ,” which was active on Exploit between September 2006 and May 2007.

Malware

Malware Cybercrime Software Accountability

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Krebs on Security

SEPTEMBER 17, 2020

Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. ” Once inside of a target organization, the hackers stole source code, software code signing certificates, customer account data and other information they could use or resell.

Antivirus

Antivirus Hacking Software Government

Hacking firm I-Soon data leak revealed Chinese gov hacking capabilities

Security Affairs

FEBRUARY 26, 2024

Recently the leak of a collection of files apparently stolen from the Chinese government hacking contractor, I-Soon, exposed Chinese hacking capabilities. Recently someone has leaked on GitHub [ 1 , 2 ] a collection of files apparently stolen from the Chinese hacking firm, I-Soon.

Hacking

Hacking Government Marketing Spyware

173 Million Zynga accounts were impacted in the September hack

Security Affairs

DECEMBER 28, 2019

In September Zynga, the American social game developer running social video game services suffered a data breach that 173 Million accounts. Zynga Inc is an American social game developer running social video game services founded in April 2007, it primarily focuses on mobile and social networking platforms. Pierluigi Paganini.

Accountability

Accountability Hacking Data breaches Passwords

From Cybercrime Saul Goodman to the Russian GRU

Krebs on Security

FEBRUARY 7, 2024

In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. In almost any database leak, the first accounts listed are usually the administrators and early core members. “Hiding with purely technical parameters will not help in a serious matter,” Djamix advised Maza members in September 2007.

Cybercrime

Cybercrime Accountability Identity Theft Hacking

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Security Affairs

DECEMBER 5, 2023

Microsoft warns that the Russia-linked APT28 group is actively exploiting the CVE-2023-23397 Outlook flaw to hijack Microsoft Exchange accounts. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, APT28) ” reads trhe announcement published by DKWOC.

Accountability

Accountability Government Phishing Passwords

Reddit locked Down accounts due to alleged security breach

Security Affairs

JANUARY 10, 2019

The social media platform Reddit has notified users that some of them have been locked out of their accounts after detecting suspicious activity. Reddit locked down a large number of user accounts after due to a security concern after detecting suspicious activity on them. . ” reads a post published by one of the Reddit admins.

Accountability

Accountability Data breaches Passwords Advertising

Russian cybercriminal Aleksandr Brovko sentenced to 8 years in jail

Security Affairs

NOVEMBER 3, 2020

The scripts developed by the cyber criminal were used to parse log data collected from botnet and searched for personally identifiable information (PII) and account credentials. Brovko was involved in the illegal practice between 2007 and 2019. SecurityAffairs – hacking, Aleksandr Brovko). Pierluigi Paganini.

Accountability

Accountability Banking Advertising Data collection

Reddit Breach Highlights Limits of SMS-Based Authentication

Krebs on Security

AUGUST 1, 2018

In a post to Reddit, the social news aggregation platform said it learned on June 19 that between June 14 and 18 an attacker compromised a several employee accounts at its cloud and source code hosting providers. “We point this out to encourage everyone here to move to token-based 2FA.”

Authentication

Authentication Mobile Passwords Accountability

Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks

Security Affairs

NOVEMBER 10, 2018

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The post Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks appeared first on Security Affairs.

Banking

Banking Hacking Malware Advertising

Russian hacker Andrei Tyurin sentenced to 12 years in prison

Security Affairs

JANUARY 11, 2021

court on Thursday sentenced the Russian hacker Andrei Tyurin to 12 years in prison for his role in an international hacking campaign. The man was arrested in Georgia at the request of US authorities, he was charged with multiple conspiracy counts, including wire fraud, aggravated identity theft and four counts of computer hacking.

Hacking

Hacking Marketing Identity Theft Banking

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Security Affairs

MARCH 20, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. It is unclear why APT28 is using compromised email accounts of (mostly) defense companies in the Middle East.

Phishing

Phishing Accountability Advertising DNS

Russia-linked group APT29 likely breached TeamViewer’s corporate network

Security Affairs

JUNE 30, 2024

Russia-linked APT group, reportedly APT29, is suspected to be behind a hack of TeamViewer ‘s corporate network. The unauthorized access to the IT infrastructure of the company occurred on June 26, threat actors used the credentials of a standard employee account within its IT environment.

Accountability

Accountability Hacking Architecture Malware

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Security Affairs

AUGUST 6, 2019

The STRONTIUM APT group (aka APT28 , Fancy Bear , Pawn Storm , Sofacy Group , and Sednit ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. SecurityAffairs – Russia APT, hacking). link] #MSFTatBlackHat — Security Response (@msftsecresponse) August 5, 2019.

IoT

IoT Hacking Advertising Government

Russia-linked APT Turla used a new malware toolset named Crutch

Security Affairs

DECEMBER 2, 2020

The Turla APT group (aka Snake , Uroburos , Waterbug , Venomous Bear and KRYPTON ) has been active since at least 2007 targeting diplomatic and government organizations and private businesses in the Middle East, Asia, Europe, North and South America, and former Soviet bloc nations. SecurityAffairs – hacking, Crutch).

Malware

Malware Accountability Hacking Government

US Treasury sanctioned Iran ’s Ministry of Intelligence over Albania cyberattack

Security Affairs

SEPTEMBER 10, 2022

Since at least 2007, the MOIS coordinated a series of cyber operation against government entities and private organizations around the world. We join in Prime Minister Rama’s call for Iran to be held accountable for this unprecedented cyber incident. SecurityAffairs – hacking, Albania cyberattack). “Today, the U.S. “The

Government

Government Cyber Attacks Hacking Cyber threats

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Security Affairs

MARCH 3, 2020

“ Two Chinese nationals were charged with laundering over $100 million worth of cryptocurrency from a hack of a cryptocurrency exchange. The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack. million from another exchange.

Cryptocurrency

Cryptocurrency Banking Hacking Accountability

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

For example, in 2010 Spamdot and its spam affiliate program Spamit were hacked, and its user database shows Sal and Icamis often accessed the forum from the same Internet address — usually from Cherepovets , an industrial town situated approximately 230 miles north of Moscow. bank accounts. ws was registered to an Andrew Artz.

Cybercrime

Cybercrime Banking Computers and Electronics DDOS

APT28 targets key networks in Europe with HeadLace malware

Security Affairs

JUNE 3, 2024

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. As expected, Ukraine topped the list, accounting for 40% of the activity.”

Malware

Malware Phishing Surveillance Internet

Reddit discloses a data breach, a hacker accessed user data

Security Affairs

AUGUST 1, 2018

The hacker accessed user data, email addresses, and a 2007 backup database containing hashed passwords managed by the platform. The data breach was discovered on June 19, 2018, according to Reddit, between June 14 and 18, 2018, the attacker compromised some of the employees’ accounts with the company cloud and source code hosting providers.

Data breaches

Data breaches Backups Passwords Authentication

France agency ANSSI warns of Russia-linked APT28 attacks on French entities

Security Affairs

OCTOBER 27, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. APT28 used the compromised email accounts to send malicious emails and compromised routers to recover exfiltrated data.

Government

Government Accountability Phishing Hacking

Security Affairs - Untitled Article

Security Affairs

SEPTEMBER 29, 2019

Zynga Inc is an American social game developer running social video game services founded in April 2007, it primarily focuses on mobile and social networking platforms. Zynga confirmed that the account login information for certain players of Draw Something and Words With Friends that may have been exposed in the data breach.

Data breaches

Data breaches Mobile Accountability Passwords

Cyber Attack news headlines trending on Google

CyberSecurity Insiders

APRIL 18, 2023

Afterward, cybercriminals leaked data of thousands of the company’s employees onto the dark web, including social security numbers and bank account details of employees involved in the R&D of infrastructure products.

Cyber Attacks

Cyber Attacks Banking Media Retail

Google warns of APT28 attack attempts against 14,000 Gmail users

Security Affairs

OCTOBER 8, 2021

The researchers pointed out that the warning is related to hacking attempts and that not all the attacks have been successful, also thanks to the defense implemented by Google. This specific campaign accounted for 86% of the batch of warnings that the Google team sent out for this month. SecurityAffairs – hacking, spear-phishing).

Phishing

Phishing Government Hacking Accountability

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Security Affairs

FEBRUARY 25, 2021

Next, the attackers logged in to the web interface using a privileged root account. It’s unknown how the attackers were able to obtain the credentials for that account, but it’s possible the credentials were saved in one of the infected system’s browser password managers.” SecurityAffairs – hacking, Lazarus).

Malware

Malware Cryptocurrency Password Management Encryption

Google sent over 50,000 warnings of state-sponsored attacks, +33% from same period in 2020

Security Affairs

OCTOBER 14, 2021

Google revealed to have sent roughly 50,000 alerts of state-sponsored phishing or hacking attempts to customers since January. Google announced to have sent roughly 50,000 alerts of state-sponsored phishing or hacking attempts to customers during 2021. SecurityAffairs – hacking, cyber security). Pierluigi Paganini.

Phishing

Phishing Hacking Government Malware

Microsoft: North Korea-linked Zinc APT targets security experts

Security Affairs

JANUARY 29, 2021

Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to ZINC, a DPRK-affiliated and state-sponsored group, based on observed tradecraft, infrastructure, malware patterns, and account affiliations.” SecurityAffairs – hacking, Zinc). Pierluigi Paganini.

Malware

Malware Antivirus Hacking Accountability

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. io ), to share videos of their claimed exploits, and for amplifying and retweeting posts from other accounts under their control.

Malware

Malware Phishing Antivirus Hacking

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Security Affairs

DECEMBER 7, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Government

Government Telecommunications Accountability Phishing

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

Security Affairs

OCTOBER 3, 2018

The US-CERT has released a joint technical alert from the DHS, the FBI, and the Treasury warning about a new ATM cash-out scheme, dubbed “ FASTCash ,” being used by the prolific North Korean APT hacking group known as Hidden Cobra (aka Lazarus Group and Guardians of Peace).

Banking

Banking Retail Advertising Malware

Romanian duo convicted of fraud Scheme infecting 400,000 computers

Security Affairs

APRIL 14, 2019

They also activated files that forced infected computers to register email accounts with AOL.” “The defendants registered more than 100,000 email accounts using this method. The defendants would then steal account credentials. . “The defendants used stolen email credentials to copy a victim’s email contacts.

Cryptocurrency

Cryptocurrency Identity Theft Advertising Accountability

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

Security Affairs

JUNE 17, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. SecurityAffairs – Operation In(ter)reception , hacking). “a password-protected RAR archive containing a LNK file.

Advertising

Advertising Malware Passwords Accountability

Chinese state-sponsored hackers breached TeamViewer in 2016

Security Affairs

MAY 17, 2019

The Winnti group was first spotted by Kaspersky in 2013, according to the researchers the gang has been active since 2007. A recent article warns, “TeamViewer users have had their bank accounts emptied by hackers gaining full-system access”. SecurityAffairs – TeamViewer, hacking). ” wrote the company. .

Advertising

Advertising Architecture Software Cyber Attacks

China-linked APT41 group spotted using open-source red teaming tool GC2

Security Affairs

APRIL 17, 2023

The APT41 group, aka Winnti , Axiom, Barium , Blackfly, HOODOO) is a China-linked cyberespionage group that has been active since at least 2007. The researchers noticed that the most common attack against networks and cloud instances is the account takeover. ” continues the report.

Media

Media Accountability Malware Government

How cybercrime is impacting SMBs in 2023

SecureList

JUNE 26, 2023

Below is a brief description of the most popular types of threats that SMB employees encountered in January–May 2023: Exploits The biggest threat to SMBs in the first five months of 2023 were exploits , which accounted for 483,980 detections. If an employee enters their credentials, the scammers get access to their account.

Cybercrime

Cybercrime Phishing Banking Malware

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

APRIL 30, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

System Administration

System Administration Government Phishing Malware

Experts discovered a Kernel Level Privilege Escalation in Oracle Solaris

Security Affairs

JULY 26, 2018

” The experts discovered that the flaw was first discovered in 2007 and it was publicly disclosed in 2009 during the CanSecWest security conference. The vulnerability is the result of a combination of several arbitrary memory dereference issued and an unbounded memory write vulnerability. ” continues Trustwave.

Advertising

Advertising Architecture Authentication Accountability

Too much UPnP-enabled connected devices still vulnerable to cyber attacks

Security Affairs

MARCH 7, 2019

The patch addresses the UPnP memory corruption vulnerability ( CVE-2007-1204 ) that enables a remote attacker to run arbitrary code in the context of a local service account.” SecurityAffairs – UPnP-enabled devices, hacking). Windows XP comes with UPnP functionality that is enabled automatically out of the box.

Cyber Attacks

Cyber Attacks Advertising Firmware Data collection

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Security Affairs

APRIL 19, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election. .”

Malware

Malware Firmware Government Education

Threat Trends: Firewall

Cisco Security

OCTOBER 19, 2021

Valid Accounts [ T1178 ]. Account Discovery [ T1087 ]. Valid Accounts [ T1078 ]. Valid Accounts [ T1078 ]. Valid Accounts [ T1078 ]. CVE-2007-1036. Like ShellShock, the exploit for this vulnerability is present in many automated hacking tools. Percent of. organizations. Techniques seen. (in

Firewall

Firewall Authentication DNS Accountability

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 29, 2020

Listen to EP 08: Hacking Voting Systems. Vamosi: Back in 2007 the California Secretary of State, Debra Bowen, did the unthinkable: she decertified all the digital voting systems in the state. They invited us and other members of the public to try to hack it. Apple Podcasts. Google Podcasts. Spotify Podcasts. Amazon Music.

Hacking

Hacking Mobile Software Technology

The Hacker Mind Podcast: Hacking Voting Systems

ForAllSecure

OCTOBER 29, 2020

Listen to EP 08: Hacking Voting Systems. Vamosi: Back in 2007 the California Secretary of State, Debra Bowen, did the unthinkable: she decertified all the digital voting systems in the state. They invited us and other members of the public to try to hack it. Apple Podcasts. Google Podcasts. Spotify Podcasts. Amazon Music.

Hacking

Hacking Mobile Software Technology

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Trending Sources

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Hacking firm I-Soon data leak revealed Chinese gov hacking capabilities

173 Million Zynga accounts were impacted in the September hack

From Cybercrime Saul Goodman to the Russian GRU

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Reddit locked Down accounts due to alleged security breach

Russian cybercriminal Aleksandr Brovko sentenced to 8 years in jail

Reddit Breach Highlights Limits of SMS-Based Authentication

Symantec shared details of North Korean Lazarus’s FastCash Trojan used to hack banks

Russian hacker Andrei Tyurin sentenced to 12 years in prison

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Russia-linked group APT29 likely breached TeamViewer’s corporate network

Russia-linked STRONTIUM APT targets IoT devices to hack corporate networks

Russia-linked APT Turla used a new malware toolset named Crutch

US Treasury sanctioned Iran ’s Ministry of Intelligence over Albania cyberattack

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

APT28 targets key networks in Europe with HeadLace malware

Reddit discloses a data breach, a hacker accessed user data

France agency ANSSI warns of Russia-linked APT28 attacks on French entities

Security Affairs - Untitled Article

Cyber Attack news headlines trending on Google

Google warns of APT28 attack attempts against 14,000 Gmail users

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Google sent over 50,000 warnings of state-sponsored attacks, +33% from same period in 2020

Microsoft: North Korea-linked Zinc APT targets security experts

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Hidden Cobra APT used the new ATM cash-out scheme FASTCash to hit banks worldwide

Romanian duo convicted of fraud Scheme infecting 400,000 computers

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

Chinese state-sponsored hackers breached TeamViewer in 2016

China-linked APT41 group spotted using open-source red teaming tool GC2

How cybercrime is impacting SMBs in 2023

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Experts discovered a Kernel Level Privilege Escalation in Oracle Solaris

Too much UPnP-enabled connected devices still vulnerable to cyber attacks

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Threat Trends: Firewall

The Hacker Mind Podcast: Hacking Voting Systems

The Hacker Mind Podcast: Hacking Voting Systems

Stay Connected