2008 and Hacking - Cyber Security Informer

CIA Hacking unit APT-C-39 hit China since 2008

Security Affairs

MARCH 4, 2020

Chinese security firm Qihoo 360 revealed that the US CIA has hacked Chinese organizations in various sectors for the last 11 years. Chinese security firm Qihoo 360 is accusing that the US Central Intelligence Agency (CIA) of having hacked Chinese organizations for the last 11 years. SecurityAffairs – hacking, CIA).

Hacking

Hacking Government Advertising Engineering

A zero-day in Windows 7 and Windows Server 2008 has yet to be fixed

Security Affairs

NOVEMBER 26, 2020

Researcher discovers a zero-day vulnerability in Windows 7 and Windows Server 2008 while he was working on a Windows security tool. “If you have ever run this script on Windows 7 or Windows Server 2008 R2 , you probably noticed a weird recurring result and perhaps thought that it was a false positive just as I did.

Hacking

Hacking Information Security Malware

Microsoft Patches Zero-Day Bug in Win7, Server 2008 and 2008 R2

Threatpost

NOVEMBER 13, 2018

Microsoft’s November Patch Tuesday fixes include mitigation against a zero-day vulnerability leaving Windows 7, Server 2008 and Server 2008 R2 open to attack.

Malware

Malware Hacking

0patch will provide micropatches for Windows 7 and Server 2008 after EoS

Security Affairs

SEPTEMBER 22, 2019

With the end-of-life of Windows 7 and Server 2008, their users will no more receive security patches, the only way to remain protected is to trust in micropatches. On January 14, 2020, support for Window 7, Windows Server 2008 and 2008 R2 will end, this means that users will no longer receive security updates.

Advertising

Advertising Hacking Software Risk

Man certifies his own (fake) death after hacking into registry system using stolen identity

Malwarebytes

AUGUST 21, 2024

A 39-year-old man has been sentenced to 81 months in jail after hacking governments systems to fake his own death to dodge paying child support. Reportedly , Kipf got a divorce in 2008 in California and owed more than $116,000 in child support obligations to his daughter and her mother, according to court documents.

Hacking

Hacking Identity Theft Passwords Government

US NSA hacks Chinese Aviation University

CyberSecurity Insiders

SEPTEMBER 5, 2022

For the first time in the history of cyber attacks, a China-based university serving Aviation industry has accused the United States National Security Agency (NSA) for hacking into its servers to steal intelligence related to aviation, aerospace and navigation study material.

Hacking

Hacking Surveillance Education Cyber Attacks

Teens Hacked Boston Subway’s CharlieCard to Get Infinite Free Rides—and This Time Nobody Got Sued

WIRED Threat Level

AUGUST 10, 2023

In 2008, Boston’s transit authority sued to stop MIT hackers from presenting at the Defcon hacker conference on how to get free subway rides. Today, four teens picked up where they left off.

Hacking

Microsoft rolled out emergency updates to fix Windows Server auth failures

Security Affairs

NOVEMBER 15, 2021

These issues impacts Windows Server 2019 and lower versions, including Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2. SecurityAffairs – hacking, Operation Cyclone). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Authentication

Authentication Hacking Information Security

Hacking Nespresso machines to have unlimited funds to purchase coffee

Security Affairs

FEBRUARY 7, 2021

Some commercial Nespresso machines that are used in Europe could be hacked to add unlimited funds to purchase coffee. Some Nespresso Pro machines in Europe could be hacked to add unlimited funds to purchase coffee. SecurityAffairs – hacking, Nespresso). The vulnerability was disclosed by the security researcher Polle Vanhoof.

Hacking

Hacking Technology Software Engineering

Man Who Mass-Extorted Psychotherapy Patients Gets Six Years

Krebs on Security

APRIL 30, 2024

A 26-year-old Finnish man was sentenced to more than six years in prison today after being convicted of hacking into an online psychotherapy clinic, leaking tens of thousands of patient therapy records, and attempting to extort the clinic and patients.

DDOS

DDOS Cybercrime Hacking Passwords

Microsoft Fixes Bad Patch That Left Windows 7, Server 2008 Open to Attack

Threatpost

MARCH 30, 2018

Microsoft released an out-of-band security update that corrected a faulty patch that left Windows 7 and Windows Server 2008 open to attack.

Hacking

From Cybercrime Saul Goodman to the Russian GRU

Krebs on Security

FEBRUARY 7, 2024

In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. From the forum’s inception until around 2008, Djamix was one of its most active and eloquent contributors. ru at DomainTools.com reveals this address has been used to register at least 10 domain names since 2008. Some of those photos date back to 2008.

Cybercrime

Cybercrime Accountability Identity Theft Hacking

DarkPulsar and other NSA hacking tools used in hacking operations in the wild

Security Affairs

OCTOBER 21, 2018

Attackers are targeting high-value servers using a three of hacking tools from NSA arsenal, including DarkPulsar, that were leaked by the Shadow Brokers hacker group. It shows how hackers combined the tool to carry out high sophisticated hacking operations. Security Affairs – NSA hacking tools, DarkPulsar ).

Hacking

Hacking Energy and Utilities Advertising Authentication

The Link Between AWM Proxy & the Glupteba Botnet

Krebs on Security

JUNE 28, 2022

That same day, AWM Proxy — a 14-year-old anonymity service that rents hacked PCs to cybercriminals — suddenly went offline. Launched in March 2008, AWM Proxy quickly became the largest service for crooks seeking to route their malicious Web traffic through compromised devices. ru , and the website web-site[.]ru

Passwords

Passwords Malware Internet Internet

Microsoft Issues Emergency Fix for IE Zero Day

Krebs on Security

DECEMBER 19, 2018

Satnam Narang , senior research engineer at Tenable , said the vulnerability affects the following installations of IE: Internet Explorer 11 from Windows 7 to Windows 10 as well as Windows Server 2012, 2016 and 2019; IE 9 on Windows Server 2008; and IE 10 on Windows Server 2012.

Internet

Internet Internet Engineering Software

Chinese APT IronHusky use Win zero-day in recent wave of attacks

Security Affairs

OCTOBER 13, 2021

A Chinese-speaking hacking group exploited a Windows zero-day vulnerability in a wave of attacks on defense and IT businesses. A Chinese-speaking hacking group exploited a zero-day vulnerability in the Windows Win32k kernel driver to deploy a new remote access trojan (RAT), tracked as MysterySnail. SecurityAffairs – hacking, Windows).

Hacking

Hacking Malware Government Technology

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Security Affairs

FEBRUARY 13, 2020

“ In 2017, the Shadow Brokers hacking group released a collection of NSA exploits and hacking tools targeting Microsoft’s Windows OS, some of them were developed to exploit the SMBv1 p rotocol to execute commands on vulnerable servers with administrative p rivileges. Please see this KB for more information.

Authentication

Authentication Malware Advertising Hacking

Chinese Supply-Chain Attack on Computer Systems

Security Boulevard

FEBRUARY 13, 2021

Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. It’s been going on since at least 2008. The US government has known about it for almost as long, and has tried to keep the attack secret: China’s exploitation of products made by Supermicro, as the U.S.

Government

Government Hacking Internet Internet

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Krebs on Security

MARCH 10, 2020

District Court for the Southern District of California allege Firsov was the administrator of deer.io, an online platform that hosted more than 24,000 shops for selling stolen and/or hacked usernames and passwords for a variety of top online destinations. An example seller’s panel at deer.io. Click image to enlarge.

Accountability

Accountability Advertising Hacking Cybercrime

Microsoft Patch Tuesday, March 2021 Edition

Krebs on Security

MARCH 9, 2021

The IE weakness — CVE-2021-26411 — affects both IE11 and newer EdgeHTML-based versions, and it allows attackers to run a file of their choice by getting you to view a hacked or malicious website in IE. “There is the outside chance this could be wormable between DNS servers,” warned Trend Micro’s Dustin Childs.

DNS

DNS Internet Internet Software

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

ru in 2008. su from 2008. su from 2008. Intel 471 shows akafitis@gmail.com was used to register another O.R.Z. user account — this one on Verified[.]ru Prior to that, akafitis@gmail.com was used as the email address for the account “ Fitis ,” which was active on Exploit between September 2006 and May 2007.

Malware

Malware Cybercrime Software Accountability

U.S. Internet Leaked Years of Internal, Customer Emails

Krebs on Security

FEBRUARY 14, 2024

Some of the exposed emails dated back to 2008; others were as recent as the present day. Holden said he also discovered that hackers have been abusing a Securence link scrubbing and anti-spam service called Url-Shield to create links that look benign but instead redirect visitors to hacked and malicious websites.

Internet

Internet Internet Wireless Government

Avoid The Hack: 7 Best Private Search Engine Recommendations

Security Boulevard

SEPTEMBER 2, 2023

Founded circa 2008, DuckDuckGo is a private metasearch engine based in the US. The post Avoid The Hack: 7 Best Private Search Engine Recommendations appeared first on Security Boulevard. While this search engine is certainly better than using Google or Bing, it is advised to use this search engine with discretion.

Engineering

Engineering Hacking Technology Marketing

Qakbot is back and targets the Hospitality industry

Security Affairs

DECEMBER 18, 2023

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, malware) The malware spreads via malspam campaigns, it inserts replies in active email threads.

Malware

Malware Phishing Ransomware Hacking

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

At least a dozen patriotic Russian hacking groups have been launching DDoS attacks since the start of the war at a variety of targets seen as opposed to Moscow. md , a website launched in 2008 that chronicled the history of a 1990 armed conflict in Moldova known as the Transnistria War and the Moldo-Russian war.

DDOS

DDOS Internet Internet Government

Expert developed a MetaSploit module for the BlueKeep flaw

Security Affairs

JUNE 5, 2019

Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. Windows 7 and Server 2008 users can prevent unauthenticated attacks by enabling Network Level Authentication (NLA), and the threat can also be mitigated by blocking TCP port 3389. SecurityAffairs – Metasploit, hacking). According to Z??osum0x0,

Penetration Testing

Penetration Testing Advertising Malware Authentication

Windows Remote Kernel Exploitation via IPv6

Hacker's King

SEPTEMBER 12, 2024

This vulnerability affects many systems, including Windows 10, Windows 11 and Window severer from 2008 to 2022. Windows10 Windows 11 Windows Server (2008-2022) By default, IPv6 is enabled in all Windows operating systems and vulnerable to CVE-2024-38063. Join Complete Offensive-Hacking Course Today To Get 10% Special Off

Hacking

Hacking Internet Internet Cybersecurity

REvil Ransom Arrest, $6M Seizure, and $10M Reward

Krebs on Security

NOVEMBER 8, 2021

Some of these nicknames go back more than a decade on Russian cybercrime forums, many of which have been hacked and relieved of their user databases over the years. su, and that forum’s database says a user by the name “Damnating” registered with the forum in 2008 using the email address damnating@yandex.ru.

Ransomware

Ransomware Cybercrime System Administration Passwords

Canada Charges Its “Most Prolific Cybercriminal”

Krebs on Security

DECEMBER 8, 2021

According to cyber intelligence firm Intel 471 , that dark_cl0ud6@hotmail.com address has been used in conjunction with the handle “ DCReavers2 ” to register user accounts on a half-dozen English-language cybercrime forums since 2008, including Hackforums , Blackhatworld, and Ghostmarket. An advertisement for the ButterFly Bot.

Cybercrime

Cybercrime Ransomware Accountability Advertising

PlugX malware delivered by exploiting flaws in Chinese programs

Security Affairs

MARCH 11, 2023

The PlugX backdoor has been used since 2008 by multiple China-linked APT groups, including Mustang Panda , Winnti , and APT41 In the attacks observed by ASEC, once exploited the vulnerability, threat actors executed a PowerShell command to create a file named esetservice.exe. ” reads the analysis published by ASEC.

Malware

Malware Software Hacking Information Security

French authorities launch disinfection operation to eradicate PlugX malware from infected hosts

Security Affairs

JULY 28, 2024

The PlugX malware is a remote access trojan (RAT) that has been used since 2008 by multiple China-linked APT groups, including Mustang Panda , Winnti , and APT41 The RAT uses DLL side-loading to load its own malicious payload malicious DLL when a digitally signed software application, such as the x32dbg debugging tool (x32dbg.exe), is executed.

Malware

Malware Internet Internet Cybersecurity

QakBot threat actors are still operational after the August takedown

Security Affairs

OCTOBER 7, 2023

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. In August, the FBI announced that the Qakbot botnet was dismantled as a result of an international law enforcement operation named Operation ‘Duck Hunt.’

Malware

Malware Ransomware Phishing Hacking

Why Malware Crypting Services Deserve More Scrutiny

Krebs on Security

JUNE 21, 2023

has been associated with the user Kerens on the Russian hacking forum Exploit from 2011 to the present day. Intel 471 found that Kerens used the email address pepyak@gmail.com , which also was used to register Kerens accounts on the Russian language hacking forums Verified and Damagelab. The WHOIS records for autodoska[.]biz

Malware

Malware Antivirus Cybercrime Hacking

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

Security Affairs

JANUARY 31, 2024

It was operating between 2008 and 2013. According to German media , one of the two operators was also involved in the operations of the site mega-downloads.net. Movie2k was a platform involved in the unauthorized distribution of copyrighted movies, TV shows, and other media content.

Media

Media Cybercrime Advertising Information Security

Chinese Supply-Chain Attack on Computer Systems

Schneier on Security

FEBRUARY 13, 2021

Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. It’s been going on since at least 2008. The US government has known about it for almost as long, and has tried to keep the attack secret: China’s exploitation of products made by Supermicro, as the U.S.

Surveillance

Surveillance Internet Internet Government

Too many issues in Pentagon networks expose it to cybersecurity risks

Security Affairs

JANUARY 15, 2019

This means that security and IT staff at the Pentagon is ignoring the recommendations exposing it to the risk of hack. related recommendations, dating as far back as 2008. SecurityAffairs – Pentagon, hacking). Additionally, as of September 30, 2018, there were 266 open cybersecurity?related ” concludes the DoD OIG.

Risk

Risk Cybersecurity Cyber Risk Government

Avast released a free decryptor for the Windows version of the Akira ransomware

Security Affairs

JULY 1, 2023

Files are encrypted by Chacha 2008 ( D. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Akira ransomware ) The post Avast released a free decryptor for the Windows version of the Akira ransomware appeared first on Security Affairs. Bernstein’s implementation ).”

Ransomware

Ransomware Encryption Malware Hacking

IETF deprecates TLS 1.0 and TLS 1.1, update to latest versions

Security Affairs

MARCH 31, 2021

was recommended for IETF protocols in 2008 and became obsolete with the introduction of TLS version 1.3 SecurityAffairs – hacking, TLS 1.0). The Internet Engineering Task Force (IETF) formally deprecates Transport Layer Security (TLS) versions 1.0 (RFC RFC 2246) and 1.1 (RFC TLS version 1.2 Pierluigi Paganini.

Internet

Internet Internet Engineering Hacking

DHS also issued an alert for the Windows BlueKeep flaw

Security Affairs

JUNE 18, 2019

Enable Network Level Authentication in Windows 7, Windows Server 2008, and Windows Server 2008 R2. Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. SecurityAffairs – BlueKeep, hacking). Disable services not being used by the OS. This best practice limits exposure to vulnerabilities.

Authentication

Authentication Advertising Malware Firewall

Qakbot operations continue to evolve to avoid detection

Security Affairs

JULY 13, 2022

Qakbot , also known as QBot, QuackBot and Pinkslipbot, is an info-stealing malware that has been active since 2008. SecurityAffairs – hacking, malware). Experts warn that operators behind the Qakbot malware operation are improving their attack chain in an attempt to avoid detection. Follow me on Twitter: @securityaffairs and Facebook.

Malware

Malware Hacking Cybercrime Information Security

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Security Affairs

DECEMBER 17, 2021

and above 2008 Workspace ONE UEM patch 20.8.0.36 SecurityAffairs – hacking, VMware Workspace ONE UEM). .” Below is the list of impacted versions: I mpacted Versions Fixed Version 2109 Workspace ONE UEM patch 21.9.0.13 and above 2105 Workspace ONE UEM patch 21.5.0.37 and above 2102 Workspace ONE UEM patch 21.2.0.27

Authentication

Authentication Hacking Software Information Security

AcidBox, a malware that borrows Turla APT exploit, hit Russian organizations

Security Affairs

JUNE 19, 2020

The exploit used by Turla, referred to as CVE-2008-3431 , abuses two vulnerabilities, but only one was ever fixed in the aforementioned CVE. The other vulnerability was chained by Turla operators with the CVE-2008-3431 flaw in the first version of their exploit. SecurityAffairs – hacking, Turla). Pierluigi Paganini.

Malware

Malware InfoSec Advertising Hacking

Purple Lambert, a new malware of CIA-linked Lambert APT group

Security Affairs

APRIL 29, 2021

.” The Lambert APT (aka Longhorn APT ) has been active since at least 2008, but its first samples were spotted in 2014. Across the years, the researchers found analyzed multiple backdoors and hacking tools composing the arsenal of the cyberespionage group. SecurityAffairs – hacking, CIA). Pierluigi Paganini.

Malware

Malware Hacking Government Telecommunications

NSA urges Windows Users and admins to Patch BlueKeep flaw

Security Affairs

JUNE 5, 2019

Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. Windows 7 and Server 2008 users can prevent unauthenticated attacks by enabling Network Level Authentication (NLA), and the threat can also be mitigated by blocking TCP port 3389. SecurityAffairs – BlueKeep, hacking). Pierluigi Paganini.

Penetration Testing

Penetration Testing Firewall Authentication Advertising

CIA Hacking unit APT-C-39 hit China since 2008

A zero-day in Windows 7 and Windows Server 2008 has yet to be fixed

Trending Sources

Microsoft Patches Zero-Day Bug in Win7, Server 2008 and 2008 R2

0patch will provide micropatches for Windows 7 and Server 2008 after EoS

Man certifies his own (fake) death after hacking into registry system using stolen identity

US NSA hacks Chinese Aviation University

Teens Hacked Boston Subway’s CharlieCard to Get Infinite Free Rides—and This Time Nobody Got Sued

Microsoft rolled out emergency updates to fix Windows Server auth failures

Hacking Nespresso machines to have unlimited funds to purchase coffee

Man Who Mass-Extorted Psychotherapy Patients Gets Six Years

Microsoft Fixes Bad Patch That Left Windows 7, Server 2008 Open to Attack

From Cybercrime Saul Goodman to the Russian GRU

DarkPulsar and other NSA hacking tools used in hacking operations in the wild

The Link Between AWM Proxy & the Glupteba Botnet

Microsoft Issues Emergency Fix for IE Zero Day

Chinese APT IronHusky use Win zero-day in recent wave of attacks

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Chinese Supply-Chain Attack on Computer Systems

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Microsoft Patch Tuesday, March 2021 Edition

Ask Fitis, the Bear: Real Crooks Sign Their Malware

U.S. Internet Leaked Years of Internal, Customer Emails

Avoid The Hack: 7 Best Private Search Engine Recommendations

Qakbot is back and targets the Hospitality industry

Stark Industries Solutions: An Iron Hammer in the Cloud

Expert developed a MetaSploit module for the BlueKeep flaw

Windows Remote Kernel Exploitation via IPv6

REvil Ransom Arrest, $6M Seizure, and $10M Reward

Canada Charges Its “Most Prolific Cybercriminal”

PlugX malware delivered by exploiting flaws in Chinese programs

French authorities launch disinfection operation to eradicate PlugX malware from infected hosts

QakBot threat actors are still operational after the August takedown

Why Malware Crypting Services Deserve More Scrutiny

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

Chinese Supply-Chain Attack on Computer Systems

Too many issues in Pentagon networks expose it to cybersecurity risks

Avast released a free decryptor for the Windows version of the Akira ransomware

IETF deprecates TLS 1.0 and TLS 1.1, update to latest versions

DHS also issued an alert for the Windows BlueKeep flaw

Qakbot operations continue to evolve to avoid detection

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

AcidBox, a malware that borrows Turla APT exploit, hit Russian organizations

Purple Lambert, a new malware of CIA-linked Lambert APT group

NSA urges Windows Users and admins to Patch BlueKeep flaw

Stay Connected