Malwarebytes

JANUARY 16, 2025

PlugX has been around since at least 2008 but is under constant development. The move came after suspicion that cybercriminals groups under control of the Peoples Republic of China (PRC) used a version of PlugX malware to control, and steal information from victims’ computers.

Malware 113

Malware DNS Internet Internet 113

Malwarebytes

JULY 28, 2021

And while actual, measurable cyberrattacks and hacks surrounding The Olympics did not truly get rolling until 2008 in Beijing, The Olympic games have traditionally been quite the target for malicious acts of all kinds, dating back years. It was also the first major Olympics event where organizers braced for hacking related impact.

Scams 143

Scams Hacking Malware Mobile 143

Krebs on Security

MARCH 9, 2021

The IE weakness — CVE-2021-26411 — affects both IE11 and newer EdgeHTML-based versions, and it allows attackers to run a file of their choice by getting you to view a hacked or malicious website in IE. “There is the outside chance this could be wormable between DNS servers,” warned Trend Micro’s Dustin Childs.

DNS 350

DNS Internet Internet Software 350

Krebs on Security

APRIL 30, 2024

A 26-year-old Finnish man was sentenced to more than six years in prison today after being convicted of hacking into an online psychotherapy clinic, leaking tens of thousands of patient therapy records, and attempting to extort the clinic and patients.

DDOS 296

DDOS Cybercrime Hacking Passwords 296

Krebs on Security

FEBRUARY 7, 2024

In 2021, the exclusive Russian cybercrime forum Mazafaka was hacked. From the forum’s inception until around 2008, Djamix was one of its most active and eloquent contributors. ru at DomainTools.com reveals this address has been used to register at least 10 domain names since 2008. Some of those photos date back to 2008.

Cybercrime 310

Cybercrime Accountability Identity Theft Hacking 310

CyberSecurity Insiders

SEPTEMBER 5, 2022

For the first time in the history of cyber attacks, a China-based university serving Aviation industry has accused the United States National Security Agency (NSA) for hacking into its servers to steal intelligence related to aviation, aerospace and navigation study material.

Hacking 121

Hacking Surveillance Education Cyber Attacks 121

Security Affairs

FEBRUARY 7, 2021

Some commercial Nespresso machines that are used in Europe could be hacked to add unlimited funds to purchase coffee. Some Nespresso Pro machines in Europe could be hacked to add unlimited funds to purchase coffee. SecurityAffairs – hacking, Nespresso). The vulnerability was disclosed by the security researcher Polle Vanhoof.

Hacking 145

Hacking Technology Software Engineering 145

Krebs on Security

JUNE 28, 2022

That same day, AWM Proxy — a 14-year-old anonymity service that rents hacked PCs to cybercriminals — suddenly went offline. Launched in March 2008, AWM Proxy quickly became the largest service for crooks seeking to route their malicious Web traffic through compromised devices. ru , and the website web-site[.]ru

Passwords 300

Passwords Malware Internet Internet 300

Security Affairs

NOVEMBER 15, 2021

These issues impacts Windows Server 2019 and lower versions, including Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2. SecurityAffairs – hacking, Operation Cyclone). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Authentication 137

Authentication Hacking Information Security 137

Security Affairs

OCTOBER 21, 2018

Attackers are targeting high-value servers using a three of hacking tools from NSA arsenal, including DarkPulsar, that were leaked by the Shadow Brokers hacker group. It shows how hackers combined the tool to carry out high sophisticated hacking operations. Security Affairs – NSA hacking tools, DarkPulsar ).

Hacking 111

Hacking Energy and Utilities Advertising Authentication 111

Krebs on Security

NOVEMBER 8, 2021

Some of these nicknames go back more than a decade on Russian cybercrime forums, many of which have been hacked and relieved of their user databases over the years. su, and that forum’s database says a user by the name “Damnating” registered with the forum in 2008 using the email address damnating@yandex.ru.

Ransomware 344

Ransomware Cybercrime System Administration Passwords 344

Krebs on Security

DECEMBER 8, 2021

According to cyber intelligence firm Intel 471 , that dark_cl0ud6@hotmail.com address has been used in conjunction with the handle “ DCReavers2 ” to register user accounts on a half-dozen English-language cybercrime forums since 2008, including Hackforums , Blackhatworld, and Ghostmarket. An advertisement for the ButterFly Bot.

Cybercrime 328

Cybercrime Ransomware Accountability Advertising 328

Schneier on Security

FEBRUARY 13, 2021

Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. It’s been going on since at least 2008. The US government has known about it for almost as long, and has tried to keep the attack secret: China’s exploitation of products made by Supermicro, as the U.S.

Surveillance 363

Surveillance Internet Internet Government 363

Krebs on Security

JUNE 1, 2023

ru in 2008. su from 2008. su from 2008. Intel 471 shows akafitis@gmail.com was used to register another O.R.Z. user account — this one on Verified[.]ru Prior to that, akafitis@gmail.com was used as the email address for the account “ Fitis ,” which was active on Exploit between September 2006 and May 2007.

Malware 299

Malware Cybercrime Software Accountability 299

Security Affairs

FEBRUARY 13, 2020

“ In 2017, the Shadow Brokers hacking group released a collection of NSA exploits and hacking tools targeting Microsoft’s Windows OS, some of them were developed to exploit the SMBv1 p rotocol to execute commands on vulnerable servers with administrative p rivileges. Please see this KB for more information.

Authentication 145

Authentication Malware Advertising Hacking 145

Krebs on Security

FEBRUARY 14, 2024

Some of the exposed emails dated back to 2008; others were as recent as the present day. Holden said he also discovered that hackers have been abusing a Securence link scrubbing and anti-spam service called Url-Shield to create links that look benign but instead redirect visitors to hacked and malicious websites.

Internet 362

Internet Internet Wireless Government 362

WIRED Threat Level

AUGUST 10, 2023

In 2008, Boston’s transit authority sued to stop MIT hackers from presenting at the Defcon hacker conference on how to get free subway rides. Today, four teens picked up where they left off.

Hacking 98

Hacking 98

Krebs on Security

MAY 23, 2024

At least a dozen patriotic Russian hacking groups have been launching DDoS attacks since the start of the war at a variety of targets seen as opposed to Moscow. md , a website launched in 2008 that chronicled the history of a 1990 armed conflict in Moldova known as the Transnistria War and the Moldo-Russian war.

DDOS 321

DDOS Internet Internet Government 321

Krebs on Security

FEBRUARY 11, 2020

It could be used to install malware just by getting a user to browse to a malicious or hacked Web site. lnk) files ( CVE-2020-0729 ) that affects Windows 8 and 10 systems, as well as Windows Server 2008-2012. Microsoft once again fixed a critical flaw in the way Windows handles shortcut (.lnk)

Backups 64

Backups Malware Internet Internet 64

Security Affairs

JUNE 5, 2019

Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. Windows 7 and Server 2008 users can prevent unauthenticated attacks by enabling Network Level Authentication (NLA), and the threat can also be mitigated by blocking TCP port 3389. SecurityAffairs – Metasploit, hacking). According to Z??osum0x0,

Penetration Testing 111

Penetration Testing Advertising Malware Authentication 111

Krebs on Security

JUNE 3, 2019

” Media publications have cited sources saying the Robbinhood version that hit Baltimore city computers was powered by “ Eternal Blue ,” a hacking tool developed by the U.S. ” That vulnerability exists in Windows XP, Windows 2003, Windows 7, Windows Server 2008 R2, and Windows Server 2008.

Ransomware 235

Ransomware Accountability Malware Government 235

Security Affairs

OCTOBER 13, 2021

A Chinese-speaking hacking group exploited a Windows zero-day vulnerability in a wave of attacks on defense and IT businesses. A Chinese-speaking hacking group exploited a zero-day vulnerability in the Windows Win32k kernel driver to deploy a new remote access trojan (RAT), tracked as MysterySnail. SecurityAffairs – hacking, Windows).

Hacking 114

Hacking Malware Government Technology 114

Security Affairs

JANUARY 15, 2019

This means that security and IT staff at the Pentagon is ignoring the recommendations exposing it to the risk of hack. related recommendations, dating as far back as 2008. SecurityAffairs – Pentagon, hacking). Additionally, as of September 30, 2018, there were 266 open cybersecurity?related ” concludes the DoD OIG.

Risk 109

Risk Cybersecurity Cyber Risk Government 109

Security Boulevard

FEBRUARY 13, 2021

Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. It’s been going on since at least 2008. The US government has known about it for almost as long, and has tried to keep the attack secret: China’s exploitation of products made by Supermicro, as the U.S.

Government 108

Government Hacking Internet Internet 108

Krebs on Security

DECEMBER 3, 2021

Verified was hacked at least twice in the past five years, and its user database posted online. back in 2008 (notice again the suspect “www” as part of the domain name). However, none of Babam’s posts on Exploit include any personal information or clues about his identity.

Ransomware 345

Ransomware Passwords Accountability Cybercrime 345

Krebs on Security

FEBRUARY 5, 2023

In 2013, Kurittu worked on an investigation involving Kivimäki’s use of the Zbot botnet, among other activities Kivimäki engaged in as a member of the hacker group Hack the Planet (HTP).”

Cybercrime 272

Cybercrime DDOS Hacking Accountability 272

Krebs on Security

SEPTEMBER 28, 2021

Consider the scenario where an attacker drops a malware-laden USB flash drive in the parking lot of a company he wants to hack into. In 2008, a cyber attack described at the time as “the worst breach of U.S. A USB stick with malware is very likely how U.S.

Mobile 348

Mobile Phishing Malware Software 348

Security Affairs

JUNE 19, 2020

The exploit used by Turla, referred to as CVE-2008-3431 , abuses two vulnerabilities, but only one was ever fixed in the aforementioned CVE. The other vulnerability was chained by Turla operators with the CVE-2008-3431 flaw in the first version of their exploit. SecurityAffairs – hacking, Turla). Pierluigi Paganini.

Malware 144

Malware Advertising InfoSec Hacking 144

Threatpost

MARCH 30, 2018

Microsoft released an out-of-band security update that corrected a faulty patch that left Windows 7 and Windows Server 2008 open to attack.

Hacking 43

Hacking 43

Krebs on Security

OCTOBER 1, 2019

Spanish for “Butterfly,” Mariposa was a potent crime machine first spotted in 2008. Very soon after its inception, Mariposa was estimated to have infected more than 1 million hacked computers — making it one of the largest botnets ever created. An advertisement for the ButterFly Bot.

Cybercrime 45

Cybercrime Malware Antivirus Banking 45

Krebs on Security

DECEMBER 10, 2019

By nearly all accounts, the chief bugaboo this month is CVE-2019-1458 , a vulnerability in a core Windows component (Win32k) that is present in Windows 7 through 10 and Windows Server 2008-2019.

Backups 172

Backups Software Malware Marketing 172

Security Affairs

DECEMBER 20, 2018

The IE zero-day vulnerability impacts IE 9 on Windows Server 2008, IE 10 on Windows Server 2012, IE 11 from Windows 7 to Windows 10, and IE 11 on Windows Server 2019, Windows Server 2016, Windows Server 2008 R2, Windows Server 2012 R2. SecurityAffairs –Windows zero-day, hacking). Pierluigi Paganini.

Internet 111

Internet Internet Engineering Advertising 111

Security Affairs

JUNE 5, 2019

Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. Windows 7 and Server 2008 users can prevent unauthenticated attacks by enabling Network Level Authentication (NLA), and the threat can also be mitigated by blocking TCP port 3389. SecurityAffairs – BlueKeep, hacking). Pierluigi Paganini.

Penetration Testing 109

Penetration Testing Firewall Authentication Advertising 109

Security Affairs

JUNE 18, 2019

Enable Network Level Authentication in Windows 7, Windows Server 2008, and Windows Server 2008 R2. Microsoft has released patches for Windows 7, Server 2008, XP and Server 2003. SecurityAffairs – BlueKeep, hacking). Disable services not being used by the OS. This best practice limits exposure to vulnerabilities.

Authentication 104

Authentication Advertising Malware Firewall 104

Security Affairs

APRIL 23, 2020

A security expert uncovered an old APT operation, tracked Nazar, by analyzing the NSA hacking tools included in the dump leaked by Shadow Brokers in 2017. Guerrero-Saade discovered that the SIG37 campaign references hacking activities dated back as far as 2008 that was carried out by an unknown threat actor, the expert tracked it as Nazar.

Hacking 139

Hacking Advertising Malware Engineering 139

Security Affairs

MARCH 31, 2021

was recommended for IETF protocols in 2008 and became obsolete with the introduction of TLS version 1.3 SecurityAffairs – hacking, TLS 1.0). The Internet Engineering Task Force (IETF) formally deprecates Transport Layer Security (TLS) versions 1.0 (RFC RFC 2246) and 1.1 (RFC TLS version 1.2 Pierluigi Paganini.

Internet 120

Internet Internet Engineering Hacking 120

Krebs on Security

MAY 17, 2022

The trouble with Saicoo’s apparently infected drivers may be little more than a case of a technology company having their site hacked and responding poorly. .” Saicoo’s response to KrebsOnSecurity. Will Dormann , a vulnerability analyst at CERT/CC, wrote on Twitter that the executable files (.exe)

Malware 353

Malware Government Internet Internet 353