2009, Hacking and Information Security - Cyber Security Informer

AusCERT and the Award for Information Security Excellence

Troy Hunt

MAY 31, 2018

At the gala dinner last night, without any warning beforehand, I somehow walked away with this: #AusCERT2018 Award for Information Security Excellence goes to @troyhunt @AusCERT 2018 Gala Dinner pic.twitter.com/9lxmwX0tdR — ValdemarJakobsen???? jamver) May 31, 2018. Yes, that guy is wearing a cape, it was a Star Wars thing.).

Information Security

Information Security Data breaches Hacking

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

Security Affairs

FEBRUARY 22, 2025

The Bybit hack is the largest cryptocurrency heist ever, surpassing previous ones like Ronin Network ($625M), Poly Network ($611M), and BNB Bridge ($566M). Bybit is Solvent even if this hack loss is not recovered, all of clients assets are 1 to 1 backed, we can cover the loss. billion to an unidentified address.

Cryptocurrency

Cryptocurrency Hacking Banking Cybersecurity

RockYou2024 compilation containing 10 billion passwords was leaked online

Security Affairs

JULY 8, 2024

Threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. The Cybernews researchers reported that threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. RockYou2021 had 8.4 billion passwords from various internet data leaks.

Passwords

Passwords Data breaches Hacking Accountability

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Now new findings reveal that AVrecon is the malware engine behind a 12-year-old service called SocksEscort , which rents hacked residential and small business devices to cybercriminals looking to hide their true location online. SocksEscort began in 2009 as “ super-socks[.]com Image: Lumen’s Black Lotus Labs.

Malware

Malware VPN Internet Internet

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

Security Affairs

JUNE 23, 2019

NASA Office of Inspector General revealed that the Agency’s network was hacked in April 2018, intruders exfiltrated roughly 500 MB of data related to Mars missions. Unfortunately, this was not the first time hackers broke into JPL , it has already happened back in 2009, 2011, 2014, 2016 and 2017. The post NASA hacked!

Hacking

Hacking Data breaches Advertising Firewall

More than 16,000 Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894

Security Affairs

APRIL 6, 2024

Most of the vulnerable systems are in the US (4686 at the time of this writing), followed by Japan (2009), and UK (1032). We are now scanning/reporting Ivanti Connect Secure instances vulnerable to CVE-2024-21894 (heap overflow potentially leading to RCE) & others described in [link] ~16 500 likely vulnerable (~4.6K

VPN

VPN Internet Internet Hacking

SimJacker attack allows hacking any phone with just an SMS

Security Affairs

SEPTEMBER 12, 2019

According to the researchers, almost any mobile phone model is vulnerable to the SimJacker attack because it leverages a component on SIM cards and its specifications are the same since 2009. SecurityAffairs – SimJacker, hacking). ” states the post. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Mobile Spyware Manufacturing

North Korea-linked APT group BeagleBoyz targets banks

Security Affairs

AUGUST 29, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. “North Korea’s intelligence apparatus controls a hacking team dedicated to robbing banks through remote internet access.

Banking

Banking Malware Advertising Hacking

10-year-old vulnerability in Avaya VoIP Phones finally fixed

Security Affairs

AUGUST 10, 2019

Security experts at McAfee discovered that a stack-based buffer overflow flaw in the Dynamic Host Configuration Protocol (DHCP) client discovered and fixed ten years ago is still affecting several Avaya phones. SecurityAffairs – Avaya, hacking). The vulnerability could be exploited using a specially crafted DHCP response. Only the H.323

Firmware

Firmware IoT Advertising Software

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

. “TAG observed a North Korean government-backed attacker group that previously targeted security researchers posing as recruiters at Samsung and sending fake job opportunities to employees at multiple South Korean information security companies that sell anti-malware solutions.” Pierluigi Paganini.

Malware

Malware Phishing Antivirus Hacking

538 Million Weibo users’ records being sold on Dark Web

Security Affairs

MARCH 23, 2020

Weibo is a popular Chinese micro-blogging ( weibo ) website, it was launched by Sina Corporation on 14 August 2009, it claimed over 445 million monthly active users as of Q3 2018. . The company confirmed that the data were obtained in 2019 due to credential stuffing attacks and other information gathered online.

Accountability

Accountability Passwords Advertising Internet

Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID operations

Security Affairs

JULY 13, 2024

The popular investigator Brian Krebs reported that Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham, noted in 2014 that Tank told co-conspirators in a JabberZeus chat on July 22, 2009 that his daughter, Miloslava, was and told him Miloslava birth weight.

Cybercrime

Cybercrime Banking Malware Hacking

North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro

Security Affairs

NOVEMBER 15, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. SecurityAffairs – hacking, Operation Cyclone). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Cybersecurity

Cybersecurity Engineering Software Malware

China-linked APT10 leverages ZeroLogon exploits in recent attacks

Security Affairs

NOVEMBER 18, 2020

The group, also known as Cicada, Stone Panda , and Cloud Hopper , has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide. ” Pierluigi Paganini.

Manufacturing

Manufacturing Hacking Engineering Malware

The man behind Cardplanet credit card market sentenced to 9 years in prison

Security Affairs

JUNE 27, 2020

The Russian national named Aleksey Yurievich Burkov (30) was sentenced to nine years in prison for running Cardplanet and Direct Connection, two credit card market that facilitated payment card fraud, computer hacking, and other illegal activities. SecurityAffairs – hacking, Cardplanet). Pierluigi Paganini.

Marketing

Marketing Cybercrime Advertising Insurance

EU has imposed sanctions on foreign actors for the first time ever

Security Affairs

JULY 31, 2020

The group has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide. SecurityAffairs – hacking, EU sanctions). ” conclude the EU.

Cyber Attacks

Cyber Attacks Hacking Advertising Government

North Korea-linked Lazarus APT targets the COVID-19 research

Security Affairs

DECEMBER 25, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, North Korea).

Cryptocurrency

Cryptocurrency Malware Hacking Phishing

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Security Affairs

MARCH 3, 2020

“ Two Chinese nationals were charged with laundering over $100 million worth of cryptocurrency from a hack of a cryptocurrency exchange. The group is considered responsible for the massive WannaCry ransomware attack, a string of SWIFT attacks in 2016, and the Sony Pictures hack. million from another exchange.

Cryptocurrency

Cryptocurrency Banking Hacking Accountability

Administrators of bulletproof hosting sentenced to prison in the US

Security Affairs

OCTOBER 21, 2021

The two individuals, Aleksandr Skorodumov (33) of Lithuania, and Pavel Stassi (30) of Estonia, administrated the bulletproof hosting service between 2009 and 2015. SecurityAffairs – hacking, cyber security). The post Administrators of bulletproof hosting sentenced to prison in the US appeared first on Security Affairs.

System Administration

System Administration Malware Accountability Marketing

Belgium telecom operators Proximus and Orange drop Huawei

Security Affairs

OCTOBER 10, 2020

Orange Belgium is using Huawei equipment since 2007 for its mobile network in Belgium and Luxembourg, while the collaboration between Proximus and the Shenzhen-based company started in 2009 for the progressive upgrading of its network. SecurityAffairs – hacking, Proximus). Pierluigi Paganini.

Mobile

Mobile Manufacturing Internet Internet

The US Treasury placed sanctions on North Korea linked APT Groups

Security Affairs

SEPTEMBER 13, 2019

The US Treasury placed sanctions on three North Korea-linked hacking groups, the Lazarus Group, Bluenoroff, and Andarial. The US Treasury sanctions on three North Korea-linked hacking groups, the Lazarus Group , Bluenoroff , and Andarial. SecurityAffairs – North Korea, hacking). ” continues the US Treasury.

Cyber Attacks

Cyber Attacks Hacking Cryptocurrency Banking

North Korea-linked Lazarus APT targets the IT supply chain

Security Affairs

OCTOBER 27, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. SecurityAffairs – hacking, supply chain attack). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Malware

Malware System Administration Hacking Media

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Security Affairs

JUNE 27, 2019

. “Teams of hackers connected to the Chinese Ministry of State Security had penetrated HPE’s cloud computing service and used it as a launchpad to attack customers, plundering reams of corporate and government secrets for years in what U.S. “The hacking campaign, known as “ Cloud Hopper ,” was the subject of a U.S.

Identity Theft

Identity Theft Hacking Advertising System Administration

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Security Affairs

FEBRUARY 17, 2024

The popular investigator Brian Krebs reported that Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham, noted in 2014 that Tank told co-conspirators in a JabberZeus chat on July 22, 2009 that his daughter, Miloslava, was and told him Miloslava birth weight.

Malware

Malware Cybercrime Banking Hacking

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Security Affairs

SEPTEMBER 9, 2019

The targets of the two groups show significant overlap, Billbug also targeted organizations many military and government organizations in South Asia since at least January 2009. Security experts at Symantec speculate that Thrip is a sub-group of Billbug. Billbug is a long-established espionage group, active since at least January 2009.

Government

Government Advertising Telecommunications Malware

Orchard botnet uses Bitcoin Transaction info to generate DGA domains

Security Affairs

AUGUST 8, 2022

“It’s worth pointing out that the wallet address is the miner reward receiving address of the Bitcoin Genesis Block , which occurred on January 3, 2009, and is believed to be held by Nakamoto.” SecurityAffairs – hacking, domain name system). .” reads the analysis published by the researchers.

Accountability

Accountability Cryptocurrency Malware Hacking

PwnKit: Local Privilege Escalation bug affects major Linux distros

Security Affairs

JANUARY 26, 2022

The flaw, dubbed PwnKit, was introduced more than 12 years ago (May 2009) since the initial commit of pkexec, this means that all the versions are affected. SecurityAffairs – hacking, PwnKit). The post PwnKit: Local Privilege Escalation bug affects major Linux distros appeared first on Security Affairs. Pierluigi Paganini.

Architecture

Architecture Hacking Information Security

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Security Affairs

FEBRUARY 25, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, Lazarus).

Malware

Malware Cryptocurrency Password Management Encryption

Experts found 20 Million tax records for Russian citizens exposed online

Security Affairs

OCTOBER 1, 2019

Security experts from Comparitech along with security researcher Bob Diachenko discovered 20 million tax records belonging to Russian citizens exposed online in clear text and without protection. “A database of more than 20 million Russian tax records was found on an unsecured server, accessible to anyone with a web browser.”

Identity Theft

Identity Theft Scams Advertising Risk

PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web

Security Affairs

OCTOBER 23, 2023

billion Aadhaars issued by the UIDAI since this ID service launched in 2009, this system represents one of the largest biometric ID programs on the planet, according to a report published by think tank Brookings Institution. With roughly 1.4

Identity Theft

Identity Theft Banking Data breaches Malware

RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries

Security Affairs

JUNE 7, 2021

SecurityAffairs – hacking, RockYou2021). billion entries appeared first on Security Affairs. About the author: Edvardas Mikalauskas. Edvardas is a Senior Writer and Researcher at CyberNews. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Passwords

Passwords Data breaches Accountability Password Management

0v1ru$ hackers breach FSB contractor SyTech and expose Russian intel projects

Security Affairs

JULY 20, 2019

SyTech , a contractor for the Federal Security Service of the Russian Federation (FSB) has been hacked, attackers stole data about interna l projects. Attackers have hacked SyTech, a contractor for the Federal Security Service of the Russian Federation (FSB), and exfiltrated data about interna l projects.

Hacking

Hacking Data breaches Advertising Media

North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT

Security Affairs

MAY 9, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. SecurityAffairs – Dacls RAT, hacking). Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Advertising Encryption Hacking

Microsoft: North Korea-linked Zinc APT targets security experts

Security Affairs

JANUARY 29, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. “For proactive prevention of this type of attack, it is recommended that security professionals use an isolated environment (e.g.,

Malware

Malware Antivirus Hacking Accountability

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

At the time of this writing, no ransomware group has claimed responsibility for the security breach. CDHE provides free access to the identify theft monitoring Experian IdentityWorks SM for 24 months.

Education

Education Data breaches Ransomware Hacking

China-linked APT10 Target Taiwan’s financial trading industry

Security Affairs

FEBRUARY 22, 2022

The group (also known as Cicada, Stone Panda , MenuPass group, Bronze Riverside, and Cloud Hopper ) has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide.

Technology

Technology Hacking Passwords Software

Maryland Department of Labor discloses a data breach

Security Affairs

JULY 9, 2019

” Threat actors accessed to files stored in the Literacy Works Information System that are dated back 2009, 2010, and 2014. Exposed data includes first names, last names, social security numbers, dates of birth, city or county of residence, graduation dates and record numbers. ” continues the Department. . .

Data breaches

Data breaches Insurance Advertising Technology

CISA urges to fix actively exploited Firefox zero-days by March 21

Security Affairs

MARCH 8, 2022

SecurityAffairs – hacking, SIM swapping). The post CISA urges to fix actively exploited Firefox zero-days by March 21 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Authentication

Authentication Hacking Cybersecurity Risk

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

Security Affairs

JULY 6, 2021

According to Group-IB’s Threat Intelligence team, the suspect, dubbed Dr HeX by Group-IB based on one of the nicknames that he used, has been active since at least 2009 and is responsible for a number of cybercrimes, including phishing, defacing, malware development, fraud, and carding that resulted in thousands of unsuspecting victims.

Cybercrime

Cybercrime Phishing Banking Telecommunications

Russian spies are attempting to tap transatlantic undersea cables

Security Affairs

MARCH 1, 2020

British telecommunications company Cable & Wireless played a crucial role in the tapping of the undersea cables, in February 2009 a GCHQ employee was assigned to work within the company in a “full-time project management” role to follow the operation from the inside. SecurityAffairs – hacking, undersea cables). Pierluigi Paganini.

Wireless

Wireless Surveillance Telecommunications Advertising

FBI seized other domains used by the shadow eBook library Z-Library

Security Affairs

MAY 6, 2023

The library has been active since 2009, it offers e-book files in a variety of file formats, stripped of their copyright protections. The Federal Bureau of Investigation (FBI) seized multiple domains used by the illegal shadow eBook library Z-Library. Z-Library operates as a complex network of approximately 249 interrelated web domains.

Accountability

Accountability Hacking Cybersecurity Cybercrime

North Korea-linked Lazarus APT used Windows Update client and GitHub in recent attacks

Security Affairs

JANUARY 27, 2022

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. SecurityAffairs – hacking, Lazarus APT). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Malware

Malware Hacking Phishing Ransomware

Lazarus malware delivered to South Korean users via supply chain attacks

Security Affairs

NOVEMBER 16, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. SecurityAffairs – hacking, Lazarus). by specifying hashes of binaries in the VeraPort configuration).”

Malware

Malware Software Cryptocurrency Financial Services

Dacls RAT, the first Lazarus malware that targets Linux devices

Security Affairs

DECEMBER 17, 2019

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. Dacls is the first malware linked to the Lazarus group that targets Linux systems.

Malware

Malware Advertising Encryption Hacking

AusCERT and the Award for Information Security Excellence

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

Trending Sources

RockYou2024 compilation containing 10 billion passwords was leaked online

Who and What is Behind the Malware Proxy Service SocksEscort?

NASA hacked! An unauthorized Raspberry Pi connected to its network was the entry point

More than 16,000 Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894

SimJacker attack allows hacking any phone with just an SMS

North Korea-linked APT group BeagleBoyz targets banks

10-year-old vulnerability in Avaya VoIP Phones finally fixed

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

538 Million Weibo users’ records being sold on Dark Web

Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID operations

North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro

China-linked APT10 leverages ZeroLogon exploits in recent attacks

The man behind Cardplanet credit card market sentenced to 9 years in prison

EU has imposed sanctions on foreign actors for the first time ever

North Korea-linked Lazarus APT targets the COVID-19 research

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Administrators of bulletproof hosting sentenced to prison in the US

Belgium telecom operators Proximus and Orange drop Huawei

The US Treasury placed sanctions on North Korea linked APT Groups

North Korea-linked Lazarus APT targets the IT supply chain

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Orchard botnet uses Bitcoin Transaction info to generate DGA domains

PwnKit: Local Privilege Escalation bug affects major Linux distros

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Experts found 20 Million tax records for Russian citizens exposed online

PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web

RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries

0v1ru$ hackers breach FSB contractor SyTech and expose Russian intel projects

North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT

Microsoft: North Korea-linked Zinc APT targets security experts

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

China-linked APT10 Target Taiwan’s financial trading industry

Maryland Department of Labor discloses a data breach

CISA urges to fix actively exploited Firefox zero-days by March 21

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

Russian spies are attempting to tap transatlantic undersea cables

FBI seized other domains used by the shadow eBook library Z-Library

North Korea-linked Lazarus APT used Windows Update client and GitHub in recent attacks

Lazarus malware delivered to South Korean users via supply chain attacks

Dacls RAT, the first Lazarus malware that targets Linux devices

Stay Connected