article thumbnail

AusCERT and the Award for Information Security Excellence

Troy Hunt

At the gala dinner last night, without any warning beforehand, I somehow walked away with this: #AusCERT2018 Award for Information Security Excellence goes to @troyhunt @AusCERT 2018 Gala Dinner pic.twitter.com/9lxmwX0tdR — ValdemarJakobsen???? jamver) May 31, 2018. Yes, that guy is wearing a cape, it was a Star Wars thing.).

article thumbnail

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

Security Affairs

This threat actor was involved in cyber espionage campaigns and sabotage activities to destroy data and disrupt systems.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

RockYou2024 compilation containing 10 billion passwords was leaked online

Security Affairs

The compilation has been named ‘RockYou2021’ by the forum user, presumably in reference to the RockYou data breach that occurred in 2009, when threat actors hacked their way into the social app website’s servers and got their hands on more than 32 million user passwords stored in plain text. RockYou2021 had 8.4

Passwords 130
article thumbnail

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

Danny Adamitis , principal information security researcher at Lumen and co-author of the report on AVrecon, confirmed Kilmer’s findings, saying the C2 data matched up with what Spur was seeing for SocksEscort dating back to September 2022. SocksEscort began in 2009 as “ super-socks[.]com

Malware 236
article thumbnail

538 Million Weibo users’ records being sold on Dark Web

Security Affairs

Weibo is a popular Chinese micro-blogging ( weibo ) website, it was launched by Sina Corporation on 14 August 2009, it claimed over 445 million monthly active users as of Q3 2018. . The company confirmed that the data were obtained in 2019 due to credential stuffing attacks and other information gathered online.

article thumbnail

More than 16,000 Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894

Security Affairs

Most of the vulnerable systems are in the US (4686 at the time of this writing), followed by Japan (2009), and UK (1032). We are now scanning/reporting Ivanti Connect Secure instances vulnerable to CVE-2024-21894 (heap overflow potentially leading to RCE) & others described in [link] ~16 500 likely vulnerable (~4.6K

VPN 130
article thumbnail

10-year-old vulnerability in Avaya VoIP Phones finally fixed

Security Affairs

Security experts at McAfee discovered that a stack-based buffer overflow flaw in the Dynamic Host Configuration Protocol (DHCP) client discovered and fixed ten years ago is still affecting several Avaya phones. The vulnerability could be exploited using a specially crafted DHCP response. ” reads the analysis published by McAfee.

Firmware 109