2009 and Information Security - Cyber Security Informer

AusCERT and the Award for Information Security Excellence

Troy Hunt

MAY 31, 2018

At the gala dinner last night, without any warning beforehand, I somehow walked away with this: #AusCERT2018 Award for Information Security Excellence goes to @troyhunt @AusCERT 2018 Gala Dinner pic.twitter.com/9lxmwX0tdR — ValdemarJakobsen???? jamver) May 31, 2018. Yes, that guy is wearing a cape, it was a Star Wars thing.).

Information Security

Information Security Data breaches Hacking

RockYou2024 compilation containing 10 billion passwords was leaked online

Security Affairs

JULY 8, 2024

The compilation has been named ‘RockYou2021’ by the forum user, presumably in reference to the RockYou data breach that occurred in 2009, when threat actors hacked their way into the social app website’s servers and got their hands on more than 32 million user passwords stored in plain text. RockYou2021 had 8.4

Passwords

Passwords Data breaches Hacking Accountability

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Danny Adamitis , principal information security researcher at Lumen and co-author of the report on AVrecon, confirmed Kilmer’s findings, saying the C2 data matched up with what Spur was seeing for SocksEscort dating back to September 2022. SocksEscort began in 2009 as “ super-socks[.]com

Malware

Malware VPN Internet Internet

More than 16,000 Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894

Security Affairs

APRIL 6, 2024

Most of the vulnerable systems are in the US (4686 at the time of this writing), followed by Japan (2009), and UK (1032). We are now scanning/reporting Ivanti Connect Secure instances vulnerable to CVE-2024-21894 (heap overflow potentially leading to RCE) & others described in [link] ~16 500 likely vulnerable (~4.6K

VPN

VPN Internet Internet Hacking

538 Million Weibo users’ records being sold on Dark Web

Security Affairs

MARCH 23, 2020

Weibo is a popular Chinese micro-blogging ( weibo ) website, it was launched by Sina Corporation on 14 August 2009, it claimed over 445 million monthly active users as of Q3 2018. . The company confirmed that the data were obtained in 2019 due to credential stuffing attacks and other information gathered online.

Accountability

Accountability Passwords Advertising Internet

10-year-old vulnerability in Avaya VoIP Phones finally fixed

Security Affairs

AUGUST 10, 2019

Security experts at McAfee discovered that a stack-based buffer overflow flaw in the Dynamic Host Configuration Protocol (DHCP) client discovered and fixed ten years ago is still affecting several Avaya phones. The vulnerability could be exploited using a specially crafted DHCP response. ” reads the analysis published by McAfee.

Firmware

Firmware IoT Advertising Software

Experts found 20 Million tax records for Russian citizens exposed online

Security Affairs

OCTOBER 1, 2019

Security experts from Comparitech along with security researcher Bob Diachenko discovered 20 million tax records belonging to Russian citizens exposed online in clear text and without protection. “A database of more than 20 million Russian tax records was found on an unsecured server, accessible to anyone with a web browser.”

Identity Theft

Identity Theft Scams Advertising Risk

Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID operations

Security Affairs

JULY 13, 2024

The popular investigator Brian Krebs reported that Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham, noted in 2014 that Tank told co-conspirators in a JabberZeus chat on July 22, 2009 that his daughter, Miloslava, was and told him Miloslava birth weight.

Cybercrime

Cybercrime Banking Malware Hacking

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

. “TAG observed a North Korean government-backed attacker group that previously targeted security researchers posing as recruiters at Samsung and sending fake job opportunities to employees at multiple South Korean information security companies that sell anti-malware solutions.”

Malware

Malware Phishing Antivirus Hacking

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Security Affairs

FEBRUARY 17, 2024

The popular investigator Brian Krebs reported that Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham, noted in 2014 that Tank told co-conspirators in a JabberZeus chat on July 22, 2009 that his daughter, Miloslava, was and told him Miloslava birth weight.

Malware

Malware Cybercrime Banking Hacking

IBM releases open-source toolkits implementing FHE to process data while encrypted

Security Affairs

JUNE 8, 2020

IBM invented FHE in 2009, but only recently it is becoming practical thanks to algorithmic progresses. . “In The toolkits released by IBM are already available for macOS and iOS, the IT company plan to release also Android and Linux versions. The FHE toolkits are been released on GitHub for macOS and iOS.

Encryption

Encryption Advertising Data privacy Healthcare

Administrators of bulletproof hosting sentenced to prison in the US

Security Affairs

OCTOBER 21, 2021

The two individuals, Aleksandr Skorodumov (33) of Lithuania, and Pavel Stassi (30) of Estonia, administrated the bulletproof hosting service between 2009 and 2015.

System Administration

System Administration Malware Accountability Marketing

North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro

Security Affairs

NOVEMBER 15, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Cybersecurity

Cybersecurity Engineering Software Malware

PwnKit: Local Privilege Escalation bug affects major Linux distros

Security Affairs

JANUARY 26, 2022

The flaw, dubbed PwnKit, was introduced more than 12 years ago (May 2009) since the initial commit of pkexec, this means that all the versions are affected. The good news is that this issue is not remotely exploitable, but if an attacker can log in as any unprivileged user, it can allow to gain root privileges.

Architecture

Architecture Hacking Information Security

Belgium telecom operators Proximus and Orange drop Huawei

Security Affairs

OCTOBER 10, 2020

Orange Belgium is using Huawei equipment since 2007 for its mobile network in Belgium and Luxembourg, while the collaboration between Proximus and the Shenzhen-based company started in 2009 for the progressive upgrading of its network.

Mobile

Mobile Manufacturing Wireless Internet

China-linked APT10 leverages ZeroLogon exploits in recent attacks

Security Affairs

NOVEMBER 18, 2020

The group, also known as Cicada, Stone Panda , and Cloud Hopper , has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide.

Manufacturing

Manufacturing Hacking Engineering Malware

Orchard botnet uses Bitcoin Transaction info to generate DGA domains

Security Affairs

AUGUST 8, 2022

“It’s worth pointing out that the wallet address is the miner reward receiving address of the Bitcoin Genesis Block , which occurred on January 3, 2009, and is believed to be held by Nakamoto.” The post Orchard botnet uses Bitcoin Transaction info to generate DGA domains appeared first on Security Affairs.

Accountability

Accountability Cryptocurrency Malware Hacking

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Security Affairs

SEPTEMBER 9, 2019

The targets of the two groups show significant overlap, Billbug also targeted organizations many military and government organizations in South Asia since at least January 2009. Security experts at Symantec speculate that Thrip is a sub-group of Billbug. Billbug is a long-established espionage group, active since at least January 2009.

Government

Government Telecommunications Advertising Malware

The man behind Cardplanet credit card market sentenced to 9 years in prison

Security Affairs

JUNE 27, 2020

The man operated the Cardplanet site between at least early 2009 through at least August 2013. In 2019, Burkov was accused of running the online criminal marketplace, Cardplanet, according to the investigators, the site helped crooks to organize more than $20 million in credit card fraud.

Marketing

Marketing Cybercrime Advertising Insurance

North Korea-linked APT group BeagleBoyz targets banks

Security Affairs

AUGUST 29, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. BeagleBoyz (aka Lazarus , APT38 , Bluenoroff, and Stardust Chollima) represents a subset of the HIDDEN COBRA threat actors.

Banking

Banking Malware Advertising Hacking

Emergency Satellite Messaging, Stagnation in User Cybersecurity Habits

Security Boulevard

OCTOBER 13, 2024

In the milestone 350th episode of the Shared Security Podcast, the hosts reflect on 15 years of podcasting, and the podcast’s evolution from its beginnings in 2009. The ‘Aware Much’ segment focuses on […] The post Emergency Satellite Messaging, Stagnation in User Cybersecurity Habits appeared first on Shared Security Podcast.

Cybersecurity

Cybersecurity Password Management Passwords Media

BrandPost: Assessing Network Analysis and Visibility Solutions for Zero Trust

CSO Magazine

JUNE 13, 2022

Zero-trust principles foster more effective threat detection because they reject the notion that security happens at the perimeter and that all network traffic is legitimate traffic. The concept was built around the idea that security professionals must "eliminate the idea of a trusted network."

Threat Detection

Threat Detection Information Security

North Korea-linked Lazarus APT targets the COVID-19 research

Security Affairs

DECEMBER 25, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Cryptocurrency

Cryptocurrency Malware Hacking Phishing

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

Security Affairs

JULY 6, 2021

According to Group-IB’s Threat Intelligence team, the suspect, dubbed Dr HeX by Group-IB based on one of the nicknames that he used, has been active since at least 2009 and is responsible for a number of cybercrimes, including phishing, defacing, malware development, fraud, and carding that resulted in thousands of unsuspecting victims.

Cybercrime

Cybercrime Phishing Banking Telecommunications

Meet the 2021 SC Awards judges

SC Magazine

MAY 1, 2021

Prior to Mastercard, Abdullah was the chief information security officer at Xerox, where she established and led a corporate-wide information risk management program. She also served as the deputy chief information officer of the White House. She is also the host of the Mastering Cyber podcast.

Computers and Electronics

Computers and Electronics Technology Education Information Security

PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web

Security Affairs

OCTOBER 23, 2023

billion Aadhaars issued by the UIDAI since this ID service launched in 2009, this system represents one of the largest biometric ID programs on the planet, according to a report published by think tank Brookings Institution. With roughly 1.4

Identity Theft

Identity Theft Banking Data breaches Malware

News Alert: AppViewX – EMA study finds 79 percent of SSL/TLS certificates vulnerable to MiTM attacks

The Last Watchdog

AUGUST 1, 2023

and 1.3,” said Ken Buckler, CASP, Director of Information Security Research for EMA. With Google’s proposed TLS certificate 90-day expiration mandate looming, it’s clear that the only path forward for IT administrators and security professionals is automated certificate management.”

Internet

Internet Internet Healthcare Banking

CISA urges to fix actively exploited Firefox zero-days by March 21

Security Affairs

MARCH 8, 2022

Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, SIM swapping).

Authentication

Authentication Hacking Cybersecurity Risk

North Korea-linked Lazarus APT targets the IT supply chain

Security Affairs

OCTOBER 27, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Malware

Malware System Administration Hacking Media

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

CDHE provides free access to the identify theft monitoring Experian IdentityWorks SM for 24 months.

Education

Education Data breaches Ransomware Hacking

Maryland Department of Labor discloses a data breach

Security Affairs

JULY 9, 2019

” Threat actors accessed to files stored in the Literacy Works Information System that are dated back 2009, 2010, and 2014. Exposed data includes first names, last names, social security numbers, dates of birth, city or county of residence, graduation dates and record numbers. ” continues the Department. .

Data breaches

Data breaches Insurance Advertising Technology

ENISA provides data related to major telecom security incidents in 2021

Security Affairs

JULY 28, 2022

Every European telecom operator that suffers a security incident, notifies its national authorities which share a summary of these reports to ENISA at the start of every calendar year. The reporting of security incidents has been part of the EU’s regulatory framework for telecoms since the 2009 reform of the telecoms package.

Authentication

Authentication Hacking Accountability Information Security

North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT

Security Affairs

MAY 9, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Malware

Malware Advertising Encryption Hacking

RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries

Security Affairs

JUNE 7, 2021

An example of leaked passwords included in the RockYou2021 compilation: With a collection that exceeds its 12-year-old namesake by more than 262 times, this leak is comparable to the Compilation of Many Breaches (COMB) , the largest data breach compilation ever.

Passwords

Passwords Data breaches Accountability Password Management

SAP Security Patch Day for May 2019 fixes many missing authorization checks

Security Affairs

MAY 15, 2019

they are an information disclosure in BusinessObjects business intelligence platform (CVE-2019-0287), and a missing authorization check in Treasury and Risk Management (CVE-2019-0280). SAP published updates for Security Notes released in October 2009, September 2010, December 2010, and March 2013. ” adds Onapsis.

Advertising

Advertising Financial Services Software Risk

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Security Affairs

FEBRUARY 25, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. .” The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Malware

Malware Cryptocurrency Password Management Encryption

Russian spies are attempting to tap transatlantic undersea cables

Security Affairs

MARCH 1, 2020

British telecommunications company Cable & Wireless played a crucial role in the tapping of the undersea cables, in February 2009 a GCHQ employee was assigned to work within the company in a “full-time project management” role to follow the operation from the inside.

Wireless

Wireless Surveillance Telecommunications Advertising

FBI seized other domains used by the shadow eBook library Z-Library

Security Affairs

MAY 6, 2023

The library has been active since 2009, it offers e-book files in a variety of file formats, stripped of their copyright protections. The Federal Bureau of Investigation (FBI) seized multiple domains used by the illegal shadow eBook library Z-Library. Z-Library operates as a complex network of approximately 249 interrelated web domains.

Accountability

Accountability Hacking Cybersecurity Cybercrime

Microsoft: North Korea-linked Zinc APT targets security experts

Security Affairs

JANUARY 29, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The activity of the Zinc APT group, aka Lazarus, surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Malware

Malware Antivirus Hacking Accountability

Office network at the European Network of Transmission System Operators for Electricity (ENTSO-E) breached

Security Affairs

MARCH 11, 2020

ENTSO-E was established and given legal mandates by the EU’s Third Package for the Internal energy market in 2009, which aims at further liberalising the gas and electricity markets in the EU. ENTSO-E works with TSO on the definition of Europe’s energy and climate strategy.

Advertising

Advertising Marketing Risk Information Security

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Security Affairs

MARCH 3, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Cryptocurrency

Cryptocurrency Banking Hacking Accountability

Dacls RAT, the first Lazarus malware that targets Linux devices

Security Affairs

DECEMBER 17, 2019

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Malware

Malware Advertising Encryption Hacking

EU has imposed sanctions on foreign actors for the first time ever

Security Affairs

JULY 31, 2020

The group has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide.

Cyber Attacks

Cyber Attacks Hacking Advertising Government

Spain extradites 94 Taiwanese to China phone and online fraud charges

Security Affairs

JUNE 10, 2019

The two governments signed an agreement in 2009 to join the efforts in the fight against the crime. .” Spainish authorities already extradited 225 suspects, 218 of which are Taiwanese. Even is Taiwan split from China in 1949 during a civil war, Beijing still considers the country as part of its territory.

Scams

Scams Advertising Accountability Government

AusCERT and the Award for Information Security Excellence

RockYou2024 compilation containing 10 billion passwords was leaked online

Trending Sources

Who and What is Behind the Malware Proxy Service SocksEscort?

More than 16,000 Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894

538 Million Weibo users’ records being sold on Dark Web

10-year-old vulnerability in Avaya VoIP Phones finally fixed

Experts found 20 Million tax records for Russian citizens exposed online

Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID operations

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

IBM releases open-source toolkits implementing FHE to process data while encrypted

Administrators of bulletproof hosting sentenced to prison in the US

North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro

PwnKit: Local Privilege Escalation bug affects major Linux distros

Belgium telecom operators Proximus and Orange drop Huawei

China-linked APT10 leverages ZeroLogon exploits in recent attacks

Orchard botnet uses Bitcoin Transaction info to generate DGA domains

Symantec uncovered the link between China-Linked Thrip and Billbug groups

The man behind Cardplanet credit card market sentenced to 9 years in prison

North Korea-linked APT group BeagleBoyz targets banks

Emergency Satellite Messaging, Stagnation in User Cybersecurity Habits

BrandPost: Assessing Network Analysis and Visibility Solutions for Zero Trust

North Korea-linked Lazarus APT targets the COVID-19 research

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

Meet the 2021 SC Awards judges

PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web

News Alert: AppViewX – EMA study finds 79 percent of SSL/TLS certificates vulnerable to MiTM attacks

CISA urges to fix actively exploited Firefox zero-days by March 21

North Korea-linked Lazarus APT targets the IT supply chain

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Maryland Department of Labor discloses a data breach

ENISA provides data related to major telecom security incidents in 2021

North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT

RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries

SAP Security Patch Day for May 2019 fixes many missing authorization checks

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Russian spies are attempting to tap transatlantic undersea cables

FBI seized other domains used by the shadow eBook library Z-Library

Microsoft: North Korea-linked Zinc APT targets security experts

Office network at the European Network of Transmission System Operators for Electricity (ENTSO-E) breached

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Dacls RAT, the first Lazarus malware that targets Linux devices

EU has imposed sanctions on foreign actors for the first time ever

Spain extradites 94 Taiwanese to China phone and online fraud charges

Stay Connected