2009 and Information Security - Cyber Security Informer

AusCERT and the Award for Information Security Excellence

Troy Hunt

MAY 31, 2018

At the gala dinner last night, without any warning beforehand, I somehow walked away with this: #AusCERT2018 Award for Information Security Excellence goes to @troyhunt @AusCERT 2018 Gala Dinner pic.twitter.com/9lxmwX0tdR — ValdemarJakobsen???? jamver) May 31, 2018. Yes, that guy is wearing a cape, it was a Star Wars thing.).

Information Security

Information Security Data breaches Hacking

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

Security Affairs

FEBRUARY 22, 2025

This threat actor was involved in cyber espionage campaigns and sabotage activities to destroy data and disrupt systems.

Cryptocurrency

Cryptocurrency Hacking Banking Cybersecurity

RockYou2024 compilation containing 10 billion passwords was leaked online

Security Affairs

JULY 8, 2024

The compilation has been named ‘RockYou2021’ by the forum user, presumably in reference to the RockYou data breach that occurred in 2009, when threat actors hacked their way into the social app website’s servers and got their hands on more than 32 million user passwords stored in plain text. RockYou2021 had 8.4

Passwords

Passwords Data breaches Hacking Accountability

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Danny Adamitis , principal information security researcher at Lumen and co-author of the report on AVrecon, confirmed Kilmer’s findings, saying the C2 data matched up with what Spur was seeing for SocksEscort dating back to September 2022. SocksEscort began in 2009 as “ super-socks[.]com

Malware

Malware VPN Internet Internet

538 Million Weibo users’ records being sold on Dark Web

Security Affairs

MARCH 23, 2020

Weibo is a popular Chinese micro-blogging ( weibo ) website, it was launched by Sina Corporation on 14 August 2009, it claimed over 445 million monthly active users as of Q3 2018. . The company confirmed that the data were obtained in 2019 due to credential stuffing attacks and other information gathered online.

Accountability

Accountability Passwords Advertising Internet

10-year-old vulnerability in Avaya VoIP Phones finally fixed

Security Affairs

AUGUST 10, 2019

Security experts at McAfee discovered that a stack-based buffer overflow flaw in the Dynamic Host Configuration Protocol (DHCP) client discovered and fixed ten years ago is still affecting several Avaya phones. The vulnerability could be exploited using a specially crafted DHCP response. ” reads the analysis published by McAfee.

Firmware

Firmware IoT Advertising Software

More than 16,000 Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894

Security Affairs

APRIL 6, 2024

Most of the vulnerable systems are in the US (4686 at the time of this writing), followed by Japan (2009), and UK (1032). We are now scanning/reporting Ivanti Connect Secure instances vulnerable to CVE-2024-21894 (heap overflow potentially leading to RCE) & others described in [link] ~16 500 likely vulnerable (~4.6K

VPN

VPN Internet Internet Hacking

Experts found 20 Million tax records for Russian citizens exposed online

Security Affairs

OCTOBER 1, 2019

Security experts from Comparitech along with security researcher Bob Diachenko discovered 20 million tax records belonging to Russian citizens exposed online in clear text and without protection. “A database of more than 20 million Russian tax records was found on an unsecured server, accessible to anyone with a web browser.”

Identity Theft

Identity Theft Scams Advertising Risk

Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID operations

Security Affairs

JULY 13, 2024

The popular investigator Brian Krebs reported that Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham, noted in 2014 that Tank told co-conspirators in a JabberZeus chat on July 22, 2009 that his daughter, Miloslava, was and told him Miloslava birth weight.

Cybercrime

Cybercrime Banking Malware Hacking

IBM releases open-source toolkits implementing FHE to process data while encrypted

Security Affairs

JUNE 8, 2020

IBM invented FHE in 2009, but only recently it is becoming practical thanks to algorithmic progresses. . “In The toolkits released by IBM are already available for macOS and iOS, the IT company plan to release also Android and Linux versions. The FHE toolkits are been released on GitHub for macOS and iOS.

Encryption

Encryption Advertising Data privacy Healthcare

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

. “TAG observed a North Korean government-backed attacker group that previously targeted security researchers posing as recruiters at Samsung and sending fake job opportunities to employees at multiple South Korean information security companies that sell anti-malware solutions.”

Malware

Malware Phishing Antivirus Hacking

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Security Affairs

SEPTEMBER 9, 2019

The targets of the two groups show significant overlap, Billbug also targeted organizations many military and government organizations in South Asia since at least January 2009. Security experts at Symantec speculate that Thrip is a sub-group of Billbug. Billbug is a long-established espionage group, active since at least January 2009.

Government

Government Advertising Telecommunications Malware

Administrators of bulletproof hosting sentenced to prison in the US

Security Affairs

OCTOBER 21, 2021

The two individuals, Aleksandr Skorodumov (33) of Lithuania, and Pavel Stassi (30) of Estonia, administrated the bulletproof hosting service between 2009 and 2015.

System Administration

System Administration Malware Accountability Marketing

Orchard botnet uses Bitcoin Transaction info to generate DGA domains

Security Affairs

AUGUST 8, 2022

“It’s worth pointing out that the wallet address is the miner reward receiving address of the Bitcoin Genesis Block , which occurred on January 3, 2009, and is believed to be held by Nakamoto.” The post Orchard botnet uses Bitcoin Transaction info to generate DGA domains appeared first on Security Affairs.

Accountability

Accountability Cryptocurrency Malware Hacking

North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro

Security Affairs

NOVEMBER 15, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Cybersecurity

Cybersecurity Engineering Software Malware

PwnKit: Local Privilege Escalation bug affects major Linux distros

Security Affairs

JANUARY 26, 2022

The flaw, dubbed PwnKit, was introduced more than 12 years ago (May 2009) since the initial commit of pkexec, this means that all the versions are affected. The good news is that this issue is not remotely exploitable, but if an attacker can log in as any unprivileged user, it can allow to gain root privileges.

Architecture

Architecture Hacking Information Security

Belgium telecom operators Proximus and Orange drop Huawei

Security Affairs

OCTOBER 10, 2020

Orange Belgium is using Huawei equipment since 2007 for its mobile network in Belgium and Luxembourg, while the collaboration between Proximus and the Shenzhen-based company started in 2009 for the progressive upgrading of its network.

Mobile

Mobile Manufacturing Internet Internet

North Korea-linked APT group BeagleBoyz targets banks

Security Affairs

AUGUST 29, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. BeagleBoyz (aka Lazarus , APT38 , Bluenoroff, and Stardust Chollima) represents a subset of the HIDDEN COBRA threat actors.

Banking

Banking Malware Advertising Hacking

China-linked APT10 leverages ZeroLogon exploits in recent attacks

Security Affairs

NOVEMBER 18, 2020

The group, also known as Cicada, Stone Panda , and Cloud Hopper , has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide.

Manufacturing

Manufacturing Hacking Engineering Malware

The man behind Cardplanet credit card market sentenced to 9 years in prison

Security Affairs

JUNE 27, 2020

The man operated the Cardplanet site between at least early 2009 through at least August 2013. In 2019, Burkov was accused of running the online criminal marketplace, Cardplanet, according to the investigators, the site helped crooks to organize more than $20 million in credit card fraud.

Marketing

Marketing Cybercrime Advertising Insurance

Emergency Satellite Messaging, Stagnation in User Cybersecurity Habits

Security Boulevard

OCTOBER 13, 2024

In the milestone 350th episode of the Shared Security Podcast, the hosts reflect on 15 years of podcasting, and the podcast’s evolution from its beginnings in 2009. The ‘Aware Much’ segment focuses on […] The post Emergency Satellite Messaging, Stagnation in User Cybersecurity Habits appeared first on Shared Security Podcast.

Cybersecurity

Cybersecurity Password Management Passwords Media

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

Security Affairs

FEBRUARY 17, 2024

The popular investigator Brian Krebs reported that Gary Warner, director of research in computer forensics at the University of Alabama at Birmingham, noted in 2014 that Tank told co-conspirators in a JabberZeus chat on July 22, 2009 that his daughter, Miloslava, was and told him Miloslava birth weight.

Malware

Malware Cybercrime Banking Hacking

BrandPost: Assessing Network Analysis and Visibility Solutions for Zero Trust

CSO Magazine

JUNE 13, 2022

Zero-trust principles foster more effective threat detection because they reject the notion that security happens at the perimeter and that all network traffic is legitimate traffic. The concept was built around the idea that security professionals must "eliminate the idea of a trusted network."

Threat Detection

Threat Detection Information Security

Meet the 2021 SC Awards judges

SC Magazine

MAY 1, 2021

Prior to Mastercard, Abdullah was the chief information security officer at Xerox, where she established and led a corporate-wide information risk management program. She also served as the deputy chief information officer of the White House. She is also the host of the Mastering Cyber podcast.

Computers and Electronics

Computers and Electronics Technology Information Security Education

PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web

Security Affairs

OCTOBER 23, 2023

billion Aadhaars issued by the UIDAI since this ID service launched in 2009, this system represents one of the largest biometric ID programs on the planet, according to a report published by think tank Brookings Institution. With roughly 1.4

Identity Theft

Identity Theft Banking Data breaches Malware

An ongoing Qbot campaign targeted customers of tens of US banks

Security Affairs

JUNE 18, 2020

Security researchers at F5 Labs have spotted ongoing attacks using Qbot malware payloads to steal credentials from customers of dozens of US financial institutions. Qbot , aka Qakbot , is a data stealer worm with backdoor capabilities that was first detected by Symantec back in 2009. The campaign targets 36 different U.S.

Banking

Banking Malware Advertising Financial Services

News Alert: AppViewX – EMA study finds 79 percent of SSL/TLS certificates vulnerable to MiTM attacks

The Last Watchdog

AUGUST 1, 2023

and 1.3,” said Ken Buckler, CASP, Director of Information Security Research for EMA. With Google’s proposed TLS certificate 90-day expiration mandate looming, it’s clear that the only path forward for IT administrators and security professionals is automated certificate management.”

Internet

Internet Internet Healthcare Banking

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

Security Affairs

JULY 6, 2021

According to Group-IB’s Threat Intelligence team, the suspect, dubbed Dr HeX by Group-IB based on one of the nicknames that he used, has been active since at least 2009 and is responsible for a number of cybercrimes, including phishing, defacing, malware development, fraud, and carding that resulted in thousands of unsuspecting victims.

Cybercrime

Cybercrime Phishing Banking Telecommunications

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

CDHE provides free access to the identify theft monitoring Experian IdentityWorks SM for 24 months.

Education

Education Data breaches Ransomware Hacking

ENISA provides data related to major telecom security incidents in 2021

Security Affairs

JULY 28, 2022

Every European telecom operator that suffers a security incident, notifies its national authorities which share a summary of these reports to ENISA at the start of every calendar year. The reporting of security incidents has been part of the EU’s regulatory framework for telecoms since the 2009 reform of the telecoms package.

Authentication

Authentication Hacking Accountability Information Security

Maryland Department of Labor discloses a data breach

Security Affairs

JULY 9, 2019

” Threat actors accessed to files stored in the Literacy Works Information System that are dated back 2009, 2010, and 2014. Exposed data includes first names, last names, social security numbers, dates of birth, city or county of residence, graduation dates and record numbers. ” continues the Department. .

Data breaches

Data breaches Insurance Advertising Technology

CISA urges to fix actively exploited Firefox zero-days by March 21

Security Affairs

MARCH 8, 2022

Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini. SecurityAffairs – hacking, SIM swapping).

Authentication

Authentication Hacking Cybersecurity Risk

North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT

Security Affairs

MAY 9, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Malware

Malware Advertising Encryption Hacking

North Korea-linked Lazarus APT targets the IT supply chain

Security Affairs

OCTOBER 27, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Malware

Malware System Administration Hacking Media

SAP Security Patch Day for May 2019 fixes many missing authorization checks

Security Affairs

MAY 15, 2019

they are an information disclosure in BusinessObjects business intelligence platform (CVE-2019-0287), and a missing authorization check in Treasury and Risk Management (CVE-2019-0280). SAP published updates for Security Notes released in October 2009, September 2010, December 2010, and March 2013. ” adds Onapsis.

Advertising

Advertising Financial Services Software Risk

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Security Affairs

FEBRUARY 25, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. .” The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Malware

Malware Cryptocurrency Password Management Encryption

FBI seized other domains used by the shadow eBook library Z-Library

Security Affairs

MAY 6, 2023

The library has been active since 2009, it offers e-book files in a variety of file formats, stripped of their copyright protections. The Federal Bureau of Investigation (FBI) seized multiple domains used by the illegal shadow eBook library Z-Library. Z-Library operates as a complex network of approximately 249 interrelated web domains.

Accountability

Accountability Hacking Cybersecurity Cybercrime

Russian spies are attempting to tap transatlantic undersea cables

Security Affairs

MARCH 1, 2020

British telecommunications company Cable & Wireless played a crucial role in the tapping of the undersea cables, in February 2009 a GCHQ employee was assigned to work within the company in a “full-time project management” role to follow the operation from the inside.

Wireless

Wireless Surveillance Telecommunications Advertising

RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries

Security Affairs

JUNE 7, 2021

An example of leaked passwords included in the RockYou2021 compilation: With a collection that exceeds its 12-year-old namesake by more than 262 times, this leak is comparable to the Compilation of Many Breaches (COMB) , the largest data breach compilation ever.

Passwords

Passwords Data breaches Accountability Password Management

Office network at the European Network of Transmission System Operators for Electricity (ENTSO-E) breached

Security Affairs

MARCH 11, 2020

ENTSO-E was established and given legal mandates by the EU’s Third Package for the Internal energy market in 2009, which aims at further liberalising the gas and electricity markets in the EU. ENTSO-E works with TSO on the definition of Europe’s energy and climate strategy.

Advertising

Advertising Marketing Risk Information Security

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

The Last Watchdog

AUGUST 15, 2019

Beazley also reported that SMBs, which tend to spend less on information security, were at a higher risk of being hit by ransomware than larger firms, and that the healthcare sector was hardest hit by ransomware attacks, followed by financial institutions and professional services. million – the equivalent of 3,000 Bitcoin at the time.

Ransomware

Ransomware Internet Internet Hacking

Microsoft: North Korea-linked Zinc APT targets security experts

Security Affairs

JANUARY 29, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The activity of the Zinc APT group, aka Lazarus, surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Malware

Malware Antivirus Hacking Accountability

US officials charge two Chinese men for laundering cryptocurrency for North Korea

Security Affairs

MARCH 3, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems.

Cryptocurrency

Cryptocurrency Banking Hacking Accountability

APT10 is back with two new loaders and new versions of known payloads

Security Affairs

MAY 27, 2019

The group has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide.

Advertising

Advertising Malware Government Hacking

AusCERT and the Award for Information Security Excellence

Lazarus APT stole $1.5B from Bybit, it is the largest cryptocurrency heist ever

Webinars

Trending Sources

RockYou2024 compilation containing 10 billion passwords was leaked online

Webinars

Who and What is Behind the Malware Proxy Service SocksEscort?

538 Million Weibo users’ records being sold on Dark Web

10-year-old vulnerability in Avaya VoIP Phones finally fixed

More than 16,000 Ivanti VPN gateways still vulnerable to RCE CVE-2024-21894

Experts found 20 Million tax records for Russian citizens exposed online

Vyacheslav Igorevich Penchukov was sentenced to prison for his role in Zeus and IcedID operations

IBM releases open-source toolkits implementing FHE to process data while encrypted

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Symantec uncovered the link between China-Linked Thrip and Billbug groups

Administrators of bulletproof hosting sentenced to prison in the US

Orchard botnet uses Bitcoin Transaction info to generate DGA domains

North Korea-linked Lazarus group targets cybersecurity experts with Trojanized IDA Pro

PwnKit: Local Privilege Escalation bug affects major Linux distros

Belgium telecom operators Proximus and Orange drop Huawei

North Korea-linked APT group BeagleBoyz targets banks

China-linked APT10 leverages ZeroLogon exploits in recent attacks

The man behind Cardplanet credit card market sentenced to 9 years in prison

Emergency Satellite Messaging, Stagnation in User Cybersecurity Habits

Ukrainian national faces up to 20 years in prison for his role in Zeus, IcedID malware schemes

BrandPost: Assessing Network Analysis and Visibility Solutions for Zero Trust

Meet the 2021 SC Awards judges

PII Belonging to Indian Citizens, Including their Aadhaar IDs, Offered for Sale on the Dark Web

An ongoing Qbot campaign targeted customers of tens of US banks

News Alert: AppViewX – EMA study finds 79 percent of SSL/TLS certificates vulnerable to MiTM attacks

Operation Lyrebird: Group-IB assists INTERPOL in identifying suspect behind numerous cybercrimes worldwide

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

ENISA provides data related to major telecom security incidents in 2021

Maryland Department of Labor discloses a data breach

CISA urges to fix actively exploited Firefox zero-days by March 21

North Korea-linked Lazarus APT uses a Mac variant of the Dacls RAT

North Korea-linked Lazarus APT targets the IT supply chain

SAP Security Patch Day for May 2019 fixes many missing authorization checks

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

FBI seized other domains used by the shadow eBook library Z-Library

Russian spies are attempting to tap transatlantic undersea cables

RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries

Office network at the European Network of Transmission System Operators for Electricity (ENTSO-E) breached

MY TAKE: A primer on how ransomware arose to the become an enduring scourge

Microsoft: North Korea-linked Zinc APT targets security experts

US officials charge two Chinese men for laundering cryptocurrency for North Korea

APT10 is back with two new loaders and new versions of known payloads

Stay Connected