2009, Information Security and Passwords

RockYou2024 compilation containing 10 billion passwords was leaked online

Security Affairs

JULY 8, 2024

Threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. The Cybernews researchers reported that threat actors leaked the largest password compilation ever, known as RockYou2024, on a popular hacking forum. billion passwords from various internet data leaks. RockYou2021 had 8.4

Passwords

Passwords Data breaches Hacking Accountability

RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries

Security Affairs

JUNE 7, 2021

RockYou2021, the largest password compilation of all time has been leaked on a popular hacker forum, it contains 8.4 billion entries of passwords. . What seems to be the largest password collection of all time has been leaked on a popular hacker forum. The same user also claims that the compilation contains 82 billion passwords.

Passwords

Passwords Data breaches Accountability Password Management

Who and What is Behind the Malware Proxy Service SocksEscort?

Krebs on Security

JULY 25, 2023

Researchers this month uncovered a two-year-old Linux-based remote access trojan dubbed AVrecon that enslaves Internet routers into botnet that bilks online advertisers and performs password-spraying attacks. SocksEscort began in 2009 as “ super-socks[.]com Page translation from Russian via Google Translate.

Malware

Malware VPN Internet Internet

538 Million Weibo users’ records being sold on Dark Web

Security Affairs

MARCH 23, 2020

107 million records include personal data and basic account information such as the user ID, number of Weibo tweets, number of followers and accounts users are following, account gender, geographic location and more. The dump doesn’t include Weibo users’ passwords. ” reported the website PingWest. ?????????????

Accountability

Accountability Passwords Advertising Internet

Billions of FBS Records Exposed in Online Trading Broker Data Leak

Security Affairs

MARCH 24, 2021

comprised millions of confidential records including names, passwords, email addresses, passport numbers, national IDs, credit cards, financial transactions and more. Were such detailed personally identifiable information (PII) to fall in the wrong hands, it could have been used in the execution of a wide range of cyber threats.

Passwords

Passwords Accountability Media Identity Theft

Cyber Security Roundup for May 2021

Security Boulevard

MAY 3, 2021

roundup of UK focused Cyber and Information Security News, Blog Posts, Reports and general Threat Intelligence from the previous calendar month, April 2021. How Strong is Your Password? A favourite sports team accounted for 6% of passwords, while a favourite TV show accounted for 5%. Stay safe and secure.

Ransomware

Ransomware Passwords Scams Government

Personal info of 90k hikers leaked by French tourism company La Malle Postale

Security Affairs

MAY 13, 2023

The leaked information included names, phone numbers, emails, private communication via SMS messages, passwords, and employees’ credentials. Founded in 2009, the company provides luggage and passenger transportation services on many popular hiking routes, including the famous Santiago de Compostela pilgrimage trail.

Passwords

Passwords Identity Theft Scams Social Engineering

North Korea-linked Lazarus APT targets the COVID-19 research

Security Affairs

DECEMBER 25, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. The activity of the Lazarus APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks.

Cryptocurrency

Cryptocurrency Malware Hacking Phishing

China-linked APT10 Target Taiwan’s financial trading industry

Security Affairs

FEBRUARY 22, 2022

The group (also known as Cicada, Stone Panda , MenuPass group, Bronze Riverside, and Cloud Hopper ) has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide. .”

Technology

Technology Hacking Passwords Software

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Security Affairs

FEBRUARY 25, 2021

It’s unknown how the attackers were able to obtain the credentials for that account, but it’s possible the credentials were saved in one of the infected system’s browser password managers.” Next, the attackers logged in to the web interface using a privileged root account. ” reads the report published by the experts.

Malware

Malware Cryptocurrency Password Management Encryption

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

Security Affairs

JUNE 17, 2020

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. “a password-protected RAR archive containing a LNK file.

Advertising

Advertising Malware Passwords Accountability

Emergency Satellite Messaging, Stagnation in User Cybersecurity Habits

Security Boulevard

OCTOBER 13, 2024

In the milestone 350th episode of the Shared Security Podcast, the hosts reflect on 15 years of podcasting, and the podcast’s evolution from its beginnings in 2009. The ‘Aware Much’ segment focuses on […] The post Emergency Satellite Messaging, Stagnation in User Cybersecurity Habits appeared first on Shared Security Podcast.

Cybersecurity

Cybersecurity Password Management Passwords Media

Microsoft: North Korea-linked Zinc APT targets security experts

Security Affairs

JANUARY 29, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. Attackers also employed an encrypted Chrome password-stealer hosted on ZINC domain [link]. .

Malware

Malware Antivirus Hacking Accountability

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Security Affairs

JUNE 27, 2019

The group has been active at least since 2009, in April 2017 experts from PwC UK and BAE Systems uncovered a widespread hacking campaign, tracked as Operation Cloud Hopper , targeting managed service providers (MSPs) in multiple countries worldwide. ” continues the report.

Identity Theft

Identity Theft Hacking Advertising System Administration

Telehealth: A New Frontier in Medicine—and Security

SecureList

FEBRUARY 1, 2022

Number of data leaks from medical organizations, 2009–2020. Let’s see if there are any informational security issues with these wearables. When registering for telehealth services, always use a strong password; however securely the service stores data, a simple password can allow an attacker to gain access to it.

Phishing

Phishing Healthcare IoT Authentication

Network Solutions data breach – hacker accessed data of more 22 Million accounts

Security Affairs

OCTOBER 30, 2019

Network Solutions is notifying affected customers via email and via its website, it also requiring all users to reset their account passwords. This isn’t the first incident suffered by Network Solutions, in 2009 hackers stole over 500,000 payment cards from the company.

Data breaches

Data breaches Accountability Advertising Encryption

The Platinum APT group adds the Titanium backdoor to its arsenal

Security Affairs

NOVEMBER 9, 2019

Security experts at Kaspersky Lab have spotted a new backdoor, tracked as Titanium, that was used by the Platinum APT group in attacks in the wild, the malicious code implements sophisticated evasion techniques. The APT group was discovered by Microsoft in 2016, it targeted organizations in South and Southeast.

Encryption

Encryption Passwords Malware Software

US and UK sanctioned seven Russian members of Trickbot gang

Security Affairs

FEBRUARY 9, 2023

based financial institutions that occurred in 2009 and 2010, predating his involvement in Dyre or the Trickbot Group. ” TrickBot is a popular Windows banking Trojan that has been around since October 2016, its authors have continuously upgraded it by implementing new features, including powerful password-stealing capabilities.

Banking

Banking Ransomware Cybercrime Malware

Understanding Features and Vulnerabilities of The Decentralized Finance Attack Surface is Key to Protecting Against Cyber Attacks

Security Boulevard

MARCH 17, 2022

Decentralized Finance and the information security protocols protecting it remain in their early stages of development, as does the adaptation of new cyberattack techniques. Bitcoin was the first cryptocurrency and was released for public use as open-source software in 2009. DEXs enable transactions on specific blockchains.

Cyber Attacks

Cyber Attacks Cryptocurrency Marketing Software

IRISSCON 2022 roundup: a new hope

BH Consulting

NOVEMBER 15, 2022

Georgia Bafoutsou of ENISA, the EU’s information security agency, called on those attending to amplify messages about security awareness. Passwords – and people’s tendency to reuse them – aren’t keeping people secure enough. Passwords are effectively a house key. Mingling in the atrium of the Aviva Stadium.

Social Engineering

Social Engineering Insurance CISO Ransomware

CISSPs from Around the Globe: An Interview with James Wright

CyberSecurity Insiders

SEPTEMBER 8, 2021

The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted.

Computers and Electronics

Computers and Electronics Architecture Education Encryption

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Krebs wrote for The Washington Post between 1995 and 2009 before launching his current blog KrebsOnSecurity.com. Read more: Top IT Asset Management Tools for Security.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

The Hacker Mind Podcast: Reverse Engineering Smart Meters

ForAllSecure

MAY 13, 2022

For example, in 2009, the Obama administration provided financial incentives to utilities in the United States. So this is sometimes used to figure out passwords and credit card details as they're going through any point of sale. I bet there are others who like commercial free narrative information security podcasts.

Engineering

Engineering Energy and Utilities Computers and Electronics Firmware

Cyber Security Informer

RockYou2024 compilation containing 10 billion passwords was leaked online

RockYou2021: largest password compilation of all time leaked online with 8.4 billion entries

Trending Sources

Who and What is Behind the Malware Proxy Service SocksEscort?

538 Million Weibo users’ records being sold on Dark Web

Billions of FBS Records Exposed in Online Trading Broker Data Leak

Cyber Security Roundup for May 2021

Personal info of 90k hikers leaked by French tourism company La Malle Postale

North Korea-linked Lazarus APT targets the COVID-19 research

China-linked APT10 Target Taiwan’s financial trading industry

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Operation In(ter)reception targets Military and Aerospace employees in Europe and the Middle East

Emergency Satellite Messaging, Stagnation in User Cybersecurity Habits

Microsoft: North Korea-linked Zinc APT targets security experts

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Telehealth: A New Frontier in Medicine—and Security

Network Solutions data breach – hacker accessed data of more 22 Million accounts

The Platinum APT group adds the Titanium backdoor to its arsenal

US and UK sanctioned seven Russian members of Trickbot gang

Understanding Features and Vulnerabilities of The Decentralized Finance Attack Surface is Key to Protecting Against Cyber Attacks

IRISSCON 2022 roundup: a new hope

CISSPs from Around the Globe: An Interview with James Wright

Top Cybersecurity Accounts to Follow on Twitter

The Hacker Mind Podcast: Reverse Engineering Smart Meters

Stay Connected