2010, Hacking and Information Security - Cyber Security Informer

PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack

Security Affairs

JULY 23, 2020

depending on the Windows version), SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 , SharePoint Server 2010 Service Pack 2, SharePoint Server 2019, Visual Studio 2017 version 15.9, SecurityAffairs – hacking, CVE-2020-1147). The CVE-2020-1147 vulnerability impacts.NET Core 2.1,NET NET Framework 2.0

Hacking

Hacking Advertising Software Information Security

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

JANUARY 24, 2023

First advertised in the cybercrime underground in 2014, RSOCKS was the web-based storefront for hacked computers that were sold as “proxies” to cybercriminals looking for ways to route their Web traffic through someone else’s device. “Thanks to you, we are now developing in the field of information security and anonymity!,”

Cybercrime

Cybercrime Advertising IoT Malware

CIA elite hacking unit was not able to protect its tools and cyber weapons

Security Affairs

JUNE 17, 2020

A CIA elite hacking unit that developed cyber-weapons failed in protecting its operations, states an internal report on the Vault 7 data leak. In March, Joshua Schulte , a former CIA software engineer that was accused of stealing the agency’s hacking tools and leaking them to WikiLeaks, was convicted of only minor charges.

Hacking

Hacking Engineering Data breaches Advertising

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. Authorities in the United States, Germany, the Netherlands and the U.K.

Advertising

Advertising Cybercrime System Administration Hacking

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

A joint security advisory published by The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) revealed that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. SecurityAffairs – hacking, Energetic Bear). Pierluigi Paganini.

Government

Government Hacking Advertising Passwords

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

Krebs on Security

SEPTEMBER 24, 2022

Denis Emelyantsev , as the apparent owner of RSOCKS, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. “Thanks to you, we are now developing in the field of information security and anonymity!

Cybercrime

Cybercrime Data breaches Malware Ransomware

Fullz House hacked the website of Boom! Mobile provider to steal credit cards

Security Affairs

OCTOBER 6, 2020

Security firms have monitored the activities of a dozen groups at least since 2010. SecurityAffairs – hacking, e-skimmer). The post Fullz House hacked the website of Boom! Mobile provider to steal credit cards appeared first on Security Affairs. Pierluigi Paganini.

Mobile

Mobile Hacking Wireless Advertising

100,000 WordPress sites using the Contact Form 7 Datepicker plugin are exposed to hack

Security Affairs

APRIL 3, 2020

March 2010 – A critical privilege escalation flaw in the WordPress SEO Plugin – Rank Math plugin can allow registered users to gain administrator privileges. The post 100,000 WordPress sites using the Contact Form 7 Datepicker plugin are exposed to hack appeared first on Security Affairs. Pierluigi Paganini.

Hacking

Hacking Advertising Authentication Accountability

The cybersecurity researcher Dan Kaminsky has died

Security Affairs

APRIL 24, 2021

Dan Kaminsky was very active in the cyber security community, he was a regular speaker at major cybersecurity and hacking conferences, including Black Hat and DEFCON. On June 16, 2010, he was named by Internet Corporation for Assigned Names and Numbers (ICANN) as one of the Trusted Community Representatives for the DNSSEC root.

Cybersecurity

Cybersecurity InfoSec DNS Hacking

BORN Ontario data breach impacted 3.4 million newborns and pregnancy care patients

Security Affairs

SEPTEMBER 26, 2023

BORN Ontario hired cybersecurity experts to mitigate the threat, secure its infrastructure, and investigate the scope of the incident. The organization confirmed that it was the victim of the massive hacking campaign targeting Progress MOVEit transfer systems that was conducted by the Clop ransomware group.

Data breaches

Data breaches Healthcare Ransomware Hacking

CISA shares a catalog of 306 actively exploited vulnerabilities

Security Affairs

NOVEMBER 4, 2021

The catalog includes vulnerabilities for products from Adobe, Apple, Atlassian, Cisco, Google, IBM, Microsoft, Nagios, Netgear, Oracle, Pulse Secure, and many other companies. The oldest vulnerability included in the catalog is the CVE-2010-5326? RCE in SAP NetWeaver Application Server and dates back to 2010. Pierluigi Paganini.

Risk

Risk Cyber Attacks Cybersecurity Hacking

British Court rejects the US’s request to extradite Julian Assange

Security Affairs

JANUARY 4, 2021

Wikileaks founder is currently facing extradition to the United States for his role in one of the largest compromises of classified information in the history of the United States. He published thousands of classified diplomatic and military documents on WikiLeaks in 2010. SecurityAffairs – hacking, Julian Assange).

Government

Government Risk Passwords Hacking

Is the recent accident at Iran Natanz nuclear plant a cyber attack?

Security Affairs

APRIL 11, 2021

.” Reports claim that the attack was launched by Israel-linked hackers, the same state is suspected to have had a main role in the Stuxnet attack that hit the same nuclear plant back in 2010. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, Iran).

Cyber Attacks

Cyber Attacks Energy and Utilities Media Hacking

NATO Chief calls for a new strategic to address new challenges

Security Affairs

OCTOBER 9, 2020

. “My thought is that the existing Strategic Concept, which we agreed in 2010, has served NATO well. Having said that, I think we all have to realise that since we agreed the Strategic Concept back in 2010, the world has fundamentally changed.” SecurityAffairs – hacking, K-Electric). Pierluigi Paganini.

Artificial Intelligence

Artificial Intelligence Technology Advertising Marketing

Payment solutions giant Edenred announces malware infection

Security Affairs

NOVEMBER 22, 2019

The Group is independent since June 2010 following the split with Accor. SecurityAffairs – malware, hacking). The post Payment solutions giant Edenred announces malware infection appeared first on Security Affairs. Edenred is a French company specialized in prepaid corporate services. Pierluigi Paganini.

Malware

Malware Advertising Mobile Government

Volvo Cars suffers a data breach. Is it a ransomware attack?

Security Affairs

DECEMBER 10, 2021

In 2010, Volvo Cars became a subsidiary of the Chinese manufacturer Geely Holding Group, which confirmed that it “has become aware that one of its file repositories has been illegally accessed by a third party.” SecurityAffairs – hacking, IKEA). appeared first on Security Affairs. percent in Stockholm, to 72.44

Data breaches

Data breaches Ransomware Manufacturing Hacking

Journalist Matthew Keys is now charged with an attack on a magazine

Security Affairs

APRIL 29, 2020

Matthew Keys, a former Reuters journalist, who was sentenced to 2 years in prison for hacking attacks on California media is now charged with an attack on a magazine. When Keys left Tribune Company-owned Sacramento KTXL Fox 40 in 2010, he shared login credentials of the CMS used by the website with members of Anonymous.

Hacking

Hacking Advertising Accountability Media

330K stolen payment cards and 895K stolen gift cards sold on dark web

Security Affairs

APRIL 8, 2021

A crook has sold 895,000 gift cards and over 300,000 payment cards, for a total of US$38 million, on a top-tier Russian-language hacking forum on the dark web. The actor has offered in the past large lots of stolen payment card data, compromised databases, and the personally identifiable information (PII) of United States residents.

Cybercrime

Cybercrime Hacking Banking Information Security

Wikileaks founder Julian Assange is free

Security Affairs

JUNE 25, 2024

Wikileaks founder was facing extradition to the United States for his role in one of the largest compromises of classified information in the history of the United States. He published thousands of classified diplomatic and military documents on WikiLeaks in 2010.

Passwords

Passwords Hacking Government Information Security

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Security Affairs

DECEMBER 7, 2021

APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including defense, high tech, energy, government, aerospace, and manufacturing. “The Microsoft Digital Crimes Unit (DCU) has disrupted the activities of a China-based hacking group that we call Nickel.

VPN

VPN Manufacturing Government Hacking

Russia-linked Energetic Bear APT behind San Francisco airport attacks

Security Affairs

APRIL 15, 2020

Security researchers from ESET revealed that the infamous Russian hacker group known as Energetic Bear is behind the hack of two San Francisco International Airport (SFO) websites. The Energetic Bear APT group has been active since at least 2010 most of the victims of the group are organizations in the energy and industrial sectors.

Data breaches

Data breaches Passwords Advertising Telecommunications

COVID-19 – Johnson & Johnson saw a 30% uptick in cyber-attacks

Security Affairs

DECEMBER 5, 2020

“ Nation-state actors are targeting healthcare organizations “every single minute of every single day,” Marene Allison, the Chief Information Security Officer at Johnson & Johnson, said Thursday at the online Aspen Cyber Summit. SecurityAffairs – hacking, BISMUTH). ” Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Healthcare CISO Information Security

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

Security Affairs

APRIL 23, 2020

A security expert uncovered an old APT operation, tracked Nazar, by analyzing the NSA hacking tools included in the dump leaked by Shadow Brokers in 2017. The analysis of the submissions times in VirusTotal for the artifacts employed in the Nazar campaign allowed the expert to date the campaign between 2010 and 2013.

Hacking

Hacking Advertising Malware Engineering

Hospitality Chain McMenamins discloses data breach after ransomware attack

Security Affairs

JANUARY 4, 2022

According to the company, threat actors have stolen data of individuals employed between July 1, 2010, and December 12, 2021. SecurityAffairs – hacking, ransomware). The post Hospitality Chain McMenamins discloses data breach after ransomware attack appeared first on Security Affairs. Pierluigi Paganini.

Data breaches

Data breaches Ransomware Insurance Banking

The author of FastPOS PoS malware pleads guilty

Security Affairs

AUGUST 1, 2020

The group is active since 2010, when it created in Ukraine by Svyatoslav Bondarenko. The main website was a crime forum that was founded in 2010, it first operated at infraud.cc SecurityAffairs – hacking, FastPOS). The post The author of FastPOS PoS malware pleads guilty appeared first on Security Affairs.

Malware

Malware Advertising Cybercrime Hacking

REMnux 7, a Linux toolkit for malware analysts released

Security Affairs

JULY 26, 2020

The toolkit was first released in 2010 by SANS fellow researcher Lenny Zeltser , who is still maintaining the software. REMnux is a Linux toolkit for reverse-engineering and dissecting software, it includes a collection of free tools created by the community that allows researchers to investigate malware.

Malware

Malware Advertising Software Engineering

Iran announced to have foiled massive cyberattacks on public services

Security Affairs

APRIL 25, 2022

Stuxnet is a malicious computer worm developed to target SCADA systems that were first uncovered in 2010, but researchers believe its development began at least in 2005. . SecurityAffairs – hacking, SolarMarker). The post Iran announced to have foiled massive cyberattacks on public services appeared first on Security Affairs.

Cyber Attacks

Cyber Attacks Malware Internet Internet

Colombian authorities arrested hacker behind the Gozi Virus

Security Affairs

JUNE 30, 2021

Kuzmin was arrested by Us law enforcement in November 2010 and pleaded guilty to various computer crimes. SecurityAffairs – hacking, Gozi ). The post Colombian authorities arrested hacker behind the Gozi Virus appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Banking

Banking Malware Hacking Information Security

The OpenSSL Project addressed three vulnerabilities

Security Affairs

FEBRUARY 18, 2021

In 2010, the Open SSL project addressed three vulnerabilities, including two DDoS issues rated high severity. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. SecurityAffairs – hacking, encryption). The issue affects servers using OpenSSL 1.0.2 Pierluigi Paganini.

DDOS

DDOS Encryption Hacking Information Security

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Security Affairs

DECEMBER 17, 2021

and above 2010 Workspace ONE UEM patch 20.10.0.23 SecurityAffairs – hacking, VMware Workspace ONE UEM). The post VMware fixes critical SSRF flaw in Workspace ONE UEM Console appeared first on Security Affairs. and above 2105 Workspace ONE UEM patch 21.5.0.37 and above 2102 Workspace ONE UEM patch 21.2.0.27 Pierluigi Paganini.

Authentication

Authentication Hacking Software Information Security

Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison

Security Affairs

FEBRUARY 2, 2024

Olsen, the Assistant Attorney General for National Security; and James Smith, the Assistant Director in Charge of the New York Field Office of the Federal Bureau of Investigation (“FBI”), announced today that JOSHUA ADAM SCHULTE was sentenced to 40 years in prison by U.S. District Judge Jesse M.

Computers and Electronics

Computers and Electronics Engineering Hacking Data breaches

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

Security Affairs

OCTOBER 22, 2023

BlackTech is a Chinese APT group that has been active since at least 2010 and that known for conducting cyber espionage campaigns in Asia aimed at entities in Hong Kong, Japan, and Taiwan. The group relies on tools built into the operating system, along with some legitimate software.

Telecommunications

Telecommunications Technology Government Firmware

CISA adds Stuxnet bug to its Known Exploited Vulnerabilities Catalog

Security Affairs

SEPTEMBER 17, 2022

CVE-2010-2568 Microsoft Windows – Microsoft Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. The older issue added to the catalog in this turn is the CVE-2010-2568 which is the issue used in the Stuxnet attack.

Hacking

Hacking Cybersecurity Risk Information Security

Experts linked ransomware attacks to China-linked APT27

Security Affairs

JANUARY 4, 2021

The APT group has been active since 2010, targeted organizations worldwide, including U.S. Analyzing the attacks revealed malware samples linked to DRBControl , a campaign described earlier this year in a report from Trend Micro and attributed to APT27 and Winnti, both groups active since at least 2010 and associate with Chinese hackers.

Ransomware

Ransomware Malware Encryption Financial Services

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Security Affairs

JUNE 27, 2019

. “Teams of hackers connected to the Chinese Ministry of State Security had penetrated HPE’s cloud computing service and used it as a launchpad to attack customers, plundering reams of corporate and government secrets for years in what U.S. “The hacking campaign, known as “ Cloud Hopper ,” was the subject of a U.S.

Identity Theft

Identity Theft Hacking Advertising System Administration

Russian authorities arrested the kingpin of cybercrime Infraud Organization

Security Affairs

JANUARY 24, 2022

The group has been active since 2010 and was created in Ukraine by Svyatoslav Bondarenko. Russia’s FSB and law enforcement have detained four members of the Infraud Organization hacking group. SecurityAffairs – hacking, cybercrime). According to th experts, the activities of the gang caused $530 million in losses.

Cybercrime

Cybercrime Hacking Cryptocurrency Ransomware

China-linked Budworm APT returns to target a US entity

Security Affairs

OCTOBER 13, 2022

The China-linked APT27 group has been active since 2010, it targeted organizations worldwide, including U.S. SecurityAffairs – hacking, Budworm APT). The post China-linked Budworm APT returns to target a US entity appeared first on Security Affairs. based organization. The group also targeted a hospital in South East Asia.

Penetration Testing

Penetration Testing Financial Services Surveillance Manufacturing

US-based children’s clothing maker Hanna Andersson discloses a data breach

Security Affairs

JANUARY 21, 2020

Security firms have monitored the activities of a dozen groups at least since 2010. . SecurityAffairs – Hanna Andersson , hacking). The post US-based children’s clothing maker Hanna Andersson discloses a data breach appeared first on Security Affairs. Pierluigi Paganini.

Data breaches

Data breaches Retail Identity Theft eCommerce

Magecart hackers hide stolen credit card data into images and bogus CSS files

Security Affairs

JULY 12, 2021

Security firms have monitored the activities of a dozen groups at least since 2010. SecurityAffairs – hacking, credit card data). The post Magecart hackers hide stolen credit card data into images and bogus CSS files appeared first on Security Affairs. ” Follow me on Twitter: @securityaffairs and Facebook.

Malware

Malware Software Marketing Hacking

Bulletproof VPN services took down in a global police operation

Security Affairs

DECEMBER 22, 2020

According to the investigators, the three VPN bulletproof services are operated by the same threat actor and are active since at least 2010. SecurityAffairs – hacking, VPN). The post Bulletproof VPN services took down in a global police operation appeared first on Security Affairs. day to $190/year. Pierluigi Paganini.

VPN

VPN Cybercrime Advertising Ransomware

Data of 2 million MyFreeCams users sold on a hacker forum

Security Affairs

JANUARY 22, 2021

The investigation conducted by MyFreeCams revealed that data were stolen in “a security incident that occurred more than ten years ago in June 2010.” The company added that it has secured its infrastructure shortly after the attack occurred fixing the issue exploited by the threat actors. ” continues CyberNews.

Passwords

Passwords Accountability Marketing Cryptocurrency

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

Security Affairs

SEPTEMBER 2, 2019

Stuxnet is a malicious computer worm developed to target SCADA systems that was first uncovered in 2010, but researchers believe its development begun at least 2005. In 2000, cyberspies from AIVD hacked the email system of a key Iranian defense organization to obtain more information about Iran’s nuclear program.

Malware

Malware Engineering Advertising Hacking

German intelligence agency warns of China-linked APT27 targeting commercial organizations

Security Affairs

JANUARY 26, 2022

. “The Federal Office for the Protection of the Constitution ( BfV ) has information about an ongoing cyber espionage campaign by the cyber attack group APT27 using the malware variant HYPERBRO against German commercial companies.” SecurityAffairs – hacking, APT27). Follow me on Twitter: @securityaffairs and Facebook.

Financial Services

Financial Services Surveillance Malware Cyber Attacks

Naikon APT is flying under the radar since 2015

Security Affairs

MAY 7, 2020

The Naikon APT group is a China-linked cyber espionage group that has been active at least since 2010 and that remained under the radar over the past five years while targeting entities in Asia-Pacific (APAC) region. SecurityAffairs – Naikon, hacking). ” reads a report published by CheckPoint. Pierluigi Paganini.

Government

Government Advertising Technology Hacking

PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Trending Sources

CIA elite hacking unit was not able to protect its tools and cyber weapons

Meet the Administrators of the RSOCKS Proxy Botnet

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

Fullz House hacked the website of Boom! Mobile provider to steal credit cards

100,000 WordPress sites using the Contact Form 7 Datepicker plugin are exposed to hack

The cybersecurity researcher Dan Kaminsky has died

BORN Ontario data breach impacted 3.4 million newborns and pregnancy care patients

CISA shares a catalog of 306 actively exploited vulnerabilities

British Court rejects the US’s request to extradite Julian Assange

Is the recent accident at Iran Natanz nuclear plant a cyber attack?

NATO Chief calls for a new strategic to address new challenges

Payment solutions giant Edenred announces malware infection

Volvo Cars suffers a data breach. Is it a ransomware attack?

Journalist Matthew Keys is now charged with an attack on a magazine

330K stolen payment cards and 895K stolen gift cards sold on dark web

Wikileaks founder Julian Assange is free

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Russia-linked Energetic Bear APT behind San Francisco airport attacks

COVID-19 – Johnson & Johnson saw a 30% uptick in cyber-attacks

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

Hospitality Chain McMenamins discloses data breach after ransomware attack

The author of FastPOS PoS malware pleads guilty

REMnux 7, a Linux toolkit for malware analysts released

Iran announced to have foiled massive cyberattacks on public services

Colombian authorities arrested hacker behind the Gozi Virus

The OpenSSL Project addressed three vulnerabilities

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

CISA adds Stuxnet bug to its Known Exploited Vulnerabilities Catalog

Experts linked ransomware attacks to China-linked APT27

Cloud Hopper operation hit 8 of the world’s biggest IT service providers

Russian authorities arrested the kingpin of cybercrime Infraud Organization

China-linked Budworm APT returns to target a US entity

US-based children’s clothing maker Hanna Andersson discloses a data breach

Magecart hackers hide stolen credit card data into images and bogus CSS files

Bulletproof VPN services took down in a global police operation

Data of 2 million MyFreeCams users sold on a hacker forum

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

German intelligence agency warns of China-linked APT27 targeting commercial organizations

Naikon APT is flying under the radar since 2015

Stay Connected