2010, Hacking and Surveillance - Cyber Security Informer

On Chinese "Spy Trains"

Schneier on Security

SEPTEMBER 26, 2019

The reason these threats are so real is that it's not difficult to hide surveillance or control infrastructure in computer components, and if they're not turned on, they're very difficult to find. Even so, these examples illustrate an important point: there's no escaping the technology of inevitable surveillance.

Surveillance

Surveillance Wireless Government Internet

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

Security Affairs

AUGUST 1, 2019

Back in 2008, a whistle-blower identifies a vulnerability in Cisco video surveillance software, but the tech giant continued to sell the software to US agencies until July 2013. Cisco finally addressed the flaws in 2013 and stopped selling Cisco Video Surveillance Manager (VSM) in 2014. Cisco is going to pay $8.6 Pierluigi Paganini.

Surveillance

Surveillance Technology Government Software

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Security Affairs

NOVEMBER 11, 2022

Lookout researchers discovered two long-running surveillance campaigns targeting the ethnic minority Uyghurs. Researchers from mobile security firm Lookout uncovered two long-running surveillance campaigns targeting the Uyghurs minority. SecurityAffairs – hacking, Uyghurs). List of installed packages. Pierluigi Paganini.

Surveillance

Surveillance Spyware Malware Mobile

Top Zeus Botnet Suspect “Tank” Arrested in Geneva

Krebs on Security

NOVEMBER 15, 2022

Sources briefed on the investigation into Penchukov said that in 2010 — at a time when the Security Service of Ukraine (SBU) was preparing to serve search warrants on Tank and his crew — Tank received a tip that the SBU was coming to raid his home. “The Americans were unhappy, and a little surprised.

Banking

Banking Small Business Accountability Malware

A chink in the armor of China-based hacking group Nickel

Malwarebytes

DECEMBER 7, 2021

Microsoft has taken control of 42 web domains that a hacking group was using to try to breach its targets. Sadly, any setback to the Chinese hacking group or others will likely be temporary as the hackers will find and build new infrastructure to use in forthcoming attacks. An overview of Chinese hacking groups and their aliases.

Hacking

Hacking Malware Surveillance Data collection

The Belgacom hack was the work of the UK GCHQ intelligence agency

Security Affairs

OCTOBER 28, 2018

Belgian newspaper reported that investigators had found proof that the Belgacom hack was the work of the UK GCHQ intelligence agency. According to Snowden, the UK’s signals intelligence have hacked into the Belgian telco to spy on private communications in transit into its infrastructure. ” wrote The Intercept.

Hacking

Hacking Spyware Telecommunications Malware

Microsoft disrupts China-based hacking group Nickel

Malwarebytes

DECEMBER 7, 2021

Microsoft has taken control of 42 web domains that a hacking group was using to try to breach its targets. Sadly, any setback to the Chinese hacking group or others will likely be temporary as the hackers will find and build new infrastructure to use in forthcoming attacks. An overview of Chinese hacking groups and their aliases.

Hacking

Hacking Malware Surveillance Data collection

Law enforcement agencies can extract data from thousands of cars’ infotainment systems

Security Affairs

DECEMBER 4, 2022

. “Court documents and government contracting records show the agencies tasked with monitoring the Mexican border have spent record sums on car hacking tools, while talking up the extraordinary amount of valuable evidence that can be reaped from onboard computers.” SecurityAffairs – hacking, infotainment systems).

Surveillance

Surveillance Technology Mobile Hacking

China-linked Budworm APT returns to target a US entity

Security Affairs

OCTOBER 13, 2022

The China-linked APT27 group has been active since 2010, it targeted organizations worldwide, including U.S. The group was involved in cyber espionage campaigns aimed at new generation weapons and in surveillance activities on dissidents and other civilian groups. . SecurityAffairs – hacking, Budworm APT). Pierluigi Paganini.

Penetration Testing

Penetration Testing Financial Services Surveillance Manufacturing

German intelligence agency warns of China-linked APT27 targeting commercial organizations

Security Affairs

JANUARY 26, 2022

The APT27 group (aka Emissary Panda , TG-3390 , Bronze Union , and Lucky Mouse ) has been active since 2010, it targeted organizations worldwide, including U.S. The group was involved in cyber espionage campaigns aimed at new generation weapons and in surveillance activities on dissidents and other civilian groups. Pierluigi Paganini.

Financial Services

Financial Services Surveillance Malware Cyber Attacks

Experts linked ransomware attacks to China-linked APT27

Security Affairs

JANUARY 4, 2021

The APT group has been active since 2010, targeted organizations worldwide, including U.S. The group was involved in cyber espionage campaigns aimed at new generation weapons and in surveillance activities on dissidents and other civilian groups. SecurityAffairs – hacking, APT27). Pierluigi Paganini.

Ransomware

Ransomware Malware Encryption Financial Services

Pegasus spyware and how it exploited a WebP vulnerability

Malwarebytes

SEPTEMBER 27, 2023

The company behind it launched in 2010, and it reportedly gained its first overseas customer just one year later. For years, Citizen Lab has been tracking the spread of Pegasus, searching for government clients and tracking down mobile devices that were hacked by the spyware. ” Pegasus is not new. ” Pegasus is not new.

Spyware

Spyware Surveillance Mobile Software

Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw

Security Affairs

NOVEMBER 8, 2021

Experts warn of an ongoing hacking campaign that already compromised at least nine organizations worldwide from critical sectors by exploiting CVE-2021-40539. The APT group has been active since 2010, targeted organizations worldwide, including U.S. SecurityAffairs – hacking, CVE-2021-40539). Pierluigi Paganini.

Healthcare

Healthcare Password Management Financial Services Surveillance

Emissary Panda updated its weapons for attacks in the past 2 years

Security Affairs

MARCH 1, 2019

The Emissary Panda APT (aka LuckyMouse , APT27, Threat Group 3390, and Bronze Union) has been active since 2010, targeted organizations worldwide, including U.S. The group was involved in cyber espionage campaigns aimed at new generation weapons and in surveillance activities on dissidents and other civilian groups. .

Malware

Malware Advertising Financial Services Surveillance

Emissary Panda APT group hit Government Organizations in the Middle East

Security Affairs

MAY 30, 2019

The Emissary Panda APT group has been active since 2010, targeted organizations worldwide, including U.S. The group was involved in cyber espionage campaigns aimed at new generation weapons and in surveillance activities on dissidents and other civilian groups.

Government

Government Advertising Financial Services Surveillance

Twitter security under scrutiny after former executive turns whistleblower

Malwarebytes

AUGUST 24, 2022

He was the most prominent member of the high-profile hacker think tank the L0pht, as well as the computer and culture hacking cooperative the Cult of the Dead Cow. The 2020 Twitter hack was one of the main reasons for Twitter to hire Zatko, who previously held senior roles at Google, Stripe, and the US Department of Defense.

Advertising

Advertising Accountability Engineering Surveillance

Russia’s SolarWinds Attack

Schneier on Security

DECEMBER 28, 2020

Sometime before March, hackers working for the Russian SVR — previously known as the KGB — hacked into SolarWinds and slipped a backdoor into an Orion software update. (We Other examples of this sort of attack include fake apps in the Google Play store, and hacked replacement screens for your smartphone. Probably.).

Hacking

Hacking Government Internet Internet

Pegasus spyware has been here for years. We must stop ignoring it

Malwarebytes

JULY 22, 2021

When weaponized by authoritarian governments, surveillance chills free speech, scares away dissent, and robs an innocent public of a life lived unwatched, for no crime committed other than speaking truth to power, conducting public health research, or simply loving another person. They have no shame. They must be brought to justice.”.

Spyware

Spyware Surveillance Mobile Government

APT trends report Q3 2021

SecureList

OCTOBER 26, 2021

Upon further investigation we also discovered additional implants deployed through both ShadowPad and ShadowShredder, such as Quarian backdoor, PlugX, Poison Ivy and other hack tools. In this quarter we focused on researching and dismantling surveillance frameworks following malicious activities we detected.

Malware

Malware Government Surveillance Spyware

Evaluating the GCHQ Exceptional Access Proposal

Schneier on Security

JANUARY 18, 2019

And it's implemented by a computer, which makes it vulnerable to the same hacking that every other computer is vulnerable to. And once that's in place, every government will try to hack it for its own purposes -- just as the NSA hacked Vodafone Greece. It doesn't have those same physical limitations that make it more secure.

Encryption

Encryption Government Surveillance Hacking

Hungarian official confirms Hungary used NSO Group Pegasus spyware

Security Affairs

NOVEMBER 8, 2021

Lajos Kosa, chair of the Parliament’s Defense and Law Enforcement Committee, confirmed that Hungary is one of the clients of the Israeli surveillance firm NSO Group and that it bought and used the controversial Pegasus spyware. According to Kosa, the use of surveillance software was authorized by a judge or the Minister of Justice.

Spyware

Spyware Surveillance Media Government

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

eSecurity Planet

MARCH 4, 2024

All sites incorporated the archaic FCKeditor plug-in, which stopped receiving support in 2010. February 28, 2024 Internet Exposed 3D-Printers Hacked to Broadcast Vulnerability Exposure Type of vulnerability: Missing valid credential check in printer service APIs. and a medium (CVSS 4.3) level vulnerability.

IoT

IoT Internet Internet Ransomware

Iran announced to have foiled a second cyber-attack in a week

Security Affairs

DECEMBER 15, 2019

The APT27 cyber espionage group (aka Emissary Panda , TG-3390 , Bronze Union , and Lucky Mouse ) has been active since 2010, it targeted organizations worldwide, including U.S. The group was involved in cyber espionage campaigns aimed at new generation weapons and in surveillance activities on dissidents and other civilian groups.

Cyber Attacks

Cyber Attacks Telecommunications Government Advertising

Iran denies attack against its infrastructure has ever succeeded

Security Affairs

JUNE 25, 2019

Last week, media reported that the United States has launched a series of cyber attacks on Iran after the Iranian military has downed an American surveillance drone. surveillance drone, according to people familiar with the matter.” SecurityAffairs – Iran, hacking). reported The Washington Post. Pierluigi Paganini.

Surveillance

Surveillance Cyber Attacks Telecommunications Media

Trump secretly ordered cyber attacks against Iran missile systems

Security Affairs

JUNE 23, 2019

The United States launched a series of cyber attacks on Iran after the Iranian military has downed an American surveillance drone. The military response to Iran, after the Iranian army has downed an American surveillance drone, started from the cyberspace. surveillance drone, according to people familiar with the matter.”

Cyber Attacks

Cyber Attacks Surveillance Advertising Hacking

Cyber Security Informer

On Chinese "Spy Trains"

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

Trending Sources

Long-running surveillance campaigns target Uyghurs with BadBazaar and MOONSHINE spyware

Top Zeus Botnet Suspect “Tank” Arrested in Geneva

A chink in the armor of China-based hacking group Nickel

The Belgacom hack was the work of the UK GCHQ intelligence agency

Microsoft disrupts China-based hacking group Nickel

Law enforcement agencies can extract data from thousands of cars’ infotainment systems

China-linked Budworm APT returns to target a US entity

German intelligence agency warns of China-linked APT27 targeting commercial organizations

Experts linked ransomware attacks to China-linked APT27

Pegasus spyware and how it exploited a WebP vulnerability

Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw

Emissary Panda updated its weapons for attacks in the past 2 years

Emissary Panda APT group hit Government Organizations in the Middle East

Twitter security under scrutiny after former executive turns whistleblower

Russia’s SolarWinds Attack

Pegasus spyware has been here for years. We must stop ignoring it

APT trends report Q3 2021

Evaluating the GCHQ Exceptional Access Proposal

Hungarian official confirms Hungary used NSO Group Pegasus spyware

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

Iran announced to have foiled a second cyber-attack in a week

Iran denies attack against its infrastructure has ever succeeded

Trump secretly ordered cyber attacks against Iran missile systems

Stay Connected