2010 and Information Security - Cyber Security Informer

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

JANUARY 24, 2023

The blog featured musings on the challenges of running a company that sells “security and anonymity services to customers around the world,” and even included a group photo of RSOCKS employees. “Thanks to you, we are now developing in the field of information security and anonymity!,” Kloster’s blog enthused. “We

Cybercrime

Cybercrime Advertising IoT Malware

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

Krebs on Security

SEPTEMBER 24, 2022

A native of Omsk, Russia, Kloster came into focus after KrebsOnSecurity followed clues from the RSOCKS botnet master’s identity on the cybercrime forums to Kloster’s personal blog , which featured musings on the challenges of running a company that sells “security and anonymity services to customers around the world.”

Cybercrime

Cybercrime Data breaches Malware Ransomware

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

RUSdot is the successor forum to Spamdot , a far more secretive and restricted forum where most of the world’s top spammers, virus writers and cybercriminals collaborated for years before the community’s implosion in 2010. “Thanks to you, we are now developing in the field of information security and anonymity!,”

Advertising

Advertising Cybercrime System Administration Hacking

NATO Chief calls for a new strategic to address new challenges

Security Affairs

OCTOBER 9, 2020

. “My thought is that the existing Strategic Concept, which we agreed in 2010, has served NATO well. Having said that, I think we all have to realise that since we agreed the Strategic Concept back in 2010, the world has fundamentally changed.” And it has actually served us well for many years.

Artificial Intelligence

Artificial Intelligence Technology Advertising Marketing

REMnux 7, a Linux toolkit for malware analysts released

Security Affairs

JULY 26, 2020

The toolkit was first released in 2010 by SANS fellow researcher Lenny Zeltser , who is still maintaining the software. REMnux is a Linux toolkit for reverse-engineering and dissecting software, it includes a collection of free tools created by the community that allows researchers to investigate malware.

Malware

Malware Advertising Software Engineering

CISA shares a catalog of 306 actively exploited vulnerabilities

Security Affairs

NOVEMBER 4, 2021

The catalog includes vulnerabilities for products from Adobe, Apple, Atlassian, Cisco, Google, IBM, Microsoft, Nagios, Netgear, Oracle, Pulse Secure, and many other companies. The oldest vulnerability included in the catalog is the CVE-2010-5326? RCE in SAP NetWeaver Application Server and dates back to 2010.

Risk

Risk Cyber Attacks Cybersecurity Hacking

British Court rejects the US’s request to extradite Julian Assange

Security Affairs

JANUARY 4, 2021

Wikileaks founder is currently facing extradition to the United States for his role in one of the largest compromises of classified information in the history of the United States. He published thousands of classified diplomatic and military documents on WikiLeaks in 2010.

Government

Government Risk Passwords Hacking

Is the recent accident at Iran Natanz nuclear plant a cyber attack?

Security Affairs

APRIL 11, 2021

.” Reports claim that the attack was launched by Israel-linked hackers, the same state is suspected to have had a main role in the Stuxnet attack that hit the same nuclear plant back in 2010.

Cyber Attacks

Cyber Attacks Energy and Utilities Media Hacking

The cybersecurity researcher Dan Kaminsky has died

Security Affairs

APRIL 24, 2021

Dan Kaminsky was very active in the cyber security community, he was a regular speaker at major cybersecurity and hacking conferences, including Black Hat and DEFCON. On June 16, 2010, he was named by Internet Corporation for Assigned Names and Numbers (ICANN) as one of the Trusted Community Representatives for the DNSSEC root.

Cybersecurity

Cybersecurity InfoSec DNS Hacking

Wikileaks founder Julian Assange is free

Security Affairs

JUNE 25, 2024

Wikileaks founder was facing extradition to the United States for his role in one of the largest compromises of classified information in the history of the United States. He published thousands of classified diplomatic and military documents on WikiLeaks in 2010.

Passwords

Passwords Hacking Government Information Security

Payment solutions giant Edenred announces malware infection

Security Affairs

NOVEMBER 22, 2019

The Group is independent since June 2010 following the split with Accor. The Payment solutions giant Edenred announced that some of its computing systems have been infected with malware, the company is currently investigating the incident. Edenred is a French company specialized in prepaid corporate services.

Malware

Malware Advertising Mobile Government

COVID-19 – Johnson & Johnson saw a 30% uptick in cyber-attacks

Security Affairs

DECEMBER 5, 2020

“ Nation-state actors are targeting healthcare organizations “every single minute of every single day,” Marene Allison, the Chief Information Security Officer at Johnson & Johnson, said Thursday at the online Aspen Cyber Summit. .: Johnson & Johnson and Maryland-based Novavax Inc.,

Cyber Attacks

Cyber Attacks Healthcare CISO Information Security

330K stolen payment cards and 895K stolen gift cards sold on dark web

Security Affairs

APRIL 8, 2021

.” The investigation of the cybercriminal actor selling the gift cards and payment cards revealed that he is a prolific Russian-speaking hacker who was engaged in similar activities since 2010.

Cybercrime

Cybercrime Hacking Banking Information Security

BORN Ontario data breach impacted 3.4 million newborns and pregnancy care patients

Security Affairs

SEPTEMBER 26, 2023

. “The personal health information that was copied was collected from a large network of mostly Ontario health care facilities and providers regarding fertility, pregnancy, newborn and child health care offered between January 2010 and May 2023.”

Data breaches

Data breaches Healthcare Ransomware Hacking

The author of FastPOS PoS malware pleads guilty

Security Affairs

AUGUST 1, 2020

The group is active since 2010, when it created in Ukraine by Svyatoslav Bondarenko. The main website was a crime forum that was founded in 2010, it first operated at infraud.cc Chiochiu was a member of the Infraud global cybercrime organization involved in stealing and selling credit card and personal identity data. and infraud.ws.

Malware

Malware Advertising Cybercrime Hacking

Russia-linked Energetic Bear APT behind San Francisco airport attacks

Security Affairs

APRIL 15, 2020

The Energetic Bear APT group has been active since at least 2010 most of the victims of the group are organizations in the energy and industrial sectors. The Energetic Bear APT group has been active since at least 2010 most of the victims of the group are organizations in the energy and industrial sectors.

Data breaches

Data breaches Passwords Advertising Telecommunications

Volvo Cars suffers a data breach. Is it a ransomware attack?

Security Affairs

DECEMBER 10, 2021

In 2010, Volvo Cars became a subsidiary of the Chinese manufacturer Geely Holding Group, which confirmed that it “has become aware that one of its file repositories has been illegally accessed by a third party.” Swedish automotive manufacturer Volvo Cars revealed that threat actors have stolen R&D data from its systems.

Data breaches

Data breaches Ransomware Manufacturing Hacking

Finalists: Best Professional Certification Program

SC Magazine

MARCH 29, 2021

CRISC Company: ISACA Noteworthy: Nearly 30,000 professionals have earned CRISC (Certified in Risk and Information Systems Control) since it was established in 2010, and the certification was fourth on Global Knowledge’s list of top-paying IT certifications for 2020. FINALIST | BEST PROFESSIONAL CERTIFICATION PROGRAM.

Penetration Testing

Penetration Testing Architecture Education Technology

SAP Security Patch Day for May 2019 fixes many missing authorization checks

Security Affairs

MAY 15, 2019

they are an information disclosure in BusinessObjects business intelligence platform (CVE-2019-0287), and a missing authorization check in Treasury and Risk Management (CVE-2019-0280). SAP published updates for Security Notes released in October 2009, September 2010, December 2010, and March 2013. ” adds Onapsis.

Advertising

Advertising Financial Services Software Risk

Hospitality Chain McMenamins discloses data breach after ransomware attack

Security Affairs

JANUARY 4, 2022

According to the company, threat actors have stolen data of individuals employed between July 1, 2010, and December 12, 2021. McMenamins is a family-owned chain of brewpubs, breweries, music venues, historic hotels, and theater pubs in Oregon and Washington. .

Data breaches

Data breaches Ransomware Insurance Banking

A new variant of Asruex Trojan exploits very old Office, Adobe flaws

Security Affairs

AUGUST 23, 2019

. “However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities CVE-2012-0158 and CVE-2010-2883 , which inject code in Word and PDF files respectively.” ” reads the report published by Trend Micro.

Malware

Malware Advertising Spyware Encryption

CISA adds Stuxnet bug to its Known Exploited Vulnerabilities Catalog

Security Affairs

SEPTEMBER 17, 2022

CVE-2010-2568 Microsoft Windows – Microsoft Windows incorrectly parses shortcuts in such a way that malicious code may be executed when the operating system displays the icon of a malicious shortcut file. The older issue added to the catalog in this turn is the CVE-2010-2568 which is the issue used in the Stuxnet attack.

Hacking

Hacking Cybersecurity Risk Information Security

Experts linked ransomware attacks to China-linked APT27

Security Affairs

JANUARY 4, 2021

The APT group has been active since 2010, targeted organizations worldwide, including U.S. Analyzing the attacks revealed malware samples linked to DRBControl , a campaign described earlier this year in a report from Trend Micro and attributed to APT27 and Winnti, both groups active since at least 2010 and associate with Chinese hackers.

Ransomware

Ransomware Malware Encryption Financial Services

US pharmacy Rite Aid banned from operating facial recognition systems

Malwarebytes

DECEMBER 21, 2023

In 2010, Rite Aid agreed to FTC charges that it failed to protect the sensitive financial and medical information of its customers and employees, in violation of federal law. Delete any biometric information it collects within five years. Implement a data security program to protect and secure personal information.

Surveillance

Surveillance Technology Retail Artificial Intelligence

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Security Affairs

DECEMBER 7, 2021

APT15 has been active since at least 2010, it conducted cyber espionage campaigns against targets worldwide in several industries, including defense, high tech, energy, government, aerospace, and manufacturing. “The Microsoft Digital Crimes Unit (DCU) has disrupted the activities of a China-based hacking group that we call Nickel.

VPN

VPN Manufacturing Government Hacking

Iran announced to have foiled massive cyberattacks on public services

Security Affairs

APRIL 25, 2022

Stuxnet is a malicious computer worm developed to target SCADA systems that were first uncovered in 2010, but researchers believe its development began at least in 2005. . The virus was developed by the US and Israel to interfere with the nuclear enrichment program conducted by Iran in the plant of Natanz.

Cyber Attacks

Cyber Attacks Malware Internet Internet

PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack

Security Affairs

JULY 23, 2020

depending on the Windows version), SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 , SharePoint Server 2010 Service Pack 2, SharePoint Server 2019, Visual Studio 2017 version 15.9, The CVE-2020-1147 vulnerability impacts.NET Core 2.1,NET NET Framework 2.0 and Visual Studio 2019 versions 16.0,

Hacking

Hacking Advertising Software Information Security

Colombian authorities arrested hacker behind the Gozi Virus

Security Affairs

JUNE 30, 2021

Kuzmin was arrested by Us law enforcement in November 2010 and pleaded guilty to various computer crimes. In May 2016, Nikita Kuzmin, the Russian national who created the Gozi virus, has been sentenced to time served and ordered to pay nearly $7 million.

Banking

Banking Malware Hacking Information Security

The OpenSSL Project addressed three vulnerabilities

Security Affairs

FEBRUARY 18, 2021

In 2010, the Open SSL project addressed three vulnerabilities, including two DDoS issues rated high severity. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. The flaw was reported to OpenSSL Project on 21st January 2021 by D. Katz and Joel Luellwitz from Trustwave.

DDOS

DDOS Encryption Hacking Information Security

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Security Affairs

DECEMBER 17, 2021

and above 2010 Workspace ONE UEM patch 20.10.0.23 .” Below is the list of impacted versions: I mpacted Versions Fixed Version 2109 Workspace ONE UEM patch 21.9.0.13 and above 2105 Workspace ONE UEM patch 21.5.0.37 and above 2102 Workspace ONE UEM patch 21.2.0.27 and above 2101 Workspace ONE UEM patch 21.1.0.27

Authentication

Authentication Hacking Software Information Security

Journalist Matthew Keys is now charged with an attack on a magazine

Security Affairs

APRIL 29, 2020

When Keys left Tribune Company-owned Sacramento KTXL Fox 40 in 2010, he shared login credentials of the CMS used by the website with members of Anonymous. Keys was accused of providing Anonymous login credentials that allowed the group to deface access and deface the website of the Los Angeles Times in 2013.

Hacking

Hacking Advertising Accountability Media

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

Security Affairs

OCTOBER 22, 2023

BlackTech is a Chinese APT group that has been active since at least 2010 and that known for conducting cyber espionage campaigns in Asia aimed at entities in Hong Kong, Japan, and Taiwan.

Telecommunications

Telecommunications Technology Government Firmware

Meet the 2021 SC Awards judges

SC Magazine

MAY 1, 2021

He retired as a colonel in 2010. Prior to Mastercard, Abdullah was the chief information security officer at Xerox, where she established and led a corporate-wide information risk management program. She also served as the deputy chief information officer of the White House.

Computers and Electronics

Computers and Electronics Technology Information Security Education

US DoJ’s superseding indictment charges Assange with violating Espionage Act

Security Affairs

MAY 24, 2019

Assange was arrested in London on a US warrant charging him over his alleged role in a massive leak of military and diplomatic documents in 2010. Assange, 47, the founder of WikiLeaks, with offenses that relate to Assange’s alleged role in one of the largest compromises of classified information in the history of the United States.”

Advertising

Advertising Risk Cybersecurity Information Security

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

Security Affairs

SEPTEMBER 2, 2019

Stuxnet is a malicious computer worm developed to target SCADA systems that was first uncovered in 2010, but researchers believe its development begun at least 2005. In June 2009, the attackers launched a new version of Stuxnet, followed by other variants in March and April 2010.

Malware

Malware Engineering Advertising Hacking

China-linked Budworm APT returns to target a US entity

Security Affairs

OCTOBER 13, 2022

The China-linked APT27 group has been active since 2010, it targeted organizations worldwide, including U.S. This is the first time that Symantec researchers have observed the Budworm group targeting a U.S-based based organization. The group also targeted a hospital in South East Asia.

Penetration Testing

Penetration Testing Financial Services Surveillance Manufacturing

US-based children’s clothing maker Hanna Andersson discloses a data breach

Security Affairs

JANUARY 21, 2020

Security firms have monitored the activities of a dozen groups at least since 2010. . Hacker groups under the Magecart umbrella continue to steal payment card data with so-called software skimmers.

Data breaches

Data breaches Retail Identity Theft eCommerce

Most organizations have yet to fix CVE-2020-0688 Microsoft Exchange flaw

Security Affairs

MARCH 16, 2020

Security experts Simon Zuckerbraun from Zero Day Initiative published technical details on how to exploit the Microsoft Exchange CVE-2020-0688 along with a video PoC. The vulnerability impacts Microsoft Exchange 2010, 2013, 2016, and 2019.

Advertising

Advertising Authentication Internet Internet

Magecart hackers hide stolen credit card data into images and bogus CSS files

Security Affairs

JULY 12, 2021

Security firms have monitored the activities of a dozen groups at least since 2010. Hacker groups under the Magecart umbrella continue to target e-stores to steal payment card data with software skimmers.

Malware

Malware Software Marketing Hacking

Bulletproof VPN services took down in a global police operation

Security Affairs

DECEMBER 22, 2020

According to the investigators, the three VPN bulletproof services are operated by the same threat actor and are active since at least 2010. The services were offered for prices ranging from $1.3/day day to $190/year. ” continues the Europol. “The service has now been rendered inaccessible.”

VPN

VPN Cybercrime Advertising Ransomware

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

Security Affairs

APRIL 23, 2020

The analysis of the submissions times in VirusTotal for the artifacts employed in the Nazar campaign allowed the expert to date the campaign between 2010 and 2013. The name ‘Nazar’ comes from the debug paths he found in the dump alongside Farsi resources in some of the malware droppers. endpoint visibility or command-and-control sinkholing).”

Hacking

Hacking Advertising Malware Engineering

Data of 2 million MyFreeCams users sold on a hacker forum

Security Affairs

JANUARY 22, 2021

The investigation conducted by MyFreeCams revealed that data were stolen in “a security incident that occurred more than ten years ago in June 2010.” The company added that it has secured its infrastructure shortly after the attack occurred fixing the issue exploited by the threat actors. ” continues CyberNews.

Passwords

Passwords Accountability Marketing Cryptocurrency

German intelligence agency warns of China-linked APT27 targeting commercial organizations

Security Affairs

JANUARY 26, 2022

. “The Federal Office for the Protection of the Constitution ( BfV ) has information about an ongoing cyber espionage campaign by the cyber attack group APT27 using the malware variant HYPERBRO against German commercial companies.” ” reads the advisory published by the German intelligence.

Financial Services

Financial Services Surveillance Malware Cyber Attacks

Nine-year Malaysia Airlines breach gave attackers lots of time to misuse data

SC Magazine

MARCH 3, 2021

Malaysia Airlines faces the daunting task of investigating over nine years’ worth of compromised data after learning of a “data security incident” at a third-party IT service provider that exposed Enrich frequent flyer program member data from March 2010 through June 2019.

Scams

Scams Media Risk Phishing

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

Trending Sources

Meet the Administrators of the RSOCKS Proxy Botnet

NATO Chief calls for a new strategic to address new challenges

REMnux 7, a Linux toolkit for malware analysts released

CISA shares a catalog of 306 actively exploited vulnerabilities

British Court rejects the US’s request to extradite Julian Assange

Is the recent accident at Iran Natanz nuclear plant a cyber attack?

The cybersecurity researcher Dan Kaminsky has died

Wikileaks founder Julian Assange is free

Payment solutions giant Edenred announces malware infection

COVID-19 – Johnson & Johnson saw a 30% uptick in cyber-attacks

330K stolen payment cards and 895K stolen gift cards sold on dark web

BORN Ontario data breach impacted 3.4 million newborns and pregnancy care patients

The author of FastPOS PoS malware pleads guilty

Russia-linked Energetic Bear APT behind San Francisco airport attacks

Volvo Cars suffers a data breach. Is it a ransomware attack?

Finalists: Best Professional Certification Program

SAP Security Patch Day for May 2019 fixes many missing authorization checks

Hospitality Chain McMenamins discloses data breach after ransomware attack

A new variant of Asruex Trojan exploits very old Office, Adobe flaws

CISA adds Stuxnet bug to its Known Exploited Vulnerabilities Catalog

Experts linked ransomware attacks to China-linked APT27

US pharmacy Rite Aid banned from operating facial recognition systems

Microsoft seized 42 domains used by the China-linked APT15 cyberespionage group

Iran announced to have foiled massive cyberattacks on public services

PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack

Colombian authorities arrested hacker behind the Gozi Virus

The OpenSSL Project addressed three vulnerabilities

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Journalist Matthew Keys is now charged with an attack on a magazine

MI5 chief warns of Chinese cyber espionage reached an unprecedented scale

Meet the 2021 SC Awards judges

US DoJ’s superseding indictment charges Assange with violating Espionage Act

The role of a secret Dutch mole in the US-Israeli Stuxnet attack on Iran

China-linked Budworm APT returns to target a US entity

US-based children’s clothing maker Hanna Andersson discloses a data breach

Most organizations have yet to fix CVE-2020-0688 Microsoft Exchange flaw

Magecart hackers hide stolen credit card data into images and bogus CSS files

Bulletproof VPN services took down in a global police operation

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

Data of 2 million MyFreeCams users sold on a hacker forum

German intelligence agency warns of China-linked APT27 targeting commercial organizations

Nine-year Malaysia Airlines breach gave attackers lots of time to misuse data

Stay Connected