2010, Passwords and Surveillance - Cyber Security Informer

Top Zeus Botnet Suspect “Tank” Arrested in Geneva

Krebs on Security

NOVEMBER 15, 2022

The JabberZeus crew’s name is derived from the malware they used, which was configured to send them a Jabber instant message each time a new victim entered a one-time password code into a phishing page mimicking their bank. “In early October, the Ukrainian surveillance team said they’d lost him,” he wrote.

Banking

Banking Small Business Accountability Malware

Pegasus spyware and how it exploited a WebP vulnerability

Malwarebytes

SEPTEMBER 27, 2023

The company behind it launched in 2010, and it reportedly gained its first overseas customer just one year later. In 2018, Citizen Lab also identified 45 countries that were potentially relying on Pegasus to conduct surveillance. ” Pegasus is not new. ” Pegasus is not new. It is, he said, everywhere.

Spyware

Spyware Surveillance Mobile Software

Law enforcement agencies can extract data from thousands of cars’ infotainment systems

Security Affairs

DECEMBER 4, 2022

” Privacy advocates are raising the alarm on surveillance activities operated by law enforcement by collecting data from connected systems in modern cars. “New cars are surveillance on wheels, sending sensitive passenger data to carmakers and police. ” continues Forbes.

Surveillance

Surveillance Technology Mobile Hacking

Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw

Security Affairs

NOVEMBER 8, 2021

Threat actors exploited a critical vulnerability, tracked as CVE-2021-40539 , in the Zoho ManageEngine ADSelfService Plus software, which is self-service password management and single sign-on solution. KdcSponge allows capturing the domain name, username, and password.

Healthcare

Healthcare Password Management Financial Services Surveillance

A chink in the armor of China-based hacking group Nickel

Malwarebytes

DECEMBER 7, 2021

The group’s activities have been traced back to 2010 when it performed a cyberespionage campaign directed at diplomatic organizations and missions in Europe. For lateral movement the DCU saw Nickel actors using Mimikatz, WDigest, NTDSDump, and other password dumping tools during attacks. Targets, methods, and techniques.

Hacking

Hacking Malware Surveillance Data collection

Microsoft disrupts China-based hacking group Nickel

Malwarebytes

DECEMBER 7, 2021

The group’s activities have been traced back to 2010 when it performed a cyberespionage campaign directed at diplomatic organizations and missions in Europe. For lateral movement the DCU saw Nickel actors using Mimikatz, WDigest, NTDSDump, and other password dumping tools during attacks. Targets, methods, and techniques.

Hacking

Hacking Malware Surveillance Data collection

Android 14 introduces first-of-its-kind cellular connectivity security features

Google Security

AUGUST 8, 2023

Attackers exploit this in a number of ways, ranging from traffic interception and malware sideloading, to sophisticated dragnet surveillance. Moreover, since 2010, security researchers have demonstrated trivial over-the-air interception and decryption of 2G traffic.

Mobile

Mobile Risk Wireless Surveillance

Top VC Firms in Cybersecurity of 2022

eSecurity Planet

APRIL 26, 2022

Company Sector Year Status Beyond Identity Identity management 2020 Private Expel Managed security service 2016 Private Tigera Zero trust for K8s 2016 Private Intrinsic Application security 2016 Acquired: VMware HackerOne Penetration testing 2015 Private Virtru Data encryption 2014 Private Cloudflare Cloud infrastructure 2010 NYSE: NET.

Cybersecurity

Cybersecurity Technology Marketing Healthcare

Pegasus spyware has been here for years. We must stop ignoring it

Malwarebytes

JULY 22, 2021

When weaponized by authoritarian governments, surveillance chills free speech, scares away dissent, and robs an innocent public of a life lived unwatched, for no crime committed other than speaking truth to power, conducting public health research, or simply loving another person. This is surveillance. This is not security work.

Spyware

Spyware Surveillance Mobile Government

Russia’s SolarWinds Attack

Schneier on Security

DECEMBER 28, 2020

We don’t know how, but last year the company’s update server was protected by the password “solarwinds123” — something that speaks to a lack of security culture.) In 2010, the US and Israel attacked the Iranian nuclear program. Russia is almost certainly laying the groundwork for future attack.

Hacking

Hacking Government Internet Internet

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

eSecurity Planet

MARCH 4, 2024

All sites incorporated the archaic FCKeditor plug-in, which stopped receiving support in 2010. The fix: To eliminate malware infections, perform a factory reset, upgrade to the latest firmware, change all default usernames and passwords, and adjust firewall rules to block exposure to unwanted remote management services.

IoT

IoT Internet Internet Ransomware

Cyber Security Informer

Top Zeus Botnet Suspect “Tank” Arrested in Geneva

Pegasus spyware and how it exploited a WebP vulnerability

Trending Sources

Law enforcement agencies can extract data from thousands of cars’ infotainment systems

Nation-state actors target critical sectors by exploiting the CVE-2021-40539 flaw

A chink in the armor of China-based hacking group Nickel

Microsoft disrupts China-based hacking group Nickel

Android 14 introduces first-of-its-kind cellular connectivity security features

Top VC Firms in Cybersecurity of 2022

Pegasus spyware has been here for years. We must stop ignoring it

Russia’s SolarWinds Attack

VulnRecap 3/4/24 – Ivanti, Ubiquiti, AppLocker Under Attack

Stay Connected