2012, Cyber Attacks and Hacking - Cyber Security Informer

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Krebs on Security

SEPTEMBER 17, 2020

Justice Department this week indicted seven Chinese nationals for a decade-long hacking spree that targeted more than 100 high-tech and online gaming companies. The government alleges the men used malware-laced phishing emails and “supply chain” attacks to steal data from companies and their customers. Image: FBI.

Antivirus

Antivirus Hacking Software Government

A cyber attack hit Thyssenkrupp Automotive Body Solutions business unit

Security Affairs

FEBRUARY 26, 2024

The company did not disclose details of the attack, however the decision to shut down the IT systems suggests it was the victim of a ransomware attack. This isn’t the first time that the company was the victim of a cyber attack. In 2016, alleged Asian threat actors targeted ThyssenKrupp to steal company secrets.

Cyber Attacks

Cyber Attacks Ransomware Engineering Banking

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

FBI spoofs 2012 – 2013. This quirk made the attack look more trustworthy and added a layer of flexibility to these scams. It surfaced in November 2012 and was making thousands of victims a day. WannaCry and NotPetya cyber-attacks have since been attributed to state-funded threat actors.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

New Cyber Attack Campaign Leverages the COVID-19 Infodemic

Security Affairs

FEBRUARY 26, 2020

Finally, all the loot is sent to the remote command and control hosted at 66.154.98.108, operated by “Total server solutions LLC”, an US hosting provider operating since 2012. New Cyber Attack Campaign Leverages the COVID-19 Infodemic. Figure 8: Path and file containing the sensitive information about the victim.

Cyber Attacks

Cyber Attacks Malware Social Engineering Advertising

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. According to ZDNet, the hackers involved in the attack against the Mitsubishi Electric have exploited a zero-day vulnerability in Trend Micro OfficeScan to infect company servers.

Antivirus

Antivirus Hacking Advertising Media

Cyber attack hit the Italian oil and gas services company Saipem

Security Affairs

DECEMBER 12, 2018

Some of the servers of the Italian oil and gas services company Saipem were hit by a cyber attack early this week. The attack has been identified out of India on Monday and primarily affected the servers in the Middle East, including Saudi Arabia, the United Arab Emirates, and Kuwait. “The Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Advertising Backups Media

U.S. CISA Agency warns of possible cyber attacks from Iran

Security Affairs

JANUARY 4, 2020

US Government fears a new wave of cyber attacks from Iran as retaliation for the airstrike that killed Maj. Krebs, Director of Cybersecurity and Infrastructure Security Agency (CISA) warned of a potential new wave of cyber attacks carried out by Iran-linked hacker groups targeting U.S. Iran, hacking). The post U.S.

Cyber Attacks

Cyber Attacks Backups Passwords Advertising

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

Security Affairs

MARCH 13, 2025

ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. Kaspersky first documented the operations of the group in 2016. ” concludes the report.

Spyware

Spyware Surveillance Encryption Malware

Russia-linked actors may be behind an explosion at a liquefied natural gas plant in Texas

Security Affairs

JUNE 26, 2022

A Russian hacking group may be responsible for a cyber attack against a liquefied natural gas plant in Texas that led to its explosion on June 8. Experts speculate a cyber attack may have turned off the industrial safety controls at the natural gas facility. SecurityAffairs – hacking, liquefied natural gas plant).

Cyber Attacks

Cyber Attacks Hacking Malware Government

RedTorch Formed from Ashes of Norse Corp.

Krebs on Security

MARCH 22, 2021

the company behind the interactive “pew-pew” cyber attack map shown in the image below? Flushed with venture capital funding in 2012, Norse’s founders started hiring dozens of talented cybersecurity professionals. Remember Norse Corp. , Last month, the U.S.

Surveillance

Surveillance Computers and Electronics Internet Internet

620 million accounts stolen from 16 hacked websites available for sale on the dark web

Security Affairs

FEBRUARY 11, 2019

620 million accounts stolen from 16 hacked websites (Dubsmash, Armor Games, 500px, Whitepages, ShareThis) available for sale on the dark web. The Register revealed in exclusive that some 617 million online account details stolen from 16 hacked websites are available for sale on the dark web. I started hacking a long time ago.

Accountability

Accountability Hacking Advertising Data breaches

Up to Georgia 2,000 websites have been hit by cyber attacks

Security Affairs

OCTOBER 28, 2019

A wave of cyber attacks hit 2,000 websites in Georgia, including the sites of the president, courts, and local media. A mysterious wave of cyber attacks hit some 2,000 websites in Georgia, including the websites of the president, courts, and media. SecurityAffairs – Georgia, hacking). Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Media Advertising Government

Aoquin Dragon from China hacking Australian Government Servers

CyberSecurity Insiders

JUNE 13, 2022

A newly detected hacking group named Aoquin Dragon from China has been found infiltrating servers from Southeast Asia and Australia. Countries like China, Russia, and the United States spy on foreign nations since 2012. The post Aoquin Dragon from China hacking Australian Government Servers appeared first on Cybersecurity Insiders.

Government

Government Hacking Cyber Attacks Cybersecurity

Group-IB: $49.4 million of damage caused to Russia’s financial sector from cyber attacks

Security Affairs

OCTOBER 10, 2018

Security firm Group-IB has estimated that in H2 2017-H1 2018 cyber attacks caused $49.4 Group-IB, an international company that specializes in preventing cyber attacks, has estimated that in H2 2017-H1 2018 cyber attacks caused $49.4 million (2.96 billion rubles) of damage to Russia’s financial sector.

Cyber Attacks

Cyber Attacks Banking Cyber threats Phishing

Mitsubishi Electric Corp. was hit by a new cyberattack

Security Affairs

NOVEMBER 20, 2020

was hit by a new cyber attack that may have caused the leakage of information related to its business partners. The two media outlets attribute the cyber attack to a China-linked cyber espionage group tracked as Tick (aka Bronze Butler ). SecurityAffairs – hacking, malware). Mitsubishi Electric Corp.

Cyber Attacks

Cyber Attacks Banking Accountability Media

GAO report reveals new Pentagon weapon systems vulnerable to hack

Security Affairs

OCTOBER 10, 2018

According to a new report published by the Government Accountability Office (GAO) almost any new weapon systems in the arsenal of the Pentagon is vulnerable to hack. The new generation of weapon systems developed by the Pentagon is heavily computerized and for this reason more exposed to cyber attacks. Pierluigi Paganini.

Hacking

Hacking Passwords Password Management Advertising

Mitsubishi Electric discloses data breach, media blame China-linked APT

Security Affairs

JANUARY 20, 2020

” “Mitsubishi Electric, a major general electronics maker , has been hit by a large-scale cyber attack , and it has been found that information about public and private business partners such as highly confidential defense-related and important social infrastructure such as electric power and railroad may leak out.”

Data breaches

Data breaches Media Computers and Electronics Cyber Attacks

Australia takes a vow to hack the hackers

CyberSecurity Insiders

NOVEMBER 16, 2022

After a cyber attack on national telecom operator Optus and Insurance company Medibank, the Australian government has hacked the hackers in order to bring them to knees. For this reason, it has begun the work to track the criminals and hack their servers to siphon the information they possess about millions of customers.

Hacking

Hacking Cyber Attacks Insurance Government

Vietnam-linked Ocean Lotus hacked BMW and Hyundai networks

Security Affairs

DECEMBER 7, 2019

” The APT32 group, also known as OceanLotus Group, has been active since at least 2012 targeting organizations across multiple industries and foreign governments, dissidents, and journalists. The post Vietnam-linked Ocean Lotus hacked BMW and Hyundai networks appeared first on Security Affairs. Pierluigi Paganini.

Hacking

Hacking Manufacturing Advertising Media

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

Security Affairs

JULY 19, 2021

Threat actors that goes online with the moniker ZeroX claim to have stolen 1 TB of sensitive data from the Saudi Arabian petroleum and natural gas giant end it is offering for sale it on multiple hacking forums. SecurityAffairs – hacking, Saudi Aramco). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Engineering

Engineering Data breaches Telecommunications Wireless

Who Is the Network Access Broker ‘Babam’?

Krebs on Security

DECEMBER 3, 2021

Verified was hacked at least twice in the past five years, and its user database posted online. All of these domains date back to between 2012 and 2013. At some point, mindjolt.com apparently also was hacked, because a copy of its database at Constella says the bo3dom@gmail.com used two passwords at that site: lebeda1 and a123456.

Ransomware

Ransomware Passwords Accountability Cybercrime

The head of the Federal Cyber Security Authority (BSI) faces dismissal

Security Affairs

OCTOBER 10, 2022

According to an investigation conducted by broadcaster ZDF, Schoenbohm was in contact with Russia through an association that he co-founded in 2012, the Cyber Security Council of Germany. Germany has repeatedly accused Russia-linked threat actors of cyber attacks against its Parliament and infrastructure.

Government

Government Cyber Attacks Media Hacking

Critical Microsoft Windows Vulnerability found

CyberSecurity Insiders

JULY 7, 2021

Or else they are on the verge of getting hacked by cyber crooks that could then install programs, view or delete data or even create new user accounts of a PC without the knowledge of the user or the system administration if/when on network. .

System Administration

System Administration Cyber Attacks Engineering Accountability

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

Security Affairs

FEBRUARY 7, 2020

The breach was detected almost eight months ago, on June 28, 2019, with the delay being attributed to the increased complexity of the investigation caused by the attackers deleting activity logs. Two Japanese media outlets attributed the cyber attack to a China-linked cyber espionage group tracked as Tick (aka Bronze Butler ).

Manufacturing

Manufacturing Advertising Data breaches Antivirus

Japan suspects HGV missile data leak in Mitsubishi security breach

Security Affairs

MAY 21, 2020

In January, the two media outlets attributed the cyber attack to a China-linked cyber espionage group tracked as Tick (aka Bronze Butler ). Other Japanese defense contractors were hit by cyber attacks, including NEC Corp. SecurityAffairs – Mitsubishi, hacking). China, and Russia. Pasco Corp.

Media

Media Cyber Attacks Advertising Manufacturing

North Korea ScarCruft APT used previously undetected Dolphin Backdoor against South Korea

Security Affairs

DECEMBER 1, 2022

ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. SecurityAffairs – hacking, Dolphin backdoor). Pierluigi Paganini.

Accountability

Accountability Malware Cyber Attacks Media

German industrial giant ThyssenKrupp targeted in a new cyberattack

Security Affairs

DECEMBER 21, 2022

. “At the present time, no damage has been done, nor are there any indications that data has been stolen or modified,” This isn’t the first attack suffered by the company, in 2012, the company was targeted by another cyber attack that was classified as “heavy” and of “exceptional quality.”.

Engineering

Engineering Ransomware Data breaches Cyber Attacks

Russian citizen behind JPMorgan Chase and Dow Jones attacks has been extradited to US

Security Affairs

SEPTEMBER 8, 2018

Andrei Tyurin, the man that is accused to be the responsible for major cyber attacks against financial institutions, including JPMorgan Chase, was extradited to the United States from Georgia. Andrei Tyurin is accused of being the mastermind of the organization that targeted the US financial institution from 2012 to mid-2015.

Identity Theft

Identity Theft Advertising Cybercrime Hacking

Iran-linked APT is exploiting the Zerologon flaw in attacks

Security Affairs

OCTOBER 6, 2020

Microsoft researchers reported that Iranian cyber espionage group MuddyWater is exploiting the Zerologon vulnerability in attacks in the wild. Microsoft published a post and a series of tweets to warn of cyber attacks exploiting the Zerologon vulnerability carried out by the Iran-linked APT group known as MuddyWater , aka Mercury.

Authentication

Authentication Advertising Architecture Cyber Attacks

Platinum APT and leverages steganography to hide C2 communications

Security Affairs

JUNE 6, 2019

The Platinum cyber espionage group uses steganographic technique to hide communications with the Command and Control Servers (C&C). Experts from Kaspersky have linked the Platinum APT group with cyber attacks involving an elaborate, and new steganographic technique used to hide communications with C2 servers.

Encryption

Encryption Advertising Government Cyber Attacks

Is there a link between Microsoft Exchange exploits and PoC code the company shared with partner security firms?

Security Affairs

MARCH 16, 2021

It is not the first time that such kind of leak has happened, in May 2012, Microsoft cut off Hangzhou DPtech Technologies Co. a MAPP partner company based in China, for leaking data related to CVE-2012-0002. SecurityAffairs – hacking, Microsoft Exchange). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Antivirus

Antivirus Cyber Attacks Hacking Accountability

A new variant of Shamoon was uploaded to Virus Total while Saipem was under attack

Security Affairs

DECEMBER 12, 2018

A new variant of the Shamoon malware, aka DistTrack, was uploaded to VirusTotal from Italy this week, but experts haven’t linked it to a specific attack yet. Shamoon was first observed in 2012 when it infected and wiped more than 30,000 systems at Saudi Aramco and other oil companies in the Middle East.

Malware

Malware Advertising Cyber Attacks Encryption

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

The Last Watchdog

NOVEMBER 26, 2018

The first Cyber Range training and testing hub opened at Eastern Michigan University in late 2012. It can host training, such as capture the flag exercises, demonstrate how known hacks play out, test defensive responses and be utilized for software security testing. They answered, yes. Shoring up weak links.

Cybersecurity

Cybersecurity Education Cyber threats Government

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Herjavec Group

AUGUST 26, 2021

1834 — French Telegraph System — A pair of thieves hack the French Telegraph System and steal financial market information, effectively conducting the world’s first cyberattack. 1870 — Switchboard Hack — A teenager hired as a switchboard operator is able to disconnect and redirect calls and use the line for personal usage. .

Cybercrime

Cybercrime Computers and Electronics Hacking Banking

Cobalt Strike Enabled Cyberattacks Skyrocket

SecureWorld News

JUNE 30, 2021

Cobalt Strike was first released in 2012 to address perceived gaps in an existing Red Team tool, the Metasploit Framework. In December 2020, the Cobalt Strike Beacon was discovered to be one of the tools Russian-based threat actors used in the SolarWinds hack. By 2016, Proofpoint observed Cobalt being used by threat actors.

Threat Detection

Threat Detection Malware Hacking Engineering

Mandating End-to-End Verifiable Voting Systems in U.S. Elections

SecureWorld News

OCTOBER 8, 2024

Paper ballots can be miscounted or lost and DRE machines are susceptible to hacking and software errors. These vulnerabilities include risk to tampering, fraud, and cyber attacks, which can emphasize the integrity of elections and affect public trust. Hacking the 2016 election: The real-world threats. Halderman, J.

Computers and Electronics

Computers and Electronics Encryption Technology Government

Security Affairs newsletter Round 355

Security Affairs

FEBRUARY 28, 2022

Anonymous breached the internal network of Belarusian railways Feb 7- Feb 27 Ukraine – Russia the silent cyber conflict Ukraine: Volunteer IT Army is going to hit tens of Russian targets from this list Chipmaker giant Nvidia hit by a ransomware attack Fileless SockDetour backdoor targets U.S.-based Pierluigi Paganini.

Ransomware

Ransomware Malware Encryption Phishing

North Korea-linked ScarCruft APT adds Bluetooth Harvester to its arsenal

Security Affairs

MAY 14, 2019

ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. Kaspersky first documented the operations of the group in 2016.

Malware

Malware Advertising Government Manufacturing

MY TAKE: COVID-19’s silver lining could turn out to be more rapid, wide adoption of cyber hygiene

The Last Watchdog

MAY 11, 2020

Somewhat quietly since about 2012 or so, nation states in that region, led by Saudi Arabia and the United Arab Emirates, commenced a quiet surge to the forefront of implementing comprehensive cybersecurity regulations. Ransomware hacking groups extorted at least $144.35 Cyber hygiene isn’t difficult. million from U.S.

Computers and Electronics

Computers and Electronics Data privacy Encryption Media

Iranian Threat Actors: Preliminary Analysis

Security Affairs

JANUARY 15, 2020

Just like Charming Kitten ( which is not included into this report since it is a quite ongoing mistery even if a great report from Clear Sky is available ), Cleaver is a threat group that is responsible of one of the first most advanced and silent cyber attack attributed to Iran known until now ( OpCleaver , by Cylance).

Computers and Electronics

Computers and Electronics Penetration Testing Malware Government

The Top Cybersecurity Breaches in the UAE

Centraleyes

FEBRUARY 26, 2025

Compare that to 2012 when the UAE ranked fifth in the Global Cybersecurity Index. Cybersecurity analysts have warned of such attacks for years, and its believed that these attacks will continue as deep fake technology becomes more sophisticated and easy to use. This client is the only disclosed victim of the cyber attack.

Cybersecurity

Cybersecurity Banking Education Antivirus

Cobalt Strike Enabled Cyberattacks Skyrocket

SecureWorld News

JUNE 30, 2021

Cobalt Strike was first released in 2012 to address perceived gaps in an existing Red Team tool, the Metasploit Framework. In December 2020, the Cobalt Strike Beacon was discovered to be one of the tools Russian-based threat actors used in the SolarWinds hack. By 2016, Proofpoint observed Cobalt being used by threat actors.

Threat Detection

Threat Detection Malware Hacking Engineering

WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

Security Affairs

OCTOBER 20, 2018

(This won’t protect from an NAS attack, but it will protect you from other cyber attacks). WD: The vulnerability report CVE-2018-18472 affects My Book Live devices originally introduced to the market between 2010 and 2012. The original report is available here.

Firmware

Firmware IoT VPN Authentication

The number of cyber attacks on Saudi Aramco is increasing

Security Affairs

FEBRUARY 9, 2020

Saudi Aramco, the Saudi Arabian national p etroleum and natural gas company, revealed that it has seen an increase in attempted cyber attacks since the Q4 2019. The energy industry is under attack, Saudi Aramco announced it has seen an increase in attempted cyber attacks since the final quarter of 2019.

Cyber Attacks

Cyber Attacks Malware Advertising Information Security

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

A cyber attack hit Thyssenkrupp Automotive Body Solutions business unit

Webinars

Trending Sources

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Webinars

New Cyber Attack Campaign Leverages the COVID-19 Infodemic

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Cyber attack hit the Italian oil and gas services company Saipem

U.S. CISA Agency warns of possible cyber attacks from Iran

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

Russia-linked actors may be behind an explosion at a liquefied natural gas plant in Texas

RedTorch Formed from Ashes of Norse Corp.

620 million accounts stolen from 16 hacked websites available for sale on the dark web

Up to Georgia 2,000 websites have been hit by cyber attacks

Aoquin Dragon from China hacking Australian Government Servers

Group-IB: $49.4 million of damage caused to Russia’s financial sector from cyber attacks

Mitsubishi Electric Corp. was hit by a new cyberattack

GAO report reveals new Pentagon weapon systems vulnerable to hack

Mitsubishi Electric discloses data breach, media blame China-linked APT

Australia takes a vow to hack the hackers

Vietnam-linked Ocean Lotus hacked BMW and Hyundai networks

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

Who Is the Network Access Broker ‘Babam’?

The head of the Federal Cyber Security Authority (BSI) faces dismissal

Critical Microsoft Windows Vulnerability found

Japanese defense contractors Pasco and Kobe Steel disclose security breaches

Japan suspects HGV missile data leak in Mitsubishi security breach

North Korea ScarCruft APT used previously undetected Dolphin Backdoor against South Korea

German industrial giant ThyssenKrupp targeted in a new cyberattack

Russian citizen behind JPMorgan Chase and Dow Jones attacks has been extradited to US

Iran-linked APT is exploiting the Zerologon flaw in attacks

Platinum APT and leverages steganography to hide C2 communications

Is there a link between Microsoft Exchange exploits and PoC code the company shared with partner security firms?

A new variant of Shamoon was uploaded to Virus Total while Saipem was under attack

MY TAKE: Michigan’s cybersecurity readiness initiatives provide roadmap others should follow

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Cobalt Strike Enabled Cyberattacks Skyrocket

Mandating End-to-End Verifiable Voting Systems in U.S. Elections

Security Affairs newsletter Round 355

North Korea-linked ScarCruft APT adds Bluetooth Harvester to its arsenal

MY TAKE: COVID-19’s silver lining could turn out to be more rapid, wide adoption of cyber hygiene

Iranian Threat Actors: Preliminary Analysis

The Top Cybersecurity Breaches in the UAE

Cobalt Strike Enabled Cyberattacks Skyrocket

WizCase Report: Vulnerabilities found in WD My Book, NetGear Stora, SeaGate Home, Medion LifeCloud NAS

The number of cyber attacks on Saudi Aramco is increasing

Stay Connected