2012, DNS and Hacking - Cyber Security Informer

Microsoft Patch Tuesday security updates for March 2025 fix six actively exploited zero-days

Security Affairs

MARCH 12, 2025

Microsoft Patch Tuesday security updates for March 2025 addressed 56 vulnerabilities in Windows and Windows Components, Office and Office Components, Azure,NET and Visual Studio, Remote Desktop Services, DNS Server, and Hyper-V Server. Six vulnerabilities are rated Critical, and 50 are rated Important in severity.

DNS

DNS Hacking Information Security

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] us , a site unabashedly dedicated to helping people hack email and online gaming accounts. A review of passive DNS records from DomainTools indicates that in 2013 pictrace[.]com

Hacking

Hacking Accountability Data breaches Marketing

Who’s Behind the Botnet-Based Service BHProxies?

Krebs on Security

FEBRUARY 24, 2023

BHProxies has authored 129 posts on Black Hat World since 2012, and their last post on the forum was in December 2022. BHProxies initially was fairly active on Black Hat World between May and November 2012, after which it suddenly ceased all activity. 5, 2014 , but historic DNS records show BHproxies[.]com com on Mar.

Accountability

Accountability Advertising Marketing Malware

Feds Charge Three in Mass Seizure of Attack-for-hire Services

Krebs on Security

DECEMBER 20, 2018

” In such assaults, the perpetrators leverage unmanaged Domain Name Servers (DNS) or other devices on the Web to create huge traffic floods. Ideally, DNS servers only provide services to machines within a trusted domain — such as translating an Internet address from a series of numbers into a domain name, like example.com.

DNS

DNS Computers and Electronics Government Internet

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

Krebs on Security

SEPTEMBER 26, 2024

ru , which periodically published hacking tools and exploits for software vulnerabilities. By 2004, v1pee had adopted the moniker “ Vega ” on the exclusive Russian language hacking forum Mazafaka , where this user became one of the more reliable vendors of stolen payment cards.

Cryptocurrency

Cryptocurrency Cybercrime Retail Government

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

Security Affairs

SEPTEMBER 26, 2024

“The hacking campaign, called Salt Typhoon by investigators, hasn’t previously been publicly disclosed and is the latest in a series of incursions that U.S. and its allies for hacking activities in July. Upon investigating the incidents, the researchers determined that a DNS poisoning attack at the ISP level caused the infection.

Internet

Internet Internet DNS Telecommunications

Cyber mercenaries group DeathStalker uses a new backdoor

Security Affairs

DECEMBER 5, 2020

DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012. The backdoor uses multiple tricks to evade detection and leverages DNS over HTTPS (DoH) to communicate with its C2 server, using Cloudflare responders.

DNS

DNS Phishing Encryption Antivirus

Security firm accidentally exposed an unprotected database with 5 Billion previously leaked records

Security Affairs

MARCH 22, 2020

The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to a UK security firm that contained 5 billion records of data leaked in previous incidents that took place between 2012 and 2019. ” wrote Security Discovery’s researcher Bob Diachenko.

Data breaches

Data breaches Advertising DNS Engineering

Keepnet Labs accidentally exposed an unprotected database with 5 Billion previously leaked records

Security Affairs

MARCH 22, 2020

The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to the security firm Keepnet Labs that contained 5 billion records of data leaked in previous incidents that took place between 2012 and 2019. ” wrote Security Discovery’s researcher Bob Diachenko.

Data breaches

Data breaches Advertising DNS Engineering

Facebook May Have Gotten Hacked, and Maybe It’s Better We Don’t Know

Adam Levin

APRIL 8, 2019

Hundreds of millions of user passwords left exposed to Facebook employees: News recently broke that Facebook left the passwords of between 200 million and 600 million users unencrypted and available to the company’s 20,000 employees going back as far as 2012. This article originally appeared on Inc.com.

Hacking

Hacking Data privacy Artificial Intelligence System Administration

A Deep Dive Into the Residential Proxy Service ‘911’

Krebs on Security

JULY 18, 2022

“Using the internal router, it would be possible to poison the DNS cache of the LAN router of the infected node, enabling further attacks.” The website’s copyright suggests the ExE Bucks affiliate program dates back to 2012. ” 911 did not respond to multiple requests for comment on this research.

VPN

VPN Computers and Electronics Antivirus Software

DDoS attacks in Q2 2021

SecureList

JULY 28, 2021

In particular, Gafgyt’s authors copied its implementation of various DDoS methods, such as TCP, UDP and HTTP flooding, as well as its brute-force functionality for hacking IoT devices via the Telnet protocol. It is linked to a vulnerability in DNS resolvers that allows amplification attacks on authoritative DNS servers.

DDOS

DDOS DNS IoT Marketing

Analyzing the APT34’s Jason project

Security Affairs

JUNE 6, 2019

Security expert Marco Ramilli has analyzed the recently leaked APT34 hacking tool tracked as Jason – Exchange Mail BF. which according to Microsoft documentation dates back to 2012. I am a computer security scientist with an intensive hacking background. WebService.dll assemply version.

Computers and Electronics

Computers and Electronics Penetration Testing DNS Passwords

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

For example, in 2010 Spamdot and its spam affiliate program Spamit were hacked, and its user database shows Sal and Icamis often accessed the forum from the same Internet address — usually from Cherepovets , an industrial town situated approximately 230 miles north of Moscow. I can not provide DNS for u, only domains.

Cybercrime

Cybercrime Banking Computers and Electronics DDOS

Previously undocumented Aoqin Dragon APT targets entities in Southeast Asia and Australia

Security Affairs

JUNE 9, 2022

Other techniques employed by the APT group include DLL hijacking, Themida-packed files, and DNS tunneling to evade post-compromise detection. Between 2012 and 2015, the Aoqin Dragon actors heavily relied on exploits for CVE-2012-0158 and CVE-2010-3333 vulnerabilities. SecurityAffairs – hacking, Aoqin Dragon).

Malware

Malware DNS Encryption Education

Necurs Botnet adopts a new strategy to evade detection

Security Affairs

MARCH 4, 2019

Necurs botnet is currently the second largest spam botnet , it has been active since at least 2012 and was involved in massive campaigns spreading malware such as the Locky ransomware , the Scarab ransomware , and the Dridex banking Trojan. SecurityAffairs – Necurs botnet, hacking). ” concludes the post. Pierluigi Paganini.

DNS

DNS Banking Advertising Ransomware

PurpleFox botnet variant uses WebSockets for more secure C2 communication

Security Affairs

OCTOBER 20, 2021

SecurityAffairs – hacking, PurpleFox botnet). “After selecting the appropriate vulnerability, it uses the PowerSploit module to reflectively load the embedded exploit bundle binary with the target vulnerability and an MSI command as arguments. Researchers from TrendMicro also shared a list of Indicators of Compromise for this threat.

Encryption

Encryption DNS Architecture Firewall

Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol

Security Affairs

OCTOBER 26, 2018

Pirozzi explains that cybercriminals already have exploited blockchain in attacks in the wild, for example in the case of the popular carding store Joker’s Stash when they have adopted a peer-to-peer DNS system based on blockchain. The Automated Vending Cart (AVC) website was launched in 2017 using blockchain DNS alongside its Tor (.onion)

DNS

DNS Malware Advertising Technology

Threat Trends: Firewall

Cisco Security

OCTOBER 19, 2021

Much of this traffic is comprised of suspicious DNS queries, which point to known or likely Command and Control sites. DNS BIND information disclosure attempts were also commonly encountered. Like ShellShock, the exploit for this vulnerability is present in many automated hacking tools. CVE-2012-0391. CVE-2012-2998.

Firewall

Firewall Authentication DNS Accountability

Inside Mirai the infamous IoT Botnet: A Retrospective Analysis

Elie

DECEMBER 2, 2017

Behind the scenes, many of these turns occurred as various hacking groups fought to control and exploit IoT devices for drastically different motives. Covers the Mirai code release and how multiple hacking groups end-up reusing the code. his blog suffered 269 DDOS attacks between July 2012 and September 2016. OVH DDoS attack.

IoT

IoT DDOS Internet Internet

Iranian Threat Actors: Preliminary Analysis

Security Affairs

JANUARY 15, 2020

If so we are facing a state-sponsored group with high capabilities in developing persistence and hidden communication channels (for example over DNS) but without a deep interest in exploiting services. Cleaver attack capabilities are evolved over time very quickly and, according to Cylance, active since 2012. Pierluigi Paganini.

Computers and Electronics

Computers and Electronics Penetration Testing Malware Government

How to Prevent SQL Injection Attacks

eSecurity Planet

MARCH 10, 2021

The least common of SQL injection attacks, the out-of-band method relies on the database server to make DNS or HTTP requests delivering data to an attacker. . . . Also Read: Apple White Hat Hack Shows Value of Pen Testers . Out-of-band. Testing for SQL Injection Vulnerabilities. Enforce Prepared Statements and Parameterization.

Penetration Testing

Penetration Testing Firewall Software Accountability

The Hacker Mind: Shellshock

ForAllSecure

MARCH 24, 2021

It’s about challenging our expectations about people who hack for a living. it was a multiple directory traversal vulnerability within GNU C Library that allows attackers to hack into git servers provided they were able to upload files there. Welcome to the Hacker Mind, an original podcast from ForAllSecure.

Software

Software Passwords Internet Internet

The Hacker Mind: Shellshock

ForAllSecure

MARCH 24, 2021

It’s about challenging our expectations about people who hack for a living. it was a multiple directory traversal vulnerability within GNU C Library that allows attackers to hack into git servers provided they were able to upload files there. Welcome to the Hacker Mind, an original podcast from ForAllSecure.

Software

Software Passwords Internet Internet

NSO mobile Pegasus Spyware used in operations in 45 countries

Security Affairs

SEPTEMBER 18, 2018

“We designed and conducted a global DNS Cache Probing study on the matching domain names in order to identify in which countries each operator was spying. Citizen Lab uncovered other attacks against individuals in Qatar or Saudi, where the Israeli surveillance software is becoming very popular. COUNTRY NEXUS. 1 (Source: Citizen Lab ).

Spyware

Spyware Mobile Surveillance DNS

Cyber CEO: The History Of Cybercrime, From 1834 To Present

Herjavec Group

AUGUST 26, 2021

1834 — French Telegraph System — A pair of thieves hack the French Telegraph System and steal financial market information, effectively conducting the world’s first cyberattack. 1870 — Switchboard Hack — A teenager hired as a switchboard operator is able to disconnect and redirect calls and use the line for personal usage. .

Cybercrime

Cybercrime Computers and Electronics Banking Hacking

KrebsOnSecurity Threatened with Defamation Lawsuit Over Fake Radaris CEO

Krebs on Security

JUNE 20, 2024

However, passive domain name system (DNS) records from DomainTools show that between October 2023 and March 2024 radaris.com was hosted alongside all of the other Gary Norden domains at the Internet address range 38.111.228.x. A spreadsheet of those historical DNS entries for radaris.com is available here (.csv).

Marketing

Marketing Telecommunications DNS Data privacy

Cyber Security Informer

Microsoft Patch Tuesday security updates for March 2025 fix six actively exploited zero-days

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Trending Sources

Who’s Behind the Botnet-Based Service BHProxies?

Feds Charge Three in Mass Seizure of Attack-for-hire Services

U.S. Indicts 2 Top Russian Hackers, Sanctions Cryptex

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

Cyber mercenaries group DeathStalker uses a new backdoor

Security firm accidentally exposed an unprotected database with 5 Billion previously leaked records

Keepnet Labs accidentally exposed an unprotected database with 5 Billion previously leaked records

Facebook May Have Gotten Hacked, and Maybe It’s Better We Don’t Know

A Deep Dive Into the Residential Proxy Service ‘911’

DDoS attacks in Q2 2021

Analyzing the APT34’s Jason project

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Previously undocumented Aoqin Dragon APT targets entities in Southeast Asia and Australia

Necurs Botnet adopts a new strategy to evade detection

PurpleFox botnet variant uses WebSockets for more secure C2 communication

Experts presented BOTCHAIN, the first fully functional Botnet built upon the Bitcoin Protocol

Threat Trends: Firewall

Inside Mirai the infamous IoT Botnet: A Retrospective Analysis

Iranian Threat Actors: Preliminary Analysis

How to Prevent SQL Injection Attacks

The Hacker Mind: Shellshock

The Hacker Mind: Shellshock

NSO mobile Pegasus Spyware used in operations in 45 countries

Cyber CEO: The History Of Cybercrime, From 1834 To Present

KrebsOnSecurity Threatened with Defamation Lawsuit Over Fake Radaris CEO

Stay Connected