Security Affairs

MARCH 13, 2025

ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. This setup allows attackers to enable, disable, or change servers for stealth and resilience.

Spyware 77

Spyware Surveillance Encryption Malware 77

SC Magazine

JUNE 2, 2021

A woman speaking on a mobile phone walks past a cloud computing presentation ahead of the CeBIT technology trade fair in 2012. For example, 33% of health care respondents say they encrypt their data. The post Only 17% of organizations encrypt at least half of their sensitive cloud data appeared first on SC Media.

Encryption 103

Encryption Data breaches Accountability Threat Detection 103

Troy Hunt

MARCH 18, 2024

The Dropbox and LinkedIn breaches, for example, occurred in 2012 before being broadly distributed in 2016 and just like those incidents, the alleged AT&T data is now in very broad circulation. The above example simply didn't have plain text entries for the encrypted data.

Data breaches 353

Data breaches Encryption Identity Theft InfoSec 353

Troy Hunt

AUGUST 6, 2020

When you use a VPN, you're trusting a third party with your traffic and even in an increasingly "encrypted by default" web, you're taking a leap of faith with who you choose to route your bytes. A few months ago, NordVPN sponsored this blog and we got to chatting.

VPN 310

VPN Marketing Encryption 310

Troy Hunt

SEPTEMBER 17, 2020

I want a "secure by default" internet with all the things encrypted all the time such that people can move freely between networks without ever needing to care about who manages them or what they're doing with them. Now let's try the mobile app: What's the encryption story there? " It means "this is private."

VPN 361

VPN Phishing DNS Encryption 361

Security Affairs

SEPTEMBER 2, 2024

Cicada 3301 is the name given to three sets of puzzles posted under the name “3301” online between 2012 and 2014. The first puzzle started on January 4, 2012, on 4chan and ran for nearly a month. ui : Displays real-time progress and statistics of the encryption process, such as the number of files encrypted.

Ransomware 134

Ransomware Encryption Malware Cybercrime 134

The Last Watchdog

JUNE 21, 2020

Although most people think of ransomware as a dodgy application that encrypts data and holds it for ransom, the concept is much more heterogeneous than that. FBI spoofs 2012 – 2013. It surfaced in November 2012 and was making thousands of victims a day. File encryption 2013 – 2015. None of these early threats went pro.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Krebs on Security

NOVEMBER 26, 2021

And virtually all IRRs have disallowed its use since at least 2012, said Adam Korab , a network engineer and security researcher based in Houston. “LEVEL 3 is the last IRR operator which allows the use of this method, although they have discouraged its use since at least 2012,” Korab told KrebsOnSecurity.

Internet 72

Internet Internet Authentication Telecommunications 72

Security Affairs

FEBRUARY 13, 2020

Since 2016, Microsoft is urging admins to stop using SMBv1, later versions of the protocol implemented security enhancements, such as encryption, pre- authentication integrity checks to prevent man-in-the-middle (MiTM) attacks, and insecure guest authentication blocking. Windows Server 2012: If the command returns false, SMBv1 is not enabled.

Authentication 144

Authentication Malware Advertising Hacking 144

Security Affairs

APRIL 1, 2020

In malspam attacks, attackers could encrypt the Excel file by setting up a password, then when the victims receive the email, hackers trick them into opening the attachment using a password included in the content of the message. Excel attempts to decrypt and open the file and run any macros it contains. .

Malware 131

Malware Passwords Encryption Advertising 131

CyberSecurity Insiders

JULY 21, 2021

According to a press release from Associated Press, the Saudi Arabia-based petroleum producer was hit by a cyber attack in 2012 where the servers of the company were targeted by a malware named ‘Shamoon’ via a ‘spear phishing’ attack deceptively launched by Iran. Note- Usually, a ransomware gang encrypts data until a ransom is paid.

Ransomware 139

Ransomware Encryption Cryptocurrency Cyber Attacks 139

Krebs on Security

SEPTEMBER 17, 2018

14, KrebsOnSecurity alerted GovPayNet that its site was exposing at least 14 million customer receipts dating back to 2012. E-commerce sites can mitigate such leaks by using something other than easily-guessed or sequential record numbers, and/or encrypting unique portions of the URL displayed to customers upon payment.

Mobile 271

Mobile Government Identity Theft Telecommunications 271

Security Affairs

JUNE 6, 2019

In June 2018, experts at Kaspersky were investigating attacks against government and military entities in South and Southeast Asian countries, The experts tracked the campaign as EasternRoppels, they speculate it may have started as far back as 2012. According to the experts, the backdoor might have been active since at least 2012. . “We

Encryption 102

Encryption Advertising Government Cyber Attacks 102

Security Affairs

SEPTEMBER 24, 2023

Stealth Falcon is a nation-state actor active since at least 2012, the group targeted political activists and journalists in the Middle East in past campaigns. The remaining components are encrypted and stored within a binary registry value.”

Spyware 141

Spyware Malware Architecture Encryption 141

Schneier on Security

JUNE 6, 2023

Chatting with Snowden on an encrypted IM connection, I joked that the NSA cafeteria menu probably has code names for menu items. Transferring files electronically is what encryption is for. I told Greenwald that he and Laura Poitras should be sending large encrypted files of dummy documents back and forth every day.

Surveillance 349

Surveillance Computers and Electronics Government Encryption 349

Malwarebytes

DECEMBER 1, 2021

A recently disclosed FBI training document shows how much access to the content of encrypted messages from secure messaging services US law enforcement can gain and what they can learn about your usage of the apps. All of them are messaging apps that promise end-to-end encryption for their users.

Encryption 145

Encryption Computers and Electronics Accountability Backups 145

Security Affairs

MAY 11, 2020

The vulnerability could result in the leak of sensitive data, including configuration information and encryption keys. . “This can result in sensitive data exposure of configuration information about the server including encryption keys, JVM configuration and other data.” This is due to an incomplete fix for CVE-2012-0516.”

Social Engineering 125

Social Engineering Phishing Advertising Encryption 125

Security Affairs

MARCH 22, 2020

The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to a UK security firm that contained 5 billion records of data leaked in previous incidents that took place between 2012 and 2019. ” wrote Security Discovery’s researcher Bob Diachenko.

Data breaches 111

Data breaches Advertising DNS Engineering 111

Krebs on Security

MAY 13, 2024

Pin was active on Opensc around March 2012, and authored 13 posts that mostly concerned data encryption issues, or how to fix bugs in code. The ransomware encrypts files in parts in various places: the larger the file size, the more parts there are. Cyber intelligence firm Intel 471 finds that pin@darktower.ru

Ransomware 298

Ransomware Cybercrime Accountability Malware 298

Security Affairs

JANUARY 31, 2021

Shadowsocks is a free and open-source encryption protocol project, widely used in China to circumvent Internet censorship. It was created in 2012 by a Chinese programmer named “ clowwindy “, and multiple implementations of the protocol have been made available since.

Firewall 144

Firewall Surveillance Internet Internet 144

Security Affairs

JULY 28, 2021

The analysis of the file revealed that it includes the encrypted and compressed PlugX payload. Aro.dat is, in fact, an encrypted and compressed PlugX payload.” Aro.exe is likely part of the “ ARO 2012 advanced repair and optimization tool,” which is a freely available tool that claims to fix Windows registry errors.

Encryption 118

Encryption Antivirus Malware Hacking 118

SecureList

NOVEMBER 29, 2024

According to the UK’s National Crime Agency (NCA), this individual also was behind the infamous Reveton ransomware Trojan spread in 2012 — 2014. This type of cyberextortion predated Trojans, which encrypt the victim’s files. Reveton was among the most notorious PC screen lockers.

Mobile 105

Mobile Adware Ransomware Malware 105

Fox IT

DECEMBER 7, 2021

This model utilizes the Half-Space-Trees algorithm and provides our security operations teams (SOC) with the opportunity to detect suspicious behavior, in real-time, even when network traffic is encrypted. The prevalence of encrypted traffic. The use of encrypted network protocols yields improved mitigation against eavesdropping.

Encryption 79

Encryption Ransomware Internet Internet 79

SecureList

OCTOBER 15, 2024

SideWinder, aka T-APT-04 or RattleSnake, is one of the most prolific APT groups that began its activities in 2012 and was first publicly mentioned by us in 2018. APP_DLL_URL URL used to download the encrypted payload. Over the years, the group has launched attacks against high-profile entities in South and Southeast Asia.

Malware 143

Malware Encryption Architecture Phishing 143

CyberSecurity Insiders

AUGUST 24, 2022

And studies have revealed that the newly developed file-encrypting malware is using an Open-source password management library for encryption and is having capabilities of remaining anonymous, ex-filtrate data, and having abilities to give control to remote servers. The third is something astonishing to read!

Ransomware 107

Ransomware Digital transformation Encryption Social Engineering 107

Security Affairs

AUGUST 23, 2019

. “However, when we encountered Asruex in a PDF file, we found that a variant of the malware can also act as an infector particularly through the use of old vulnerabilities CVE-2012-0158 and CVE-2010-2883 , which inject code in Word and PDF files respectively.” ” reads the report published by Trend Micro. EBSS section.

Malware 110

Malware Advertising Spyware Encryption 110

Security Affairs

MAY 31, 2022

SideWinder has been active since at least 2012, the group main targeted Police, Military, Maritime, and the Naval forces of Central Asian countries. The URLs used for C2 communications for these domains are split into two parts: The Installer module contains the first part of the URL which is the C2 server domain name in encrypted form.

Encryption 100

Encryption Malware Phishing Hacking 100

SecureList

OCTOBER 12, 2021

Code similarity and re-use of C2 infrastructure we discovered allowed us to connect these attacks with the actor known as IronHusky and Chinese-speaking APT activity dating back to 2012. Microsoft Windows Server 2012. Microsoft Windows Server 2012 R2. All communication is encrypted with SSL. Microsoft Windows 7.

Malware 145

Malware Technology Engineering Advertising 145

Krebs on Security

FEBRUARY 16, 2022

This in turn allowed them to access the data, despite this data being encrypted.” A reverse WHOIS search on that email address at DomainTools.com (an advertiser on this site) shows it was used to register 17 domains between 2012 and 2021, including moslimyouthmedia[.]com, com, sachtimes[.]com, com, and whatsupic[.]com.

Hacking 297

Hacking Ransomware Media Accountability 297

Security Affairs

DECEMBER 5, 2020

DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012. The cyber mercenaries group known as DeathStalker has been using a new PowerShell backdoor in recent attacks.

DNS 122

DNS Phishing Antivirus Encryption 122

Security Affairs

MARCH 22, 2020

The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to the security firm Keepnet Labs that contained 5 billion records of data leaked in previous incidents that took place between 2012 and 2019. ” wrote Security Discovery’s researcher Bob Diachenko.

Advertising 93

Advertising Data breaches DNS Engineering 93

Security Boulevard

MAY 5, 2022

OpenSSL Patches New Bug Targeting Encryption [Lessons from Heartbleed]. A flaw in the encryption algorithm used to underpin OpenSSL was exploited, triggering an infinite number of requests when certain input value(s) are used. Encryption must be encrypted. Then Don’t Ban End-to-End Encryption. brooke.crothers.

Encryption 52

Encryption Software Media Passwords 52

Troy Hunt

JULY 18, 2022

I think it was around the end of 2012, and they were terrible! And now you're thinking "I bet he wrote this just to get donations" so instead, go and give Let's Encrypt a donation. Did that make them the product? No, of course not, it just made them a consumer of free content. See how stupid this whole argument is?

Data breaches 289

Data breaches Passwords Password Management Software 289

Malwarebytes

JUNE 1, 2021

The Kimsuky APT—also known as Thallium, Black Banshee, and Velvet Chollima—is a North Korean threat actor that has been active since 2012. The unpacked sample is highly obfuscated and important API calls and strings have been encrypted using a custom encryption algorithm. This blog post was authored by Hossein Jazi.

Government 145

Government Phishing Encryption Media 145

Security Affairs

JUNE 9, 2022

Between 2012 and 2015, the Aoqin Dragon actors heavily relied on exploits for CVE-2012-0158 and CVE-2010-3333 vulnerabilities. The customized version of the Heyoka backdoor is more powerful and is able to terminate processes, manipulate files, and collect process information on a infected machine.

Malware 98

Malware DNS Encryption Education 98

Security Affairs

SEPTEMBER 9, 2019

Stealth Falcon is a nation-state actor active since at least 2012, the group targeted political activists and journalists in the Middle East in past campaigns. The attacks have been conducted from 2012 until 2106, against Emirati journalists, activists, and dissidents. .”

Malware 105

Malware Advertising System Administration Spyware 105

SecureWorld News

MARCH 24, 2022

Summary: Multiple Facebook databases were found to be unprotected by passwords or encryption, meaning anyone who searched the internet could find them. LinkedIn data breach (2012). Summary: The company was attacked in 2012, when usernames and passwords were posted to a Russian hacker forum. Damages: leaked account information.

Data breaches 129

Data breaches Passwords Accountability Government 129