2012, Hacking and Information Security - Cyber Security Informer

Horde Webmail Software is affected by a dangerous bug since 2012

Security Affairs

FEBRUARY 23, 2022

The bug affects all the versions since the commit that took place on 30 Nov 2012. SecurityAffairs – hacking, Horde Webmail). The post Horde Webmail Software is affected by a dangerous bug since 2012 appeared first on Security Affairs. ” continues the report. disable' => true. Pierluigi Paganini.

Software

Software Accountability Hacking Government

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

FBI spoofs 2012 – 2013. It surfaced in November 2012 and was making thousands of victims a day. In many cases, the crooks hack managed service providers (MSPs) first and then use this access to compromise the partnering organizations. None of these early threats went pro.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

JULY 11, 2020

The Russian hacker Yevgeniy Nikulin found guilty for LinkedIn, Dropbox, and Formspring data breach back in 2012 and the sale of their users’ data. A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces.

Hacking

Hacking Cybercrime Data breaches Advertising

A critical flaw in industrial automation systems opens to remote hack

Security Affairs

NOVEMBER 29, 2020

Experts found a critical flaw in Real-Time Automation’s (RTA) 499ES EtherNet/IP stack that could allow hacking industrial control systems. “Claroty has privately disclosed details to Real Time Automation (RTA), informing the vendor of a critical vulnerability in its proprietary 499ES EtherNet/IP (ENIP) stack.

Hacking

Hacking Firmware Internet Internet

Pakistani man sentenced to 12 years of prison for his role in AT&T hacking scheme

Security Affairs

SEPTEMBER 19, 2021

A Pakistani national has been sentenced to 12 years of prison in the US for his role in a hacking scheme against the telecom giant AT&T. “Beginning in 2012, Fahd, 35, conspired with others to recruit AT&T employees at a call center located in Bothell, Washington, to unlock large numbers of cellular phones for profit.

Hacking

Hacking Malware Cybercrime Information Security

A flaw in the connected vehicle service SiriusXM allows remote car hacking

Security Affairs

DECEMBER 6, 2022

Curry and his team also discovered a vulnerability affecting Hyundai and Genesis vehicles that can be exploited to remotely control the locks, engine, horn, headlights, and trunk of vehicles made after 2012. SecurityAffairs – hacking, car hacking). Hyundai also rapidly addressed the flaw. Pierluigi Paganini.

Hacking

Hacking Engineering Mobile Internet

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. This week, Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data. SecurityAffairs – Mitsubishi Electric, hacking).

Antivirus

Antivirus Hacking Advertising Media

Microsoft rolled out emergency updates to fix Windows Server auth failures

Security Affairs

NOVEMBER 15, 2021

These issues impacts Windows Server 2019 and lower versions, including Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2. SecurityAffairs – hacking, Operation Cyclone). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Authentication

Authentication Hacking Information Security

Ops, popular iTerm2 macOS Terminal App is affected by a critical RCE since 2012

Security Affairs

OCTOBER 9, 2019

SecurityAffairs – iTerms2, hacking). The post Ops, popular iTerm2 macOS Terminal App is affected by a critical RCE since 2012 appeared first on Security Affairs. . ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Hacking Cybersecurity Information Security

Russians charged with hacking Mt. Gox exchange and operating BTC-e

Security Affairs

JUNE 9, 2023

Two Russian nationals have been charged with the hack of the cryptocurrency exchange Mt. Russian nationals Alexey Bilyuchenko (43) and Aleksandr Verner (29) have been charged with the hack of the cryptocurrency exchange Mt. Gox ) The post Russians charged with hacking Mt. Gox ) The post Russians charged with hacking Mt.

Hacking

Hacking Cryptocurrency Advertising Banking

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Security Affairs

FEBRUARY 13, 2020

Please see this KB for more information. “ In 2017, the Shadow Brokers hacking group released a collection of NSA exploits and hacking tools targeting Microsoft’s Windows OS, some of them were developed to exploit the SMBv1 p rotocol to execute commands on vulnerable servers with administrative p rivileges.

Authentication

Authentication Malware Advertising Hacking

Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoor

Security Affairs

JUNE 23, 2022

The Tropic Trooper APT has been active at least since 2012, it was first spotted by security experts at Trend Micro in 2015, when the threat actors targeted government ministries and heavy industries in Taiwan and the military in the Philippines. SecurityAffairs – hacking, Tropic Trooper). Pierluigi Paganini.

Hacking

Hacking Wireless Encryption Passwords

U.S. CISA adds Microsoft Internet Explorer and Twilio Authy bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

JULY 24, 2024

Remote attackers can exploit the flaw to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object, and exploited in the wild in December 2012. is a Twilio Authy information disclosure vulnerability.

Internet

Internet Internet Hacking Accountability

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Security Affairs

APRIL 9, 2023

The Estonian man is accused of having helped the Russian government and military to purchase US-made electronics and hacking tools. “Shevlyakov also attempted to acquire computer hacking tools.” electronics manufacturers and distributors between approximately October 2012 and January 2022.

Computers and Electronics

Computers and Electronics Hacking Penetration Testing Manufacturing

Lebanese Cedar APT group broke into telco and ISPs worldwide

Security Affairs

JANUARY 28, 2021

The APT group has been active since 2012, experts linked the group to the Hezbollah militant group. “We assess that there are many more companies that have been hacked and that valuable information was stolen from these companies over periods of months and years.” CVE-2012-3152). ” continues the report.

Internet

Internet Internet Hacking Malware

Threat actors are offering for sale 550 million stolen user records

Security Affairs

MAY 15, 2020

Data appears to come from past data breaches, the oldest one dates back as 2012 while the latest one dates April 2020. million April 2018 Netlog.com (Twoo.com) 57 million November 2012 Dubsmash.com Phone numbers 47.1 million September 2012 Bukalapak.com 13 million February 2018 Bookmate.com 8 million July 2018 ReverbNation.com 7.9

Data breaches

Data breaches Advertising Passwords Hacking

Microsoft Out-of-Band security patch fixes Windows privilege escalation flaws

Security Affairs

AUGUST 20, 2020

Microsoft released an Out-of-Band security update to address privilege escalation flaws in Windows 8.1 and Windows Server 2012 R2 systems. Microsoft released this week an out-of-band security update for Windows 8.1 and Windows Server 2012 R2 systems that address two privilege escalation vulnerabilities in Windows Remote Access.

Advertising

Advertising Hacking Information Security Malware

Authorities shut down Crimenetwork, the Germany’s largest crime marketplace

Security Affairs

DECEMBER 4, 2024

Since 2012, Crimenetwork facilitated the sale of illegal goods and services, including drugs, forged documents, hacking tools, and stolen data. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, cybercrime) Source Computerworld.ch

Cybercrime

Cybercrime Cryptocurrency Hacking Internet

Operation Soft Cell – Multiple telco firms hacked by nation-state actor

Security Affairs

JUNE 25, 2019

“Based on the data available to us, Operation Soft Cell has been active since at least 2012, though some evidence suggests even earlier activity by the threat actor against telecommunications providers. Then attackers launched a series of reconnaissance commands to gather information about the target infrastructure (i.e.

Telecommunications

Telecommunications Hacking Advertising Mobile

DeathStalker cyber-mercenary group targets the financial sector

Security Affairs

AUGUST 26, 2020

A hack-for-hire group, tracked as DeathStalker, has been targeting organizations in the financial sector since 2012 Kaspersky researchers say. DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012.

Malware

Malware Hacking Advertising Cybercrime

Hacker deposited $1M in a popular cybercrime marketplace to buy zero-day exploits

Security Affairs

JULY 8, 2021

According to the experts, the member “integra” has joined the cybercrime forum in September 2012 and has gained a high reputation over the course of time. The threat actor is also a member of another cybercrime forum since October 2012. . SecurityAffairs – hacking, cybercrime). ” states Cyble. ” concludes Cyble.

Cybercrime

Cybercrime Malware Hacking Information Security

Expert released DOS Exploit PoC for Critical Windows RDP Gateway flaws

Security Affairs

JANUARY 24, 2020

The Danish security researcher Ollypwn has published a proof-of-concept (PoC) denial of service exploit for the CVE-2020-0609 and CVE-2020-0610 vulnerabilities in the Remote Desktop Gateway (RD Gateway) component on Windows Server (2012, 2012 R2, 2016, and 2019) devices. SecurityAffairs – RDP Gateway, hacking).

Advertising

Advertising Firewall Education Engineering

US indicted 4 Russian government employees for attacks on critical infrastructure

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. “In total, these hacking campaigns targeted thousands of computers, at hundreds of companies and organizations, in approximately 135 countries.”

Government

Government Energy and Utilities Malware Hacking

Colombian authorities arrested hacker behind the Gozi Virus

Security Affairs

JUNE 30, 2021

for his key role in the distribution of the Gozi virus that infected more than a million computers from 2007 to 2012. Paunescu was arrested in Romania in 2012, but was able to avoid extradition. SecurityAffairs – hacking, Gozi ). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Banking

Banking Malware Hacking Information Security

Vietnam-linked Ocean Lotus hacked BMW and Hyundai networks

Security Affairs

DECEMBER 7, 2019

” The APT32 group, also known as OceanLotus Group, has been active since at least 2012 targeting organizations across multiple industries and foreign governments, dissidents, and journalists. The post Vietnam-linked Ocean Lotus hacked BMW and Hyundai networks appeared first on Security Affairs. Pierluigi Paganini.

Hacking

Hacking Manufacturing Advertising Media

Chinese APT IronHusky use Win zero-day in recent wave of attacks

Security Affairs

OCTOBER 13, 2021

A Chinese-speaking hacking group exploited a Windows zero-day vulnerability in a wave of attacks on defense and IT businesses. A Chinese-speaking hacking group exploited a zero-day vulnerability in the Windows Win32k kernel driver to deploy a new remote access trojan (RAT), tracked as MysterySnail. SecurityAffairs – hacking, Windows).

Hacking

Hacking Malware Government Technology

A new Stantinko Bot masqueraded as httpd targeting Linux servers

Security Affairs

NOVEMBER 24, 2020

Researchers from Intezer have spotted a new variant of an adware and coin-miner botnet that is operated by Stantinko threat actors since 2012. SecurityAffairs – hacking, malware). The post A new Stantinko Bot masqueraded as httpd targeting Linux servers appeared first on Security Affairs. ” Pierluigi Paganini.

Adware

Adware Malware Hacking Software

PHP addressed critical RCE flaw potentially impacting millions of servers

Security Affairs

JUNE 9, 2024

This oversight allows unauthenticated attackers to bypass the previous protection of CVE-2012-1823 by specific character sequences. An attacker can exploit the flaw to bypass protections for a previous vulnerability, CVE-2012-1823, using specific character sequences. ” reads the advisory published by DEVCORE.

Architecture

Architecture Hacking Risk Cybersecurity

British Court rejects the US’s request to extradite Julian Assange

Security Affairs

JANUARY 4, 2021

In 2012 a British judge ruled WikiLeaks founder Julian Assange should be extradited to Sweden to face allegations of sexual assault there, but Assange received political asylum from Ecuador and spent the last years in its London embassy. If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Government

Government Risk Passwords Hacking

Deadglyph, a very sophisticated and unknown backdoor targets the Middle East

Security Affairs

SEPTEMBER 24, 2023

Stealth Falcon is a nation-state actor active since at least 2012, the group targeted political activists and journalists in the Middle East in past campaigns. The attacks have been conducted from 2012 until 2106, against Emirati journalists, activists, and dissidents. .

Spyware

Spyware Malware Architecture Encryption

CISA adds Arm Mali GPU Kernel Driver, PHP bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

JUNE 12, 2024

An attacker can exploit the flaw to bypass protections for a previous vulnerability, CVE-2012-1823, using specific character sequences. Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, Known Exploited Vulnerabilities catalog)

Hacking

Hacking Cybersecurity Risk Information Security

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Security Affairs

NOVEMBER 22, 2019

Lisov operated the infrastructure behind the NeverQuest malware between June 2012 and January 2015, the managed a network of servers containing lists of millions of stolen login credentials.

Banking

Banking Malware Advertising Passwords

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

Security Affairs

JULY 19, 2021

Threat actors that goes online with the moniker ZeroX claim to have stolen 1 TB of sensitive data from the Saudi Arabian petroleum and natural gas giant end it is offering for sale it on multiple hacking forums. SecurityAffairs – hacking, Saudi Aramco). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Engineering

Engineering Telecommunications Data breaches Wireless

Russia-linked actors may be behind an explosion at a liquefied natural gas plant in Texas

Security Affairs

JUNE 26, 2022

A Russian hacking group may be responsible for a cyber attack against a liquefied natural gas plant in Texas that led to its explosion on June 8. Department of Justice brought charges against four Russian nationals suspected of using TRITON malware in cyber attacks on behalf of the Russian government between 2012 and 2018.

Cyber Attacks

Cyber Attacks Hacking Malware Government

Wikileaks founder Julian Assange is free

Security Affairs

JUNE 25, 2024

In 2012 a British judge ruled WikiLeaks founder Julian Assange should be extradited to Sweden to face allegations of sexual assault there, but Assange received political asylum from Ecuador and spent the last years in its London embassy.

Passwords

Passwords Hacking Government Information Security

A new variant of Cicada ransomware targets VMware ESXi systems

Security Affairs

SEPTEMBER 2, 2024

Cicada 3301 is the name given to three sets of puzzles posted under the name “3301” online between 2012 and 2014. The first puzzle started on January 4, 2012, on 4chan and ran for nearly a month. The following image shows the list of victims published by the gang on its Dark Web leak site.

Ransomware

Ransomware Encryption Malware Cybercrime

Russian spies are attempting to tap transatlantic undersea cables

Security Affairs

MARCH 1, 2020

Data provided in the reports are disconcerting, British telecommunications firms supported GCHQ in collecting a large volume of internet data from undersea cables, the overall amount of information from 2007 to 2012 registered a 7,000-fold increase, meanwhile, the spying system monitored nearly 46 billion private communications “events” every day.

Wireless

Wireless Surveillance Telecommunications Advertising

Don’t trust links with known domains: BMW affected by redirect vulnerability

Security Affairs

JANUARY 3, 2024

When the victim clicks on a link that appears to be legitimate, they’re redirected to the attacker’s website, where malicious JavaScript is executed in the client’s browser or where they are prompted to enter sensitive information. All attackers need to do is modify the URL value to redirect to a malicious site.

Phishing

Phishing Manufacturing Firewall Cybercrime

Kraken fileless attack technique abuses Microsoft Windows Error Reporting (WER)

Security Affairs

OCTOBER 7, 2020

The hacking technique was employed by an unidentified hacking group to avoid detection. The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists. SecurityAffairs – hacking, Kraken). Pierluigi Paganini.

Advertising

Advertising Hacking Manufacturing Phishing

Microsoft releases Windows out-of-band emergency fixes for Win Server, VPN issues

Security Affairs

JANUARY 18, 2022

Windows Server 2012 R2: KB5010794 Windows Server 2012: KB5010797. However, experts warn that removing the above updates they will also remove bundled security updates that address vulnerabilities patched with the release of the January 2021 Patch Tuesday. . SecurityAffairs – hacking, Windows emergency out-of-band).

VPN

VPN Media Hacking Information Security

Mitsubishi Electric discloses data breach, media blame China-linked APT

Security Affairs

JANUARY 20, 2020

The hacker group has been targeting Japanese heavy industry, manufacturing and international relations at least since 2012, According to the experts, the group is linked to the People’s Republic of China and is focused on exfiltrating confidential data. SecurityAffairs – data breach, hacking). ” reported Kyodo News.

Data breaches

Data breaches Media Computers and Electronics Cyber Attacks

Experts warn of a surge in zero-day flaws observed and exploited in 2021

Security Affairs

APRIL 25, 2022

Mandiant states that From 2012 to 2021, China exploited more zero-days than any other nation. From 2012 to 2021, China-linked threat actors exploited more zero-days than any other nation-state actors. SecurityAffairs – hacking, zero-days). Most of the zero-days discovered by the company were exploited by nation-state APT groups.

Ransomware

Ransomware Hacking Software Risk

US deported NeverQuest operator Stanislav Vitaliyevich Lisov to Russia

Security Affairs

JUNE 21, 2020

Lisov operated the infrastructure behind the NeverQuest malware between June 2012 and January 2015, he managed a network of servers containing lists of millions of stolen login credentials. In February 2019, the man has pled guilty to one count of conspiracy to commit computer hacking in Manhattan Federal Court. Pierluigi Paganini.

Banking

Banking Malware Advertising Hacking

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

Security Affairs

FEBRUARY 21, 2024

Mustang Panda has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Earth Preta)

Malware

Malware Phishing Government Passwords

Horde Webmail Software is affected by a dangerous bug since 2012

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Trending Sources

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

A critical flaw in industrial automation systems opens to remote hack

Pakistani man sentenced to 12 years of prison for his role in AT&T hacking scheme

A flaw in the connected vehicle service SiriusXM allows remote car hacking

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Microsoft rolled out emergency updates to fix Windows Server auth failures

Ops, popular iTerm2 macOS Terminal App is affected by a critical RCE since 2012

Russians charged with hacking Mt. Gox exchange and operating BTC-e

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoor

U.S. CISA adds Microsoft Internet Explorer and Twilio Authy bugs to its Known Exploited Vulnerabilities catalog

Estonian National charged with helping Russia acquire U.S. hacking tools and electronics

Lebanese Cedar APT group broke into telco and ISPs worldwide

Threat actors are offering for sale 550 million stolen user records

Microsoft Out-of-Band security patch fixes Windows privilege escalation flaws

Authorities shut down Crimenetwork, the Germany’s largest crime marketplace

Operation Soft Cell – Multiple telco firms hacked by nation-state actor

DeathStalker cyber-mercenary group targets the financial sector

Hacker deposited $1M in a popular cybercrime marketplace to buy zero-day exploits

Expert released DOS Exploit PoC for Critical Windows RDP Gateway flaws

US indicted 4 Russian government employees for attacks on critical infrastructure

Colombian authorities arrested hacker behind the Gozi Virus

Vietnam-linked Ocean Lotus hacked BMW and Hyundai networks

Chinese APT IronHusky use Win zero-day in recent wave of attacks

A new Stantinko Bot masqueraded as httpd targeting Linux servers

PHP addressed critical RCE flaw potentially impacting millions of servers

British Court rejects the US’s request to extradite Julian Assange

Deadglyph, a very sophisticated and unknown backdoor targets the Middle East

CISA adds Arm Mali GPU Kernel Driver, PHP bugs to its Known Exploited Vulnerabilities catalog

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

Russia-linked actors may be behind an explosion at a liquefied natural gas plant in Texas

Wikileaks founder Julian Assange is free

A new variant of Cicada ransomware targets VMware ESXi systems

Russian spies are attempting to tap transatlantic undersea cables

Don’t trust links with known domains: BMW affected by redirect vulnerability

Kraken fileless attack technique abuses Microsoft Windows Error Reporting (WER)

Microsoft releases Windows out-of-band emergency fixes for Win Server, VPN issues

Mitsubishi Electric discloses data breach, media blame China-linked APT

Experts warn of a surge in zero-day flaws observed and exploited in 2021

US deported NeverQuest operator Stanislav Vitaliyevich Lisov to Russia

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

Stay Connected