Security Affairs

MARCH 10, 2025

An attacker can exploit the flaw to bypass protections for a previous vulnerability, CVE-2012-1823, using specific character sequences. “ Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,PHP-CGI OS Command Injection Vulnerability)

DDOS 103

DDOS Security Intelligence Malware Hacking 103

Security Affairs

SEPTEMBER 19, 2021

A Pakistani national has been sentenced to 12 years of prison in the US for his role in a hacking scheme against the telecom giant AT&T. “Beginning in 2012, Fahd, 35, conspired with others to recruit AT&T employees at a call center located in Bothell, Washington, to unlock large numbers of cellular phones for profit.

Hacking 139

Hacking Malware Cybercrime Information Security 139

Security Affairs

JANUARY 25, 2020

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. This week, Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data. SecurityAffairs – Mitsubishi Electric, hacking).

Antivirus 145

Antivirus Hacking Advertising Media 145

Security Affairs

DECEMBER 6, 2022

Curry and his team also discovered a vulnerability affecting Hyundai and Genesis vehicles that can be exploited to remotely control the locks, engine, horn, headlights, and trunk of vehicles made after 2012. SecurityAffairs – hacking, car hacking). Hyundai also rapidly addressed the flaw. Pierluigi Paganini.

Hacking 131

Hacking Engineering Mobile Internet 131

Security Affairs

NOVEMBER 15, 2021

These issues impacts Windows Server 2019 and lower versions, including Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2. SecurityAffairs – hacking, Operation Cyclone). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Authentication 137

Authentication Hacking Information Security 137

Security Affairs

OCTOBER 9, 2019

SecurityAffairs – iTerms2, hacking). The post Ops, popular iTerm2 macOS Terminal App is affected by a critical RCE since 2012 appeared first on Security Affairs. . ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising 88

Advertising Hacking Cybersecurity Information Security 88

Security Affairs

JUNE 9, 2023

Two Russian nationals have been charged with the hack of the cryptocurrency exchange Mt. Russian nationals Alexey Bilyuchenko (43) and Aleksandr Verner (29) have been charged with the hack of the cryptocurrency exchange Mt. Gox ) The post Russians charged with hacking Mt. Gox ) The post Russians charged with hacking Mt.

Hacking 98

Hacking Cryptocurrency Advertising Banking 98

Security Affairs

MARCH 13, 2025

ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. ” concludes the report.

Spyware 78

Spyware Surveillance Encryption Malware 78

Security Affairs

FEBRUARY 13, 2020

Please see this KB for more information. “ In 2017, the Shadow Brokers hacking group released a collection of NSA exploits and hacking tools targeting Microsoft’s Windows OS, some of them were developed to exploit the SMBv1 p rotocol to execute commands on vulnerable servers with administrative p rivileges.

Authentication 145

Authentication Malware Advertising Hacking 145

Security Affairs

MARCH 12, 2025

The exploit, linked to the PipeMagic backdoor , has targeted unsupported Windows versions like Server 2012 R2 and 8.1 Cybersecurity and Infrastructure Security Agency (CISA) added other Linux kernel and VMware ESXi and Workstationflaws to its Known Exploited Vulnerabilities catalog.

Cybersecurity 67

Cybersecurity Hacking Risk Information Security 67

Security Affairs

JUNE 23, 2022

The Tropic Trooper APT has been active at least since 2012, it was first spotted by security experts at Trend Micro in 2015, when the threat actors targeted government ministries and heavy industries in Taiwan and the military in the Philippines. SecurityAffairs – hacking, Tropic Trooper). Pierluigi Paganini.

Hacking 123

Hacking Wireless Encryption Passwords 123

Security Affairs

APRIL 9, 2023

The Estonian man is accused of having helped the Russian government and military to purchase US-made electronics and hacking tools. “Shevlyakov also attempted to acquire computer hacking tools.” electronics manufacturers and distributors between approximately October 2012 and January 2022.

Computers and Electronics 98

Computers and Electronics Hacking Penetration Testing Manufacturing 98

Security Affairs

JANUARY 28, 2021

The APT group has been active since 2012, experts linked the group to the Hezbollah militant group. “We assess that there are many more companies that have been hacked and that valuable information was stolen from these companies over periods of months and years.” CVE-2012-3152). ” continues the report.

Internet 141

Internet Internet Hacking Malware 141

Security Affairs

JULY 24, 2024

Remote attackers can exploit the flaw to execute arbitrary code via a crafted web site that triggers access to an object that (1) was not properly allocated or (2) is deleted, as demonstrated by a CDwnBindInfo object, and exploited in the wild in December 2012. is a Twilio Authy information disclosure vulnerability.

Internet 111

Internet Internet Hacking Accountability 111

Security Affairs

MAY 15, 2020

Data appears to come from past data breaches, the oldest one dates back as 2012 while the latest one dates April 2020. million April 2018 Netlog.com (Twoo.com) 57 million November 2012 Dubsmash.com Phone numbers 47.1 million September 2012 Bukalapak.com 13 million February 2018 Bookmate.com 8 million July 2018 ReverbNation.com 7.9

Data breaches 133

Data breaches Advertising Passwords Hacking 133

Security Affairs

JUNE 25, 2019

“Based on the data available to us, Operation Soft Cell has been active since at least 2012, though some evidence suggests even earlier activity by the threat actor against telecommunications providers. Then attackers launched a series of reconnaissance commands to gather information about the target infrastructure (i.e.

Telecommunications 107

Telecommunications Hacking Advertising Mobile 107

Security Affairs

AUGUST 20, 2020

Microsoft released an Out-of-Band security update to address privilege escalation flaws in Windows 8.1 and Windows Server 2012 R2 systems. Microsoft released this week an out-of-band security update for Windows 8.1 and Windows Server 2012 R2 systems that address two privilege escalation vulnerabilities in Windows Remote Access.

Advertising 105

Advertising Hacking Information Security Malware 105

Security Affairs

JANUARY 24, 2020

The Danish security researcher Ollypwn has published a proof-of-concept (PoC) denial of service exploit for the CVE-2020-0609 and CVE-2020-0610 vulnerabilities in the Remote Desktop Gateway (RD Gateway) component on Windows Server (2012, 2012 R2, 2016, and 2019) devices. SecurityAffairs – RDP Gateway, hacking).

Advertising 145

Advertising Firewall Education Engineering 145

Security Affairs

DECEMBER 7, 2019

” The APT32 group, also known as OceanLotus Group, has been active since at least 2012 targeting organizations across multiple industries and foreign governments, dissidents, and journalists. The post Vietnam-linked Ocean Lotus hacked BMW and Hyundai networks appeared first on Security Affairs. Pierluigi Paganini.

Hacking 98

Hacking Manufacturing Advertising Media 98

Security Affairs

NOVEMBER 24, 2020

Researchers from Intezer have spotted a new variant of an adware and coin-miner botnet that is operated by Stantinko threat actors since 2012. SecurityAffairs – hacking, malware). The post A new Stantinko Bot masqueraded as httpd targeting Linux servers appeared first on Security Affairs. ” Pierluigi Paganini.

Adware 145

Adware Malware Hacking Software 145

Security Affairs

AUGUST 26, 2020

A hack-for-hire group, tracked as DeathStalker, has been targeting organizations in the financial sector since 2012 Kaspersky researchers say. DeathStalker is a hack-for-hire group discovered by Kaspersky, it has been targeting organizations worldwide, mainly law firms and financial entities, since 2012.

Malware 113

Malware Hacking Advertising Cybercrime 113

Security Affairs

JULY 8, 2021

According to the experts, the member “integra” has joined the cybercrime forum in September 2012 and has gained a high reputation over the course of time. The threat actor is also a member of another cybercrime forum since October 2012. . SecurityAffairs – hacking, cybercrime). ” states Cyble. ” concludes Cyble.

Cybercrime 122

Cybercrime Malware Hacking Information Security 122

Security Affairs

MARCH 25, 2022

has indicted four Russian government employees for their role in cyberattacks targeting hundreds of companies and organizations in the energy sector worldwide between 2012 and 2018. “In total, these hacking campaigns targeted thousands of computers, at hundreds of companies and organizations, in approximately 135 countries.”

Government 116

Government Energy and Utilities Malware Hacking 116

Security Affairs

JUNE 30, 2021

for his key role in the distribution of the Gozi virus that infected more than a million computers from 2007 to 2012. Paunescu was arrested in Romania in 2012, but was able to avoid extradition. SecurityAffairs – hacking, Gozi ). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Banking 121

Banking Malware Hacking Information Security 121

Security Affairs

JUNE 9, 2024

This oversight allows unauthenticated attackers to bypass the previous protection of CVE-2012-1823 by specific character sequences. An attacker can exploit the flaw to bypass protections for a previous vulnerability, CVE-2012-1823, using specific character sequences. ” reads the advisory published by DEVCORE.

Architecture 142

Architecture Hacking Risk Cybersecurity 142

Security Affairs

OCTOBER 13, 2021

A Chinese-speaking hacking group exploited a Windows zero-day vulnerability in a wave of attacks on defense and IT businesses. A Chinese-speaking hacking group exploited a zero-day vulnerability in the Windows Win32k kernel driver to deploy a new remote access trojan (RAT), tracked as MysterySnail. SecurityAffairs – hacking, Windows).

Hacking 114

Hacking Malware Government Technology 114

Security Affairs

MARCH 11, 2025

SideWinder (also known as Razor Tiger, Rattlesnake, and T-APT-04) has been active since at least 2012, the group mainly targeted Police, Military, Maritime, and the Naval forces of Central Asian countries. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, newsletter)

Malware 67

Malware Government Phishing Hacking 67

Security Affairs

NOVEMBER 22, 2019

Lisov operated the infrastructure behind the NeverQuest malware between June 2012 and January 2015, the managed a network of servers containing lists of millions of stolen login credentials.

Banking 133

Banking Malware Advertising Passwords 133

Security Affairs

JULY 19, 2021

Threat actors that goes online with the moniker ZeroX claim to have stolen 1 TB of sensitive data from the Saudi Arabian petroleum and natural gas giant end it is offering for sale it on multiple hacking forums. SecurityAffairs – hacking, Saudi Aramco). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Engineering 144

Engineering Data breaches Telecommunications Wireless 144

Security Affairs

JANUARY 4, 2021

In 2012 a British judge ruled WikiLeaks founder Julian Assange should be extradited to Sweden to face allegations of sexual assault there, but Assange received political asylum from Ecuador and spent the last years in its London embassy. If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Government 142

Government Risk Passwords Hacking 142

Security Affairs

SEPTEMBER 24, 2023

Stealth Falcon is a nation-state actor active since at least 2012, the group targeted political activists and journalists in the Middle East in past campaigns. The attacks have been conducted from 2012 until 2106, against Emirati journalists, activists, and dissidents. .

Malware 142

Malware Spyware Architecture Encryption 142

Security Affairs

MARCH 1, 2020

Data provided in the reports are disconcerting, British telecommunications firms supported GCHQ in collecting a large volume of internet data from undersea cables, the overall amount of information from 2007 to 2012 registered a 7,000-fold increase, meanwhile, the spying system monitored nearly 46 billion private communications “events” every day.

Wireless 145

Wireless Surveillance Telecommunications Advertising 145

Security Affairs

JANUARY 20, 2020

The hacker group has been targeting Japanese heavy industry, manufacturing and international relations at least since 2012, According to the experts, the group is linked to the People’s Republic of China and is focused on exfiltrating confidential data. SecurityAffairs – data breach, hacking). ” reported Kyodo News.

Data breaches 145

Data breaches Media Computers and Electronics Cyber Attacks 145

Security Affairs

JUNE 12, 2024

An attacker can exploit the flaw to bypass protections for a previous vulnerability, CVE-2012-1823, using specific character sequences. Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, Known Exploited Vulnerabilities catalog)

Hacking 133

Hacking Cybersecurity Risk Information Security 133

Security Affairs

JUNE 26, 2022

A Russian hacking group may be responsible for a cyber attack against a liquefied natural gas plant in Texas that led to its explosion on June 8. Department of Justice brought charges against four Russian nationals suspected of using TRITON malware in cyber attacks on behalf of the Russian government between 2012 and 2018.

Cyber Attacks 132

Cyber Attacks Hacking Malware Government 132

Security Affairs

SEPTEMBER 2, 2024

Cicada 3301 is the name given to three sets of puzzles posted under the name “3301” online between 2012 and 2014. The first puzzle started on January 4, 2012, on 4chan and ran for nearly a month. The following image shows the list of victims published by the gang on its Dark Web leak site.

Ransomware 135

Ransomware Encryption Malware Cybercrime 135

Security Affairs

OCTOBER 7, 2020

The hacking technique was employed by an unidentified hacking group to avoid detection. The APT32 group has been active since at least 2012, it has targeted organizations across multiple industries and foreign governments, dissidents, and journalists. SecurityAffairs – hacking, Kraken). Pierluigi Paganini.

Advertising 139

Advertising Hacking Manufacturing Phishing 139