2012, Information Security and Internet

U.S. CISA adds Microsoft Internet Explorer and Twilio Authy bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

JULY 24, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Internet Explorer and Twilio Authy bugs to its Known Exploited Vulnerabilities catalog. is a use-after-free issue in Microsoft Internet Explorer 6 through 8. is a use-after-free issue in Microsoft Internet Explorer 6 through 8.

Internet

Internet Internet Hacking Accountability

Microsoft Patches Six Zero-Day Security Holes

Krebs on Security

JUNE 8, 2021

CVE-2021-31959 affects everything from Windows 7 through Windows 10 and Server versions 2008 , 2012 , 2016 and 2019. For a quick visual breakdown of each update released today and its severity level, check out the this Patch Tuesday post from the SANS Internet Storm Center.

Backups

Backups Ransomware Cyber threats Phishing

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

Security Affairs

SEPTEMBER 26, 2024

internet service providers (ISPs) as part of a cyber espionage campaign code-named Salt Typhoon. internet service providers in recent months as part of a cyber espionage campaign code-named Salt Typhoon. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.”

Internet

Internet Internet DNS Telecommunications

Data Enrichment, People Data Labs and Another 622M Email Addresses

Troy Hunt

NOVEMBER 22, 2019

"id":null, "title":"partner", "description":null, "location":null, "position_type":"Past", "company_name":"report uri", "company_url":"linkedin.com/company/report-uri", "start_date_year":2017, "end_date_year":null, "start_date_month":11, "end_date_month":null, "company_website":null, "company_size":"1-10", "company_industry":"internet" }, {. "id":null,

Data breaches

Data breaches Technology Software Accountability

A critical flaw in industrial automation systems opens to remote hack

Security Affairs

NOVEMBER 29, 2020

out of 10 in severity by the industry-standard Common Vulnerability Scoring System (CVSS) and impacts all versions of EtherNet/IP Adapter Source Code Stack prior to 2.28, which was released on November 21, 2012. Tracked as CVE-2020-25159 , the flaw is rated 9.8 This would leave many running in the wild still today.”

Hacking

Hacking Firmware Internet Internet

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

JULY 11, 2020

The Russian hacker Yevgeniy Nikulin found guilty for LinkedIn, Dropbox, and Formspring data breach back in 2012 and the sale of their users’ data. A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces.

Hacking

Hacking Cybercrime Data breaches Advertising

Lebanese Cedar APT group broke into telco and ISPs worldwide

Security Affairs

JANUARY 28, 2021

The APT group has been active since 2012, experts linked the group to the Hezbollah militant group. ClearSky experts linked the Lebanese Cedar group to intrusions at telco companies, internet service providers, hosting providers, and managed hosting and applications companies. CVE-2012-3152).

Internet

Internet Internet Hacking Malware

North Korea-linked APT37 exploited IE zero-day in a recent attack

Security Affairs

OCTOBER 19, 2024

North Korea-linked group APT37 exploited an Internet Explorer zero-day vulnerability in a supply chain attack. “Successful exploitation of this vulnerability requires an attacker to first prepare the target so that it uses Edge in Internet Explorer Mode.”

Internet

Internet Internet Engineering Malware

Russian spies are attempting to tap transatlantic undersea cables

Security Affairs

MARCH 1, 2020

Ireland is a strategic place for intercontinental communications because it represents the place where undersea cables which carry internet traffic connect to Europe. Despite the Cable & Wireless bought by Vodafone in July 2012, the Nigella surveillance access point remained active as of April 2013. Source [link].

Wireless

Wireless Surveillance Telecommunications Advertising

Authorities shut down Crimenetwork, the Germany’s largest crime marketplace

Security Affairs

DECEMBER 4, 2024

Since 2012, Crimenetwork facilitated the sale of illegal goods and services, including drugs, forged documents, hacking tools, and stolen data. Germany’s largest crime marketplace, Crimenetwork, has been shut down, and an administrator has been arrested.

Cybercrime

Cybercrime Cryptocurrency Hacking Internet

Russian govn blocked Tutanota service in Russia to stop encrypted communication

Security Affairs

FEBRUARY 17, 2020

The Russian government asks all Internet service providers and VPN providers operating in the country to provide information about their users. The blockage of the Tutanota service has been verified by the OONI Explorer, an open data resource on internet censorship around the world. reported the Associated Press.

Encryption

Encryption VPN Government Internet

Experts Explain How to Bypass Recent Improvement of China’s Great Firewall

Security Affairs

JANUARY 31, 2021

Shadowsocks is a free and open-source encryption protocol project, widely used in China to circumvent Internet censorship. It was created in 2012 by a Chinese programmer named “ clowwindy “, and multiple implementations of the protocol have been made available since.

Firewall

Firewall Surveillance Internet Internet

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The above-mentioned AIDS Trojan hailing from the distant pre-Internet era was the progenitor of the trend, but its real-world impact was close to zero. FBI spoofs 2012 – 2013. It surfaced in November 2012 and was making thousands of victims a day. None of these early threats went pro.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware

Security Affairs

JULY 11, 2024

An attacker can exploit the flaw to bypass protections for a previous vulnerability, CVE-2012-1823, using specific character sequences. The malware was designed to targets Internet of Things (IoT) devices and Linux servers for cryptomining and DDoS purposes. The bot also connects to the command and control domain p.findmeatthe[.]top,

Malware

Malware DDOS Internet Internet

NK-linked InkySquid APT leverages IE exploits in recent attacks

Security Affairs

AUGUST 18, 2021

North Korea-linked InkySquid group leverages two Internet Explorer exploits to deliver a custom implant in attacks aimed at a South Korean online newspaper. APT37 has been active since at least 2012, it mainly targeted government, defense, military, and media organizations in South Korea. ” reads the post published by Volexity.

Internet

Internet Internet Media Engineering

A flaw in the connected vehicle service SiriusXM allows remote car hacking

Security Affairs

DECEMBER 6, 2022

Curry and his team scanned the internet to find domains owned by SiriusXM and perform reverse-engineering of the mobile apps of SiriusXM customers to figure out how the service works. The experts began investigating the domain “ [link] ” handling services for enrolling vehicles in the SiriusXM remote management functionality.

Hacking

Hacking Engineering Mobile Internet

Microsoft disrupted US-Based Infrastructure of the Necurs botnet

Security Affairs

MARCH 10, 2020

Necurs botnet is one of the largest spam botnet , it has been active since at least 2012 and was involved in massive campaigns spreading malware such as the Locky ransomware , the Scarab ransomware , and the Dridex banking Trojan. The Necurs botnet is active since at least 2012, it is operated by the cybercrime gang tracked as TA505.

Advertising

Advertising Malware Cybercrime Government

Critical flaw in Microsoft Hyper-V could allow RCE and DoS

Security Affairs

JULY 29, 2021

The flaw resides in Microsoft Hyper-V’s network switch driver ( vmswitch.sys ), it affects Windows 10 and Windows Server 2012 through 2019. Such OID requests include, for example, hardware offloading, Internet Protocol security (IPsec) and single root I/O virtualization (SR-IOV) requests.”

Internet

Internet Internet Hacking Ransomware

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

Security Affairs

JULY 19, 2021

This isn’t the first attack suffered by the Oil giant, in 2012 Saudi Aramco suffered a major cyber attack, alleged nation-state actors used the Shamoon wiper to destroy over 30,000 computers of the company. ZeroX is also offering a 1 GB sample for US$2,000 that could be paid in Monero (XMR) virtual currency.

Engineering

Engineering Telecommunications Data breaches Wireless

Snowden Ten Years Later

Schneier on Security

JUNE 6, 2023

Could agents take control of my computer over the Internet if they wanted to? Those of us in the information security community had long assumed that the NSA was doing things like this. This was in 2016, when Poitras built a secure room in New York to house the documents. Very probably. Definitely. And Edward Snowden?

Surveillance

Surveillance Computers and Electronics Government Encryption

Belarusian authorities seized XakFor, one of the largest Russian-speaking hacker sites

Security Affairs

SEPTEMBER 8, 2019

Ministry of Internal Affairs announced that Belarusian police have seized and shutdown XakFor, one of the largest hacking forums on the internet. XakFor has been active since 2012, most of its visitors were Russian-speaking hackers and crooks. Belarusian police have seized the servers of XakFor (xakfor[.]net),

Advertising

Advertising Malware Cybercrime Hacking

North Korea ScarCruft APT used previously undetected Dolphin Backdoor against South Korea

Security Affairs

DECEMBER 1, 2022

ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. The Dolphin backdoor was used as the final payload of a multistage watering-hole attack in early 2021.

Accountability

Accountability Malware Cyber Attacks Media

0patch releases free unofficial patches for Windows 0days exploited in the wild

Security Affairs

MARCH 27, 2020

The vulnerabilities could not be exploited through Internet Explorer or the Outlook preview pane. The security patches developed by 0patch address the issues for Windows 7 and Windows Server 2008 R2 without ESU. and Windows Server 2012. The flaws impact all supported versions of Windows.

Advertising

Advertising Risk Internet Internet

Law enforcement seized the website selling the NetWire RAT and arrested a Croatian man

Security Affairs

MARCH 10, 2023

The NetWire Remote Access Trojan (RAT) is available for sale on cybercrime forums since 2012, it allows operators to steal sensitive data from the infected systems. DomainTools further shows this email address was used to register one other domain in 2012: wwlabshosting[.]com, ” reads the press release published DoJ.

Malware

Malware Cybercrime Data breaches Internet

How Does An IPv6 Proxy Work & How Enterprises Can Get Benefit?

Security Affairs

FEBRUARY 10, 2022

Technological advancements have come a long way – from when internet utility was very limited to when internet connection was achieved only through internet protocol (IP) version 4 (IPv4) addresses to this modern age where IPv6 is the next big thing. This helps to provide necessary security and anonymity for the internet user.

Internet

Internet Internet Data privacy Technology

Microsoft Patch Tuesday for August 2019 patch 93 bugs, including 2 dangerous wormable issues

Security Affairs

AUGUST 14, 2019

The list of flaws addressed by the tech giant doesn’t include zero-days or publicly disclosed vulnerabilities, 29 issues were rated as ‘Critical’ and affect Microsoft’s Edge and Internet Explorer web browsers, Windows, Outlook and Office. Unlike BlueKeep, the flaws cannot be exploited via the Remote Desktop Protocol (RDP).

Authentication

Authentication Advertising Internet Internet

The Dark Web Has Nothing on Data Brokers

Daniel Miessler

FEBRUARY 1, 2020

People talk about it like it’s the Internet Demogorgon. and in 2012 the New York Times said they had the largest commercial database on customers. Acxiom collects, analyzes and sells customer and business information used for targeted advertising campaigns. Among those, Acxiom is particularly interesting.

Advertising

Advertising InfoSec Password Management Education

Russian hacker Andrei Tyurin sentenced to 12 years in prison

Security Affairs

JANUARY 11, 2021

Andrei Tyurin is accused of being the mastermind of the organization that targeted the US financial institution from 2012 to mid-2015. and foreign companies in furtherance of various criminal enterprises operated by Shalon and his co-conspirators, including unlawful internet gambling businesses and international payment processors.

Hacking

Hacking Marketing Identity Theft Banking

GALLIUM APT used a new PingPull RAT in recent campaigns

Security Affairs

JUNE 13, 2022

Researchers from Palo Alto Networks defined the PingPull RAT as a “difficult-to-detect” backdoor that leverages the Internet Control Message Protocol (ICMP) for C2 communications. However, the group has been active at least since 2012.

Telecommunications

Telecommunications Government Internet Internet

US DoJ seizes $3.36B Bitcoin from Silk Road hacker

Security Affairs

NOVEMBER 8, 2022

“JAMES ZHONG pled guilty to committing wire fraud in September 2012 when he unlawfully obtained over 50,000 Bitcoin from the Silk Road dark web internet marketplace. The man funded nine fraudulent accounts with an initial deposit of 200 to 2,000 bitcoin and then triggered 140 withdrawal transactions in rapid succession.

Cryptocurrency

Cryptocurrency Internet Internet Hacking

We infiltrated an IRC botnet. Here’s what we found

Security Affairs

NOVEMBER 19, 2020

When targeted by a threat actor, the honeypot system uses their intrusion attempt to gain valuable information about the attacker. In order to capture malware and monitor cyberattacks across the internet in real-time, we run multiple honeypot systems that are contained in isolated execution environments, otherwise known as containers.

DDOS

DDOS IoT Malware Internet

Water utility CISO offers tips to stay secure as IT and OT converge

SC Magazine

APRIL 26, 2021

As critical infrastructure facilities increasingly converge their IT and OT systems, visibility into traditionally isolated operational systems is turning into a key security challenge. Recognizing that the ABCWUA is “ahead of a lot of the water authorities” across the U.S.

CISO

CISO IoT VPN InfoSec

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

Security Affairs

FEBRUARY 16, 2023

Below is the list of vulnerabilities exploited by V3G4: CVE-2012-4869 : FreePBX Elastix Remote Command Execution Vulnerability Gitorious Remote Command Execution Vulnerability CVE-2014-9727 : FRITZ!Box

IoT

IoT DDOS Encryption Malware

MMD-0063-2019 – Summarize report of three years MalwareMustDie research (Sept 2016-Sept 2019)

Security Affairs

SEPTEMBER 21, 2019

The bad side of all of these adventure is, now I have my research materials scattering around all over the internet during these past three years (smile).

Malware

Malware Advertising Security Awareness Media

Cybersecurity Report: August 11, 2015

SiteLock

AUGUST 27, 2021

Department of Justice released a report that revealed some weaknesses in Next Gen Cyber, The Federal Bureau of Investigation’s cyber security program begun in 2012. Cybersecurity Bill Could ‘Sweep Away’ Internet Users’ Privacy, Agency Warns. China to Embed Internet Police in Tech Firms. Last week, the U.S.

Cybersecurity

Cybersecurity Internet Internet Banking

Data Breach: Turkish legal advising company exposed over 15,000 clients

Security Affairs

FEBRUARY 26, 2021

Our online security team has uncovered a massive data breach originating from a misconfigured Amazon Bucket, which was operated by a Turkish Legal advising company, INOVA YÖNETIM & AKTÜERYAL DANI?MANLIK. Inova has been operating since 2012 and has handled thousands of cases since then. How and Why We Discovered the Breach.

Data breaches

Data breaches Insurance Identity Theft Education

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

Security Affairs

MAY 16, 2023

MustangPanda has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. Past campaigns were focused on Asian countries, including Taiwan, Hong Kong, Mongolia, Tibet, and Myanmar.

Firmware

Firmware Encryption Government Malware

The Platinum APT group adds the Titanium backdoor to its arsenal

Security Affairs

NOVEMBER 9, 2019

In June 2018, experts at Kaspersky were investigating attacks against government and military entities in South and Southeast Asian countries, The experts tracked the campaign as EasternRoppels, they speculate it may have started as far back as 2012. The malware can also get proxy settings from Internet Explorer.

Encryption

Encryption Passwords Malware Software

The Fuzzing Files: The Anatomy of a Heartbleed

ForAllSecure

JULY 28, 2020

"You sort of sense that the discovery of flaws in SSL stacks is accelerating,” he said, “and so I was curious about [what] the current state of security was with regards to SSL stacks and I went and took a look.". In 2012, a change was made to OpenSSL-- that change allowed for Heartbleed to exist. through 1.0.1f

Encryption

Encryption Retail Software Banking

The Fuzzing Files: The Anatomy of a Heartbleed

ForAllSecure

JULY 28, 2020

"You sort of sense that the discovery of flaws in SSL stacks is accelerating,” he said, “and so I was curious about [what] the current state of security was with regards to SSL stacks and I went and took a look.". In 2012, a change was made to OpenSSL-- that change allowed for Heartbleed to exist. through 1.0.1f

Encryption

Encryption Retail Software Banking

The Fuzzing Files: The Anatomy of a Heartbleed

ForAllSecure

JULY 28, 2020

"You sort of sense that the discovery of flaws in SSL stacks is accelerating,” he said, “and so I was curious about [what] the current state of security was with regards to SSL stacks and I went and took a look.". In 2012, a change was made to OpenSSL-- that change allowed for Heartbleed to exist. through 1.0.1f

Encryption

Encryption Retail Software Banking

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Security Affairs

MARCH 2, 2019

The command highlighted in Figure 2 is an instruction responsible to download an MSI file from the C2 server ( hxxp://195.123.209.169/control ), geolocated in Latvia and with ports 80 and 3389 opened to the Internet. Figure 3: [1] Suspicious Microsoft Office files and C2 server IP address; and [2], geolocation and C2 ports.

Malware

Malware Antivirus Technology Phishing

CISSPs from Around the Globe: An Interview with James Wright

CyberSecurity Insiders

SEPTEMBER 8, 2021

The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted.

Computers and Electronics

Computers and Electronics Architecture Education Encryption

The Hacker Mind Podcast: Learn Competitive Hacking with picoCTF

ForAllSecure

SEPTEMBER 10, 2021

Vamosi: So in this episode, we're going to be talking a lot about Capture the Flag, not the children's game of course, but the information security game, we're going to talk about the Jeopardy style CTF, which like the TV game show has six categories of questions, with varying degrees of difficulty. Technical logically accessible.

Hacking

Hacking Education InfoSec Engineering

U.S. CISA adds Microsoft Internet Explorer and Twilio Authy bugs to its Known Exploited Vulnerabilities catalog

Microsoft Patches Six Zero-Day Security Holes

Trending Sources

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

Data Enrichment, People Data Labs and Another 622M Email Addresses

A critical flaw in industrial automation systems opens to remote hack

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Lebanese Cedar APT group broke into telco and ISPs worldwide

North Korea-linked APT37 exploited IE zero-day in a recent attack

Russian spies are attempting to tap transatlantic undersea cables

Authorities shut down Crimenetwork, the Germany’s largest crime marketplace

Russian govn blocked Tutanota service in Russia to stop encrypted communication

Experts Explain How to Bypass Recent Improvement of China’s Great Firewall

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware

NK-linked InkySquid APT leverages IE exploits in recent attacks

A flaw in the connected vehicle service SiriusXM allows remote car hacking

Microsoft disrupted US-Based Infrastructure of the Necurs botnet

Critical flaw in Microsoft Hyper-V could allow RCE and DoS

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

Snowden Ten Years Later

Belarusian authorities seized XakFor, one of the largest Russian-speaking hacker sites

North Korea ScarCruft APT used previously undetected Dolphin Backdoor against South Korea

0patch releases free unofficial patches for Windows 0days exploited in the wild

Law enforcement seized the website selling the NetWire RAT and arrested a Croatian man

How Does An IPv6 Proxy Work & How Enterprises Can Get Benefit?

Microsoft Patch Tuesday for August 2019 patch 93 bugs, including 2 dangerous wormable issues

The Dark Web Has Nothing on Data Brokers

Russian hacker Andrei Tyurin sentenced to 12 years in prison

GALLIUM APT used a new PingPull RAT in recent campaigns

US DoJ seizes $3.36B Bitcoin from Silk Road hacker

We infiltrated an IRC botnet. Here’s what we found

Water utility CISO offers tips to stay secure as IT and OT converge

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

MMD-0063-2019 – Summarize report of three years MalwareMustDie research (Sept 2016-Sept 2019)

Cybersecurity Report: August 11, 2015

Data Breach: Turkish legal advising company exposed over 15,000 clients

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

The Platinum APT group adds the Titanium backdoor to its arsenal

The Fuzzing Files: The Anatomy of a Heartbleed

The Fuzzing Files: The Anatomy of a Heartbleed

The Fuzzing Files: The Anatomy of a Heartbleed

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

CISSPs from Around the Globe: An Interview with James Wright

The Hacker Mind Podcast: Learn Competitive Hacking with picoCTF

Stay Connected