2012, Information Security and Internet

U.S. CISA adds Microsoft Internet Explorer and Twilio Authy bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

JULY 24, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft Internet Explorer and Twilio Authy bugs to its Known Exploited Vulnerabilities catalog. is a use-after-free issue in Microsoft Internet Explorer 6 through 8. is a use-after-free issue in Microsoft Internet Explorer 6 through 8.

Internet

Internet Internet Hacking Accountability

Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware

Security Affairs

JULY 11, 2024

An attacker can exploit the flaw to bypass protections for a previous vulnerability, CVE-2012-1823, using specific character sequences. The malware was designed to targets Internet of Things (IoT) devices and Linux servers for cryptomining and DDoS purposes. The bot also connects to the command and control domain p.findmeatthe[.]top,

Malware

Malware DDOS Internet Internet

A critical flaw in industrial automation systems opens to remote hack

Security Affairs

NOVEMBER 29, 2020

out of 10 in severity by the industry-standard Common Vulnerability Scoring System (CVSS) and impacts all versions of EtherNet/IP Adapter Source Code Stack prior to 2.28, which was released on November 21, 2012. Tracked as CVE-2020-25159 , the flaw is rated 9.8 This would leave many running in the wild still today.”

Hacking

Hacking Firmware Internet Internet

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

JULY 11, 2020

The Russian hacker Yevgeniy Nikulin found guilty for LinkedIn, Dropbox, and Formspring data breach back in 2012 and the sale of their users’ data. A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces.

Hacking

Hacking Cybercrime Data breaches Advertising

Microsoft Patches Six Zero-Day Security Holes

Krebs on Security

JUNE 8, 2021

CVE-2021-31959 affects everything from Windows 7 through Windows 10 and Server versions 2008 , 2012 , 2016 and 2019. For a quick visual breakdown of each update released today and its severity level, check out the this Patch Tuesday post from the SANS Internet Storm Center.

Backups

Backups Cyber threats Ransomware Phishing

A flaw in the connected vehicle service SiriusXM allows remote car hacking

Security Affairs

DECEMBER 6, 2022

Curry and his team scanned the internet to find domains owned by SiriusXM and perform reverse-engineering of the mobile apps of SiriusXM customers to figure out how the service works. The experts began investigating the domain “ [link] ” handling services for enrolling vehicles in the SiriusXM remote management functionality.

Hacking

Hacking Engineering Mobile Internet

Law enforcement seized the website selling the NetWire RAT and arrested a Croatian man

Security Affairs

MARCH 10, 2023

The NetWire Remote Access Trojan (RAT) is available for sale on cybercrime forums since 2012, it allows operators to steal sensitive data from the infected systems. DomainTools further shows this email address was used to register one other domain in 2012: wwlabshosting[.]com, ” reads the press release published DoJ.

Malware

Malware Cybercrime Data breaches Internet

Experts Explain How to Bypass Recent Improvement of China’s Great Firewall

Security Affairs

JANUARY 31, 2021

Shadowsocks is a free and open-source encryption protocol project, widely used in China to circumvent Internet censorship. It was created in 2012 by a Chinese programmer named “ clowwindy “, and multiple implementations of the protocol have been made available since.

Firewall

Firewall Surveillance Internet Internet

Russian spies are attempting to tap transatlantic undersea cables

Security Affairs

MARCH 1, 2020

Ireland is a strategic place for intercontinental communications because it represents the place where undersea cables which carry internet traffic connect to Europe. Despite the Cable & Wireless bought by Vodafone in July 2012, the Nigella surveillance access point remained active as of April 2013. Source [link].

Wireless

Wireless Surveillance Telecommunications Advertising

NK-linked InkySquid APT leverages IE exploits in recent attacks

Security Affairs

AUGUST 18, 2021

North Korea-linked InkySquid group leverages two Internet Explorer exploits to deliver a custom implant in attacks aimed at a South Korean online newspaper. APT37 has been active since at least 2012, it mainly targeted government, defense, military, and media organizations in South Korea. ” reads the post published by Volexity.

Internet

Internet Internet Media Engineering

Russian govn blocked Tutanota service in Russia to stop encrypted communication

Security Affairs

FEBRUARY 17, 2020

The Russian government asks all Internet service providers and VPN providers operating in the country to provide information about their users. The blockage of the Tutanota service has been verified by the OONI Explorer, an open data resource on internet censorship around the world. reported the Associated Press.

Encryption

Encryption VPN Government Internet

Data Enrichment, People Data Labs and Another 622M Email Addresses

Troy Hunt

NOVEMBER 22, 2019

"id":null, "title":"partner", "description":null, "location":null, "position_type":"Past", "company_name":"report uri", "company_url":"linkedin.com/company/report-uri", "start_date_year":2017, "end_date_year":null, "start_date_month":11, "end_date_month":null, "company_website":null, "company_size":"1-10", "company_industry":"internet" }, {. "id":null,

Data breaches

Data breaches Technology Software Accountability

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

Security Affairs

JULY 19, 2021

This isn’t the first attack suffered by the Oil giant, in 2012 Saudi Aramco suffered a major cyber attack, alleged nation-state actors used the Shamoon wiper to destroy over 30,000 computers of the company. ZeroX is also offering a 1 GB sample for US$2,000 that could be paid in Monero (XMR) virtual currency.

Engineering

Engineering Telecommunications Wireless Data breaches

North Korea ScarCruft APT used previously undetected Dolphin Backdoor against South Korea

Security Affairs

DECEMBER 1, 2022

ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. The Dolphin backdoor was used as the final payload of a multistage watering-hole attack in early 2021.

Accountability

Accountability Malware Cyber Attacks Media

How Does An IPv6 Proxy Work & How Enterprises Can Get Benefit?

Security Affairs

FEBRUARY 10, 2022

Technological advancements have come a long way – from when internet utility was very limited to when internet connection was achieved only through internet protocol (IP) version 4 (IPv4) addresses to this modern age where IPv6 is the next big thing. This helps to provide necessary security and anonymity for the internet user.

Internet

Internet Internet Data privacy Technology

GALLIUM APT used a new PingPull RAT in recent campaigns

Security Affairs

JUNE 13, 2022

Researchers from Palo Alto Networks defined the PingPull RAT as a “difficult-to-detect” backdoor that leverages the Internet Control Message Protocol (ICMP) for C2 communications. However, the group has been active at least since 2012.

Telecommunications

Telecommunications Government Internet Internet

Microsoft disrupted US-Based Infrastructure of the Necurs botnet

Security Affairs

MARCH 10, 2020

Necurs botnet is one of the largest spam botnet , it has been active since at least 2012 and was involved in massive campaigns spreading malware such as the Locky ransomware , the Scarab ransomware , and the Dridex banking Trojan. The Necurs botnet is active since at least 2012, it is operated by the cybercrime gang tracked as TA505.

Advertising

Advertising Malware Cybercrime Government

Cybersecurity Report: August 11, 2015

SiteLock

AUGUST 27, 2021

Department of Justice released a report that revealed some weaknesses in Next Gen Cyber, The Federal Bureau of Investigation’s cyber security program begun in 2012. Cybersecurity Bill Could ‘Sweep Away’ Internet Users’ Privacy, Agency Warns. China to Embed Internet Police in Tech Firms. Last week, the U.S.

Cybersecurity

Cybersecurity Internet Internet Banking

Belarusian authorities seized XakFor, one of the largest Russian-speaking hacker sites

Security Affairs

SEPTEMBER 8, 2019

Ministry of Internal Affairs announced that Belarusian police have seized and shutdown XakFor, one of the largest hacking forums on the internet. XakFor has been active since 2012, most of its visitors were Russian-speaking hackers and crooks. Belarusian police have seized the servers of XakFor (xakfor[.]net),

Advertising

Advertising Malware Cybercrime Hacking

The Dark Web Has Nothing on Data Brokers

Daniel Miessler

FEBRUARY 1, 2020

People talk about it like it’s the Internet Demogorgon. and in 2012 the New York Times said they had the largest commercial database on customers. Acxiom collects, analyzes and sells customer and business information used for targeted advertising campaigns. Among those, Acxiom is particularly interesting.

Advertising

Advertising InfoSec Password Management Education

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The above-mentioned AIDS Trojan hailing from the distant pre-Internet era was the progenitor of the trend, but its real-world impact was close to zero. FBI spoofs 2012 – 2013. It surfaced in November 2012 and was making thousands of victims a day. None of these early threats went pro.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Snowden Ten Years Later

Schneier on Security

JUNE 6, 2023

Could agents take control of my computer over the Internet if they wanted to? Those of us in the information security community had long assumed that the NSA was doing things like this. This was in 2016, when Poitras built a secure room in New York to house the documents. Very probably. Definitely. And Edward Snowden?

Surveillance

Surveillance Computers and Electronics Encryption Government

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

Security Affairs

FEBRUARY 16, 2023

Below is the list of vulnerabilities exploited by V3G4: CVE-2012-4869 : FreePBX Elastix Remote Command Execution Vulnerability Gitorious Remote Command Execution Vulnerability CVE-2014-9727 : FRITZ!Box

IoT

IoT DDOS Encryption Malware

0patch releases free unofficial patches for Windows 0days exploited in the wild

Security Affairs

MARCH 27, 2020

The vulnerabilities could not be exploited through Internet Explorer or the Outlook preview pane. The security patches developed by 0patch address the issues for Windows 7 and Windows Server 2008 R2 without ESU. and Windows Server 2012. The flaws impact all supported versions of Windows.

Advertising

Advertising Risk Internet Internet

Microsoft Patch Tuesday for August 2019 patch 93 bugs, including 2 dangerous wormable issues

Security Affairs

AUGUST 14, 2019

The list of flaws addressed by the tech giant doesn’t include zero-days or publicly disclosed vulnerabilities, 29 issues were rated as ‘Critical’ and affect Microsoft’s Edge and Internet Explorer web browsers, Windows, Outlook and Office. Unlike BlueKeep, the flaws cannot be exploited via the Remote Desktop Protocol (RDP).

Authentication

Authentication Advertising Internet Internet

China-linked APT41 group exploits Citrix, Cisco, Zoho flaws

Security Affairs

MARCH 25, 2020

The APT41 has been active since at least 2012, it was involved in both state-sponsored espionage campaigns and financially-motivated attacks since 2014. The campaign was uncovered by FireEye , threat actor targeted many organizations worldwide the world by exploiting vulnerabilities in Citrix, Cisco and Zoho ManageEngine products.

Telecommunications

Telecommunications Healthcare Education Advertising

Water utility CISO offers tips to stay secure as IT and OT converge

SC Magazine

APRIL 26, 2021

As critical infrastructure facilities increasingly converge their IT and OT systems, visibility into traditionally isolated operational systems is turning into a key security challenge. Recognizing that the ABCWUA is “ahead of a lot of the water authorities” across the U.S.

CISO

CISO IoT VPN InfoSec

We infiltrated an IRC botnet. Here’s what we found

Security Affairs

NOVEMBER 19, 2020

When targeted by a threat actor, the honeypot system uses their intrusion attempt to gain valuable information about the attacker. In order to capture malware and monitor cyberattacks across the internet in real-time, we run multiple honeypot systems that are contained in isolated execution environments, otherwise known as containers.

DDOS

DDOS IoT Malware Internet

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

.” PicTrace appears to have been a service that allowed users to glean information about anyone who viewed an image hosted on the platform, such as their Internet address, browser type and version number. A copy of pictrace[.]com

Hacking

Hacking Accountability Data breaches Marketing

MMD-0063-2019 – Summarize report of three years MalwareMustDie research (Sept 2016-Sept 2019)

Security Affairs

SEPTEMBER 21, 2019

The bad side of all of these adventure is, now I have my research materials scattering around all over the internet during these past three years (smile).

Malware

Malware Advertising Security Awareness Media

The Fuzzing Files: The Anatomy of a Heartbleed

ForAllSecure

JULY 28, 2020

"You sort of sense that the discovery of flaws in SSL stacks is accelerating,” he said, “and so I was curious about [what] the current state of security was with regards to SSL stacks and I went and took a look.". In 2012, a change was made to OpenSSL-- that change allowed for Heartbleed to exist. through 1.0.1f

Encryption

Encryption Retail Software Banking

The Fuzzing Files: The Anatomy of a Heartbleed

ForAllSecure

JULY 28, 2020

"You sort of sense that the discovery of flaws in SSL stacks is accelerating,” he said, “and so I was curious about [what] the current state of security was with regards to SSL stacks and I went and took a look.". In 2012, a change was made to OpenSSL-- that change allowed for Heartbleed to exist. through 1.0.1f

Encryption

Encryption Retail Software Banking

Data Breach: Turkish legal advising company exposed over 15,000 clients

Security Affairs

FEBRUARY 26, 2021

Our online security team has uncovered a massive data breach originating from a misconfigured Amazon Bucket, which was operated by a Turkish Legal advising company, INOVA YÖNETIM & AKTÜERYAL DANI?MANLIK. Inova has been operating since 2012 and has handled thousands of cases since then. How and Why We Discovered the Breach.

Data breaches

Data breaches Insurance Identity Theft Education

The Fuzzing Files: The Anatomy of a Heartbleed

ForAllSecure

JULY 28, 2020

"You sort of sense that the discovery of flaws in SSL stacks is accelerating,” he said, “and so I was curious about [what] the current state of security was with regards to SSL stacks and I went and took a look.". In 2012, a change was made to OpenSSL-- that change allowed for Heartbleed to exist. through 1.0.1f

Encryption

Encryption Retail Software Banking

The Platinum APT group adds the Titanium backdoor to its arsenal

Security Affairs

NOVEMBER 9, 2019

In June 2018, experts at Kaspersky were investigating attacks against government and military entities in South and Southeast Asian countries, The experts tracked the campaign as EasternRoppels, they speculate it may have started as far back as 2012. The malware can also get proxy settings from Internet Explorer.

Encryption

Encryption Passwords Malware Software

CISSPs from Around the Globe: An Interview with James Wright

CyberSecurity Insiders

SEPTEMBER 8, 2021

The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted.

Computers and Electronics

Computers and Electronics Architecture Education Encryption

Lebanese Cedar APT group broke into telco and ISPs worldwide

Security Affairs

JANUARY 28, 2021

The APT group has been active since 2012, experts linked the group to the Hezbollah militant group. ClearSky experts linked the Lebanese Cedar group to intrusions at telco companies, internet service providers, hosting providers, and managed hosting and applications companies. CVE-2012-3152).

Internet

Internet Internet Hacking Malware

Critical flaw in Microsoft Hyper-V could allow RCE and DoS

Security Affairs

JULY 29, 2021

The flaw resides in Microsoft Hyper-V’s network switch driver ( vmswitch.sys ), it affects Windows 10 and Windows Server 2012 through 2019. Such OID requests include, for example, hardware offloading, Internet Protocol security (IPsec) and single root I/O virtualization (SR-IOV) requests.”

Internet

Internet Internet Hacking Ransomware

US DoJ seizes $3.36B Bitcoin from Silk Road hacker

Security Affairs

NOVEMBER 8, 2022

“JAMES ZHONG pled guilty to committing wire fraud in September 2012 when he unlawfully obtained over 50,000 Bitcoin from the Silk Road dark web internet marketplace. The man funded nine fraudulent accounts with an initial deposit of 200 to 2,000 bitcoin and then triggered 140 withdrawal transactions in rapid succession.

Cryptocurrency

Cryptocurrency Internet Internet Hacking

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

Security Affairs

MARCH 2, 2019

The command highlighted in Figure 2 is an instruction responsible to download an MSI file from the C2 server ( hxxp://195.123.209.169/control ), geolocated in Latvia and with ports 80 and 3389 opened to the Internet. Figure 3: [1] Suspicious Microsoft Office files and C2 server IP address; and [2], geolocation and C2 ports.

Malware

Malware Antivirus Technology Phishing

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

Security Affairs

MAY 16, 2023

MustangPanda has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. Past campaigns were focused on Asian countries, including Taiwan, Hong Kong, Mongolia, Tibet, and Myanmar.

Firmware

Firmware Encryption Government Malware

Denmark intel helped US NSA to spy on European politicians

Security Affairs

MAY 31, 2021

Danish Defense Intelligence Service (Danish: Forsvarets Efterretningstjeneste, FE) allowed the US National Security Agency (NSA) to tap into a primary internet and telecommunications hub in Denmark, the operation allowed the US intelligence agency to spy on the communications of European politicians. ” reported the BBC.

Telecommunications

Telecommunications Surveillance Internet Internet

Russian hacker Andrei Tyurin sentenced to 12 years in prison

Security Affairs

JANUARY 11, 2021

Andrei Tyurin is accused of being the mastermind of the organization that targeted the US financial institution from 2012 to mid-2015. and foreign companies in furtherance of various criminal enterprises operated by Shalon and his co-conspirators, including unlawful internet gambling businesses and international payment processors.

Hacking

Hacking Marketing Identity Theft Banking

The Hacker Mind Podcast: Learn Competitive Hacking with picoCTF

ForAllSecure

SEPTEMBER 10, 2021

Vamosi: So in this episode, we're going to be talking a lot about Capture the Flag, not the children's game of course, but the information security game, we're going to talk about the Jeopardy style CTF, which like the TV game show has six categories of questions, with varying degrees of difficulty. Technical logically accessible.

Hacking

Hacking Education InfoSec Engineering

U.S. CISA adds Microsoft Internet Explorer and Twilio Authy bugs to its Known Exploited Vulnerabilities catalog

Multiple threat actors exploit PHP flaw CVE-2024-4577 to deliver malware

Trending Sources

A critical flaw in industrial automation systems opens to remote hack

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Microsoft Patches Six Zero-Day Security Holes

A flaw in the connected vehicle service SiriusXM allows remote car hacking

Law enforcement seized the website selling the NetWire RAT and arrested a Croatian man

Experts Explain How to Bypass Recent Improvement of China’s Great Firewall

Russian spies are attempting to tap transatlantic undersea cables

NK-linked InkySquid APT leverages IE exploits in recent attacks

Russian govn blocked Tutanota service in Russia to stop encrypted communication

Data Enrichment, People Data Labs and Another 622M Email Addresses

Threat actor claims to have stolen 1 TB of data belonging to Saudi Aramco

North Korea ScarCruft APT used previously undetected Dolphin Backdoor against South Korea

How Does An IPv6 Proxy Work & How Enterprises Can Get Benefit?

GALLIUM APT used a new PingPull RAT in recent campaigns

Microsoft disrupted US-Based Infrastructure of the Necurs botnet

Cybersecurity Report: August 11, 2015

Belarusian authorities seized XakFor, one of the largest Russian-speaking hacker sites

The Dark Web Has Nothing on Data Brokers

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Snowden Ten Years Later

Mirai V3G4 botnet exploits 13 flaws to target IoT devices

0patch releases free unofficial patches for Windows 0days exploited in the wild

Microsoft Patch Tuesday for August 2019 patch 93 bugs, including 2 dangerous wormable issues

China-linked APT41 group exploits Citrix, Cisco, Zoho flaws

Water utility CISO offers tips to stay secure as IT and OT converge

We infiltrated an IRC botnet. Here’s what we found

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

MMD-0063-2019 – Summarize report of three years MalwareMustDie research (Sept 2016-Sept 2019)

The Fuzzing Files: The Anatomy of a Heartbleed

The Fuzzing Files: The Anatomy of a Heartbleed

Data Breach: Turkish legal advising company exposed over 15,000 clients

The Fuzzing Files: The Anatomy of a Heartbleed

The Platinum APT group adds the Titanium backdoor to its arsenal

CISSPs from Around the Globe: An Interview with James Wright

Lebanese Cedar APT group broke into telco and ISPs worldwide

Critical flaw in Microsoft Hyper-V could allow RCE and DoS

US DoJ seizes $3.36B Bitcoin from Silk Road hacker

[SI-LAB] FlawedAmmyy Leveraging Undetected XLM Macros as an Infection Vehicle

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

Denmark intel helped US NSA to spy on European politicians

Russian hacker Andrei Tyurin sentenced to 12 years in prison

The Hacker Mind Podcast: Learn Competitive Hacking with picoCTF

Stay Connected