2012, Information Security and Passwords

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

JULY 11, 2020

The Russian hacker Yevgeniy Nikulin found guilty for LinkedIn, Dropbox, and Formspring data breach back in 2012 and the sale of their users’ data. A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces.

Hacking

Hacking Cybercrime Advertising Data breaches

LimeRAT malware delivered using 8-year-old VelvetSweatshop trick

Security Affairs

APRIL 1, 2020

In malspam attacks, attackers could encrypt the Excel file by setting up a password, then when the victims receive the email, hackers trick them into opening the attachment using a password included in the content of the message. Excel attempts to decrypt and open the file and run any macros it contains.

Malware

Malware Passwords Encryption Advertising

Threat actors are offering for sale 550 million stolen user records

Security Affairs

MAY 15, 2020

Data appears to come from past data breaches, the oldest one dates back as 2012 while the latest one dates April 2020. million April 2018 Netlog.com (Twoo.com) 57 million November 2012 Dubsmash.com Phone numbers 47.1 million September 2012 Bukalapak.com 13 million February 2018 Bookmate.com 8 million July 2018 ReverbNation.com 7.9

Data breaches

Data breaches Advertising Passwords Hacking

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Security Affairs

NOVEMBER 22, 2019

The banking trojan is able to record keystrokes, to steal passwords stored on the PC, and take screenshots and videos from the victims’ machine. Lisov operated the infrastructure behind the NeverQuest malware between June 2012 and January 2015, the managed a network of servers containing lists of millions of stolen login credentials.

Banking

Banking Malware Advertising Passwords

New Version of Meduza Stealer Released in Dark Web

Security Affairs

DECEMBER 29, 2023

On Christmas Eve, Resecurity’s HUNTER unit spotted the author of perspective password stealer Meduza has released a new version (2.2). Presently, Meduza password stealer supports Windows Server 2012/2016/2019/2022 and Windows 10/11.

Password Management

Password Management Cryptocurrency Passwords Authentication

British Court rejects the US’s request to extradite Julian Assange

Security Affairs

JANUARY 4, 2021

The US authorities also accuse Assange of having conspired with Army intelligence analyst Chelsea Manning to crack a password hash for an Army computer to access classified documents that were later published on the WikiLeaks website.

Government

Government Risk Passwords Hacking

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The Archiveus Trojan from 2006 was the first one to use RSA cipher, but it was reminiscent of a proof of concept and used a static 30-digit decryption password that was shortly cracked. FBI spoofs 2012 – 2013. It surfaced in November 2012 and was making thousands of victims a day. None of these early threats went pro.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Wikileaks founder Julian Assange is free

Security Affairs

JUNE 25, 2024

The US authorities also accuse Assange of having conspired with Army intelligence analyst Chelsea Manning to crack a password hash for an Army computer to access classified documents that were later published on the WikiLeaks website.

Passwords

Passwords Hacking Government Information Security

Security firm accidentally exposed an unprotected database with 5 Billion previously leaked records

Security Affairs

MARCH 22, 2020

The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to a UK security firm that contained 5 billion records of data leaked in previous incidents that took place between 2012 and 2019. ” wrote Security Discovery’s researcher Bob Diachenko.

Data breaches

Data breaches Advertising DNS Engineering

Russian national sentenced to 40 months for selling stolen data on the dark web

Security Affairs

AUGUST 16, 2024

The marketplace had been active since 2012, it was allowing sellers to offer stolen login credentials, including usernames and passwords for bank accounts, online payment accounts, mobile phone accounts, retailer accounts, and other online accounts.

Banking

Banking Accountability Retail Mobile

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

Security Affairs

FEBRUARY 21, 2024

Mustang Panda has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. Past campaigns were focused on Asian countries, including Taiwan, Hong Kong, Mongolia, Tibet, and Myanmar.

Malware

Malware Phishing Government Passwords

US deported NeverQuest operator Stanislav Vitaliyevich Lisov to Russia

Security Affairs

JUNE 21, 2020

The banking trojan is able to record keystrokes, to steal passwords stored on the PC, and take screenshots and videos from the victims’ machine. Lisov operated the infrastructure behind the NeverQuest malware between June 2012 and January 2015, he managed a network of servers containing lists of millions of stolen login credentials.

Banking

Banking Malware Advertising Hacking

News aggregator Flipboard disclosed a data breach

Security Affairs

MAY 29, 2019

Stolen records include names, usernames , password hashes, email addresses, and for some users digital tokens used to access Flipboard through third-party services. At the time it is not clear the extent of the breach, anyway, the company forced a password reset for all its users. ” continues the security notice.

Data breaches

Data breaches Accountability Passwords Advertising

US DHS CISA warns of Iran-linked hackers using data wipers in cyberattacks

Security Affairs

JUNE 24, 2019

US DHS CISA agency warns of increased cyber-activity from Iran aimed at spreading data-wiping malware through password spraying , credential stuffing , and spear-phishing. Want to know more about password spraying and how to stop it? The attacks are targeting U.S. link] [link] — Chris Krebs (@CISAKrebs) June 22, 2019. .

Backups

Backups Advertising Passwords Accountability

Keepnet Labs accidentally exposed an unprotected database with 5 Billion previously leaked records

Security Affairs

MARCH 22, 2020

The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to the security firm Keepnet Labs that contained 5 billion records of data leaked in previous incidents that took place between 2012 and 2019. ” wrote Security Discovery’s researcher Bob Diachenko.

Data breaches

Data breaches Advertising DNS Engineering

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

com , a service that sold access to billions of passwords and other data exposed in countless data breaches. ” PicTrace appears to have been a service that allowed users to glean information about anyone who viewed an image hosted on the platform, such as their Internet address, browser type and version number.

Hacking

Hacking Accountability Data breaches Marketing

Iran-linked APT is exploiting the Zerologon flaw in attacks

Security Affairs

OCTOBER 6, 2020

An attacker could also exploit the flaw to disable security features in the Netlogon authentication process and change a computer’s password on the domain controller’s Active Directory. The only limitation on how to carry out a Zerologon attack is that the attacker must have access to the target network.

Authentication

Authentication Advertising Architecture Cyber Attacks

DoJ announced to have shut down Slilpp marketplace in international operation

Security Affairs

JUNE 11, 2021

The marketplace had been active since 2012, it was allowing sellers to offer stolen login credentials, including usernames and passwords for bank accounts, online payment accounts, mobile phone accounts, retailer accounts, and other online accounts.

Cybercrime

Cybercrime Accountability Retail Cyber threats

Operation Soft Cell – Multiple telco firms hacked by nation-state actor

Security Affairs

JUNE 25, 2019

“Based on the data available to us, Operation Soft Cell has been active since at least 2012, though some evidence suggests even earlier activity by the threat actor against telecommunications providers. Once compromised the networks of telecommunication companies, attackers can access to mobile phone users’ call data records.

Telecommunications

Telecommunications Hacking Advertising Mobile

Passing the Hash with Remote Desktop

Kali Linux

JANUARY 13, 2014

Kali Linux contains a large number of very useful tools that are beneficial to information security professionals. A few months ago, Mark Lowe from the Portcullis Labs published a blog post on research he conducted against Windows 2012 R2 and Windows 8.1 RDP security improvements. What’s the big deal, you say?

Passwords

Passwords Authentication Information Security

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Security Affairs

APRIL 6, 2023

Google experts are tracking ARCHIPELAGO since 2012 and have observed the group targeting individuals with expertise in North Korea policy issues. The fake browser window displays a URL and a login prompt designed to trick recipients into providing their password to a legitimate login page.

Phishing

Phishing Media Passwords Malware

Cybercriminals are Oversharing with Social Media Data Breaches

SiteLock

AUGUST 27, 2021

In each of these cases, the cybercriminals behind the breaches were after usernames and passwords. The most commonly used passwords today are, “password” and “123456,” and it only takes a hacker.29 Each stolen record contained an email address and password. In 2012, LinkedIn was hit with a breach and more than 6.5

Data breaches

Data breaches Media Passwords Accountability

The Dark Web Has Nothing on Data Brokers

Daniel Miessler

FEBRUARY 1, 2020

As far as they’re concerned, if you don’t say the name of your password manager 7 times before bed the Dark Web will haunt your closet. and in 2012 the New York Times said they had the largest commercial database on customers. People talk about it like it’s the Internet Demogorgon.

Advertising

Advertising InfoSec Password Management Education

Technical analysis of China-linked Earth Preta APT’s infection chain

Security Affairs

MARCH 27, 2023

Trend Micro researchers reported that the China-linked Earth Preta group (aka Mustang Panda ) is actively changing its tools, tactics, and procedures (TTPs) to bypass security solutions. The link points to a password-protected archive, the document also includes the password.

Malware

Malware Phishing Passwords Government

Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoor

Security Affairs

JUNE 23, 2022

The Tropic Trooper APT has been active at least since 2012, it was first spotted by security experts at Trend Micro in 2015, when the threat actors targeted government ministries and heavy industries in Taiwan and the military in the Philippines. The attack aims at making the device unusable.

Hacking

Hacking Wireless Encryption Passwords

Naikon APT group uses new Nebulae backdoor in attacks aimed at military orgs

Security Affairs

APRIL 28, 2021

Legitimate software abused by threat actors are: • ARO 2012 Tutorial 8.0.12.0 • VirusScan On-Demand Scan Task Properties (McAfee, Inc.) • Sandboxie COM Services (BITS) 3.55.06 (SANDBOXIE L.T.D) • Outlook Item Finder 11.0.5510 (Microsoft Corporation) • Mobile Popup Application 16.00 (Quick Heal Technologies (P) Ltd.).

Backups

Backups Malware Mobile Passwords

NK-linked InkySquid APT leverages IE exploits in recent attacks

Security Affairs

AUGUST 18, 2021

APT37 has been active since at least 2012, it mainly targeted government, defense, military, and media organizations in South Korea. Harvest cookies and a password database for supported browsers. The watering hole attacks on the Daily NK was conducted from March 2021 until early June 2021. ” reads the post published by Volexity.

Internet

Internet Internet Media Engineering

U.S. CISA Agency warns of possible cyber attacks from Iran

Security Affairs

JANUARY 4, 2020

These efforts are often enabled through common tactics like spear phishing, password spraying, and credential stuffing. ” The advisory urges administrators of the assets to implement basic defenses and immediately reports any information or suspects in ongoing attacks. Want to know more about password spraying and how to stop it?

Cyber Attacks

Cyber Attacks Backups Passwords Advertising

Alleged FruitFly malware creator ruled incompetent to stand trial

Malwarebytes

JANUARY 16, 2024

In 2012, as a senior soon to graduate with a physics degree, he worked on a project with faculty member Robert W. While at CWRU, he was accused of “cracking passwords” on a CWRU network. This ruling has caused some concerns in the information security community. This can take years, however.

Malware

Malware Passwords Identity Theft Data collection

CVE-2019-11707 Firefox Zero-Day exploited to infect employees at cryptocurrency exchanges

Security Affairs

JUNE 20, 2019

” The expert detected the payload as OSX.Netwire (Wirenet ) , a password stealer for Linux and OS X systems that was first detected back in 2012. Thus it seems reasonable to assume we’re all talking about the same Firefox 0day.”

Cryptocurrency

Cryptocurrency Malware Advertising Hacking

Law enforcement agencies can extract data from thousands of cars’ infotainment systems

Security Affairs

DECEMBER 4, 2022

Recently security the security expert researcher Sam Curry warned of vulnerabilities in mobile apps that exposed Hyundai and Genesis car models after 2012 to remote attacks. Law enforcement and intelligence worldwide are buying technologies that exploit weaknesses in vehicle systems.

Surveillance

Surveillance Technology Mobile Hacking

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

Security Affairs

MAY 16, 2023

MustangPanda has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. Past campaigns were focused on Asian countries, including Taiwan, Hong Kong, Mongolia, Tibet, and Myanmar.

Firmware

Firmware Encryption Government Malware

The Platinum APT group adds the Titanium backdoor to its arsenal

Security Affairs

NOVEMBER 9, 2019

In June 2018, experts at Kaspersky were investigating attacks against government and military entities in South and Southeast Asian countries, The experts tracked the campaign as EasternRoppels, they speculate it may have started as far back as 2012. Its new Titanium backdoor attempt to hide at every stage by mimicking common software.

Encryption

Encryption Passwords Malware Software

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

Security Affairs

SEPTEMBER 26, 2024

Based on the data available to us, Operation Soft Cell has been active since at least 2012, though some evidence suggests even earlier activity by the threat actor against telecommunications providers. Once compromised the networks of telecommunication companies, attackers can access to mobile phone users’ call data records.

Internet

Internet Internet DNS Telecommunications

The Fuzzing Files: The Anatomy of a Heartbleed

ForAllSecure

JULY 28, 2020

"You sort of sense that the discovery of flaws in SSL stacks is accelerating,” he said, “and so I was curious about [what] the current state of security was with regards to SSL stacks and I went and took a look.". In 2012, a change was made to OpenSSL-- that change allowed for Heartbleed to exist.

Encryption

Encryption Retail Software Banking

The Fuzzing Files: The Anatomy of a Heartbleed

ForAllSecure

JULY 28, 2020

"You sort of sense that the discovery of flaws in SSL stacks is accelerating,” he said, “and so I was curious about [what] the current state of security was with regards to SSL stacks and I went and took a look.". In 2012, a change was made to OpenSSL-- that change allowed for Heartbleed to exist.

Encryption

Encryption Retail Software Banking

Top Cybersecurity Startups to Watch in 2022

eSecurity Planet

JANUARY 11, 2022

Information security products , services, and professionals have never been in higher demand, making for a world of opportunities for cybersecurity startups. GitGuardian is a developer favorite offering a secrets detection solution that scans source code to detect certificates, passwords, API keys, encryption keys, and more.

Cybersecurity

Cybersecurity Threat Detection Artificial Intelligence Risk

The Fuzzing Files: The Anatomy of a Heartbleed

ForAllSecure

JULY 28, 2020

"You sort of sense that the discovery of flaws in SSL stacks is accelerating,” he said, “and so I was curious about [what] the current state of security was with regards to SSL stacks and I went and took a look.". In 2012, a change was made to OpenSSL-- that change allowed for Heartbleed to exist.

Encryption

Encryption Retail Software Banking

CISSPs from Around the Globe: An Interview with James Wright

CyberSecurity Insiders

SEPTEMBER 8, 2021

The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted.

Computers and Electronics

Computers and Electronics Architecture Education Encryption

How to Track Your Kids (and Other People's Kids) With the TicTocTrack Watch

Troy Hunt

APRIL 15, 2019

Then there was CloudPets leaking kids voices because the "smart" teddy bears that recorded them (yep, that's right) then stored those recordings in a publicly facing database with no password. Certainly not the current gen XS, does that resolution put it back in about the iPhone 5 era from 2012? mSpy leaked data.

Spyware

Spyware Passwords Manufacturing Marketing

The return of TA402 Molerats APT after a short pause

Security Affairs

JUNE 18, 2021

MoleRATs is an Arabic-speaking, politically motivated group of hackers that has been active since 2012, in 2018 monitoring the operation of the group, Kaspersky identified different techniques utilized by very similar attackers in the MENA region.

Government

Government Malware Telecommunications Passwords

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

LimeRAT malware delivered using 8-year-old VelvetSweatshop trick

Trending Sources

Threat actors are offering for sale 550 million stolen user records

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

New Version of Meduza Stealer Released in Dark Web

British Court rejects the US’s request to extradite Julian Assange

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Wikileaks founder Julian Assange is free

Security firm accidentally exposed an unprotected database with 5 Billion previously leaked records

Russian national sentenced to 40 months for selling stolen data on the dark web

New Mustang Panda campaign targets Asia with a backdoor dubbed DOPLUGS

US deported NeverQuest operator Stanislav Vitaliyevich Lisov to Russia

News aggregator Flipboard disclosed a data breach

US DHS CISA warns of Iran-linked hackers using data wipers in cyberattacks

Keepnet Labs accidentally exposed an unprotected database with 5 Billion previously leaked records

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Iran-linked APT is exploiting the Zerologon flaw in attacks

DoJ announced to have shut down Slilpp marketplace in international operation

Operation Soft Cell – Multiple telco firms hacked by nation-state actor

Passing the Hash with Remote Desktop

Analyzing attacks conducted by North Korea-linked ARCHIPELAGO APT group

Cybercriminals are Oversharing with Social Media Data Breaches

The Dark Web Has Nothing on Data Brokers

Technical analysis of China-linked Earth Preta APT’s infection chain

Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoor

Naikon APT group uses new Nebulae backdoor in attacks aimed at military orgs

NK-linked InkySquid APT leverages IE exploits in recent attacks

U.S. CISA Agency warns of possible cyber attacks from Iran

Alleged FruitFly malware creator ruled incompetent to stand trial

CVE-2019-11707 Firefox Zero-Day exploited to infect employees at cryptocurrency exchanges

Law enforcement agencies can extract data from thousands of cars’ infotainment systems

China-linked APT Mustang Panda targets TP-Link routers with a custom firmware implant

The Platinum APT group adds the Titanium backdoor to its arsenal

China-linked APT group Salt Typhoon compromised some U.S. internet service providers (ISPs)

The Fuzzing Files: The Anatomy of a Heartbleed

The Fuzzing Files: The Anatomy of a Heartbleed

Top Cybersecurity Startups to Watch in 2022

The Fuzzing Files: The Anatomy of a Heartbleed

CISSPs from Around the Globe: An Interview with James Wright

How to Track Your Kids (and Other People's Kids) With the TicTocTrack Watch

The return of TA402 Molerats APT after a short pause

Stay Connected