The Last Watchdog

JUNE 21, 2020

The Archiveus Trojan from 2006 was the first one to use RSA cipher, but it was reminiscent of a proof of concept and used a static 30-digit decryption password that was shortly cracked. FBI spoofs 2012 – 2013. It surfaced in November 2012 and was making thousands of victims a day. None of these early threats went pro.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

FEBRUARY 21, 2024

Mustang Panda has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. Past campaigns were focused on Asian countries, including Taiwan, Hong Kong, Mongolia, Tibet, and Myanmar.

Malware 144

Malware Phishing Government Passwords 144

Security Affairs

AUGUST 16, 2024

The marketplace had been active since 2012, it was allowing sellers to offer stolen login credentials, including usernames and passwords for bank accounts, online payment accounts, mobile phone accounts, retailer accounts, and other online accounts.

Banking 133

Banking Accountability Retail Mobile 133

Security Affairs

MARCH 22, 2020

The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to a UK security firm that contained 5 billion records of data leaked in previous incidents that took place between 2012 and 2019. ” wrote Security Discovery’s researcher Bob Diachenko.

Data breaches 111

Data breaches Advertising DNS Engineering 111

Security Affairs

JUNE 21, 2020

The banking trojan is able to record keystrokes, to steal passwords stored on the PC, and take screenshots and videos from the victims’ machine. Lisov operated the infrastructure behind the NeverQuest malware between June 2012 and January 2015, he managed a network of servers containing lists of millions of stolen login credentials.

Banking 138

Banking Malware Advertising Hacking 138

Security Affairs

MAY 29, 2019

Stolen records include names, usernames , password hashes, email addresses, and for some users digital tokens used to access Flipboard through third-party services. At the time it is not clear the extent of the breach, anyway, the company forced a password reset for all its users. ” continues the security notice.

Data breaches 102

Data breaches Accountability Passwords Advertising 102

Security Affairs

JUNE 24, 2019

US DHS CISA agency warns of increased cyber-activity from Iran aimed at spreading data-wiping malware through password spraying , credential stuffing , and spear-phishing. Want to know more about password spraying and how to stop it? The attacks are targeting U.S. link] [link] — Chris Krebs (@CISAKrebs) June 22, 2019. .

Backups 110

Backups Advertising Passwords Accountability 110

Security Affairs

MARCH 22, 2020

The expert Bob Diachenko has discovered an unsecured Elasticsearch install belonging to the security firm Keepnet Labs that contained 5 billion records of data leaked in previous incidents that took place between 2012 and 2019. ” wrote Security Discovery’s researcher Bob Diachenko.

Data breaches 93

Data breaches Advertising DNS Engineering 93

Security Affairs

JUNE 11, 2021

The marketplace had been active since 2012, it was allowing sellers to offer stolen login credentials, including usernames and passwords for bank accounts, online payment accounts, mobile phone accounts, retailer accounts, and other online accounts.

Cybercrime 129

Cybercrime Accountability Retail Cyber threats 129

Malwarebytes

JANUARY 16, 2024

In 2012, as a senior soon to graduate with a physics degree, he worked on a project with faculty member Robert W. While at CWRU, he was accused of “cracking passwords” on a CWRU network. This ruling has caused some concerns in the information security community. This can take years, however.

Malware 127

Malware Passwords Identity Theft Data collection 127

Security Affairs

OCTOBER 6, 2020

An attacker could also exploit the flaw to disable security features in the Netlogon authentication process and change a computer’s password on the domain controller’s Active Directory. The only limitation on how to carry out a Zerologon attack is that the attacker must have access to the target network.

Authentication 142

Authentication Advertising Architecture Cyber Attacks 142

Security Affairs

JUNE 25, 2019

“Based on the data available to us, Operation Soft Cell has been active since at least 2012, though some evidence suggests even earlier activity by the threat actor against telecommunications providers. Once compromised the networks of telecommunication companies, attackers can access to mobile phone users’ call data records.

Telecommunications 109

Telecommunications Hacking Advertising Mobile 109

Kali Linux

JANUARY 13, 2014

Kali Linux contains a large number of very useful tools that are beneficial to information security professionals. A few months ago, Mark Lowe from the Portcullis Labs published a blog post on research he conducted against Windows 2012 R2 and Windows 8.1 RDP security improvements. What’s the big deal, you say?

Passwords 52

Passwords Authentication Information Security 52

Security Affairs

JUNE 23, 2022

The Tropic Trooper APT has been active at least since 2012, it was first spotted by security experts at Trend Micro in 2015, when the threat actors targeted government ministries and heavy industries in Taiwan and the military in the Philippines. The attack aims at making the device unusable.

Hacking 132

Hacking Wireless Encryption Passwords 132

Security Affairs

APRIL 6, 2023

Google experts are tracking ARCHIPELAGO since 2012 and have observed the group targeting individuals with expertise in North Korea policy issues. The fake browser window displays a URL and a login prompt designed to trick recipients into providing their password to a legitimate login page.

Phishing 98

Phishing Media Passwords Malware 98

Security Affairs

AUGUST 18, 2021

APT37 has been active since at least 2012, it mainly targeted government, defense, military, and media organizations in South Korea. Harvest cookies and a password database for supported browsers. The watering hole attacks on the Daily NK was conducted from March 2021 until early June 2021. ” reads the post published by Volexity.

Internet 128

Internet Internet Media Engineering 128

SiteLock

AUGUST 27, 2021

In each of these cases, the cybercriminals behind the breaches were after usernames and passwords. The most commonly used passwords today are, “password” and “123456,” and it only takes a hacker.29 Each stolen record contained an email address and password. In 2012, LinkedIn was hit with a breach and more than 6.5

Data breaches 52

Data breaches Media Passwords Accountability 52

Security Affairs

APRIL 28, 2021

Legitimate software abused by threat actors are: • ARO 2012 Tutorial 8.0.12.0 • VirusScan On-Demand Scan Task Properties (McAfee, Inc.) • Sandboxie COM Services (BITS) 3.55.06 (SANDBOXIE L.T.D) • Outlook Item Finder 11.0.5510 (Microsoft Corporation) • Mobile Popup Application 16.00 (Quick Heal Technologies (P) Ltd.).

Backups 108

Backups Malware Mobile Passwords 108

Daniel Miessler

FEBRUARY 1, 2020

As far as they’re concerned, if you don’t say the name of your password manager 7 times before bed the Dark Web will haunt your closet. and in 2012 the New York Times said they had the largest commercial database on customers. People talk about it like it’s the Internet Demogorgon.

Advertising 103

Advertising InfoSec Password Management Education 103

Security Affairs

MARCH 27, 2023

Trend Micro researchers reported that the China-linked Earth Preta group (aka Mustang Panda ) is actively changing its tools, tactics, and procedures (TTPs) to bypass security solutions. The link points to a password-protected archive, the document also includes the password.

Malware 98

Malware Phishing Passwords Government 98

Security Affairs

JANUARY 4, 2020

These efforts are often enabled through common tactics like spear phishing, password spraying, and credential stuffing. ” The advisory urges administrators of the assets to implement basic defenses and immediately reports any information or suspects in ongoing attacks. Want to know more about password spraying and how to stop it?

Cyber Attacks 98

Cyber Attacks Backups Passwords Advertising 98

Security Affairs

DECEMBER 4, 2022

Recently security the security expert researcher Sam Curry warned of vulnerabilities in mobile apps that exposed Hyundai and Genesis car models after 2012 to remote attacks. Law enforcement and intelligence worldwide are buying technologies that exploit weaknesses in vehicle systems.

Surveillance 116

Surveillance Technology Mobile Hacking 116

Security Affairs

JUNE 20, 2019

” The expert detected the payload as OSX.Netwire (Wirenet ) , a password stealer for Linux and OS X systems that was first detected back in 2012. Thus it seems reasonable to assume we’re all talking about the same Firefox 0day.”

Cryptocurrency 107

Cryptocurrency Malware Advertising Hacking 107

Security Affairs

MAY 16, 2023

MustangPanda has been active since at least 2012, it targeted American and European entities such as government organizations, think tanks, NGOs , and even Catholic organizations at the Vatican. Past campaigns were focused on Asian countries, including Taiwan, Hong Kong, Mongolia, Tibet, and Myanmar.

Firmware 98

Firmware Encryption Government Malware 98

Security Affairs

SEPTEMBER 26, 2024

Based on the data available to us, Operation Soft Cell has been active since at least 2012, though some evidence suggests even earlier activity by the threat actor against telecommunications providers. Once compromised the networks of telecommunication companies, attackers can access to mobile phone users’ call data records.

Internet 136

Internet Internet DNS Telecommunications 136

Security Affairs

NOVEMBER 9, 2019

In June 2018, experts at Kaspersky were investigating attacks against government and military entities in South and Southeast Asian countries, The experts tracked the campaign as EasternRoppels, they speculate it may have started as far back as 2012. Its new Titanium backdoor attempt to hide at every stage by mimicking common software.

Encryption 72

Encryption Passwords Malware Software 72

ForAllSecure

JULY 28, 2020

"You sort of sense that the discovery of flaws in SSL stacks is accelerating,” he said, “and so I was curious about [what] the current state of security was with regards to SSL stacks and I went and took a look.". In 2012, a change was made to OpenSSL-- that change allowed for Heartbleed to exist.

Encryption 52

Encryption Retail Software Banking 52

ForAllSecure

JULY 28, 2020

"You sort of sense that the discovery of flaws in SSL stacks is accelerating,” he said, “and so I was curious about [what] the current state of security was with regards to SSL stacks and I went and took a look.". In 2012, a change was made to OpenSSL-- that change allowed for Heartbleed to exist.

Encryption 52

Encryption Retail Software Banking 52

ForAllSecure

JULY 28, 2020

"You sort of sense that the discovery of flaws in SSL stacks is accelerating,” he said, “and so I was curious about [what] the current state of security was with regards to SSL stacks and I went and took a look.". In 2012, a change was made to OpenSSL-- that change allowed for Heartbleed to exist.

Encryption 52

Encryption Retail Software Banking 52

CyberSecurity Insiders

SEPTEMBER 8, 2021

The Certified Information Systems Security Professional (CISSP) certification is considered to be the gold standard in information security. Those doors lead to many different types of positions and opportunities, thus making the information security community dynamic and multifaceted.

Computers and Electronics 40

Computers and Electronics Architecture Education Encryption 40

Troy Hunt

APRIL 15, 2019

Then there was CloudPets leaking kids voices because the "smart" teddy bears that recorded them (yep, that's right) then stored those recordings in a publicly facing database with no password. Certainly not the current gen XS, does that resolution put it back in about the iPhone 5 era from 2012? mSpy leaked data.

Spyware 279

Spyware Passwords Manufacturing Marketing 279

Krebs on Security

JULY 18, 2023

com , a service that sold access to billions of passwords and other data exposed in countless data breaches. ” PicTrace appears to have been a service that allowed users to glean information about anyone who viewed an image hosted on the platform, such as their Internet address, browser type and version number.

Hacking 200

Hacking Accountability Data breaches Marketing 200

eSecurity Planet

JANUARY 11, 2022

Information security products , services, and professionals have never been in higher demand, making for a world of opportunities for cybersecurity startups. GitGuardian is a developer favorite offering a secrets detection solution that scans source code to detect certificates, passwords, API keys, encryption keys, and more.

Cybersecurity 142

Cybersecurity Threat Detection Artificial Intelligence Risk 142

Security Affairs

JUNE 18, 2021

MoleRATs is an Arabic-speaking, politically motivated group of hackers that has been active since 2012, in 2018 monitoring the operation of the group, Kaspersky identified different techniques utilized by very similar attackers in the MENA region.

Government 108

Government Telecommunications Malware Passwords 108