Bleeping Computer

JUNE 16, 2023

Polish police officers part of the country's Central Cybercrime Bureau detained two suspects believed to have been involved in the operation of a long-running DDoS-for-hire service (aka booter or stresser) active since at least 2013. [.]

DDOS 116

DDOS Cybercrime 116

DoublePulsar

DECEMBER 22, 2023

I’ve discovered two organisations with ransomware incidents, where the entry point appears to have been Exchange Server 2013 with Outlook Web Access enabled, where all available security updates were applied. It was introduced in Exchange Server 2013. Obviously, almost nobody replied. Including Microsoft. I’d like to add some context.

Ransomware 90

Ransomware Internet Internet Software 90

Krebs on Security

DECEMBER 4, 2024

In December 2023, KrebsOnSecurity identified Lenin as “ Rescator ,” the nickname used by the cybercriminal responsible for selling more than 100 million payment cards stolen from customers of Target and Home Depot in 2013 and 2014.

Cybercrime 235

Cybercrime Ransomware Cryptocurrency Government 235

Schneier on Security

JANUARY 17, 2023

I wrote about it for the Guardian in 2013, an essay that reads so dated in light of what we’ve learned since then.) Without the FBI deploying some form of surveillance technique, or Al-Azhari using another method to visit the site which exposed their IP address, this should not have been possible.

Surveillance 363

Surveillance Media Hacking 363

Schneier on Security

NOVEMBER 11, 2022

Here in 2022, we have a newly declassified 2016 Inspector General report—”Misuse of Sigint Systems”—about a 2013 NSA program that resulted in the unauthorized (that is, illegal) targeting of Americans. Given all we learned from Edward Snowden, this feels like a minor coda.

Surveillance 240

Surveillance 240

Schneier on Security

MARCH 3, 2022

It noticed the hack in 2013, and was able to map it with Equation Group tools published by the Shadow Brokers (aka some Russian group). Pangu Lab in China just published a report of a hacking operation by the Equation Group (aka the NSA).

Hacking 249

Hacking Cybersecurity 249

Krebs on Security

JUNE 22, 2022

Stanx said he was a longtime member of several major forums, including the Russian hacker forum Antichat (since 2005), and the Russian crime forum Exploit (since April 2013). “Something new was required and I decided to leave Omsk and try to live in the States,” Kloster wrote in 2013.

Advertising 320

Advertising Cybercrime System Administration Hacking 320

Schneier on Security

OCTOBER 11, 2019

This book covers essays from 2013 to 2017. I just published my third collection of essays: We Have Root. The first two are Schneier on Security and Carry On.). External vendor links, including for ebook versions, here.

237

237

Krebs on Security

OCTOBER 1, 2019

In December 2013, a Slovenian court sentenced Škorjanc to four years and ten months in prison for creating the malware that powered the ‘ Mariposa ‘ botnet. The “sellers” page on the Darkode cybercrime forum, circa 2013. 5, 2013, federal investigators visited McCormick at his University of Massachusetts dorm room.

Cybercrime 45

Cybercrime Malware Antivirus Banking 45

Schneier on Security

JUNE 29, 2022

Someone hacked the Ecuadorian embassy in Moscow and found a document related to Ecuador’s 2013 efforts to bring Edward Snowden there. If you remember, Snowden was traveling from Hong Kong to somewhere when the US revoked his passport, stranding him in Russia.

Hacking 226

Hacking 226

Schneier on Security

MAY 8, 2019

In 2016, a hacker group calling itself the Shadow Brokers released a trove of 2013 NSA hacking tools and related documents. Most people believe it is a front for the Russian government.

Hacking 256

Hacking Government 256

Schneier on Security

DECEMBER 21, 2022

“For example, in 2013 they tried to get all the staff at the ministry of defence to replace our iPhones with Russian-made Yoto smartphones. . “That doesn’t pose too much difficulty for the Ukrainian security services.” ” […].

Telecommunications 291

Telecommunications Mobile 291

Schneier on Security

SEPTEMBER 20, 2023

In April, Cybersecurity Ventures reported on extreme cybersecurity job shortage: Global cybersecurity job vacancies grew by 350 percent, from one million openings in 2013 to 3.5 million in 2021, according to Cybersecurity Ventures. The number of unfilled jobs leveled off in 2022, and remains at 3.5

Cybersecurity 327

Cybersecurity Engineering CISO Architecture 327

Schneier on Security

JANUARY 28, 2020

In 2013, we learned from Edward Snowden that the NSA does this worldwide. The article is about geofence warrants , where the police go to companies like Google and ask for information about every device in a particular geographic area at a particular time. Its program is called CO-TRAVELLER.

Surveillance 221

Surveillance Government 221

Schneier on Security

JUNE 28, 2023

The stalkerware company LetMeSpy has been hacked : TechCrunch reviewed the leaked data, which included years of victims’ call logs and text messages dating back to 2013. The database we reviewed contained current records on at least 13,000 compromised devices, though some of the devices shared little to no data with LetMeSpy.

Hacking 243

Hacking Spyware Accountability Data breaches 243

Krebs on Security

APRIL 30, 2024

In 2013, investigators going through devices seized from Kivimäki found computer code that had been used to crack more than 60,000 web servers using a previously unknown vulnerability in Adobe’s ColdFusion software. Kivimäki was 15 years old at the time.

DDOS 304

DDOS Cybercrime Hacking Passwords 304

Krebs on Security

JUNE 10, 2022

In 2019, AFRINIC fired a top employee after it emerged that in 2013 he quietly commandeered millions of IPs from defunct African entities or from those that were long ago acquired by other firms, and then conspired to sell an estimated $50 million worth of the IPs to marketers based outside Africa.

Government 324

Government Internet Internet Marketing 324

Krebs on Security

FEBRUARY 14, 2020

In May 2013, the U.S. Justice Department seized Liberty Reserve , alleging the virtual currency service acted as a $6 billion financial hub for the cybercrime world.

Identity Theft 270

Identity Theft Government Scams Cybercrime 270

Schneier on Security

MARCH 4, 2021

Here’s the timeline : The timeline basically seems to be, according to Check Point: 2013: NSA’s Equation Group developed a set of exploits including one called EpMe that elevates one’s privileges on a vulnerable Windows system to system-administrator level, granting full control.

System Administration 252

System Administration Government Hacking 252

Adam Levin

SEPTEMBER 4, 2020

Information about the widespread data collection was initially brought to the public’s attention in 2013 by Edward Snowden, a government whistleblower who fled to Russia after exposing evidence of the program. . “I

Surveillance 260

Surveillance Data collection Government Cybersecurity 260

Schneier on Security

FEBRUARY 24, 2023

We show a similar white-box undetectable backdoor for random ReLU networks based on the hardness of Sparse PCA (Berthet, Rigollet; COLT 2013). We prove this strong guarantee under the hardness of the Continuous Learning With Errors problem (Bruna, Regev, Song, Tang; STOC 2021).

345

345

Schneier on Security

JUNE 23, 2022

But in 2013, Edward Snowden disclosed that the National Security Agency had subverted the integrity of a NIST cryptographic standard­the Dual_EC_DRBG­enabling easy decryption of supposedly secured communications. government, has emerged as the de facto international source for cryptographic standards.

Government 254

Government Technology 254

Krebs on Security

JUNE 29, 2023

Kislitsin also was indicted in Nevada in 2013, but the Nevada indictment does not name his alleged victim(s) in that case. ”] Kislitsin was hired by Group-IB in January 2013, nearly six months after the Formspring hack. ”

Cybersecurity 301

Cybersecurity Cybercrime Hacking Government 301

Krebs on Security

APRIL 16, 2024

As it happens, Rescator’s criminal hacking crew was directly responsible for the 2013 breach at Target and the 2014 hack of Home Depot. According to a 2013 report from the Treasury Inspector General’s office, the IRS issued nearly $4 billion in bogus tax refunds in 2012, and more than $5.8 billion in 2013.

Identity Theft 295

Identity Theft Banking Cybercrime Hacking 295

Krebs on Security

OCTOBER 26, 2021

Indeed, some of history’s largest cyberheists involved point-of-sale malware, including the 2008 breach at Heartland Payment Systems that exposed 100 million payment cards, and the 2013-2014 string of breaches at Target , Home Depot and elsewhere that led to the theft of roughly another 100 million cards.

Technology 72

Technology Retail Computers and Electronics Malware 72

The Last Watchdog

JUNE 21, 2020

The epidemic went truly mainstream with the release of CryptoLocker back in 2013, and it has since transformed into a major dark web economy spawning the likes of Sodinokibi, Ryuk, and Maze lineages that are targeting the enterprise on a huge scale in 2020. FBI spoofs 2012 – 2013. File encryption 2013 – 2015.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

FEBRUARY 10, 2025

Active since at least 2013 , XE Group is a cybercriminal group focused on credit card skimming and password theft via supply chain attacks. The cybercrime group XE Group exploited a VeraCore zero-day to deploy reverse shells, web shells in recent attacks. ” reads the analysis published by Intezer.

Manufacturing 107

Manufacturing Cybercrime Passwords Authentication 107

Krebs on Security

FEBRUARY 5, 2023

In 2013, Kurittu worked on an investigation involving Kivimäki’s use of the Zbot botnet, among other activities Kivimäki engaged in as a member of the hacker group Hack the Planet (HTP).” The DDoS-for-hire service allegedly operated by Kivimäki in 2012.

Cybercrime 277

Cybercrime DDOS Hacking Accountability 277

Security Affairs

FEBRUARY 19, 2025

Introduced in December 2014 (OpenSSH 6.8p1), this flaw remained active, with FreeBSD enabling VerifyHostKeyDNS by default from 2013 to 2023, increasing exposure. The OpenSSH client vulnerability (CVE-2025-26465) allows an attack to succeed regardless of the VerifyHostKeyDNS setting, without user interaction or reliance on SSHFP DNS records.

Authentication 119

Authentication System Administration DNS Hacking 119

Krebs on Security

DECEMBER 10, 2018

A fund for the New York City Council campaign of Zead Ramadan (D) forked over $85 to Web Listings in 2013. Also in 2013, the Committee to Elect Judge Victor Heutsche (D) paid $85 to keep his Web site in good standing with Web Listings. The campaign to elect Ben Chafin as a Republican delegate in Virginia in 2013 also paid out. .

Internet 246

Internet Internet Scams Engineering 246

Krebs on Security

JULY 17, 2019

The above commercial is vaguely reminiscent of the slick ads produced for and promoted by convicted Ukrainian credit card fraudster Vladislav “BadB” Horohorin , who was sentenced in 2013 to serve 88 months in prison for his role in the theft of more than $9 million from RBS Worldpay, an Atlanta-based credit card processor. (In

Cybercrime 218

Cybercrime Advertising Cybersecurity 218

Troy Hunt

MAY 21, 2024

I started Have I Been Pwned (HIBP) in 2013 as a pet project that scratched an itch, so I never really thought of myself as an "employee" Over time, it grew (and I tell you what, nobody is more surprised by that than me!) We often do that in this industry, the whole "1.0" " thing, but it seems apt here.

Passwords 339

Passwords Hacking 339

Krebs on Security

JULY 28, 2022

Launched in 2013, Microleaves is a service that allows customers to route their Internet traffic through PCs in virtually any country or city around the globe. The very first discussion thread started by the new user Microleaves on the forum BlackHatWorld in 2013 sought forum members who could help test and grow the proxy network.

Advertising 274

Advertising Software Computers and Electronics Internet 274

Krebs on Security

OCTOBER 17, 2023

By 2013, a number of Micfo’s customers had landed on the radar of Spamhaus , a group that many network operators rely upon to stem the tide of junk email.

Internet 346

Internet Internet VPN Marketing 346

Krebs on Security

MARCH 2, 2021

The patches released today fix security problems in Microsoft Exchange Server 2013 , 2016 and 2019. The software giant typically releases security updates on the second Tuesday of each month, but it occasionally deviates from that schedule when addressing active attacks that target newly identified and serious vulnerabilities in its products.

Internet 345

Internet Internet Software Education 345

Troy Hunt

OCTOBER 15, 2020

We've known about this for years; even back in 2013, rubbish bins in London were tracking people via their MAC addresses so this isn't a new thing. The root cause quickly became evident: MAC addresses are effectively unique identifiers and the appearance of the same one over and over again provides the ability to track devices.

IoT 362

IoT Risk 362

Krebs on Security

AUGUST 6, 2020

In 2013, KrebsOnSecurity broke the news that the U.S. Also in 2013, KrebsOnSecurity broke the news that ssndob[.]ms In addition, he said, it seems clear that the fraudsters are recycling stolen identities to file phony unemployment insurance claims in multiple states. Dun & Bradstreet , and Kroll Background America Inc.

Accountability 363

Accountability Identity Theft Hacking Insurance 363