Schneier on Security

MARCH 3, 2022

It noticed the hack in 2013, and was able to map it with Equation Group tools published by the Shadow Brokers (aka some Russian group). Pangu Lab in China just published a report of a hacking operation by the Equation Group (aka the NSA).

Hacking 247

Hacking Cybersecurity 247

Krebs on Security

JUNE 22, 2022

Stanx said he was a longtime member of several major forums, including the Russian hacker forum Antichat (since 2005), and the Russian crime forum Exploit (since April 2013). “Something new was required and I decided to leave Omsk and try to live in the States,” Kloster wrote in 2013.

Advertising 308

Advertising Cybercrime System Administration Hacking 308

Schneier on Security

NOVEMBER 11, 2022

Here in 2022, we have a newly declassified 2016 Inspector General report—”Misuse of Sigint Systems”—about a 2013 NSA program that resulted in the unauthorized (that is, illegal) targeting of Americans. Given all we learned from Edward Snowden, this feels like a minor coda.

Surveillance 223

Surveillance 223

Schneier on Security

OCTOBER 11, 2019

This book covers essays from 2013 to 2017. I just published my third collection of essays: We Have Root. The first two are Schneier on Security and Carry On.). External vendor links, including for ebook versions, here.

220

220

Schneier on Security

DECEMBER 21, 2022

“For example, in 2013 they tried to get all the staff at the ministry of defence to replace our iPhones with Russian-made Yoto smartphones. . “That doesn’t pose too much difficulty for the Ukrainian security services.” ” […].

Telecommunications 283

Telecommunications Mobile 283

Security Boulevard

OCTOBER 11, 2024

Several different forces are in play to ensure that the stipulations and security measures outlined in these frameworks […] The post ISO 27001 – 2013 vs 2022: Changes, Transition & More appeared first on Security Boulevard.

Network Security 64

Network Security 64

Schneier on Security

OCTOBER 1, 2022

The bulk of the websites that we discovered were active at various periods between 2004 and 2013. All of these flaws would have facilitated discovery by hostile parties. […]. We do not believe that the CIA has recently used this communications infrastructure.

Internet 321

Internet Internet 321

Krebs on Security

OCTOBER 1, 2019

In December 2013, a Slovenian court sentenced Škorjanc to four years and ten months in prison for creating the malware that powered the ‘ Mariposa ‘ botnet. The “sellers” page on the Darkode cybercrime forum, circa 2013. 5, 2013, federal investigators visited McCormick at his University of Massachusetts dorm room.

Cybercrime 42

Cybercrime Malware Antivirus Banking 42

Schneier on Security

MAY 8, 2019

In 2016, a hacker group calling itself the Shadow Brokers released a trove of 2013 NSA hacking tools and related documents. Most people believe it is a front for the Russian government.

Hacking 237

Hacking Government 237

Schneier on Security

SEPTEMBER 20, 2023

In April, Cybersecurity Ventures reported on extreme cybersecurity job shortage: Global cybersecurity job vacancies grew by 350 percent, from one million openings in 2013 to 3.5 million in 2021, according to Cybersecurity Ventures. The number of unfilled jobs leveled off in 2022, and remains at 3.5

Cybersecurity 322

Cybersecurity CISO Engineering Architecture 322

Schneier on Security

JUNE 29, 2022

Someone hacked the Ecuadorian embassy in Moscow and found a document related to Ecuador’s 2013 efforts to bring Edward Snowden there. If you remember, Snowden was traveling from Hong Kong to somewhere when the US revoked his passport, stranding him in Russia.

Hacking 202

Hacking 202

Schneier on Security

FEBRUARY 24, 2023

We show a similar white-box undetectable backdoor for random ReLU networks based on the hardness of Sparse PCA (Berthet, Rigollet; COLT 2013). We prove this strong guarantee under the hardness of the Continuous Learning With Errors problem (Bruna, Regev, Song, Tang; STOC 2021).

353

353

Schneier on Security

JANUARY 28, 2020

In 2013, we learned from Edward Snowden that the NSA does this worldwide. The article is about geofence warrants , where the police go to companies like Google and ask for information about every device in a particular geographic area at a particular time. Its program is called CO-TRAVELLER.

Surveillance 216

Surveillance Government 216

Adam Levin

SEPTEMBER 4, 2020

Information about the widespread data collection was initially brought to the public’s attention in 2013 by Edward Snowden, a government whistleblower who fled to Russia after exposing evidence of the program. . “I

Surveillance 260

Surveillance Data collection Government Cybersecurity 260

Schneier on Security

MARCH 4, 2021

Here’s the timeline : The timeline basically seems to be, according to Check Point: 2013: NSA’s Equation Group developed a set of exploits including one called EpMe that elevates one’s privileges on a vulnerable Windows system to system-administrator level, granting full control.

System Administration 250

System Administration Government Hacking 250

Krebs on Security

JUNE 7, 2022

Our first swatting, in March 2013, resulted in Fairfax County, Va. . “What starts out virtual can get real all too quickly — and when the web is worldwide, so are the consequences.” ” Our family has been victimized by multiple swatting attacks over the past decade.

Cybercrime 322

Cybercrime Internet Internet Web Fraud 322

Krebs on Security

FEBRUARY 14, 2020

In May 2013, the U.S. Justice Department seized Liberty Reserve , alleging the virtual currency service acted as a $6 billion financial hub for the cybercrime world.

Identity Theft 254

Identity Theft Government Scams Cybercrime 254

Schneier on Security

JUNE 23, 2022

But in 2013, Edward Snowden disclosed that the National Security Agency had subverted the integrity of a NIST cryptographic standard­the Dual_EC_DRBG­enabling easy decryption of supposedly secured communications. government, has emerged as the de facto international source for cryptographic standards.

Government 255

Government Technology 255

Schneier on Security

JUNE 28, 2023

The stalkerware company LetMeSpy has been hacked : TechCrunch reviewed the leaked data, which included years of victims’ call logs and text messages dating back to 2013. The database we reviewed contained current records on at least 13,000 compromised devices, though some of the devices shared little to no data with LetMeSpy.

Hacking 224

Hacking Spyware Accountability Data breaches 224

Krebs on Security

JUNE 10, 2022

In 2019, AFRINIC fired a top employee after it emerged that in 2013 he quietly commandeered millions of IPs from defunct African entities or from those that were long ago acquired by other firms, and then conspired to sell an estimated $50 million worth of the IPs to marketers based outside Africa.

Government 300

Government Marketing Internet Internet 300

Krebs on Security

APRIL 30, 2024

In 2013, investigators going through devices seized from Kivimäki found computer code that had been used to crack more than 60,000 web servers using a previously unknown vulnerability in Adobe’s ColdFusion software. Kivimäki was 15 years old at the time.

DDOS 279

DDOS Cybercrime Hacking Passwords 279

Krebs on Security

APRIL 16, 2024

As it happens, Rescator’s criminal hacking crew was directly responsible for the 2013 breach at Target and the 2014 hack of Home Depot. According to a 2013 report from the Treasury Inspector General’s office, the IRS issued nearly $4 billion in bogus tax refunds in 2012, and more than $5.8 billion in 2013.

Identity Theft 271

Identity Theft Banking Cybercrime Hacking 271

Krebs on Security

NOVEMBER 14, 2024

In December 2023, KrebsOnSecurity revealed the real-life identity of Rescator , the nickname used by a Russian cybercriminal who sold more than 100 million payment cards stolen from Target and Home Depot between 2013 and 2014. “Helkern was my friend, I [set up a] meeting with Golubov and him in 2013,” Shefel said.

Retail 235

Retail Advertising Cryptocurrency Marketing 235

Krebs on Security

JUNE 29, 2023

Kislitsin also was indicted in Nevada in 2013, but the Nevada indictment does not name his alleged victim(s) in that case. ”] Kislitsin was hired by Group-IB in January 2013, nearly six months after the Formspring hack. ”

Cybersecurity 287

Cybersecurity Cybercrime Hacking Technology 287

Krebs on Security

OCTOBER 26, 2021

Indeed, some of history’s largest cyberheists involved point-of-sale malware, including the 2008 breach at Heartland Payment Systems that exposed 100 million payment cards, and the 2013-2014 string of breaches at Target , Home Depot and elsewhere that led to the theft of roughly another 100 million cards.

Technology 72

Technology Retail Computers and Electronics Malware 72

The Last Watchdog

JUNE 21, 2020

The epidemic went truly mainstream with the release of CryptoLocker back in 2013, and it has since transformed into a major dark web economy spawning the likes of Sodinokibi, Ryuk, and Maze lineages that are targeting the enterprise on a huge scale in 2020. FBI spoofs 2012 – 2013. File encryption 2013 – 2015.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

The Hacker News

SEPTEMBER 5, 2024

Created following a 2013 Executive Order, NIST was tasked with designing a voluntary cybersecurity framework that would help organizations manage cyber risk, providing guidance based on established standards and best practices.

Cybersecurity 137

Cybersecurity Cyber Risk Technology Risk 137

Krebs on Security

FEBRUARY 5, 2023

In 2013, Kurittu worked on an investigation involving Kivimäki’s use of the Zbot botnet, among other activities Kivimäki engaged in as a member of the hacker group Hack the Planet (HTP).” The DDoS-for-hire service allegedly operated by Kivimäki in 2012.

Cybercrime 259

Cybercrime DDOS Hacking Accountability 259

Troy Hunt

OCTOBER 15, 2020

We've known about this for years; even back in 2013, rubbish bins in London were tracking people via their MAC addresses so this isn't a new thing. The root cause quickly became evident: MAC addresses are effectively unique identifiers and the appearance of the same one over and over again provides the ability to track devices.

IoT 355

IoT Risk 355

Troy Hunt

MAY 21, 2024

I started Have I Been Pwned (HIBP) in 2013 as a pet project that scratched an itch, so I never really thought of myself as an "employee" Over time, it grew (and I tell you what, nobody is more surprised by that than me!) We often do that in this industry, the whole "1.0" " thing, but it seems apt here.

Passwords 321

Passwords Hacking 321

Krebs on Security

JULY 17, 2019

The above commercial is vaguely reminiscent of the slick ads produced for and promoted by convicted Ukrainian credit card fraudster Vladislav “BadB” Horohorin , who was sentenced in 2013 to serve 88 months in prison for his role in the theft of more than $9 million from RBS Worldpay, an Atlanta-based credit card processor. (In

Cybercrime 204

Cybercrime Advertising Cybersecurity 204

Schneier on Security

JUNE 6, 2023

In 2013 and 2014, I wrote extensively about new revelations regarding NSA surveillance based on the documents provided by Edward Snowden. I wrote the essay below in September 2013. They were leaked in 2013, but most of them were from 2012 or before.) But I had a more personal involvement as well.

Surveillance 344

Surveillance Computers and Electronics Government Encryption 344

Krebs on Security

MARCH 2, 2021

The patches released today fix security problems in Microsoft Exchange Server 2013 , 2016 and 2019. The software giant typically releases security updates on the second Tuesday of each month, but it occasionally deviates from that schedule when addressing active attacks that target newly identified and serious vulnerabilities in its products.

Internet 326

Internet Internet Software Education 326

Krebs on Security

AUGUST 6, 2020

In 2013, KrebsOnSecurity broke the news that the U.S. Also in 2013, KrebsOnSecurity broke the news that ssndob[.]ms In addition, he said, it seems clear that the fraudsters are recycling stolen identities to file phony unemployment insurance claims in multiple states. Dun & Bradstreet , and Kroll Background America Inc.

Accountability 352

Accountability Identity Theft Hacking Insurance 352

Krebs on Security

SEPTEMBER 30, 2024

Islam also pleaded guilty to reporting dozens of phony bomb threats and fake hostage situations at the homes of celebrities and public officials (Islam participated in a swatting attack against this author in 2013 ). Troy Woody Jr. left) and Mir Islam, are currently in prison in the Philippines for murder. In December 2022, Troy Woody Jr.

Cryptocurrency 290

Cryptocurrency Government Internet Internet 290

Krebs on Security

JULY 28, 2022

Launched in 2013, Microleaves is a service that allows customers to route their Internet traffic through PCs in virtually any country or city around the globe. The very first discussion thread started by the new user Microleaves on the forum BlackHatWorld in 2013 sought forum members who could help test and grow the proxy network.

Advertising 249

Advertising Software Computers and Electronics Internet 249

Schneier on Security

MAY 20, 2020

It was the summer of 2013, and I was visiting Glenn Greenwald in Rio de Janeiro. Between you, Poitras, and Greenwald, pretty sure you guys can't stand up to a full-fledged nation-state attempt to exploit your IT. To include not just remote stuff, but hands-on, sneak-into-your-house-at-night kind of stuff. That's my guess.".

Surveillance 246

Surveillance Encryption Government Media 246