2013, Hacking and Information Security - Cyber Security Informer

Hacking Kia cars made after 2013 using just their license plate

Security Affairs

SEPTEMBER 26, 2024

Researchers discovered critical flaws in Kia’s dealer portal that could allow to hack Kia cars made after 2013 using just their license plate. The token allowed them to access backend dealer APIs, then they successfully extracted sensitive information like the vehicle owner’s name, email, phone number, and other details.

Hacking

Hacking Accountability Mobile Internet

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The epidemic went truly mainstream with the release of CryptoLocker back in 2013, and it has since transformed into a major dark web economy spawning the likes of Sodinokibi, Ryuk, and Maze lineages that are targeting the enterprise on a huge scale in 2020. FBI spoofs 2012 – 2013. File encryption 2013 – 2015.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. Authorities in the United States, Germany, the Netherlands and the U.K.

Advertising

Advertising Cybercrime System Administration Hacking

PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack

Security Affairs

JULY 23, 2020

depending on the Windows version), SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 , SharePoint Server 2010 Service Pack 2, SharePoint Server 2019, Visual Studio 2017 version 15.9, SecurityAffairs – hacking, CVE-2020-1147). The CVE-2020-1147 vulnerability impacts.NET Core 2.1,NET NET Framework 2.0

Hacking

Hacking Advertising Software Information Security

Pakistani man sentenced to 12 years of prison for his role in AT&T hacking scheme

Security Affairs

SEPTEMBER 19, 2021

A Pakistani national has been sentenced to 12 years of prison in the US for his role in a hacking scheme against the telecom giant AT&T. “Later in the conspiracy, Fahd had the bribed employees install custom malware and hacking tools that allowed him to unlock phones remotely from Pakistan. ” Pierluigi Paganini.

Hacking

Hacking Malware Cybercrime Information Security

North Korean APT group Kimsuky allegedly hacked South Korea’s atomic research agency KAERI

Security Affairs

JUNE 19, 2021

Currently, the Atomic Energy Research Institute is investigating the subject of the hacking and the amount of damage, etc. ? North Korea-linked cyber espionage group Kimsuky (aka Black Banshee, Thallium , Velvet Chollima) was first spotted by Kaspersky researcher in 2013. SecurityAffairs – hacking, North Korea).

Hacking

Hacking VPN Internet Internet

New Leak Shows Business Side of China’s APT Menace

Krebs on Security

FEBRUARY 22, 2024

A new data leak that appears to have come from one of China’s top private cybersecurity firms provides a rare glimpse into the commercial side of China’s many state-sponsored hacking groups. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government

Government Hacking Cyber threats Mobile

Ticketmaster will pay $10 Million fine over hacking a competitor

Security Affairs

JANUARY 2, 2021

Ticketmaster agreed to pay a $10 million fine for hacking into the computer system of the startup rival CrowdSurge. The intrusions into the competitor’s systems took place repeatedly between 2013 and 2015. The intrusions into the competitor’s systems took place repeatedly between 2013 and 2015. Pierluigi Paganini.

Hacking

Hacking Passwords Accountability Cybercrime

Russians charged with hacking Mt. Gox exchange and operating BTC-e

Security Affairs

JUNE 9, 2023

Two Russian nationals have been charged with the hack of the cryptocurrency exchange Mt. Russian nationals Alexey Bilyuchenko (43) and Aleksandr Verner (29) have been charged with the hack of the cryptocurrency exchange Mt. Gox ) The post Russians charged with hacking Mt. Gox ) The post Russians charged with hacking Mt.

Hacking

Hacking Cryptocurrency Advertising Banking

Notorious Finnish Hacker sentenced to more than six years in prison

Security Affairs

APRIL 30, 2024

Finnish hacker was sentenced to more than six years in prison for hacking into an online psychotherapy clinic and attempted extortion. Threat actors hacked the clinic and stole a database containing information of some 33,000 clients. Kivimäki was deported to Finland and his trial concluded in March 2024.

Hacking

Hacking Cybercrime Data breaches Information Security

Alleged Extortioner of Psychotherapy Patients Faces Trial

Krebs on Security

NOVEMBER 16, 2023

Security experts soon discovered Ransom Man had mistakenly included an entire copy of their home folder, where investigators found many clues pointing to Kivimäki’s involvement. By that time, Kivimäki was no longer in Finland, but the Finnish government nevertheless charged Kivimäki in absentia with the Vastaamo hack.

Cybercrime

Cybercrime Hacking Data breaches Banking

Snowden Ten Years Later

Schneier on Security

JUNE 6, 2023

In 2013 and 2014, I wrote extensively about new revelations regarding NSA surveillance based on the documents provided by Edward Snowden. I wrote the essay below in September 2013. I started doubting my own security procedures. Reading about the NSA’s hacking abilities will do that to you. Probably not.

Surveillance

Surveillance Computers and Electronics Government Encryption

CIRWA Project tracks ransomware attacks on critical infrastructure

Security Affairs

SEPTEMBER 14, 2020

The project was launched in September 2019 and as of August 2020, the experts collected 680 records of ransomware attacks that took place since November 2013. These are based on publicly disclosed incidents in the media or security reports.” SecurityAffairs – hacking, ransomware). ” reads the project description.

Ransomware

Ransomware Advertising Data collection Healthcare

US offers $2.5M reward for Belarusian man involved in mass malware distribution

Security Affairs

AUGUST 28, 2024

The indictment alleges that from 2013 to 2022, Kadariya played a key role in distributing the Angler Exploit Kit, which was used to spread various malware, including ransomware, through malvertising and other methods. Kadariya has been indicted for distributing the Angler Exploit Kit and other malware to millions of victims.

Malware

Malware Computers and Electronics Cybercrime Internet

Google expert detailed a 5-Year-Old flaw in Apple Safari exploited in the wild

Security Affairs

JUNE 20, 2022

The vulnerability, tracked as CVE-2022-22620 , was fixed for the first time in 2013, but in 2016 experts discovered a way to bypass the fix. CVE-2022-22620 was initially fixed in 2013, reintroduced in 2016, and then disclosed as exploited in-the-wild in 2022.” SecurityAffairs – hacking, Apple Safari). Pierluigi Paganini.

Hacking

Hacking Software Cybersecurity Data breaches

North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence

Security Affairs

OCTOBER 1, 2024

“Researchers from Mandiant, a Google subsidiary, uncovered and analyzed a cyberattack by the North Korean hacking group Kimsuky targeting Diehl Defence.” A spokesperson for Germany’s Federal Office for Information Security (BSI) confirmed that Kimsuky (aka APT43 ) is conducting a broader cyber campaign targeting Germany.

Manufacturing

Manufacturing Hacking Cyber Attacks Malware

Crooks used rare Steganography technique to hack fully patched websites in Latin America

Security Affairs

JULY 28, 2019

This steganography technique is rare, according to the expert it was observed the last time in the wild in 2013 when hackers have hidden the entire webshell backdoor in the header. The post Crooks used rare Steganography technique to hack fully patched websites in Latin America appeared first on Security Affairs.

Hacking

Hacking Advertising Information Security

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

Security Affairs

APRIL 23, 2020

A security expert uncovered an old APT operation, tracked Nazar, by analyzing the NSA hacking tools included in the dump leaked by Shadow Brokers in 2017. The analysis of the submissions times in VirusTotal for the artifacts employed in the Nazar campaign allowed the expert to date the campaign between 2010 and 2013.

Hacking

Hacking Advertising Malware Engineering

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Security Affairs

FEBRUARY 13, 2020

. “To make sure that your Exchange organization is better protected against the latest threats (for example Emotet, TrickBot or WannaCry to name a few) we recommend disabling SMBv1 if it’s enabled on your Exchange (2013/2016/2019) server.” Please see this KB for more information. ” continues Microsoft.

Authentication

Authentication Malware Advertising Hacking

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

Krebs on Security

SEPTEMBER 24, 2022

Denis Emelyantsev , as the apparent owner of RSOCKS, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. “Thanks to you, we are now developing in the field of information security and anonymity!

Cybercrime

Cybercrime Data breaches Malware Ransomware

Iran-linked Phosphorous APT hacked emails of security conference attendees

Security Affairs

OCTOBER 29, 2020

Iran-linked APT group Phosphorus successfully hacked into the email accounts of multiple high-profile individuals and security conference attendees. “Phosphorus, an Iranian actor, has targeted with this scheme potential attendees of the upcoming Munich Security Conference and the Think 20 (T20) Summit in Saudi Arabia.”

Hacking

Hacking Security Intelligence Advertising Accountability

FBI shuts down the Russian-based hacker platform DEER.IO

Security Affairs

MARCH 26, 2020

was shut down by the FBI today, and its suspected administrator – alleged Russian hacker Kirill Victorovich Firsov – was arrested and charged with crimes related to the hacking of U.S. companies for customers’ personal information.” The Russian man also advertised the platform on other hacking forums.

Cybercrime

Cybercrime Advertising Hacking Accountability

France police arrested Telegram CEO Pavel Durov

Security Affairs

AUGUST 25, 2024

Telegram Messenger is a cloud-based, cross-platform instant messaging service launched in 2013 for iOS and Android. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganin ( SecurityAffairs – hacking, newsletter ) Telegram and the French Interior Ministry have not yet commented on the news.

Media

Media Encryption Hacking Cybercrime

Prestige reservation platform exposes millions of hotel guests

Security Affairs

NOVEMBER 10, 2020

Exposed data, some of which go back to 2013, include sensitive information and credit card details. However, if it did, there would be enormous implications for the privacy, security and financial wellbeing of those exposed.”. SecurityAffairs – hacking, Prestige). ” reads a post published by Website Planet.

Identity Theft

Identity Theft Scams Phishing Malware

A job ad published by the UK’s Ministry of Defence revealed a secret hacking squad

Security Affairs

AUGUST 15, 2021

.” “ MAB5 was described in gushing terms and with incredible detail, even naming the military leader – a Lieutenant Colonel (Lt Col) in the Royal Corps of Signals, who was awarded the MBE in the Queen’s Birthday Honours List 2013 when he was a Major. SecurityAffairs – hacking, cybercrime). Pierluigi Paganini.

Computers and Electronics

Computers and Electronics Hacking Engineering Mobile

NSA Equation Group tool was used by Chinese hackers years before it was leaked online

Security Affairs

FEBRUARY 22, 2021

The Chinese APT group had access to an NSA Equation Group, NSA hacking tool and used it years before it was leaked online by Shadow Brokers group. used a tool dubbed Jian, which is a clone of NSA Equation Group ‘s “EpMe” hacking tool years before it was leaked online by Shadow Brokers hackers.

Hacking

Hacking Malware Software Information Security

Hacker who disrupted Sony gaming gets a 27-months jail sentence

Security Affairs

JULY 4, 2019

The hacker who brought offline with massive DDoS attacks online gaming networks between December 2013 and January 2014 has been sentenced to 27 months in prison. Austin Thompson (23) from Utah hit the principal gamins networks in 2013 and 2014, including Sony Online Entertainment. ” reads the press release published by DoJ.

DDOS

DDOS Computers and Electronics Advertising Internet

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

Security Affairs

JANUARY 31, 2024

It was operating between 2008 and 2013. In 2013, the Motion Picture Association of America (MPAA) shut down the website due to concerns related to copyright infringement. According to German media , one of the two operators was also involved in the operations of the site mega-downloads.net.

Media

Media Cybercrime Advertising Information Security

FBI arrested a Russian citizen suspected to be the mastermind of Deer.io

Security Affairs

MARCH 10, 2020

which is a Shopify-like platform that has been hosting hundreds of online shops used for the sale of hacked accounts and stolen user data. The Russian man also advertised the platform on other hacking forums. platform since October 2013. “The stores were offering for sale a variety hacked and/or compromised U.S.

Accountability

Accountability Advertising Passwords Hacking

Data belonging 44 Million Pakistani mobile users leaked online

Security Affairs

MAY 6, 2020

It seems that the huge trove of data was the result of a data breach that took place in 2017, the oldest entries are dated back as 2013. – Database contains information such as names, addresses, phone numbers, national IDs, and more on over 44,000,000 Pakistanis. – Database apparently got hacked in 2017.

Mobile

Mobile Telecommunications Data breaches Advertising

Journalist Matthew Keys is now charged with an attack on a magazine

Security Affairs

APRIL 29, 2020

Matthew Keys, a former Reuters journalist, who was sentenced to 2 years in prison for hacking attacks on California media is now charged with an attack on a magazine. Keys was accused of providing Anonymous login credentials that allowed the group to deface access and deface the website of the Los Angeles Times in 2013.

Hacking

Hacking Advertising Accountability Media

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

Security Affairs

MAY 26, 2024

UAC-0006 has been active since at least 2013. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Ukraine) The Computer Emergency Response Team of Ukraine (CERT-UA) warned of surge in in cyberattacks linked to the financially-motivated threat actor UAC-0006.

Malware

Malware Banking Accountability Phishing

CISA urges to fix actively exploited Firefox zero-days by March 21

Security Affairs

MARCH 8, 2022

SecurityAffairs – hacking, SIM swapping). The post CISA urges to fix actively exploited Firefox zero-days by March 21 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Authentication

Authentication Hacking Cybersecurity Risk

3 of the Worst Data Breaches in the World That Could Have Been Prevented

Security Affairs

DECEMBER 1, 2022

In 2013, Yahoo suffered one of the worst data breaches in history, exposing over 3 billion user accounts. While no plaintext passwords or financial data was stolen, the hack did expose answers to security questions. Weak passwords are the easiest way hackers can hack into a system. Pierluigi Paganini.

Data breaches

Data breaches Passwords Social Engineering Encryption

Google announced the completion of the acquisition of Mandiant for $5.4 billion

Security Affairs

SEPTEMBER 12, 2022

Mandiant is considered a leading cyber security firm, in 2013 FireEye acquired it, but FireEye separated Mandiant Solutions in 2021 as part of a $1.2 SecurityAffairs – hacking, Google). billion appeared first on Security Affairs. per share in an all-cash transaction valued at approximately $5.4 Pierluigi Paganini.

Cyber threats

Cyber threats Cybersecurity Hacking Technology

Researchers shared technical details of NSA Equation Group’s Bvp47 backdoor

Security Affairs

FEBRUARY 23, 2022

The Bvp47 backdoor was first discovered in 2013 while conducting a forensic investigation into a security breach suffered by a Chinese government organization. In 2016 and 2017, the hacking group The Shadow Brokers l eaked a bunch of data allegedly stolen from the Equation Group, including many hacking tools and exploits.

Encryption

Encryption Hacking Government Engineering

State attorneys general announced a $1.5 million settlement with Neiman Marcus

Security Affairs

JANUARY 9, 2019

million settlement with The Neiman Marcus Group over a 2013 data breach. million settlement with The Neiman Marcus Group LLC over a data breach suffered by the company in 2013 and disclosed earlier 2014. billion in the Q4 2013. Tens of state attorneys general announced a $1.5 Tens of attorneys general announced this week a $1.5

Data breaches

Data breaches Retail Advertising Cybercrime

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Security Affairs

NOVEMBER 5, 2021

This ‘line of work’ is coordinated by the FSB’s 18th Center (Information Security Center) based in Moscow.” The Gamaredon group was first discovered by Symantec and TrendMicro in 2015, but evidence of its activities has been dated back to 2013. SecurityAffairs – hacking, Gamaredon). Pierluigi Paganini.

Government

Government Software Cyber threats Cyber Attacks

Two former NSA Officials appointed by Joe Biden for prominent cyber roles

Security Affairs

APRIL 12, 2021

Inglis retired from NSA in 2014 where he served the US government for 28 years, since 2013 as the agency’s deputy director. President Biden also appointed a former deputy for counterterrorism at the NSA, Jen Easterly, as the chief of the Cybersecurity and Infrastructure Security Agency (CISA) at the Department of Homeland Security.

Government

Government Hacking Cybersecurity Information Security

CERT-UA warns of a phishing campaign targeting government entities

Security Affairs

AUGUST 13, 2024

UAC-0006 has been active since at least 2013. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Security Service of Ukraine) .” concludes the CERT-UA.

Government

Government Phishing Malware Banking

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Security Affairs

APRIL 5, 2022

The Gamaredon group was first discovered by Symantec and TrendMicro in 2015, but evidence of its activities has been dated back to 2013. SecurityAffairs – hacking, Armageddon). The post Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns appeared first on Security Affairs. Pierluigi Paganini.

Phishing

Phishing Government Hacking Malware

Iranian hackers breached Albania’s Institute of Statistics (INSTAT)

Security Affairs

FEBRUARY 2, 2024

The attack did not impact systems employed in the 2013 census. The Record Media reported that the Iran-linked hacking group Homeland Justice claimed responsibility for the attack. The group also claimed to have hacked Air Albania. National Security Council spokesperson Adrienne Watson said. “We NATO , and the U.K.

Cyber Attacks

Cyber Attacks Computers and Electronics Government Hacking

CISA adds Stuxnet bug to its Known Exploited Vulnerabilities Catalog

Security Affairs

SEPTEMBER 17, 2022

CVE-2013-6282 : Linux Kernel – The get_user and put_user API functions of the Linux kernel fail to validate the target address when being used on ARM v6k/v7 platforms. CVE-2013-2596 Linux Kernel – Linux kernel fb_mmap function in drivers/video/fbmem.c SecurityAffairs – hacking, CISA). Pierluigi Paganini.

Hacking

Hacking Cybersecurity Risk Information Security

US authorities behind $1 billion Bitcoin transaction of Silk Road funds

Security Affairs

NOVEMBER 6, 2020

In October 2013, the FBI has shut down the popular black market Silk Road after many years of investigation, the website was hosted in the Tor Network and was seized by US law enforcement. According to FBI, between February of 2011 and July 2013, Silk Road managed $1.2 SecurityAffairs – hacking, Silk Road). million USD. .

Cryptocurrency

Cryptocurrency Advertising Marketing Hacking

Hacking Kia cars made after 2013 using just their license plate

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Trending Sources

Meet the Administrators of the RSOCKS Proxy Botnet

PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack

Pakistani man sentenced to 12 years of prison for his role in AT&T hacking scheme

North Korean APT group Kimsuky allegedly hacked South Korea’s atomic research agency KAERI

New Leak Shows Business Side of China’s APT Menace

Ticketmaster will pay $10 Million fine over hacking a competitor

Russians charged with hacking Mt. Gox exchange and operating BTC-e

Notorious Finnish Hacker sentenced to more than six years in prison

Alleged Extortioner of Psychotherapy Patients Faces Trial

Snowden Ten Years Later

CIRWA Project tracks ransomware attacks on critical infrastructure

US offers $2.5M reward for Belarusian man involved in mass malware distribution

Google expert detailed a 5-Year-Old flaw in Apple Safari exploited in the wild

North Korea-linked APT Kimsuky targeted German defense firm Diehl Defence

Crooks used rare Steganography technique to hack fully patched websites in Latin America

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Accused Russian RSOCKS Botmaster Arrested, Requests Extradition to U.S.

Iran-linked Phosphorous APT hacked emails of security conference attendees

FBI shuts down the Russian-based hacker platform DEER.IO

France police arrested Telegram CEO Pavel Durov

Prestige reservation platform exposes millions of hotel guests

A job ad published by the UK’s Ministry of Defence revealed a secret hacking squad

NSA Equation Group tool was used by Chinese hackers years before it was leaked online

Hacker who disrupted Sony gaming gets a 27-months jail sentence

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

FBI arrested a Russian citizen suspected to be the mastermind of Deer.io

Data belonging 44 Million Pakistani mobile users leaked online

Journalist Matthew Keys is now charged with an attack on a magazine

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

CISA urges to fix actively exploited Firefox zero-days by March 21

3 of the Worst Data Breaches in the World That Could Have Been Prevented

Google announced the completion of the acquisition of Mandiant for $5.4 billion

Researchers shared technical details of NSA Equation Group’s Bvp47 backdoor

State attorneys general announced a $1.5 million settlement with Neiman Marcus

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Two former NSA Officials appointed by Joe Biden for prominent cyber roles

CERT-UA warns of a phishing campaign targeting government entities

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Iranian hackers breached Albania’s Institute of Statistics (INSTAT)

CISA adds Stuxnet bug to its Known Exploited Vulnerabilities Catalog

US authorities behind $1 billion Bitcoin transaction of Silk Road funds

Stay Connected