article thumbnail

Chinese Hackers Stole an NSA Windows Exploit in 2014

Schneier on Security

Here’s the timeline : The timeline basically seems to be, according to Check Point: 2013: NSA’s Equation Group developed a set of exploits including one called EpMe that elevates one’s privileges on a vulnerable Windows system to system-administrator level, granting full control.

article thumbnail

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

Stanx said he was a longtime member of several major forums, including the Russian hacker forum Antichat (since 2005), and the Russian crime forum Exploit (since April 2013). Kloster says he’s worked in many large companies in Omsk as a system administrator, web developer and photographer.

Insiders

Sign Up for our Newsletter

This site is protected by reCAPTCHA and the Google Privacy Policy and Terms of Service apply.

article thumbnail

Adconion Execs Plead Guilty in Federal Anti-Spam Case

Krebs on Security

In 2019, AFRINIC fired a top employee after it emerged that in 2013 he quietly commandeered millions of IPs from defunct African entities or from those that were long ago acquired by other firms, and then conspired to sell an estimated $50 million worth of the IPs to marketers based outside Africa.

article thumbnail

REvil Ransom Arrest, $6M Seizure, and $10M Reward

Krebs on Security

Prosecutors say Vasinskyi was involved in a number of REvil ransomware attacks, including the July 2021 attack against Kaseya , Miami-based company whose products help system administrators manage large networks remotely. Prosecutors say Vasinskyi also used the monikers “ Yarik45 ,” and “ Yaroslav2468.”

article thumbnail

Thangrycat: A Serious Cisco Vulnerability

Schneier on Security

First commercially introduced in 2013, Cisco Trust Anchor module (TAm) is a proprietary hardware security module used in a wide range of Cisco products, including enterprise routers, switches and firewalls. Many systems don't even have administrative access configured correctly.

article thumbnail

Microsoft Patch Tuesday, February 2022 Edition

Krebs on Security

Among those is CVE-2022-22005 , a weakness in Microsoft’s Sharepoint Server versions 2013-2019 that could be exploited by any authenticated user. The change will also be enabled for all currently supported standalone versions of Office, including versions 2021, 2019, 2016, and 2013.

article thumbnail

How Did Authorities Identify the Alleged Lockbit Boss?

Krebs on Security

2011 said he was a system administrator and C++ coder. ” In April 2013, NeroWolfe wrote in a private message to another Verified forum user that he was selling a malware “loader” program that could bypass all of the security protections on Windows XP and Windows 7. “P.S. . “P.S.