2014 and Architecture - Cyber Security Informer

Feedify cloud service architecture compromised by MageCart crime gang

Security Affairs

SEPTEMBER 16, 2018

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Feedify cloud service architecture compromised by MageCart crime gang appeared first on Security Affairs. Pierluigi Paganini.

Architecture

Architecture Advertising Cybercrime Malware

ENISA publishes a Threat Landscape for 5G Networks

Security Affairs

NOVEMBER 21, 2019

Today’s ENISA 5G Threat landscape complements the Coordinated Risk Assessment with a more technical and more detailed view on the 5G architecture, the assets and the cyber threats for those assets. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Understanding threat exposure. Pierluigi Paganini.

Architecture

Architecture Risk Advertising Telecommunications

Hackers targeted ICS/SCADA systems at water facilities, Israeli government warns

Security Affairs

APRIL 27, 2020

The experts discovered a desolating situation, a number of systems affected by critical vulnerabilities were publicly exposed on the Internet and the overall architecture was including outdated operation technology (OT) systems. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Energy and Utilities

Energy and Utilities Government Cyber Attacks Architecture

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

AMD is going to patch UEFI SMM callout privilege escalation flaw

Security Affairs

JUNE 22, 2020

If this level of access is acquired, an attacker could potentially manipulate the AMD Generic Encapsulated Software Architecture (AGESA) to execute arbitrary code undetected by the operating system.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firmware

Firmware Architecture Advertising Manufacturing

Experts spotted a new Mirai variant that targets new processors

Security Affairs

APRIL 10, 2019

Palo Alto Networks researchers discovered a new variant of the Mirai malware that is targeting more processor architectures than previous ones. Mirai botnet continues to be one of the most dangerous malware in the threat landscape, experts at Palo Alto Networks discovered a new variant that targets more processor architectures than before.

Architecture

Architecture DDOS IoT Internet

6 Top Zero Trust Architecture Benefits and How To Leverage Them

Security Boulevard

OCTOBER 13, 2022

Is your organization considering a Zero Trust Architecture? Zero Trust has become increasingly popular since Google adopted the cybersecurity model in 2014. The post 6 Top Zero Trust Architecture Benefits and How To Leverage Them appeared first on Security Boulevard. You’re not alone.

Architecture

Architecture Cybersecurity

US Government is asking allies to ban Huawei equipment

Security Affairs

NOVEMBER 24, 2018

US Government is inviting its allies to exclude Huawei equipment from critical infrastructure and 5G architectures, reports the Wall Street Journal. The Wall Street Journal reported that the US Government is urging its allies to exclude Huawei from critical infrastructure and 5G architectures. Pierluigi Paganini.

Government

Government Architecture Advertising Internet

New HEH botnet wipes devices potentially bricking them

Security Affairs

OCTOBER 7, 2020

Experts noticed that the malware supports multiple CPU architectures, including x86(32/64), ARM(32/64), MIPS(MIPS32/MIPS-III) and PPC, it is written in the Go open-source programming language. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” concludes the post. Pierluigi Paganini.

Architecture

Architecture IoT Malware Advertising

Maastricht University finally paid a 30 bitcoin ransom to crooks

Security Affairs

FEBRUARY 9, 2020

. “The modus operandi of the group behind this specific attack comes over with a criminal group that already has one has a long history, and goes back to at least 2014,” reads the Fox-IT full report to UM (in Dutch). TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. Pierluigi Paganini.

Ransomware

Ransomware Cyber Attacks Backups Architecture

Aerial Direct, the O2’s largest UK partner suffered a data breach

Security Affairs

MARCH 16, 2020

The company announced that is currently working to further enhance the security of its architecture with the help of “relevant experts” Customers can contact the support website to receive information about the security breach, the company is recommending them to change their passwords.

Data breaches

Data breaches Telecommunications Passwords Advertising

Back in BlackEnergy *: 2014 Targeted Attacks in Ukraine and Poland

We Live Security

SEPTEMBER 22, 2014

State organizations and private businesses from various sectors in Ukraine and Poland have been targeted with new versions of BlackEnergy, a malware that's evolved into a sophisticated threat with a modular architecture.

Architecture

Architecture Malware

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

. “Our analysis of this particular sample indicates the file executes on microprocessor without interlocked pipelined stages (MIPS) architecture. This is an extension understood by machines running reduced instruction set computer (RISC) architecture, which is prevalent on many IoT devices.” ” continues the analysis.

IoT

IoT DDOS Architecture Passwords

CISA warns of phishing attacks delivering KONNI RAT

Security Affairs

AUGUST 17, 2020

The malware has been active since at least 2014, it was undetected for more than 3 years and was used in highly targeted attacks. Government experts warn that macro code could change the font color to trick the victim into enabling content and determine the system architecture. ” reads the CISA’s alert. Pierluigi Paganini.

Phishing

Phishing Malware Advertising Architecture

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

The botnet targets multiple architectures, including arm, bsd, x64, and x86. Gafgyt is a popular choice for launching large-scale DDoS attacks, it first appeared in the threat landscape in 2014. Then the script downloads the actual Enemybot binary which is compiled for the target device’s architecture.

DDOS

DDOS Architecture Malware Cybercrime

Crooks leverage Zoom’s popularity in Coronavirus outbreak to serve malware

Security Affairs

MARCH 30, 2020

Prevent zero-day attacks with a holistic, end to end cyber architecture. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – coronavirus, hacking).

Malware

Malware Advertising Retail Architecture

VMware addressed flaws in its Workstation and Tools

Security Affairs

JUNE 6, 2019

The second issue, tracked as CVE-2019-5525, is a use-after-free bug affecting the Advanced Linux Sound Architecture (ALSA) backend in Workstation 15.x. “VMware Workstation contains a use-after-free vulnerability in the Advanced Linux Sound Architecture (ALSA) backend. ” states the advisory. for Linux. .”

Architecture

Architecture Advertising Software Hacking

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Pierluigi Paganini.

Cybercrime

Cybercrime Security Intelligence Authentication Banking

AMD admits hacker stole source code files related to its GPUs

Security Affairs

MARCH 28, 2020

The hacker claims to have obtained files related to several AMD graphics processing units (GPUs), including the Navi 10 architecture and the upcoming Navi 21, and Arden. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Architecture Hacking Data breaches

Hackers are using Zerologon exploits in attacks in the wild

Security Affairs

SEPTEMBER 24, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Don’t waste time, patch your system now!

Security Intelligence

Security Intelligence Authentication Advertising Passwords

US officials claim Huawei Equipment has secret backdoor for spying

Security Affairs

FEBRUARY 13, 2020

In November 2018, the Wall Street Journal reported that the US Government was urging its allies to exclude Huawei from critical infrastructure and 5G architectures. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Manufacturing

Manufacturing Advertising Surveillance Architecture

Hackers for hire group target organizations via 3ds Max exploit

Security Affairs

AUGUST 26, 2020

2] It has modeling capabilities and a flexible plugin architecture and must be used on the Microsoft Windows platform. 3Ds Max is used by engineering, architecture, gaming, or software organizations. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the security alert.

Architecture

Architecture Malware Advertising Software

Unknown FinSpy Mac and Linux versions found in Egypt

Security Affairs

SEPTEMBER 27, 2020

It extracts the binary for the relevant architecture in /tmp/udev2 and executes it. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Below the infection chain for the FinSpy for Linux, descrived by the researchers.

Spyware

Spyware Surveillance Advertising Mobile

Samba addresses the CVE-2020-1472 Zerologon Vulnerability

Security Affairs

SEPTEMBER 23, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. “An Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Vendors supporting Samba 4.7 Pierluigi Paganini.

Authentication

Authentication Advertising Architecture Passwords

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Security Affairs

MARCH 7, 2020

Like all security architectures, Intel’s had a weakness: the boot ROM, in this case. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. “Unfortunately, no security system is perfect. x, SPS_E3_05.00.04.027.0.

Firmware

Firmware Technology Advertising Authentication

Orange Business Services hit by Nefilim ransomware operators

Security Affairs

JULY 17, 2020

“The leaked documents related to ATR seem to include multiple aircraft architecture designs, email conversations, transfer of responsibility documents, and much more.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Business Services

Business Services Ransomware Mobile Advertising

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 30, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Authentication

Authentication Advertising Architecture Cybercrime

Steelcase office furniture giant hit by Ryuk ransomware attack

Security Affairs

OCTOBER 28, 2020

Steelcase is a US-based furniture company that produces office furniture, architectural and technology products for office environments and the education, health care and retail industries. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. It is the largest office furniture manufacturer in the world.

Ransomware

Ransomware Computers and Electronics Manufacturing Advertising

New SDP 2.0 specification facilitates zero-trust maturity

CSO Magazine

APRIL 26, 2022

Given that the original specification was published in 2014 and we’ve seen industry-wide eagerness to adopt zero trust , this update is timely. SDP ties closely to the pursuit of implementing a zero-trust architecture, and what follows are the key aspects of SDP 2.0

CISO

CISO Architecture Software

Companies paid $4.2M bug bounties for XSS flaws in 2020

Security Affairs

OCTOBER 31, 2020

In the third place there are SSRF (Server Side Request Forgery) flaws, experts pointed out that the advent of cloud architecture and unprotected metadata endpoints has rendered these vulnerabilities increasingly critical. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. million / €33.4 million / ¥273.7

Accountability

Accountability Advertising Architecture Hacking

US CISA warns of Ransomware attacks impacting pipeline operations

Security Affairs

FEBRUARY 18, 2020

CISA alert provided planning and operational mitigation measures, as well as technical and architectural mitigations that should be implemented by organizations in critical infrastructure sectors to avoid similar ransomware attacks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Ransomware

Ransomware Advertising Encryption Architecture

Chinese APT Tropic Trooper target air-gapped military Networks in Asia

Security Affairs

MAY 15, 2020

Since December 2014, the threat actors are using a malware dubbed USBferry in attacks against military/navy agencies, government institutions, military hospitals, and also a national bank. ” The group used “tracert” and “ping” commands to map the target’s network architecture (i.e. Pierluigi Paganini.

Government

Government Malware Advertising Architecture

Kali Linux is now available for Raspberry Pi 4

Security Affairs

JULY 10, 2019

.” Linux Kali distro for the Raspberry Pi 4 also supports an onboard Wi-Fi monitor mode and frame injection support, but it is only available for 32-bit architecture. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Architecture Hacking Information Security

Torii botnet, probably the most sophisticated IoT botnet of ever

Security Affairs

SEPTEMBER 29, 2018

According to experts from Avast, the Torii bot has been active since at least December 2017, it could targets a broad range of architectures, including ARM, MIPS, x86, x64, PowerPC, and SuperH. The Torii IoT botnet stands out for the largest sets of architectures it is able to target. ” reads the analysis published by Avast.

IoT

IoT Architecture Advertising DDOS

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

The MosaicRegressor framework was developed for cyber espionage purposes, its modular architecture allows operators to perform multiple actions. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firmware

Firmware Spyware Surveillance Hacking

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Security Affairs

SEPTEMBER 10, 2020

” According to the experts, the attackers have good knowledge about the internal architecture of the targeted platform. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Malware

Malware Encryption Advertising Passwords

Taiwanese vendor QNAP issues advisory on Zerologon flaw

Security Affairs

OCTOBER 22, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, QNap).

Authentication

Authentication Advertising Architecture Cybercrime

DePriMon downloader uses a never seen installation technique

Security Affairs

NOVEMBER 21, 2019

. “ DePriMon is an unusually advanced downloader whose developers have put extra effort into setting up the architecture and crafting the critical components,” ESET concludes. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – DePriMon, malware).

Malware

Malware Advertising Telecommunications Encryption

Dark Nexus, a new IoT botnet that targets a broad range of devices

Security Affairs

APRIL 8, 2020

“For example, payloads are compiled for 12 different CPU architectures and dynamically delivered based on the victim’s configuration.” The experts discovered at customized payloads for at least 12 different CPU architectures. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

IoT

IoT DDOS Advertising Architecture

New Mirai botnet hides C2 server in the Tor network to prevent takedowns

Security Affairs

AUGUST 1, 2019

. “Looking for related samples and information elsewhere for comparison, other open sources such as VirusTotal yielded a report of the same hash value from the same URL source, which was an open directory also hosting other samples for other device architectures.” ” continues the report.

Architecture

Architecture IoT Malware Advertising

WatchBog cryptomining botnet now uses Pastebin for C2

Security Affairs

SEPTEMBER 13, 2019

Then determines whether it can write to various directories, checks the system architecture, and then makes three attempts to download and install a ‘kerberods’ dropper using wget or curl. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – WatchBog, malware).

Architecture

Architecture Cryptocurrency Malware Advertising

QNodeService Trojan spreads via fake COVID-19 tax relief

Security Affairs

MAY 16, 2020

is dropped depending on the Windows system architecture of the target machine. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. malware file (either “qnodejs-win32-ia32.js” js” or “qnodejs-win32-x64.js”)

Malware

Malware Phishing Advertising Antivirus

Expert found a critical RCE zero-day in TP-Link Wi-Fi Extenders

Security Affairs

JUNE 18, 2019

The extender operates on the MIPS architecture, like many routers, the zero-day flaw can be triggered. TP-Link’s Wi-Fi extenders operate on MIPS architecture and the vulnerability can be triggered by sending a malformed HTTP request. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Architecture

Architecture Advertising Firmware IoT

Iran-linked APT is exploiting the Zerologon flaw in attacks

Security Affairs

OCTOBER 6, 2020

The Netlogon service is an Authentication Mechanism used in the Windows Client Authentication Architecture which verifies logon requests, and it registers, authenticates, and locates Domain Controllers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Authentication

Authentication Advertising Architecture Cyber Attacks

Russian hacker Alexander Zhukov extradited by Bulgaria to US

Security Affairs

JANUARY 20, 2019

The name 3ve is derived from a set of three distinct sub-operations using unique measures to avoid detection, and each of them was built around different architectures with different components. 3ve has been active since at least 2014 and experts observed a peak in its activity in 2017. Pierluigi Paganini.

Advertising

Advertising Architecture Malware Hacking

Feedify cloud service architecture compromised by MageCart crime gang

ENISA publishes a Threat Landscape for 5G Networks

Webinars

Trending Sources

Hackers targeted ICS/SCADA systems at water facilities, Israeli government warns

Webinars

AMD is going to patch UEFI SMM callout privilege escalation flaw

Experts spotted a new Mirai variant that targets new processors

6 Top Zero Trust Architecture Benefits and How To Leverage Them

US Government is asking allies to ban Huawei equipment

New HEH botnet wipes devices potentially bricking them

Maastricht University finally paid a 30 bitcoin ransom to crooks

Aerial Direct, the O2’s largest UK partner suffered a data breach

Back in BlackEnergy *: 2014 Targeted Attacks in Ukraine and Poland

Mozi Botnet is responsible for most of the IoT Traffic

CISA warns of phishing attacks delivering KONNI RAT

Enemybot, a new DDoS botnet appears in the threat landscape

Crooks leverage Zoom’s popularity in Coronavirus outbreak to serve malware

VMware addressed flaws in its Workstation and Tools

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

AMD admits hacker stole source code files related to its GPUs

Hackers are using Zerologon exploits in attacks in the wild

US officials claim Huawei Equipment has secret backdoor for spying

Hackers for hire group target organizations via 3ds Max exploit

Unknown FinSpy Mac and Linux versions found in Egypt

Samba addresses the CVE-2020-1472 Zerologon Vulnerability

CVE-2019-0090 flaw affects Intel Chips released in the last 5 years

Orange Business Services hit by Nefilim ransomware operators

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

Steelcase office furniture giant hit by Ryuk ransomware attack

New SDP 2.0 specification facilitates zero-trust maturity

Companies paid $4.2M bug bounties for XSS flaws in 2020

US CISA warns of Ransomware attacks impacting pipeline operations

Chinese APT Tropic Trooper target air-gapped military Networks in Asia

Kali Linux is now available for Raspberry Pi 4

Torii botnet, probably the most sophisticated IoT botnet of ever

Second-ever UEFI rootkit used in North Korea-themed attacks

CDRThief Linux malware steals VoIP metadata from Linux softswitches

Taiwanese vendor QNAP issues advisory on Zerologon flaw

DePriMon downloader uses a never seen installation technique

Dark Nexus, a new IoT botnet that targets a broad range of devices

New Mirai botnet hides C2 server in the Tor network to prevent takedowns

WatchBog cryptomining botnet now uses Pastebin for C2

QNodeService Trojan spreads via fake COVID-19 tax relief

Expert found a critical RCE zero-day in TP-Link Wi-Fi Extenders

Iran-linked APT is exploiting the Zerologon flaw in attacks

Russian hacker Alexander Zhukov extradited by Bulgaria to US

Stay Connected