2014 and Information Security - Cyber Security Informer

The ASA flaw CVE-2014-2120 is being actively exploited in the wild

Security Affairs

DECEMBER 3, 2024

Cisco warns customers that a decade-old ASA vulnerability, tracked as CVE-2014-2120, is being actively exploited in the wild. Cisco warns that the decade-old ASA vulnerability CVE-2014-2120 is being actively exploited in attacks in the wild, and urges customers to review the updated advisory. ” reads the advisory.

Software

Software Hacking Information Security

Mazda Connect flaws allow to hack some Mazda vehicles

Security Affairs

NOVEMBER 9, 2024

The vulnerabilities impact the Mazda Connect Connectivity Master Unit (CMU) system installed in multiple car models, including the Mazda 3 model year 2014-2021. Like in so many cases, these vulnerabilities are caused by insufficient sanitization when handling attacker-supplied input.” ” reads the advisory.

Hacking

Hacking Firmware Software Manufacturing

Millions of Apple Applications Were Vulnerable to CocoaPods Supply Chain Attack

Tech Republic Security

JULY 3, 2024

The vulnerabilities have since been patched, but had quietly persisted since the CocoaPods migration in 2014.

Software

Software Information Security

FBI deleted China-linked PlugX malware from over 4,200 US computers

Security Affairs

JANUARY 14, 2025

The malware was operated by a China-linked threat actor, known as Mustang Panda (aka Twill Typhoon, to steal sensitive information from victim computers. According to court documents, the Chinese government paid Mustang Panda to develop PlugX malware, used since 2014 to target U.S., European, and Asian entities.

Malware

Malware Government Hacking Cybersecurity

The Mask APT is back after 10 years of silence

Security Affairs

DECEMBER 18, 2024

Kaspersky first identified the APT group in 2014, but experts believe the cyber espionage campaign had already been active for over five years. At the time, Kaspersky described it as the most sophisticated APT operation they had seen to date.

Cyber Attacks

Cyber Attacks Hacking Government Malware

OpenSSH bugs allows Man-in-the-Middle and DoS Attacks

Security Affairs

FEBRUARY 19, 2025

Introduced in December 2014 (OpenSSH 6.8p1), this flaw remained active, with FreeBSD enabling VerifyHostKeyDNS by default from 2013 to 2023, increasing exposure. The OpenSSH client vulnerability (CVE-2025-26465) allows an attack to succeed regardless of the VerifyHostKeyDNS setting, without user interaction or reliance on SSHFP DNS records.

Authentication

Authentication System Administration DNS Hacking

University of Utah pays a $457,000 ransom to ransomware gang

Security Affairs

AUGUST 21, 2020

The university notified appropriate law enforcement entities, and the university’s Information Security Office (ISO) investigated and resolved the incident in consultation with an external firm that specializes in responding to ransomware attacks.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Cyber Insurance Insurance Advertising

SANS Institute Email Breach – 28,000 User Records exposed

Security Affairs

AUGUST 12, 2020

On August 6, during a review of email configuration and rules, the staff at the SANS Institute discovered a security breach. 28,000 records of personally identifiable information (PII) have been forwarded to an unknown email address. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Accountability Advertising Information Security

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Security Affairs

NOVEMBER 5, 2021

“They are officers of the ‘Crimean’ FSB and traitors who defected to the enemy during the occupation of the peninsula in 2014. This ‘line of work’ is coordinated by the FSB’s 18th Center (Information Security Center) based in Moscow.” 5 members of the group have been notified of suspicion of treason.”

Government

Government Software Cyber threats Cyber Attacks

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

JANUARY 24, 2023

The plea comes just months after Emelyantsev was extradited from Bulgaria, where he told investigators, “America is looking for me because I have enormous information and they need it.” “Thanks to you, we are now developing in the field of information security and anonymity!,” Kloster’s blog enthused. “We

Cybercrime

Cybercrime Advertising IoT Malware

UberEats data leaked on the dark web

Security Affairs

AUGUST 4, 2020

UberEats is an American online food ordering and delivery platform launched by Uber in 2014. “During our research process, the Cyble Research Team got hold of some informative details related to this leak.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Banking

Banking Data breaches Advertising Mobile

Avaddon ransomware operators have launched their data leak site

Security Affairs

AUGUST 11, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Avaddon ransomware operators have launched their data leak site appeared first on Security Affairs. Let’s wait for new entries on the leak site!

Ransomware

Ransomware Advertising Cybercrime Hacking

Israel announced to have foiled an attempted cyber-attack on defence firms

Security Affairs

AUGUST 13, 2020

’ The Lazarus APT is linked to North Korea, the activity of the Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cyber Attacks

Cyber Attacks Manufacturing Advertising Hacking

HOW OPERATORS USE SANDVINE TO BLOCK INDEPENDENT MEDIA IN EGYPT

Security Affairs

SEPTEMBER 23, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post HOW OPERATORS USE SANDVINE TO BLOCK INDEPENDENT MEDIA IN EGYPT appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – hacking, DPI).

Media

Media Advertising Internet Internet

Hackers stole a six-figure amount from Swiss universities

Security Affairs

OCTOBER 5, 2020

” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Hackers stole a six-figure amount from Swiss universities appeared first on Security Affairs. .” reads the site SwissInfo. Pierluigi Paganini.

Advertising

Advertising Phishing Cybercrime Hacking

REMnux 7, a Linux toolkit for malware analysts released

Security Affairs

JULY 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post REMnux 7, a Linux toolkit for malware analysts released appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – malware analysis, Linux toolkit).

Malware

Malware Advertising Software Engineering

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The CryptoLocker wave went into a decline in June 2014 as a result of the so-called Operation Tovar , an initiative orchestrated by law enforcement agencies from multiple countries. The newsmaking emergence of CTB-Locker in 2014 and the CryptoWall ransomware in 2015 fully demonstrated this multi-pronged shift.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Staples discloses data breach exposing customer order data

Security Affairs

SEPTEMBER 14, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Staples discloses data breach exposing customer order data appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – hacking, Staples).

Data breaches

Data breaches Retail Identity Theft Advertising

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

” The DOJ’s statement doesn’t mention that RSOCKS has been in operation since 2014, when access to the web store for the botnet was first advertised on multiple Russian-language cybercrime forums. “Thanks to you, we are now developing in the field of information security and anonymity!,”

Advertising

Advertising Cybercrime System Administration Hacking

A powerful DDoS attack hit Hungarian banks and telecoms services

Security Affairs

SEPTEMBER 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post A powerful DDoS attack hit Hungarian banks and telecoms services appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – hacking, Hungary).

DDOS

DDOS Banking Telecommunications Advertising

Threat actor leaked data for U.S. gun exchange site on hacking forum

Security Affairs

AUGUST 13, 2020

To check if your information has been exposed in this and other data leaks, you can search for your email using the Cyble’s “ Am I Breached” data breach monitoring service. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, gun exchange).

Hacking

Hacking Data breaches Cybercrime Passwords

FBI is warning of cyber attacks against Windows 7 systems that reached end-of-life

Security Affairs

AUGUST 6, 2020

After the Windows XP end of life on 28 April 2014, the healthcare industry saw a large increase of exposed records the following year,” the FBI said. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Healthcare Firewall Advertising

Threat Report Portugal: Q2 2020

Security Affairs

AUGUST 14, 2020

Pedro Tavares is a professional in the field of information security, working as an Ethical Hacker, Malware Analyst, Cybersecurity Analyst and also a Security Evangelist. He is also a founding member at CSIRT.UBI and Editor-in-Chief of the security computer blog seguranca-informatica.pt.

Threat Reports

Threat Reports Phishing Banking Malware

IPG Photonics high-performance laser developer hit with ransomware

Security Affairs

SEPTEMBER 20, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post IPG Photonics high-performance laser developer hit with ransomware appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – hacking, IPG Photonics).

Ransomware

Ransomware Manufacturing Advertising Encryption

Researchers found alleged sensitive documents of NATO and Turkey

Security Affairs

OCTOBER 12, 2020

” The availability of sensitive documents like the ones discovered by the experts could allow threat actors to gather intelligence on potential targets and use the leaked information to carry out spear-phishing campaigns. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Advertising

Advertising Manufacturing Hacking Cyber Attacks

Records of 45 million+ travelers to Thailand and Malaysia surfaced in the darkweb

Security Affairs

JULY 13, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Records of 45 million+ travelers to Thailand and Malaysia surfaced in the darkweb appeared first on Security Affairs. Pierluigi Paganini.

Mobile

Mobile InfoSec Data breaches Advertising

REvil ransomware gang hacked gaming firm Gaming Partners International

Security Affairs

OCTOBER 31, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, Gaming Partners International (GPI)).

Hacking

Hacking Ransomware Advertising Encryption

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Security Affairs

NOVEMBER 4, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election appeared first on Security Affairs. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Passwords Advertising Hacking

Ransomware attack disabled Georgia County Election database

Security Affairs

OCTOBER 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Ransomware attack disabled Georgia County Election database appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – hacking, Georgia county).

Ransomware

Ransomware Advertising Media Government

Hackers hit Luxottica, production stopped at two Italian plants

Security Affairs

SEPTEMBER 22, 2020

Security experts believe that threat actor exploited the above flaw to infect the systems at the company with ransomware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, malware).

Advertising

Advertising Retail Manufacturing Cyber Attacks

France national cyber-security agency warns of a surge in Emotet attacks

Security Affairs

SEPTEMBER 7, 2020

The French national cyber-security agency published an alert to warn of a significant increase of Emotet attacks targeting the private sector and public administration entities in France. The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Pierluigi Paganini.

Malware

Malware Advertising Antivirus Banking

Hackers stole $5.4 million from cryptocurrency exchange ETERBASE

Security Affairs

SEPTEMBER 10, 2020

ETERBASE revealed it has tracked the fraudulent transactions and is following the stolen funds and informed exchanges where they were moved to avoid that attackers could cash them out. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency

Cryptocurrency Data breaches Advertising Hacking

OpenSSL to fix the second critical flaw ever

Security Affairs

OCTOBER 26, 2022

This is the second critical vulnerability ever addressed by the OpenSSL Project after the critical Heartbleed vulnerability (CVE-2014-0160) in 2014. version is respected to be released next week, on November 1, with the maintainers that defined it as a ‘security-fix release.’. which will be released the same day.

Encryption

Encryption Hacking Information Security

OWASP discloses a data breach

Security Affairs

APRIL 1, 2024

The incident impacted OWASP members from 2006 to around 2014 who provided their resumes as part of joining OWASP. Exposed resumes contained names, email addresses, phone numbers, physical addresses, and other personally identifiable information.

Data breaches

Data breaches Mobile Software Media

How to check if an email or a domain was used in Emotet attacks?

Security Affairs

OCTOBER 1, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents.

Malware

Malware Advertising Banking Passwords

A data breach broker is selling account databases of 17 companies

Security Affairs

NOVEMBER 1, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post A data breach broker is selling account databases of 17 companies appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – hacking, account databases).

Data breaches

Data breaches Accountability Advertising Passwords

Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators

Security Affairs

AUGUST 21, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators appeared first on Security Affairs. Pierluigi Paganini.

Ransomware

Ransomware Hacking Advertising Backups

The British government aims at improving its offensive cyber capability

Security Affairs

OCTOBER 13, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post The British government aims at improving its offensive cyber capability appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – hacking, UK).

Government

Government Advertising Hacking Cyber Attacks

VMware finally fixed the critical CVE-2020-3992 flaw in ESXi

Security Affairs

NOVEMBER 5, 2020

Now the company has released security patches to address the flaw in ESXi 6.5, Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The vulnerability has yet to be fixed in VMware Cloud Foundation. Pierluigi Paganini.

Advertising

Advertising Hacking Information Security Malware

North Korea-linked APT group BeagleBoyz targets banks

Security Affairs

AUGUST 29, 2020

The BeagleBoyz APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, BeagleBoyz).

Banking

Banking Malware Advertising Hacking

Garmin shut down its services after an alleged ransomware attack

Security Affairs

JULY 23, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Garmin shut down its services after an alleged ransomware attack appeared first on Security Affairs. portal that their personal info and payment data were exposed.

Ransomware

Ransomware Advertising Data breaches Mobile

FIN11 gang started deploying ransomware to monetize its operations

Security Affairs

OCTOBER 18, 2020

Mandiant researchers highlighted an important with operations conducted by the TA505 cybercrime gang (aka Evil Corp ), which has been active since 2014 focusing on retail and banking sectors. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, FIN11).

Ransomware

Ransomware Malware Telecommunications Advertising

Data from Airlink International UAE leaked on multiple dark web forums

Security Affairs

OCTOBER 8, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Data from Airlink International UAE leaked on multiple dark web forums appeared first on Security Affairs. Pierluigi Paganini.

Advertising

Advertising Insurance Backups Media

Tyler Technologies finally paid the ransom to receive the decryption key

Security Affairs

OCTOBER 11, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Tyler Technologies finally paid the ransom to receive the decryption key appeared first on Security Affairs. For this reason, the company decided to pay the ransom.

Technology

Technology Ransomware Encryption Advertising

The ASA flaw CVE-2014-2120 is being actively exploited in the wild

Mazda Connect flaws allow to hack some Mazda vehicles

Trending Sources

Millions of Apple Applications Were Vulnerable to CocoaPods Supply Chain Attack

FBI deleted China-linked PlugX malware from over 4,200 US computers

The Mask APT is back after 10 years of silence

OpenSSH bugs allows Man-in-the-Middle and DoS Attacks

University of Utah pays a $457,000 ransom to ransomware gang

SANS Institute Email Breach – 28,000 User Records exposed

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Administrator of RSOCKS Proxy Botnet Pleads Guilty

UberEats data leaked on the dark web

Avaddon ransomware operators have launched their data leak site

Israel announced to have foiled an attempted cyber-attack on defence firms

HOW OPERATORS USE SANDVINE TO BLOCK INDEPENDENT MEDIA IN EGYPT

Hackers stole a six-figure amount from Swiss universities

REMnux 7, a Linux toolkit for malware analysts released

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Staples discloses data breach exposing customer order data

Meet the Administrators of the RSOCKS Proxy Botnet

A powerful DDoS attack hit Hungarian banks and telecoms services

Threat actor leaked data for U.S. gun exchange site on hacking forum

FBI is warning of cyber attacks against Windows 7 systems that reached end-of-life

Threat Report Portugal: Q2 2020

IPG Photonics high-performance laser developer hit with ransomware

Researchers found alleged sensitive documents of NATO and Turkey

Records of 45 million+ travelers to Thailand and Malaysia surfaced in the darkweb

REvil ransomware gang hacked gaming firm Gaming Partners International

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Ransomware attack disabled Georgia County Election database

Hackers hit Luxottica, production stopped at two Italian plants

France national cyber-security agency warns of a surge in Emotet attacks

Hackers stole $5.4 million from cryptocurrency exchange ETERBASE

OpenSSL to fix the second critical flaw ever

OWASP discloses a data breach

How to check if an email or a domain was used in Emotet attacks?

A data breach broker is selling account databases of 17 companies

Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators

The British government aims at improving its offensive cyber capability

VMware finally fixed the critical CVE-2020-3992 flaw in ESXi

North Korea-linked APT group BeagleBoyz targets banks

Garmin shut down its services after an alleged ransomware attack

FIN11 gang started deploying ransomware to monetize its operations

Data from Airlink International UAE leaked on multiple dark web forums

Tyler Technologies finally paid the ransom to receive the decryption key

Stay Connected