2014 and Information Security - Cyber Security Informer

The ASA flaw CVE-2014-2120 is being actively exploited in the wild

Security Affairs

DECEMBER 3, 2024

Cisco warns customers that a decade-old ASA vulnerability, tracked as CVE-2014-2120, is being actively exploited in the wild. Cisco warns that the decade-old ASA vulnerability CVE-2014-2120 is being actively exploited in attacks in the wild, and urges customers to review the updated advisory. ” reads the advisory.

Software

Software Hacking Information Security

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Security Affairs

APRIL 16, 2025

It is not a first time that smartphones come with pre-installed malware, earlier 2015, the security firm Bluebox discovered a preinstalled malware , many malicious apps, and a series of security holes on the Xiaomi Mi 4 smartphone.

Malware

Malware Manufacturing Mobile Spyware

Mazda Connect flaws allow to hack some Mazda vehicles

Security Affairs

NOVEMBER 9, 2024

The vulnerabilities impact the Mazda Connect Connectivity Master Unit (CMU) system installed in multiple car models, including the Mazda 3 model year 2014-2021. Like in so many cases, these vulnerabilities are caused by insufficient sanitization when handling attacker-supplied input.” ” reads the advisory.

Hacking

Hacking Firmware Software Manufacturing

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Millions of Apple Applications Were Vulnerable to CocoaPods Supply Chain Attack

Tech Republic Security

JULY 3, 2024

The vulnerabilities have since been patched, but had quietly persisted since the CocoaPods migration in 2014.

Software

Software Information Security

FBI deleted China-linked PlugX malware from over 4,200 US computers

Security Affairs

JANUARY 14, 2025

The malware was operated by a China-linked threat actor, known as Mustang Panda (aka Twill Typhoon, to steal sensitive information from victim computers. According to court documents, the Chinese government paid Mustang Panda to develop PlugX malware, used since 2014 to target U.S., European, and Asian entities.

Malware

Malware Government Hacking Cybersecurity

The Mask APT is back after 10 years of silence

Security Affairs

DECEMBER 18, 2024

Kaspersky first identified the APT group in 2014, but experts believe the cyber espionage campaign had already been active for over five years. At the time, Kaspersky described it as the most sophisticated APT operation they had seen to date.

Cyber Attacks

Cyber Attacks Hacking Government Malware

OpenSSH bugs allows Man-in-the-Middle and DoS Attacks

Security Affairs

FEBRUARY 19, 2025

Introduced in December 2014 (OpenSSH 6.8p1), this flaw remained active, with FreeBSD enabling VerifyHostKeyDNS by default from 2013 to 2023, increasing exposure. The OpenSSH client vulnerability (CVE-2025-26465) allows an attack to succeed regardless of the VerifyHostKeyDNS setting, without user interaction or reliance on SSHFP DNS records.

Authentication

Authentication System Administration DNS Hacking

University of Utah pays a $457,000 ransom to ransomware gang

Security Affairs

AUGUST 21, 2020

The university notified appropriate law enforcement entities, and the university’s Information Security Office (ISO) investigated and resolved the incident in consultation with an external firm that specializes in responding to ransomware attacks.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Cyber Insurance Insurance Advertising

Russia-linked Gamaredon targets Ukraine with Remcos RAT

Security Affairs

MARCH 31, 2025

The APT group has been launching cyber-espionage campaigns against Ukraine since at least 2014. The cyberespionage group is behind a long series of spear-phishing attacks targeting Ukrainian entities, and organizations related to Ukrainian affairs. ” reads the Talos report.

Phishing

Phishing Antivirus Encryption Hacking

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Security Affairs

NOVEMBER 5, 2021

“They are officers of the ‘Crimean’ FSB and traitors who defected to the enemy during the occupation of the peninsula in 2014. This ‘line of work’ is coordinated by the FSB’s 18th Center (Information Security Center) based in Moscow.” 5 members of the group have been notified of suspicion of treason.”

Government

Government Software Cyber threats Cyber Attacks

SANS Institute Email Breach – 28,000 User Records exposed

Security Affairs

AUGUST 12, 2020

On August 6, during a review of email configuration and rules, the staff at the SANS Institute discovered a security breach. 28,000 records of personally identifiable information (PII) have been forwarded to an unknown email address. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Accountability Advertising Information Security

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

JANUARY 24, 2023

The plea comes just months after Emelyantsev was extradited from Bulgaria, where he told investigators, “America is looking for me because I have enormous information and they need it.” “Thanks to you, we are now developing in the field of information security and anonymity!,” Kloster’s blog enthused. “We

Cybercrime

Cybercrime Advertising IoT Malware

UberEats data leaked on the dark web

Security Affairs

AUGUST 4, 2020

UberEats is an American online food ordering and delivery platform launched by Uber in 2014. “During our research process, the Cyble Research Team got hold of some informative details related to this leak.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Banking

Banking Data breaches Advertising Mobile

Avaddon ransomware operators have launched their data leak site

Security Affairs

AUGUST 11, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Avaddon ransomware operators have launched their data leak site appeared first on Security Affairs. Let’s wait for new entries on the leak site!

Ransomware

Ransomware Advertising Cybercrime Hacking

Israel announced to have foiled an attempted cyber-attack on defence firms

Security Affairs

AUGUST 13, 2020

’ The Lazarus APT is linked to North Korea, the activity of the Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cyber Attacks

Cyber Attacks Manufacturing Hacking Advertising

Hackers stole a six-figure amount from Swiss universities

Security Affairs

OCTOBER 5, 2020

” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Hackers stole a six-figure amount from Swiss universities appeared first on Security Affairs. .” reads the site SwissInfo. Pierluigi Paganini.

Advertising

Advertising Phishing Cybercrime Hacking

REMnux 7, a Linux toolkit for malware analysts released

Security Affairs

JULY 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post REMnux 7, a Linux toolkit for malware analysts released appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – malware analysis, Linux toolkit).

Malware

Malware Advertising Software Engineering

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The CryptoLocker wave went into a decline in June 2014 as a result of the so-called Operation Tovar , an initiative orchestrated by law enforcement agencies from multiple countries. The newsmaking emergence of CTB-Locker in 2014 and the CryptoWall ransomware in 2015 fully demonstrated this multi-pronged shift.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Staples discloses data breach exposing customer order data

Security Affairs

SEPTEMBER 14, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Staples discloses data breach exposing customer order data appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – hacking, Staples).

Data breaches

Data breaches Retail Identity Theft Advertising

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

” The DOJ’s statement doesn’t mention that RSOCKS has been in operation since 2014, when access to the web store for the botnet was first advertised on multiple Russian-language cybercrime forums. “Thanks to you, we are now developing in the field of information security and anonymity!,”

Advertising

Advertising Cybercrime System Administration Hacking

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

KrebsOnSecurity has learned that the owner of Defiant Tech, a 32-year-old Ontario man named Jordan Evan Bloom , was hired in late 2014 as a developer for the marital infidelity site AshleyMadison.com. In 2019, a Canadian company called Defiant Tech Inc. pleaded guilty to running LeakedSource[.]com In an email to all employees on Dec.

Hacking

Hacking Accountability Data breaches Marketing

A powerful DDoS attack hit Hungarian banks and telecoms services

Security Affairs

SEPTEMBER 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post A powerful DDoS attack hit Hungarian banks and telecoms services appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – hacking, Hungary).

DDOS

DDOS Banking Telecommunications Advertising

Threat actor leaked data for U.S. gun exchange site on hacking forum

Security Affairs

AUGUST 13, 2020

To check if your information has been exposed in this and other data leaks, you can search for your email using the Cyble’s “ Am I Breached” data breach monitoring service. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, gun exchange).

Hacking

Hacking Data breaches Cybercrime Passwords

FBI is warning of cyber attacks against Windows 7 systems that reached end-of-life

Security Affairs

AUGUST 6, 2020

After the Windows XP end of life on 28 April 2014, the healthcare industry saw a large increase of exposed records the following year,” the FBI said. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Healthcare Firewall Advertising

IPG Photonics high-performance laser developer hit with ransomware

Security Affairs

SEPTEMBER 20, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post IPG Photonics high-performance laser developer hit with ransomware appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – hacking, IPG Photonics).

Ransomware

Ransomware Manufacturing Advertising Encryption

Researchers found alleged sensitive documents of NATO and Turkey

Security Affairs

OCTOBER 12, 2020

” The availability of sensitive documents like the ones discovered by the experts could allow threat actors to gather intelligence on potential targets and use the leaked information to carry out spear-phishing campaigns. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Advertising

Advertising Manufacturing Hacking Cyber Attacks

Threat Report Portugal: Q2 2020

Security Affairs

AUGUST 14, 2020

Pedro Tavares is a professional in the field of information security, working as an Ethical Hacker, Malware Analyst, Cybersecurity Analyst and also a Security Evangelist. He is also a founding member at CSIRT.UBI and Editor-in-Chief of the security computer blog seguranca-informatica.pt.

Threat Reports

Threat Reports Phishing Malware Banking

OpenSSL to fix the second critical flaw ever

Security Affairs

OCTOBER 26, 2022

This is the second critical vulnerability ever addressed by the OpenSSL Project after the critical Heartbleed vulnerability (CVE-2014-0160) in 2014. version is respected to be released next week, on November 1, with the maintainers that defined it as a ‘security-fix release.’. which will be released the same day.

Encryption

Encryption Hacking Information Security

Records of 45 million+ travelers to Thailand and Malaysia surfaced in the darkweb

Security Affairs

JULY 13, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Records of 45 million+ travelers to Thailand and Malaysia surfaced in the darkweb appeared first on Security Affairs. Pierluigi Paganini.

Mobile

Mobile InfoSec Data breaches Advertising

REvil ransomware gang hacked gaming firm Gaming Partners International

Security Affairs

OCTOBER 31, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, Gaming Partners International (GPI)).

Hacking

Hacking Ransomware Advertising Encryption

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Security Affairs

NOVEMBER 4, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election appeared first on Security Affairs. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Passwords Advertising Hacking

Ransomware attack disabled Georgia County Election database

Security Affairs

OCTOBER 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Ransomware attack disabled Georgia County Election database appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – hacking, Georgia county).

Ransomware

Ransomware Advertising Media Government

Hackers hit Luxottica, production stopped at two Italian plants

Security Affairs

SEPTEMBER 22, 2020

Security experts believe that threat actor exploited the above flaw to infect the systems at the company with ransomware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, malware).

Advertising

Advertising Retail Manufacturing Cyber Attacks

France national cyber-security agency warns of a surge in Emotet attacks

Security Affairs

SEPTEMBER 7, 2020

The French national cyber-security agency published an alert to warn of a significant increase of Emotet attacks targeting the private sector and public administration entities in France. The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Pierluigi Paganini.

Malware

Malware Advertising Antivirus Banking

Hackers stole $5.4 million from cryptocurrency exchange ETERBASE

Security Affairs

SEPTEMBER 10, 2020

ETERBASE revealed it has tracked the fraudulent transactions and is following the stolen funds and informed exchanges where they were moved to avoid that attackers could cash them out. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency

Cryptocurrency Data breaches Advertising Hacking

French court indicted Nexa Technologies for complicity in acts of torture

Security Affairs

NOVEMBER 28, 2021

The complaint refers to the revelation made by the magazine Télérama that reported the sale in March 2014 of “a listening system at 10 million euros to fight – officially – against the Muslim Brotherhood” , the Islamist opposition in Egypt. The contract was signed in March 2014.

Technology

Technology Surveillance Software Government

How to check if an email or a domain was used in Emotet attacks?

Security Affairs

OCTOBER 1, 2020

The Emotet banking trojan has been active at least since 2014, the botnet is operated by a threat actor tracked as TA542. Recent spam campaigns used messages with malicious Word documents, or links to them, pretending to be an invoice, shipping information, COVID-19 information , resumes, financial documents, or scanned documents.

Malware

Malware Advertising Banking Passwords

North Korea-linked APT group BeagleBoyz targets banks

Security Affairs

AUGUST 29, 2020

The BeagleBoyz APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, BeagleBoyz).

Banking

Banking Malware Advertising Hacking

A data breach broker is selling account databases of 17 companies

Security Affairs

NOVEMBER 1, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post A data breach broker is selling account databases of 17 companies appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – hacking, account databases).

Data breaches

Data breaches Accountability Advertising Passwords

Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators

Security Affairs

AUGUST 21, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators appeared first on Security Affairs. Pierluigi Paganini.

Ransomware

Ransomware Hacking Advertising Backups

The British government aims at improving its offensive cyber capability

Security Affairs

OCTOBER 13, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post The British government aims at improving its offensive cyber capability appeared first on Security Affairs. Pierluigi Paganini. SecurityAffairs – hacking, UK).

Government

Government Advertising Hacking Cyber Attacks

VMware finally fixed the critical CVE-2020-3992 flaw in ESXi

Security Affairs

NOVEMBER 5, 2020

Now the company has released security patches to address the flaw in ESXi 6.5, Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The vulnerability has yet to be fixed in VMware Cloud Foundation. Pierluigi Paganini.

Advertising

Advertising Hacking Information Security Malware

Garmin shut down its services after an alleged ransomware attack

Security Affairs

JULY 23, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Garmin shut down its services after an alleged ransomware attack appeared first on Security Affairs. portal that their personal info and payment data were exposed.

Ransomware

Ransomware Advertising Data breaches Mobile

Data from Airlink International UAE leaked on multiple dark web forums

Security Affairs

OCTOBER 8, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Data from Airlink International UAE leaked on multiple dark web forums appeared first on Security Affairs. Pierluigi Paganini.

Advertising

Advertising Insurance Backups Media

The ASA flaw CVE-2014-2120 is being actively exploited in the wild

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Webinars

Trending Sources

Mazda Connect flaws allow to hack some Mazda vehicles

Webinars

Millions of Apple Applications Were Vulnerable to CocoaPods Supply Chain Attack

FBI deleted China-linked PlugX malware from over 4,200 US computers

The Mask APT is back after 10 years of silence

OpenSSH bugs allows Man-in-the-Middle and DoS Attacks

University of Utah pays a $457,000 ransom to ransomware gang

Russia-linked Gamaredon targets Ukraine with Remcos RAT

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

SANS Institute Email Breach – 28,000 User Records exposed

Administrator of RSOCKS Proxy Botnet Pleads Guilty

UberEats data leaked on the dark web

Avaddon ransomware operators have launched their data leak site

Israel announced to have foiled an attempted cyber-attack on defence firms

Hackers stole a six-figure amount from Swiss universities

REMnux 7, a Linux toolkit for malware analysts released

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Staples discloses data breach exposing customer order data

Meet the Administrators of the RSOCKS Proxy Botnet

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

A powerful DDoS attack hit Hungarian banks and telecoms services

Threat actor leaked data for U.S. gun exchange site on hacking forum

FBI is warning of cyber attacks against Windows 7 systems that reached end-of-life

IPG Photonics high-performance laser developer hit with ransomware

Researchers found alleged sensitive documents of NATO and Turkey

Threat Report Portugal: Q2 2020

OpenSSL to fix the second critical flaw ever

Records of 45 million+ travelers to Thailand and Malaysia surfaced in the darkweb

REvil ransomware gang hacked gaming firm Gaming Partners International

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Ransomware attack disabled Georgia County Election database

Hackers hit Luxottica, production stopped at two Italian plants

France national cyber-security agency warns of a surge in Emotet attacks

Hackers stole $5.4 million from cryptocurrency exchange ETERBASE

French court indicted Nexa Technologies for complicity in acts of torture

How to check if an email or a domain was used in Emotet attacks?

North Korea-linked APT group BeagleBoyz targets banks

A data breach broker is selling account databases of 17 companies

Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators

The British government aims at improving its offensive cyber capability

VMware finally fixed the critical CVE-2020-3992 flaw in ESXi

Garmin shut down its services after an alleged ransomware attack

Data from Airlink International UAE leaked on multiple dark web forums

Stay Connected