2015, Encryption and Hacking - Cyber Security Informer

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

Although most people think of ransomware as a dodgy application that encrypts data and holds it for ransom, the concept is much more heterogeneous than that. File encryption 2013 – 2015. It emerged in September 2013 and paved the way for hundreds of file-encrypting menaces that have splashed onto the scene ever since.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Some Fortinet products used hardcoded keys and weak encryption for communications

Security Affairs

NOVEMBER 26, 2019

Researchers at SEC Consult Vulnerability Lab discovered multiple issues in several security products from Fortinet, including hardcoded key and encryption for communications. “The messages are encrypted using XOR “encryption” with a static key.” SecurityAffairs – Fortinet, hacking). Pierluigi Paganini.

Encryption

Encryption Antivirus DNS Advertising

Snake Ransomware isolates infected Systems before encrypting files

Security Affairs

JULY 5, 2020

Experts spotted recent samples of the Snake ransomware that were isolating the infected systems while encrypting files to avoid interference. The Snake ransomware kills processes from a predefined list, including ICS-related processes, to encrypt associated files. SecurityAffairs – hacking, SNAKE ransomware).

Encryption

Encryption Ransomware Firewall Backups

REvil ransomware gang hacked gaming firm Gaming Partners International

Security Affairs

OCTOBER 31, 2020

The REvil ransomware operators made the headlines again, this time the gang claims to have hacked the Gaming Partners International (GPI). The REvil ransomware gang (aka Sodinokibi) claims to have stolen info from the systems at the company before encrypting them. SecurityAffairs – hacking, Gaming Partners International (GPI)).

Hacking

Hacking Ransomware Advertising Encryption

German encrypted email service Tutanota suffers DDoS attacks

Security Affairs

SEPTEMBER 19, 2020

The popular encrypted email service Tutanota was hit with a series of DDoS attacks this week targeting its website fist and its DNS providers later. Encrypted email service, Tutanota suffered a series of DDoS attacks that initially targeted the website and later its DNS providers. SecurityAffairs – hacking, Tutanota).

DDOS

DDOS Encryption DNS Advertising

Let’s Encrypt CA is revoking over 3 Million TLS certificates due to a bug

Security Affairs

MARCH 4, 2020

Let’s Encrypt is going to revoke over 3 million certificates today due to a flaw in the software used to verify users and their domains before issuing a certificate. A bug in Let’s Encrypt’s certificate authority (CA) software, dubbed Boulder, caused the correct validation for some certificates. Pierluigi Paganini.

Encryption

Encryption Advertising DNS Software

How Cyber Sleuths Cracked an ATM Shimmer Gang

Krebs on Security

JUNE 23, 2021

In 2015, police departments worldwide started finding ATMs compromised with advanced new “shimming” devices made to steal data from chip card transactions. Secret Service for 12 years until 2015. As it happens, KrebsOnSecurity wrote about that particular shimmer back in August 2015. “MasterCard in the U.K.

Banking

Banking Encryption Wireless Accountability

Ragnar Ransomware encrypts files from virtual machines to evade detection

Security Affairs

MAY 25, 2020

Ransomware encrypts from virtual machines to evade antivirus. Ragnar Locker deploys Windows XP virtual machines to encrypt victim’s files, the trick allows to evaded detection from security software. Mounting all the shared drives to encrypt. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Encryption

Encryption Ransomware Energy and Utilities Advertising

Zoom now supports end-to-end encrypted (E2EE) calls

Security Affairs

OCTOBER 15, 2020

The Video conferencing platform Zoom announced the implementation of end-to-end encryption (E2EE) and its availability starting next week. The popular Video conferencing platform Zoom announced the availability of the end-to-end encryption (E2EE) starting next week. SecurityAffairs – hacking, Zoom). Pierluigi Paganini.

Encryption

Encryption Advertising Accountability Hacking

Popular Webkinz World online children’s game hacked, 23M credentials leaked

Security Affairs

APRIL 19, 2020

A hacker has leaked the usernames and passwords of nearly 23 million players of Webkinz World on a well-known hacking forum. . “ZDNet has learned that details about the vulnerability have been circulating online before today’s leak for months, both on hacking forums and on online IM chat groups.” Pierluigi Paganini.

Hacking

Hacking Passwords Data breaches Advertising

Asian media firm E27 hacked, attackers asked for a “donation”

Security Affairs

JUNE 28, 2020

Asian media firm E27 has been hacked by a hacking group identifying themselves as “Korean Hackers” and “Team Johnwick”that asked for a “donation” to provide information on the vulnerabilities they have exploited in the attack. .” SecurityAffairs – hacking, E27). Pierluigi Paganini.

Media

Media Hacking Passwords Data breaches

BLURtooth flaw allows attacking Bluetooth encryption process

Security Affairs

SEPTEMBER 10, 2020

versions are affected by the vulnerability dubbed BLURtooth which allows hackers to defeat Bluetooth encryption. The vulnerability could be exploited by attackers to overwrite or lower the strength of the pairing key, defeating the protocol encryption. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Encryption

Encryption Authentication Advertising Wireless

Russian govn blocked Tutanota service in Russia to stop encrypted communication

Security Affairs

FEBRUARY 17, 2020

Tutanota , the popular free and open-source end-to-end encrypted email software, has been blocked by Russian authorities. The popular free and open-source end-to-end encrypted email service Tutanota has been blocked in Russia on Friday evening. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Encryption

Encryption VPN Government Internet

Chinese Military personnel charged with hacking into credit reporting agency Equifax

Security Affairs

FEBRUARY 10, 2020

The United States Department of Justice charged 4 Chinese military hackers with hacking into credit reporting agency Equifax. The United States Department of Justice officially charged 4 members of the China’s PLA’s 54th Research Institute, a division of the Chinese military, with hacking into credit reporting agency Equifax.

Hacking

Hacking Data breaches Advertising Encryption

Source code of Dharma ransomware now surfacing on public hacking forums

Security Affairs

MARCH 29, 2020

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware , is up for sale on two Russian-language hacking forums. ” concluded ZDNet. Pierluigi Paganini.

Ransomware

Ransomware Hacking Advertising Malware

Hackers Using Fake Police Data Requests against Tech Companies

Schneier on Security

APRIL 5, 2022

We allude to this kind of risk in our 2015 “ Keys Under Doormats ” paper: Third, exceptional access would create concentrated targets that could attract bad actors. But imagine how this kind of thing could be abused with a law enforcement encryption backdoor. And the data, of course, isn’t very secure.

Scams

Scams Engineering Encryption Technology

GravityRAT returns disguised as an end-to-end encrypted chat app

Security Affairs

NOVEMBER 13, 2021

Threat actors are distributing the GravityRAT remote access trojan masqueraded as an end-to-end encrypted chat application named SoSafe Chat. Threat actors are distributing the GravityRAT RAT masqueraded as an end-to-end encrypted chat application named SoSafe Chat. SecurityAffairs – hacking, GravityRAT). Pierluigi Paganini.

Encryption

Encryption Malware Media Authentication

Who’s Behind the RevCode WebMonitor RAT?

Krebs on Security

APRIL 22, 2019

The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT , a similar product that was used to infect more than half a million computers with malware, KrebsOnSecurity has learned.

Advertising

Advertising Antivirus Software Malware

3.4 Million user records from LiveAuctioneers hack available for sale

Security Affairs

JULY 14, 2020

.” According to the company, attackers accessed personal details of the users, including names, email addresses, mailing addresses, phone numbers, and also encrypted passwords. The company confirmed that the an investigation into the hack is still ongoing. SecurityAffairs – hacking, LiveAuctioneers ). Pierluigi Paganini.

Hacking

Hacking Data breaches Identity Theft Advertising

Russia-linked Turla APT hacked European government organization

Security Affairs

OCTOBER 29, 2020

Russia-linked APT Turla has hacked into the systems of an undisclosed European government organization according to Accenture. According to a report published by Accenture Cyber Threat Intelligence (ACTI), Russia-linked cyber-espionage group Turla has hacked into the systems of an undisclosed European government organization.

Government

Government Hacking Advertising Encryption

The forum of the popular Albion Online game was hacked

Security Affairs

OCTOBER 19, 2020

On top of that, the attacker gained access to encrypted passwords (in technical terms: hashed and salted passwords).” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Albion Online). ” continues the German game maker. The game is believed to have more than 2.5

Hacking

Hacking Data breaches Passwords Advertising

Victims of ThunderX ransomware can recover their files for free

Security Affairs

SEPTEMBER 26, 2020

Researchers developed a decryptor for the ransomware after they have discovered a bug in the encryption process implemented by the threat. This decryptor can recover for free files encrypted by the current version of the ThunderX ransomware that appends the .tx_locked SecurityAffairs – hacking, ransomware). Pierluigi Paganini.

Ransomware

Ransomware Encryption Advertising Hacking

Promising Infusions of Cash, Fake Investor John Bernard Walked Away With $30M

Krebs on Security

OCTOBER 7, 2020

Those stories prompted a flood of tips from Davies’ victims that paint a much clearer picture of this serial con man and his cohorts, including allegations of hacking, smuggling, bank fraud and murder. citizen who absconded from justice before being convicted on multiple counts of fraud in 2015. After eluding justice in the U.K.,

Banking

Banking Scams Government Advertising

Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoor

Security Affairs

JUNE 23, 2022

The Tropic Trooper APT has been active at least since 2012, it was first spotted by security experts at Trend Micro in 2015, when the threat actors targeted government ministries and heavy industries in Taiwan and the military in the Philippines. SecurityAffairs – hacking, Tropic Trooper). Pierluigi Paganini.

Hacking

Hacking Wireless Encryption Passwords

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

The Last Watchdog

AUGUST 29, 2023

The threat of bad actors hacking into airplane systems mid-flight has become a major concern for airlines and operators worldwide. Back in 2015, a security researcher decided to make that very point when he claimed to have hacked a plane , accessed the thrust system, and made it fly higher than intended.

Software

Software Risk Artificial Intelligence Engineering

Crooks hit Puerto Rico Firefighting Department Servers

Security Affairs

OCTOBER 15, 2020

The department received an email from the threat actors that notifies it that they had encrypted its servers and demanded the payment of a ransom to release them. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Puerto Rico’s firefighting department). Pierluigi Paganini.

Advertising

Advertising Encryption Hacking Information Security

A new variant of Cicada ransomware targets VMware ESXi systems

Security Affairs

SEPTEMBER 2, 2024

The stated intent was to recruit “intelligent individuals” by presenting a series of puzzles to be solved; no new puzzles were published on January 4, 2015. ui : Displays real-time progress and statistics of the encryption process, such as the number of files encrypted. The third puzzle has not been solved yet.

Ransomware

Ransomware Encryption Malware Cybercrime

Tyler Technologies finally paid the ransom to receive the decryption key

Security Affairs

OCTOBER 11, 2020

Tyler Technologies has finally decided to paid a ransom to obtain a decryption key and recover files encrypted in a recent ransomware attack. According to BleepingComputer, which cited a source informed on the event, Tyler Technologies paid a ransom of an unspecified amount to receive the decryption key and recover encrypted files.

Technology

Technology Ransomware Encryption Advertising

Your Work Email Address is Your Work's Email Address

Troy Hunt

JULY 21, 2021

When the Ashley Madison data breach occurred in 2015, it made headline news around the world. Sidenote: there's a whole other discussion about active interception of encrypted communications that may also give an employer access to this.)

Accountability

Accountability Data breaches Government InfoSec

Experts developed a free decryptor for the Lorenz ransomware

Security Affairs

JUNE 29, 2021

Like other ransomware gangs, Lorenz operators also implement double-extortion model by stealing data before encrypting it and threatening them if the victim doesn’t pay the ransom. Lorenz sends the name of the infected system to a C2 before encrypting the file. Lorenz places a header before the encrypted file instead.

Ransomware

Ransomware Encryption Passwords Malware

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

Krebs on Security

SEPTEMBER 4, 2018

Before it was taken offline sometime in the past 12 hours, the database contained millions of records, including the username, password and private encryption key of each mSpy customer who logged in to the mSpy site or purchased an mSpy license over the past six months.

Spyware

Spyware Mobile Advertising Software

Clop Ransomware attempts to disable Windows Defender and Malwarebytes

Security Affairs

DECEMBER 2, 2019

The malicious code executes a small program, just before starting the encryption process, to disable security tools running on the infected systems that could detect its operations. These are encrypted under the suffix. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Ransomware

Ransomware Encryption Advertising Malware

Fortinet VPN with default certificate exposes 200,000 businesses to hack

Security Affairs

SEPTEMBER 25, 2020

According to SAM Seamless Network , over 200,000 businesses are using Fortigate VPN with default settings, exposing them to the risk of a hack. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, Fortigate VPN). ” reads the warning. Pierluigi Paganini.

VPN

VPN Hacking IoT Advertising

Maze Ransomware operators claim to have stolen millions of credit cards from Banco BCR

Security Affairs

MAY 1, 2020

Maze Ransomware operators claim to have hacked the network of the state-owned Bank of Costa Rica Banco BCR and to have stolen internal data, including 11 million credit card credentials. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – Banco BCR, hacking). Pierluigi Paganini.

Ransomware

Ransomware Banking Cyber Insurance Advertising

Maze ransomware operators leak credit card data from Costa Rica’s BCR bank

Security Affairs

MAY 25, 2020

Early May, Maze Ransomware operators claimed to have hacked the network of the state-owned Bank of Costa Rica Banco BCR and to have stolen internal data, including 11 million credit card credentials. cyber #cybersecurity #databreach #banking #Hacked @BleepinComputer pic.twitter.com/5Kh6LakkKF — Cyble (@AuCyble) May 22, 2020.

Banking

Banking Ransomware Advertising Hacking

Qualcomm and MediaTek Wi-Fi chips impacted by Kr00k-Like attacks

Security Affairs

AUGUST 8, 2020

The attacker could exploit the Kr00k issue even when it is not connected to the victim’s wireless network, the vulnerability works against vulnerable devices using WPA2-Personal or WPA2-Enterprise protocols, with AES-CCMP encryption. Experts found a similar issue affecting MediaTek Wi-Fi chips that don’t use encryption at all.

Wireless

Wireless Encryption Manufacturing Advertising

Mount Locker ransomware operators demand multi-million dollar ransoms

Security Affairs

SEPTEMBER 28, 2020

A new ransomware gang named Mount Locker has started its operations stealing victims’ data before encrypting. According to the popular malware researchers Michael Gillespie , the Mount Locker uses ChaCha20 to encrypt the files and an embedded RSA-2048 public key to encrypt the encryption key. Pierluigi Paganini.

Ransomware

Ransomware Encryption Advertising Engineering

Sodinokibi ransomware gang stole 1TB of data from Brown-Forman

Security Affairs

AUGUST 15, 2020

Sodinokibi (REvil) ransomware operators announced on Friday to have hacked Brown-Forman, one of the largest U.S. As a proof of the hack, Sodinokibi ransomware operators posted on their leak site multiple screenshots showing directories and files allegedly belonging to the company, and internal conversations between some employees.

Ransomware

Ransomware Advertising Hacking Encryption

Unknown FinSpy Mac and Linux versions found in Egypt

Security Affairs

SEPTEMBER 27, 2020

The new versions of FinSpy spyware were used by a new unknown hacking group, Amnesty International speculates the involvement of a nation-state actor that employed them since September 2019. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – hacking, FinSpy). Pierluigi Paganini.

Spyware

Spyware Surveillance Advertising Mobile

North Korea-Linked Lazarus APT is behind the VHD ransomware

Security Affairs

JULY 28, 2020

The activity of the Lazarus Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. The group has been linked to several major cyber attacks, including the 2014 Sony Pictures hack , several SWIFT banking attacks since 2016, and the 2017 WannaCry ransomware infection. Pierluigi Paganini.

Ransomware

Ransomware Malware Advertising VPN

Maze Ransomware operators published data from LG and Xerox

Security Affairs

AUGUST 4, 2020

Maze ransomware operators have also breached the systems of the Xerox Corporation and stolen files before encrypting them. The company did not disclose the cyberattack, but early June the Maze ransomware operators published some screenshots that showed that a Xerox domain has been encrypted. SecurityAffairs – hacking, ransomware).

Ransomware

Ransomware Encryption Advertising Firmware

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

The botnet uses the WSS (WebSocket over TLS) protocol for C2 communication to circumvent the typical Mirai traffic detection and provide secure encrypted communication for command and control. “Two zero days, 12 remote access functions for the router, encrypted traffic protocol, and infrastructure IP that that moves around. .

IoT

IoT Firmware Advertising DNS

Maze ransomware uses Ragnar Locker virtual machine technique

Security Affairs

SEPTEMBER 17, 2020

The Maze ransomware operators now use a virtual machine to encrypt a computer, a tactic previously adopted by the Ragnar Locker malware. The Maze ransomware operators have adopted a new tactic to evade detection, their malware now encrypts a computer from within a virtual machine. SecurityAffairs – hacking, Maze ransomware).

Ransomware

Ransomware Encryption Advertising Malware

UCSF paid a $1.14 Million ransom to decrypt files after Ransomware attack

Security Affairs

JUNE 29, 2020

million to cybercriminals to recover data encrypted during a ransomware attack that took place on June 1. While we stopped the attack as it was occurring, the actors launched malware that encrypted a limited number of servers within the School of Medicine, making them temporarily inaccessible,” reads a statement published by the UCSF.

Ransomware

Ransomware Encryption Advertising Malware

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Some Fortinet products used hardcoded keys and weak encryption for communications

Trending Sources

Snake Ransomware isolates infected Systems before encrypting files

REvil ransomware gang hacked gaming firm Gaming Partners International

German encrypted email service Tutanota suffers DDoS attacks

Let’s Encrypt CA is revoking over 3 Million TLS certificates due to a bug

How Cyber Sleuths Cracked an ATM Shimmer Gang

Ragnar Ransomware encrypts files from virtual machines to evade detection

Zoom now supports end-to-end encrypted (E2EE) calls

Popular Webkinz World online children’s game hacked, 23M credentials leaked

Asian media firm E27 hacked, attackers asked for a “donation”

BLURtooth flaw allows attacking Bluetooth encryption process

Russian govn blocked Tutanota service in Russia to stop encrypted communication

Chinese Military personnel charged with hacking into credit reporting agency Equifax

Source code of Dharma ransomware now surfacing on public hacking forums

Hackers Using Fake Police Data Requests against Tech Companies

GravityRAT returns disguised as an end-to-end encrypted chat app

Who’s Behind the RevCode WebMonitor RAT?

3.4 Million user records from LiveAuctioneers hack available for sale

Russia-linked Turla APT hacked European government organization

The forum of the popular Albion Online game was hacked

Victims of ThunderX ransomware can recover their files for free

Promising Infusions of Cash, Fake Investor John Bernard Walked Away With $30M

Chinese Tropic Trooper APT spreads a hacking tool laced with a backdoor

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

Crooks hit Puerto Rico Firefighting Department Servers

A new variant of Cicada ransomware targets VMware ESXi systems

Tyler Technologies finally paid the ransom to receive the decryption key

Your Work Email Address is Your Work's Email Address

Experts developed a free decryptor for the Lorenz ransomware

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

Clop Ransomware attempts to disable Windows Defender and Malwarebytes

Fortinet VPN with default certificate exposes 200,000 businesses to hack

Maze Ransomware operators claim to have stolen millions of credit cards from Banco BCR

Maze ransomware operators leak credit card data from Costa Rica’s BCR bank

Qualcomm and MediaTek Wi-Fi chips impacted by Kr00k-Like attacks

Mount Locker ransomware operators demand multi-million dollar ransoms

Sodinokibi ransomware gang stole 1TB of data from Brown-Forman

Unknown FinSpy Mac and Linux versions found in Egypt

North Korea-Linked Lazarus APT is behind the VHD ransomware

Maze Ransomware operators published data from LG and Xerox

New Ttint IoT botnet exploits two zero-days in Tenda routers

Maze ransomware uses Ragnar Locker virtual machine technique

UCSF paid a $1.14 Million ransom to decrypt files after Ransomware attack

Stay Connected