2015 and Information Security - Cyber Security Informer

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals. In 2019, a Canadian company called Defiant Tech Inc.

Hacking

Hacking Accountability Data breaches Marketing

Change Healthcare Breach Hits 100M Americans

Krebs on Security

OCTOBER 30, 2024

The chief information security officer for a large academic healthcare system affected by the breach told KrebsOnSecurity they participated in a call with the FBI and were told a third party partner managed to recover at least four terabytes of data that was exfiltrated from Change by the cybercriminal group. million individuals.

Healthcare

Healthcare Insurance Computers and Electronics Data breaches

New Atrium Health data breach impacts 585,000 individuals

Security Affairs

DECEMBER 6, 2024

Atrium Health launched an investigation into the security breach and discovered that from January 2015 to July 2019, certain online tracking technologies were active on its MyAtriumHealth (formerly MyCarolinas) Patient Portal, accessible via web and mobile. The company notified the US Department of Health and Human Services (HHS).

Data breaches

Data breaches Identity Theft Accountability Technology

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Security Affairs

FEBRUARY 2, 2025

” Source KrebsOnSecurity KrebsOnSecurity first wrote about the Manipulaters in May 2015 , the cybercrime group openly advertised on forums in 2015. The seizure of these domains is intended to disrupt the ongoing activity of these groups and stop the proliferation of these tools within the cybercriminal community.”

Cybercrime

Cybercrime Advertising Phishing Hacking

New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows

Security Affairs

APRIL 2, 2025

” FIN7is a Russian criminalgroup (aka Carbanak ) that has been active since mid-2015, it focuses on restaurants, gambling, and hospitality industries in the US to harvest financial information that was used in attacks or sold in cybercrime marketplaces.

Antivirus

Antivirus Cybercrime Malware Encryption

Russia-linked APT Star Blizzard targets WhatsApp accounts

Security Affairs

JANUARY 16, 2025

The Star Blizzard group, aka “ Callisto “, Seaborgium , ColdRiver , and TA446, targeted government officials, military personnel,journalists and think tanks since at least 2015.

Accountability

Accountability Phishing Government Hacking

Ransomware attack hit Indian multinational Tata Technologies

Security Affairs

FEBRUARY 1, 2025

“Pursuant to Regulation 30 of the SEBI (Listing Obligations and Disclosure Requirements) Regulations, 2015, this is to inform you that the Company has become aware of a ransomware incident that has affected a few of our IT assets.” Company client delivery services were not impacted by the attack.

Technology

Technology Ransomware Engineering Manufacturing

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

Security Affairs

APRIL 16, 2025

It is not a first time that smartphones come with pre-installed malware, earlier 2015, the security firm Bluebox discovered a preinstalled malware , many malicious apps, and a series of security holes on the Xiaomi Mi 4 smartphone.

Malware

Malware Manufacturing Mobile Spyware

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

File encryption 2013 – 2015. The newsmaking emergence of CTB-Locker in 2014 and the CryptoWall ransomware in 2015 fully demonstrated this multi-pronged shift. RaaS rollout 2015 – 2018. Another fundamental tweak was the onset of Ransomware-as-a-Service (RaaS) in May 2015.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

Security Affairs

MARCH 5, 2025

“Pursuant to Regulation 30 of the SEBI (Listing Obligations and Disclosure Requirements) Regulations, 2015, this is to inform you that the Company has become aware of a ransomware incident that has affected a few of our IT assets.” ” reads the filing.

Technology

Technology Ransomware Engineering Manufacturing

NIST’s Post-Quantum Cryptography Standards

Schneier on Security

AUGUST 8, 2022

NIST is an old hand at this competitive process, having previously done this with symmetric algorithms (AES in 2001) and hash functions (SHA-3 in 2015). Fun fact: Those three algorithms were broken by the Center of Encryption and Information Security, part of the Israeli Defense Force.

Encryption

Encryption Architecture Engineering Information Security

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Security Affairs

NOVEMBER 4, 2020

The wallet was monitored since 2015 because it was associated with hacking activities, it had been “ dormant ” since 2015. 2015* apparently, maybe the owner? Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cryptocurrency

Cryptocurrency Passwords Advertising Hacking

University of Utah pays a $457,000 ransom to ransomware gang

Security Affairs

AUGUST 21, 2020

The university notified appropriate law enforcement entities, and the university’s Information Security Office (ISO) investigated and resolved the incident in consultation with an external firm that specializes in responding to ransomware attacks.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Cyber Insurance Insurance Advertising

Demand, CyberInsurance, and Automation/AI Are the Future of InfoSec

Daniel Miessler

NOVEMBER 6, 2020

I think there are four main trends that will play out in the field of information security in the next 20 years. I wrote my first big piece on it in August of 2015, and I still think it’s the future. Keep in mind that trend #1 will be counterbalanced by the growth of people who need basic information security help.

InfoSec

InfoSec Insurance Artificial Intelligence Cybersecurity

CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

Security Affairs

FEBRUARY 11, 2022

” The US agency also added the CVE-2015-2051 remote code execution flaw impacting D-Link DIR-645 routers. “An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.An attacker must have the ability to execute code on a victim system to exploit this vulnerability.”

IoT

IoT Accountability Authentication Hacking

Microsoft Patch Tuesday security updates for September 2024 addressed four actively exploited zero-days

Security Affairs

SEPTEMBER 11, 2024

Microsoft is aware of a vulnerability in Servicing Stack that has rolled back the fixes for some vulnerabilities affecting Optional Components on Windows 10, version 1507 (initial version released July 2015).

Social Engineering

Social Engineering IoT Engineering Authentication

Alleged Extortioner of Psychotherapy Patients Faces Trial

Krebs on Security

NOVEMBER 16, 2023

In a 2,200-page report, Finnish authorities laid out how they connected the extortion spree to Kivimäki, a notorious hacker who was convicted in 2015 of perpetrating tens of thousands of cybercrimes, including data breaches, payment fraud, operating a botnet and calling in bomb threats.

Cybercrime

Cybercrime Hacking Data breaches Banking

SANS Institute Email Breach – 28,000 User Records exposed

Security Affairs

AUGUST 12, 2020

On August 6, during a review of email configuration and rules, the staff at the SANS Institute discovered a security breach. 28,000 records of personally identifiable information (PII) have been forwarded to an unknown email address. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Accountability Advertising Information Security

North Korea-linked APT group BeagleBoyz targets banks

Security Affairs

AUGUST 29, 2020

The BeagleBoyz APT group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. The BeagleBoyz have attempted to steal nearly $2 billion since at least 2015, according to public estimates. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Banking

Banking Malware Advertising Hacking

TalkTalk confirms data breach involving a third-party platform

Security Affairs

JANUARY 27, 2025

” In 2015, TalkTalk Telecom Group announced that four million subscribershave been impacted by a sustained cyberattack that hit its servers. . “ We have no evidence that CSGs technologies and systems were compromised or that CSG was the cause of the unexpected access to the data.

Data breaches

Data breaches Telecommunications Cybercrime Hacking

Announcing the public availability of the Cisco Cloud Controls Framework (CCF)

Cisco Security

MAY 5, 2022

covers these security compliance framework and certification standards: SOC 2® – SOC for Service Organizations: Trust Services Criteria. ISO IEC 27001:2013 – Information technology — Security techniques — Information security management systems — Requirements. Today, the Cisco CCF V1.0

Marketing

Marketing InfoSec Risk Technology

NailaoLocker ransomware targets EU healthcare-related entities

Security Affairs

FEBRUARY 20, 2025

ShadowPad is a modular backdoor considered a hallmark of China-linked APT groupssince at least 2015. The threat actors behind this campaign used RDP for lateral movement and side-loaded malicious DLLs to deploy ShadowPad and PlugX, leveraging legitimate executables for persistence and privilege escalation.

Healthcare

Healthcare Ransomware VPN Malware

Avaddon ransomware operators have launched their data leak site

Security Affairs

AUGUST 11, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The hackers have already published on the leak site 3.5MB of documents stolen from a construction company. Let’s wait for new entries on the leak site! Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Ransomware

Ransomware Advertising Cybercrime Hacking

HOW OPERATORS USE SANDVINE TO BLOCK INDEPENDENT MEDIA IN EGYPT

Security Affairs

SEPTEMBER 23, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Furthermore, the report confirms that although the Sandvine DPI tears down the majority of connections established to blocked websites, 25% of the traffic goes through the DPI equipment. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Media

Media Advertising Internet Internet

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Security Affairs

NOVEMBER 5, 2021

This ‘line of work’ is coordinated by the FSB’s 18th Center (Information Security Center) based in Moscow.” The Gamaredon group was first discovered by Symantec and TrendMicro in 2015, but evidence of its activities has been dated back to 2013. .” reads the announcement published by the SSU.

Government

Government Software Cyber threats Cyber Attacks

Israel announced to have foiled an attempted cyber-attack on defence firms

Security Affairs

AUGUST 13, 2020

’ The Lazarus APT is linked to North Korea, the activity of the Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Manufacturing Hacking Advertising

Hackers targeted the US Census Bureau network, DHS report warns

Security Affairs

OCTOBER 11, 2020

” In the past, the US Census has been hit by attacks, such as hacks and DDoS attacks during a 2018 test of census systems attributed to Russia-linked hackers and a 2015 hack attributed to the Anonymous collective. ” This HTA annual report provides information of threats targeting the US to government and private sector partners.

Government

Government Advertising Hacking Data collection

D-Link confirms data breach, but downplayed the impact

Security Affairs

OCTOBER 18, 2023

. “I have breached the internal network of D-Link in Taiwan, I have 3 million lines of customer information, as well as source code to D-View extracted from system,” reads the announcement on BreachForums. So far, no evidence suggests the archaic data contained any user IDs or financial information.

Data breaches

Data breaches Phishing Manufacturing Hacking

Five Interesting Israeli CyberSecurity Companies

Joseph Steinberg

APRIL 7, 2021

Back in 2015 and 2017, I ran articles in Inc. For various reasons, when I wrote those two pieces, I intentionally featured innovators from outside of the information-security sector. For various reasons, when I wrote those two pieces, I intentionally featured innovators from outside of the information-security sector.

Cybersecurity

Cybersecurity Small Business IoT Computers and Electronics

Operation TOURNIQUET: Authorities shut down dark web marketplace RaidForums

Security Affairs

APRIL 12, 2022

1, 2015, and on or about Jan. ” RaidForums was launched in 2015, its community reached over half a million users. The police arrested Coelho in the United Kingdom on Jan. 31, at the United States’ request and remain in custody pending the resolution of his extradition proceedings.

Cybercrime

Cybercrime Banking Accountability Hacking

Hackers stole a six-figure amount from Swiss universities

Security Affairs

OCTOBER 5, 2020

” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. It added that part of the misappropriated funds was now in foreign accounts.” ” reads the site SwissInfo. “Umbrella organisation swissuniversities has sent a warning email to keep universities on their guard.” Pierluigi Paganini.

Advertising

Advertising Phishing Cybercrime Hacking

REMnux 7, a Linux toolkit for malware analysts released

Security Affairs

JULY 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The tools in REMnux toolkit allow to dissects suspicious executables and artifacts, perform static and dynamic analysis of malicious code, run memory forensics on a compromised host, explore network and system interactions for behavioral analysis.

Malware

Malware Advertising Software Engineering

Spanish police shut down illegal TV streaming network

Security Affairs

JUNE 3, 2024

Spanish police dismantled a pirated TV streaming network that allowed its operators to earn over 5,300,000 euros since 2015. The Spanish National Police dismantled a network that illicitly distributed audiovisual content, earning over 5,300,000 euros since 2015.

Technology

Technology Banking Marketing Hacking

Staples discloses data breach exposing customer order data

Security Affairs

SEPTEMBER 14, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Exposed data could be abused by threat actors to carry out malicious activities, including identity theft and phone call scams. Customers that received the data breach notification could contact the company by phone for any questions or concerns. Pierluigi Paganini.

Data breaches

Data breaches Retail Identity Theft Advertising

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

In 2015, the hacker who breached the systems of the Italian surveillance firm Hacking Team leaked a 400GB package containing hacking tools and exploits codes. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Firmware

Firmware Spyware Surveillance Hacking

Is Russian group APT28 behind the cyber attack on the German air traffic control agency (DFS)?

Security Affairs

SEPTEMBER 5, 2024

DFS immediately reported the attack to national security authorities. Cybersecurity experts linked the attack to the Russian nation-state actor APT28 which was responsible for the 2015 attack on the Bundestag.

Cyber Attacks

Cyber Attacks Hacking Government Accountability

Threat Report Portugal: Q2 2020

Security Affairs

AUGUST 14, 2020

Pedro Tavares is a professional in the field of information security, working as an Ethical Hacker, Malware Analyst, Cybersecurity Analyst and also a Security Evangelist. He is also a founding member at CSIRT.UBI and Editor-in-Chief of the security computer blog seguranca-informatica.pt.

Threat Reports

Threat Reports Phishing Malware Banking

A powerful DDoS attack hit Hungarian banks and telecoms services

Security Affairs

SEPTEMBER 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. “There was a DDoS attack on telecom systems serving some of the banking services on Thursday,” reads the statement issued by the bank. “We Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

DDOS

DDOS Banking Telecommunications Advertising

Threat actor leaked data for U.S. gun exchange site on hacking forum

Security Affairs

AUGUST 13, 2020

To check if your information has been exposed in this and other data leaks, you can search for your email using the Cyble’s “ Am I Breached” data breach monitoring service. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, gun exchange).

Hacking

Hacking Data breaches Cybercrime Passwords

U.S. CISA adds Versa Director bug to its Known Exploited Vulnerabilities catalog

Security Affairs

AUGUST 25, 2024

” Versa Networks is aware of one confirmed customer reported instance where this vulnerability was exploited because the Firewall guidelines which were published in 2015 & 2017 were not implemented by that customer.” This oversight allowed the attacker to exploit the vulnerability without needing to access the GUI.

Firewall

Firewall Authentication Hacking Cybersecurity

IPG Photonics high-performance laser developer hit with ransomware

Security Affairs

SEPTEMBER 20, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. In June 2020, the same ransomware was employed in an attack on the Texas Department of Transportation. The good news is that the RansomEXX ransom, unlike other families of ransomware, does not appear to exfiltrate data before encrypting target systems.

Ransomware

Ransomware Manufacturing Advertising Encryption

Researchers found alleged sensitive documents of NATO and Turkey

Security Affairs

OCTOBER 12, 2020

” The availability of sensitive documents like the ones discovered by the experts could allow threat actors to gather intelligence on potential targets and use the leaked information to carry out spear-phishing campaigns. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Advertising

Advertising Manufacturing Hacking Cyber Attacks

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

. “TAG observed a North Korean government-backed attacker group that previously targeted security researchers posing as recruiters at Samsung and sending fake job opportunities to employees at multiple South Korean information security companies that sell anti-malware solutions.”

Malware

Malware Phishing Antivirus Hacking

UberEats data leaked on the dark web

Security Affairs

AUGUST 4, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. SecurityAffairs – hacking, UberEats).

Banking

Banking Data breaches Advertising Mobile

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Change Healthcare Breach Hits 100M Americans

Webinars

Trending Sources

New Atrium Health data breach impacts 585,000 individuals

Webinars

Law enforcement seized the domains of HeartSender cybercrime marketplaces

New advanced FIN7’s Anubis backdoor allows to gain full system control on Windows

Russia-linked APT Star Blizzard targets WhatsApp accounts

Ransomware attack hit Indian multinational Tata Technologies

Chinese Android phones shipped with malware-laced WhatsApp, Telegram apps

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

NIST’s Post-Quantum Cryptography Standards

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

University of Utah pays a $457,000 ransom to ransomware gang

Demand, CyberInsurance, and Automation/AI Are the Future of InfoSec

CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

Microsoft Patch Tuesday security updates for September 2024 addressed four actively exploited zero-days

Alleged Extortioner of Psychotherapy Patients Faces Trial

SANS Institute Email Breach – 28,000 User Records exposed

North Korea-linked APT group BeagleBoyz targets banks

TalkTalk confirms data breach involving a third-party platform

Announcing the public availability of the Cisco Cloud Controls Framework (CCF)

NailaoLocker ransomware targets EU healthcare-related entities

Avaddon ransomware operators have launched their data leak site

HOW OPERATORS USE SANDVINE TO BLOCK INDEPENDENT MEDIA IN EGYPT

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Israel announced to have foiled an attempted cyber-attack on defence firms

Hackers targeted the US Census Bureau network, DHS report warns

D-Link confirms data breach, but downplayed the impact

Five Interesting Israeli CyberSecurity Companies

Operation TOURNIQUET: Authorities shut down dark web marketplace RaidForums

Hackers stole a six-figure amount from Swiss universities

REMnux 7, a Linux toolkit for malware analysts released

Spanish police shut down illegal TV streaming network

Staples discloses data breach exposing customer order data

Second-ever UEFI rootkit used in North Korea-themed attacks

Is Russian group APT28 behind the cyber attack on the German air traffic control agency (DFS)?

Threat Report Portugal: Q2 2020

A powerful DDoS attack hit Hungarian banks and telecoms services

Threat actor leaked data for U.S. gun exchange site on hacking forum

U.S. CISA adds Versa Director bug to its Known Exploited Vulnerabilities catalog

IPG Photonics high-performance laser developer hit with ransomware

Researchers found alleged sensitive documents of NATO and Turkey

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

UberEats data leaked on the dark web

Stay Connected