Security Affairs

JANUARY 31, 2020

Japanese electronics and IT giant NEC confirmed a security breach suffered by its defense business division in December 2016. The IT giant NEC confirmed that the company defense business division has suffered a security breach back in December 2016. SecurityAffairs – NEC, hacking). Pierluigi Paganini.

Data breaches 137

Data breaches Advertising Antivirus Encryption 137

Security Affairs

JANUARY 31, 2023

TrickGate is a shellcode-based packer offered as a service, which is used at least since July 2016, to hide malware from defense programs. TrickGate is a shellcode-based packer offered as a service to malware authors to avoid detection, CheckPoint researchers reported.

Malware 98

Malware Antivirus Manufacturing Healthcare 98

Security Affairs

MARCH 2, 2024

Department of Justice (DoJ) charged Iranian national Alireza Shafie Nasab (39) for multi-year hacking campaign targeting U.S. According to DoJ, from at least in or about 2016 through or about April 2021, Nasab and other co-conspirators carried out a coordinated multi-year campaign to breach computers worldwide. ” concludes DoJ.

Hacking 139

Hacking Identity Theft Social Engineering Accountability 139

Security Affairs

DECEMBER 23, 2018

France’s data protection agency had fined the ride-sharing company Uber with 400,000 euros ($455,000) over a 2016 data breach. The data breach suffered by Uber in 2016 exposed the personal data of some 57 million clients and drivers worldwide. SecurityAffairs – hacking, 2016 data breach). Pierluigi Paganini.

Data breaches 109

Data breaches Advertising Insurance Hacking 109

Security Affairs

MAY 17, 2019

The German newspaper Der Spiegel revealed that the software company behind TeamViewer was compromised in 2016 by Chinese hackers. China-linked hackers breached German software company behind TeamViewer in 2016, this news was reported by the German newspaper Der Spiegel. “In autumn 2016, TeamViewer was target of a cyber-attack.

Advertising 111

Advertising Architecture Software Cyber Attacks 111

Troy Hunt

MAY 31, 2018

At the gala dinner last night, without any warning beforehand, I somehow walked away with this: #AusCERT2018 Award for Information Security Excellence goes to @troyhunt @AusCERT 2018 Gala Dinner pic.twitter.com/9lxmwX0tdR — ValdemarJakobsen???? jamver) May 31, 2018. Yes, that guy is wearing a cape, it was a Star Wars thing.).

Information Security 135

Information Security Data breaches Hacking 135

Security Affairs

OCTOBER 2, 2019

Zendesk discloses a data breach that took place in 2016 when a hacker accessed data of 10,000 users, including passwords, emails, names, and phone numbers. In 2016, customer service software company Zendesk suffered a security breach that exposed data of 10,000 users, including passwords, emails, names, and phone numbers.

Data breaches 97

Data breaches Passwords Accountability Authentication 97

Security Affairs

SEPTEMBER 26, 2018

Uber agrees to $148 million settlement with US States and the District of Columbia over the massive 2016 data breach that exposed personal data of 57 million of its users. Security Affairs – Uber, Data breach ). The payout was disguised as a bug bounty prize complete with non-disclosure agreements signed.

Data breaches 111

Data breaches Consumer Protection Advertising Hacking 111

Security Affairs

NOVEMBER 10, 2021

Around five million cyber attacks hit Taiwan’s government agencies every day, and most of the hacking attempts are originated from China. Cyber security department director Chien Hung-wei told parliament representatives that government infrastructure faces “five million attacks and scans a day” . Pierluigi Paganini.

Government 144

Government Hacking Cyber Attacks Information Security 144

Security Affairs

AUGUST 16, 2024

The app has been present since August 2016 [ 1 , 2 ], but there is no evidence that this vulnerability has been exploited in the wild. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Android)

Hacking 144

Hacking Firmware Mobile Penetration Testing 144

Security Affairs

JULY 9, 2019

The malware samples shared by USCYBERCOM last week were first detected in December 2016 in attacks attributed to Iran-linked APT33. Last week the United States Cyber Command (USCYBERCOM) uploaded to VirusTotal a malware used by Iran-linked APT33 group in attacks in Dec 2016 and Jan 2017. SecurityAffairs – USCYBERCOM, hacking).

Malware 107

Malware InfoSec Advertising Government 107

SecureWorld News

JANUARY 18, 2023

Department of Defense (DoD) is turning to the private sector to bolster its cyber defenses with the launch of the third iteration of its "Hack the Pentagon" bug bounty program. The third installment of the "Hack the Pentagon" bug bounty program comes almost five years after the second one, which was unveiled in April 2018.

Hacking 77

Hacking Government Information Security Cybersecurity 77

The Last Watchdog

JUNE 21, 2020

The infamous Locky ransomware was first spotted in the wild in February 2016. CryptXXX, another major family discovered in April 2016 and later rebranded as UltraCrypter, relied on exploit kits that used software vulnerabilities to infiltrate systems. The first viable Mac ransomware called KeRanger was spotted in the spring of 2016.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

Security Affairs

JUNE 21, 2023

Russia-linked APT28 group hacked into Roundcube email servers belonging to multiple Ukrainian organizations. The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Hacking 98

Hacking Government Phishing Malware 98

Security Affairs

JUNE 30, 2024

Russia-linked APT group, reportedly APT29, is suspected to be behind a hack of TeamViewer ‘s corporate network. The popular Ars Technica reporter Dan Goodin reported that an alert issued by security firm NCC Group reports a “significant compromise of the TeamViewer remote access and support platform by an APT group.”

Accountability 142

Accountability Hacking Architecture Malware 142

Security Affairs

SEPTEMBER 22, 2021

. “ “This permits an attacker to gain full control of device with an unrestricted root shell, which is far more access than even the owner of the device has as they are restricted to a limited “protected shell” (psh) which filters input to a predefined set of limited, mostly informational commands.” Pierluigi Paganini.

Hacking 133

Hacking Firmware IoT Internet 133

Security Affairs

MARCH 29, 2020

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware , is up for sale on two Russian-language hacking forums. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware 143

Ransomware Hacking Advertising Malware 143

Security Affairs

DECEMBER 4, 2021

The Hancitor downloader has been active since at least 2016 for dropping Pony and Vawtrak. SecurityAffairs – hacking, ransomware). The post Cuba ransomware gang hacked 49 US critical infrastructure organizations appeared first on Security Affairs. The alert includes indicators of compromise and mitigations.

Ransomware 145

Ransomware Hacking Malware Encryption 145

Security Affairs

JUNE 17, 2020

A CIA elite hacking unit that developed cyber-weapons failed in protecting its operations, states an internal report on the Vault 7 data leak. In March, Joshua Schulte , a former CIA software engineer that was accused of stealing the agency’s hacking tools and leaking them to WikiLeaks, was convicted of only minor charges.

Hacking 144

Hacking Engineering Data breaches Advertising 144

Security Affairs

OCTOBER 31, 2019

Two hackers have pleaded guilty to hacking Uber and LinkedIn’s Lynda.com service in 2016 and attempted to extort money from the two companies. Brandon Charles Glover and Vasile Mereacre are two hackers that have pleaded guilty to hacking Uber and LinkedIn’s Lynda.com service in 2016. Pierluigi Paganini.

Data breaches 98

Data breaches Hacking Advertising Accountability 98

Security Affairs

JULY 11, 2020

A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces. The Russian criminal was arrested in Prague in October 2016 in an international joint operation with the FBI. SecurityAffairs – hacking, cybercrime).

Hacking 118

Hacking Cybercrime Data breaches Advertising 118

Security Affairs

OCTOBER 22, 2020

The Council of the European Union announced sanctions imposed on Russian military intelligence officers for 2015 Bundestag hack. The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Hacking 117

Hacking Cyber Attacks Identity Theft Government 117

Security Affairs

DECEMBER 24, 2020

91541, 91534 CVE-2014-1812 05/13/2014 Microsoft Windows Group Policy Preferences Password Elevation of Privilege Vulnerability (KB2962486) 9 91148, 90951 CVE-2020-0688 02/11/2020 Microsoft Exchange Server Security Update for February 2020 8.8 50098 CVE-2016-0167 04/12/2016 Microsoft Windows Graphics Component Security Update (MS16-039) 7.8

Hacking 126

Hacking Cyber Attacks Passwords Software 126

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. ” In 2016, Deniskloster.com featured a post celebrating three years in operation.

Advertising 291

Advertising Cybercrime System Administration Hacking 291

Security Affairs

APRIL 13, 2021

The Swedish Sports Confederation is the umbrella organisation of the Swedish sports movement, it was hacked by Russian military intelligence in a campaign conducted between December 2017 and May 2018, officials said. If you want to receive the weekly Security Affairs Newsletter for free subscribe here. Pierluigi Paganini.

Hacking 97

Hacking Media Government Information Security 97

Security Affairs

AUGUST 23, 2022

“This permits an attacker to gain full control of device with an unrestricted root shell, which is far more access than even the owner of the device has as they are restricted to a limited “protected shell” (psh) which filters input to a predefined set of limited, mostly informational commands.”. SecurityAffairs – hacking, Hikvision).

Hacking 126

Hacking Firmware Internet Internet 126

Security Affairs

MAY 25, 2022

Some of the flaws added to the catalog in this turn are dated back to 2016, such as the issues affecting Apple ( CVE-2016-4655 , CVE-2016-4656 , CVE-2016-4657 ), Microsoft ( CVE-2016-0162 , CVE-2016-3351 , CVE-2016-3298 ) and Cisco Devices ( CVE-2016-6366 , CVE-2016-6367 ).

Software 145

Software Hacking Cybersecurity Risk 145

Security Affairs

MARCH 30, 2024

The German Federal Office for Information Security (BSI) warned of thousands of Microsoft Exchange servers in the country vulnerable to critical flaws. According to current findings from the BSI , around twelve percent of them are so outdated that security updates are no longer offered for them.

Information Security 140

Information Security Internet Internet Healthcare 140

Security Affairs

MAY 25, 2020

Some of the databases are dated as 2016, but data starts from March 28, 2020. Most of the listed databases are from online stores in Germany, others e-store hacked by threat actors are from Brazil, the U.S., The hacked stores were running Shopware, JTL-Shop, PrestaShop, OpenCart, Magento v1 and v2 e-commerce CMSs.

Hacking 135

Hacking Advertising Authentication Passwords 135

Security Affairs

SEPTEMBER 10, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS, ImageMagick and Linux Kernel vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. Pierluigi Paganini Follow me on Twitter: @securityaffairs and Facebook and Mastodon ( SecurityAffairs – hacking, CISA )

Hacking 127

Hacking Cybersecurity Software Risk 127

Security Affairs

APRIL 22, 2024

The threat actors shared a portion of the stolen data with TechCrunch as proof of the hack, it includes records on current and former government officials, diplomats, and politically exposed people. In June 2016, security researcher Chris Vickery found a copy of the World-Check database dated 2014 that was accidentally exposed online.

Risk 140

Risk Spyware Hacking Accountability 140

Security Affairs

NOVEMBER 12, 2024

Its name comes from the 2016 merger of two companies: Ahold (Dutch) and Delhaize Group (Belgian), which both have origins in the 1800s. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, cyber attack)

eCommerce 119

eCommerce Cyber Attacks Retail Hacking 119

Security Affairs

AUGUST 16, 2024

Between July 2016 and May 2021, Kavzharadze listed over 626,100 stolen login credentials on Slilpp and sold more than 297,300 of them. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Russian national Georgy Kavzharadze) in restitution.

Banking 127

Banking Accountability Retail Mobile 127

Security Affairs

JUNE 27, 2019

Krebs speculates that intruders could be the same that hacked the Indian IT outsourcing giant Wipro Ltd. According to RiskIQ, the group that hacked Wipro has been active since at least 2016, it was focused on targeting gift card providers. SecurityAffairs – PCM, hacking). hacked appeared first on Security Affairs.

Hacking 111

Hacking Advertising Accountability Data breaches 111

Security Affairs

JULY 23, 2020

depending on the Windows version), SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 , SharePoint Server 2010 Service Pack 2, SharePoint Server 2019, Visual Studio 2017 version 15.9, SecurityAffairs – hacking, CVE-2020-1147). The CVE-2020-1147 vulnerability impacts.NET Core 2.1,NET NET Framework 2.0

Hacking 137

Hacking Advertising Software Information Security 137

Security Affairs

AUGUST 9, 2020

Paige Thompson is a transgender woman suspected to be the hacker behind the Capital One hack and attacks on 30 other organizations, in August 2019 he has been indicted on wire fraud and computer fraud. SecurityAffairs – hacking, Capital One). Thompson (33). Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking 104

Hacking Banking Data breaches Advertising 104

Security Affairs

DECEMBER 8, 2020

The cyber security giant FireEye announced that it was hacked by nation-state actors, likely Russian state-sponsored hackers. The company made the headlines because it was the victim of a hack, and experts blame Russia-linked hackers for the attack. launched an investigation into the hack. Pierluigi Paganini.

Hacking 106

Hacking Cybersecurity Penetration Testing Cyber threats 106