2016, Hacking and Information Security - Cyber Security Informer

Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison

Security Affairs

NOVEMBER 15, 2024

Bitfinex hacker, Ilya Lichtenstein , who stole 1 billion worth of Bitcoins from Bitfinex in 2016, has been sentenced to five years in prison. Billion in stolen cryptocurrency stolen during the 2016 hack of Bitfinex. billion in cryptocurrency (roughly 95,000 of the stolen crypto assets) linked to that hack.

Cryptocurrency

Cryptocurrency Hacking Government Accountability

Cyber thieves move $760 million stolen in the 2016 Bitfinex heist

Security Affairs

APRIL 15, 2021

Over $760 million worth of Bitcoin that were stolen from cryptocurrency exchange Bitfinex in 2016 were moved to new accounts. More than $760 million worth of Bitcoin, stolen from Asian cryptocurrency exchange Bitfinex in 2016 , were moved on Wednesday to new accounts. SecurityAffairs – hacking, bitcoin). Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Hacking Accountability Marketing

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The infamous Locky ransomware was first spotted in the wild in February 2016. CryptXXX, another major family discovered in April 2016 and later rebranded as UltraCrypter, relied on exploit kits that used software vulnerabilities to infiltrate systems. The first viable Mac ransomware called KeRanger was spotted in the spring of 2016.

Ransomware

Ransomware Hacking Encryption Penetration Testing

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Security Affairs

NOVEMBER 24, 2024

PopeyeTools was a dark web marketplace specializing in selling stolen credit cards and cybercrime tools, facilitating fraud and illicit online activities since 2016. Stolen information offered for sale on the carding website included bank account, credit card, and debit card numbers and associated information for conducting transactions.

Cybercrime

Cybercrime Cryptocurrency Banking Accountability

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

last week said they dismantled the “ RSOCKS ” botnet, a collection of millions of hacked devices that were sold as “proxies” to cybercriminals looking for ways to route their malicious traffic through someone else’s computer. ” In 2016, Deniskloster.com featured a post celebrating three years in operation.

Advertising

Advertising Cybercrime System Administration Hacking

Telco service provider giant Syniverse had unauthorized access since 2016

Security Affairs

OCTOBER 5, 2021

Syniverse service provider discloses a security breach, threat actors have had access to its databases since 2016 and gained some customers’ credentials. The company is a privileged target for threat actors that could hit the firm to access their customers’ information. SecurityAffairs – hacking, cyberespionage).

Mobile

Mobile Telecommunications Business Services Cybersecurity

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals. In 2019, a Canadian company called Defiant Tech Inc.

Hacking

Hacking Accountability Data breaches Marketing

International Civil Aviation Organization (ICAO) and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists

Security Affairs

FEBRUARY 5, 2025

In the updated statement published by ICAO, the agency said it is actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations. ” reads the statement published by the International Civil Aviation Organization.

Data breaches

Data breaches Information Security Hacking Marketing

Uber hacked, internal systems and confidential documents were allegedly compromised

Security Affairs

SEPTEMBER 16, 2022

According to the New York Times , the threat actors hacked an employee’s Slack account and used it to inform internal personnel that the company had “suffered a data breach” and provided a list of allegedly hacked internal databases. “I SecurityAffairs – hacking, Uber). states the message.

Hacking

Hacking Data breaches Information Security Engineering

New Triada Trojan comes preinstalled on Android devices

Security Affairs

APRIL 2, 2025

In March 2018, security researchers at Antivirus firmDr.Web discovered that 42 models of low-cost Android smartphones were shipped with the Android.Triada.231 The Triada Trojan was spotted for the first time in 2016 by researchers at Kaspersky Lab who considered it the most advanced mobile threat seen to the date of the discovery.

Malware

Malware Cryptocurrency Mobile Firmware

Ahold Delhaize experienced a cyber incident affecting several of its U.S. brands

Security Affairs

NOVEMBER 12, 2024

Its name comes from the 2016 merger of two companies: Ahold (Dutch) and Delhaize Group (Belgian), which both have origins in the 1800s. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, cyber attack)

eCommerce

eCommerce Cyber Attacks Retail Hacking

Personal health information of 42M Americans leaked between 2016 and 2021

Security Affairs

DECEMBER 31, 2022

Crooks have had access to the medical records of 42 million Americans since 2016 as the number of hacks on healthcare organizations doubled. Medical records of 42 million Americans are being sold on the dark web since 2016, this information comes from cyberattacks on healthcare providers. million in 2016 to close to 16.5

Healthcare

Healthcare Ransomware Backups Hacking

Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016

Security Affairs

AUGUST 4, 2023

A married couple from New York pleaded guilty this week to laundering billions of dollars stolen from Bitfinex in 2016. The couple pleaded guilty to money laundering charges in connection with the hack of the cryptocurrency stock exchange Bitfinex that took place in 2016. Law enforcement also seized over $3.6

Cryptocurrency

Cryptocurrency Hacking Accountability Banking

Esperts found new DoNot Team APT group’s Android malware

Security Affairs

JANUARY 20, 2025

The Donot Team (aka APT-C-35 and Origami Elephant) has been active since 2016, it focuses ongovernment and military organizations, ministries of foreign affairs, and embassies in India, Pakistan, Sri Lanka, Bangladesh, and other South Asian countries.

Malware

Malware Cyber Attacks Mobile Phishing

U.S. CISA adds Adobe ColdFusion and Oracle Agile PLM flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

FEBRUARY 25, 2025

is a Java deserialization vulnerability in the Apache BlazeDS library in Adobe ColdFusion 2016 Update 3 and earlier, ColdFusion 11 update 11 and earlier, ColdFusion 10 Update 22 and earlier. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, CISA )

Hacking

Hacking Cybersecurity Risk Cybercrime

Source code of Dharma ransomware now surfacing on public hacking forums

Security Affairs

MARCH 29, 2020

The source code of the infamous Dharma ransomware is now available for sale on two Russian-language hacking forums. The source code of one of the most profitable ransomware families, the Dharma ransomware , is up for sale on two Russian-language hacking forums. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Hacking Advertising Malware

CIA elite hacking unit was not able to protect its tools and cyber weapons

Security Affairs

JUNE 17, 2020

A CIA elite hacking unit that developed cyber-weapons failed in protecting its operations, states an internal report on the Vault 7 data leak. In March, Joshua Schulte , a former CIA software engineer that was accused of stealing the agency’s hacking tools and leaking them to WikiLeaks, was convicted of only minor charges.

Hacking

Hacking Engineering Data breaches Advertising

Microsoft Patch Tuesday security updates for March 2025 fix six actively exploited zero-days

Security Affairs

MARCH 12, 2025

but also affects Windows 10 (build 1809 and earlier) and Server 2016. 1/4 pic.twitter.com/qCOgYiltfs — ESET Research (@ESETresearch) March 11, 2025 The full list of vulnerabilities addressed by Microsoft Patch Tuesday security updates for March 2025 is available here.

DNS

DNS Hacking Information Security

Taiwan Government faces 5 Million hacking attempts daily

Security Affairs

NOVEMBER 10, 2021

Around five million cyber attacks hit Taiwan’s government agencies every day, and most of the hacking attempts are originated from China. Cyber security department director Chien Hung-wei told parliament representatives that government infrastructure faces “five million attacks and scans a day” . Pierluigi Paganini.

Government

Government Hacking Cyber Attacks Information Security

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Security Affairs

FEBRUARY 6, 2025

In the updated statement published by ICAO, the agency said it is actively investigating reports of a potential information security incident allegedly linked to a threat actor known for targeting international organizations.

Cybercrime

Cybercrime Government Data breaches Information Security

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Security Affairs

DECEMBER 4, 2021

The Hancitor downloader has been active since at least 2016 for dropping Pony and Vawtrak. SecurityAffairs – hacking, ransomware). The post Cuba ransomware gang hacked 49 US critical infrastructure organizations appeared first on Security Affairs. The alert includes indicators of compromise and mitigations.

Ransomware

Ransomware Hacking Malware Encryption

U.S. authorities charged an Iranian national for long-running hacking campaign

Security Affairs

MARCH 2, 2024

Department of Justice (DoJ) charged Iranian national Alireza Shafie Nasab (39) for multi-year hacking campaign targeting U.S. According to DoJ, from at least in or about 2016 through or about April 2021, Nasab and other co-conspirators carried out a coordinated multi-year campaign to breach computers worldwide. ” concludes DoJ.

Hacking

Hacking Identity Theft Social Engineering Accountability

Crooks are reviving the Grandoreiro banking trojan

Security Affairs

MARCH 28, 2025

The Trojan has been active since 2016, it initially targeted Brazil but expanded to Mexico, Portugal, and Spain since 2020. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,malware) ” concludes the report that includes Indicators of compromise (IoCs).

Banking

Banking Phishing Malware Passwords

TrickGate, a packer used by malware to evade detection since 2016

Security Affairs

JANUARY 31, 2023

TrickGate is a shellcode-based packer offered as a service, which is used at least since July 2016, to hide malware from defense programs. TrickGate is a shellcode-based packer offered as a service to malware authors to avoid detection, CheckPoint researchers reported.

Malware

Malware Antivirus Manufacturing Healthcare

Crooks hacked e-shops and threaten to sell SQL databases if ransom not paid

Security Affairs

MAY 25, 2020

Some of the databases are dated as 2016, but data starts from March 28, 2020. Most of the listed databases are from online stores in Germany, others e-store hacked by threat actors are from Brazil, the U.S., The hacked stores were running Shopware, JTL-Shop, PrestaShop, OpenCart, Magento v1 and v2 e-commerce CMSs.

Hacking

Hacking Advertising Passwords Authentication

Hikvision cameras could be remotely hacked due to critical flaw

Security Affairs

SEPTEMBER 22, 2021

. “ “This permits an attacker to gain full control of device with an unrestricted root shell, which is far more access than even the owner of the device has as they are restricted to a limited “protected shell” (psh) which filters input to a predefined set of limited, mostly informational commands.” Pierluigi Paganini.

Hacking

Hacking Firmware IoT Internet

Millions of devices could be hacked exploiting flaws targeted by tools stolen from FireEye

Security Affairs

DECEMBER 24, 2020

91541, 91534 CVE-2014-1812 05/13/2014 Microsoft Windows Group Policy Preferences Password Elevation of Privilege Vulnerability (KB2962486) 9 91148, 90951 CVE-2020-0688 02/11/2020 Microsoft Exchange Server Security Update for February 2020 8.8 50098 CVE-2016-0167 04/12/2016 Microsoft Windows Graphics Component Security Update (MS16-039) 7.8

Hacking

Hacking Cyber Attacks Passwords Software

PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack

Security Affairs

JULY 23, 2020

depending on the Windows version), SharePoint Enterprise Server 2013 Service Pack 1, SharePoint Enterprise Server 2016 , SharePoint Server 2010 Service Pack 2, SharePoint Server 2019, Visual Studio 2017 version 15.9, SecurityAffairs – hacking, CVE-2020-1147). The CVE-2020-1147 vulnerability impacts.NET Core 2.1,NET NET Framework 2.0

Hacking

Hacking Advertising Software Information Security

DoD Announces Third 'Hack the Pentagon' Bug Bounty Program

SecureWorld News

JANUARY 18, 2023

Department of Defense (DoD) is turning to the private sector to bolster its cyber defenses with the launch of the third iteration of its "Hack the Pentagon" bug bounty program. The third installment of the "Hack the Pentagon" bug bounty program comes almost five years after the second one, which was unveiled in April 2018.

Hacking

Hacking Government Information Security Cybersecurity

CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog

Security Affairs

MAY 25, 2022

Some of the flaws added to the catalog in this turn are dated back to 2016, such as the issues affecting Apple ( CVE-2016-4655 , CVE-2016-4656 , CVE-2016-4657 ), Microsoft ( CVE-2016-0162 , CVE-2016-3351 , CVE-2016-3298 ) and Cisco Devices ( CVE-2016-6366 , CVE-2016-6367 ).

Software

Software Hacking Cybersecurity Risk

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Krebs on Security

JANUARY 24, 2023

First advertised in the cybercrime underground in 2014, RSOCKS was the web-based storefront for hacked computers that were sold as “proxies” to cybercriminals looking for ways to route their Web traffic through someone else’s device. “Thanks to you, we are now developing in the field of information security and anonymity!,”

Cybercrime

Cybercrime Advertising IoT Malware

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Security Affairs

JANUARY 25, 2020

Chinese hackers have exploited a zero-day vulnerability the Trend Micro OfficeScan antivirus in the recently disclosed hack of Mitsubishi Electric. This week, Mitsubishi Electric disclosed a security breach that might have exposed personal and confidential corporate data. SecurityAffairs – Mitsubishi Electric, hacking).

Antivirus

Antivirus Hacking Advertising Media

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Security Affairs

AUGUST 16, 2024

The app has been present since August 2016 [ 1 , 2 ], but there is no evidence that this vulnerability has been exploited in the wild. ” Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, Android)

Hacking

Hacking Firmware Mobile Penetration Testing

Ukrainian Cyber Alliance destroyed the connectivity of Russian ISP Nodex

Security Affairs

JANUARY 9, 2025

Ukrainian Cyber Alliance hacked Russian ISP Nodex, stole sensitive data, and wiped systems, highlighting their cyberattack capabilities. The Ukrainian Cyber Alliance has been active since 2016, the Pro-Ukraine group has targeted Russian entities since the invasion of Ukraine. ” reported The Record Media.

Backups

Backups Internet Internet Hacking

Former Uber CISO Faces Prison Time For Mishandling Cyberattack: Justice, Scapegoating, or Both?

Joseph Steinberg

OCTOBER 6, 2022

A jury yesterday found former Uber security chief Joe Sullivan guilty of covering up a massive data breach; the conviction makes Sullivan likely to become the first executive to face prison time over the mishandling of a cyberattack. Serving as a Chief Information Security Officer is a daunting task. 0001% get through.

CISO

CISO Artificial Intelligence Data breaches Cybersecurity

Over 80,000 Hikvision cameras can be easily hacked

Security Affairs

AUGUST 23, 2022

“This permits an attacker to gain full control of device with an unrestricted root shell, which is far more access than even the owner of the device has as they are restricted to a limited “protected shell” (psh) which filters input to a predefined set of limited, mostly informational commands.”. SecurityAffairs – hacking, Hikvision).

Hacking

Hacking Firmware Internet Internet

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

Security Affairs

MARCH 13, 2025

Kaspersky first documented the operations of the group in 2016. “In addition to its ties to APT37, this KoSpy campaign also has ties to infrastructure used by APT43 – another North Korean hacking group. Lookout researchers attributed the spyware to the ScarCruft group with medium confidence. ” concludes the report.

Spyware

Spyware Surveillance Encryption Malware

Russia-linked group APT29 likely breached TeamViewer’s corporate network

Security Affairs

JUNE 30, 2024

Russia-linked APT group, reportedly APT29, is suspected to be behind a hack of TeamViewer ‘s corporate network. The popular Ars Technica reporter Dan Goodin reported that an alert issued by security firm NCC Group reports a “significant compromise of the TeamViewer remote access and support platform by an APT group.”

Accountability

Accountability Hacking Architecture Malware

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Security Affairs

FEBRUARY 13, 2020

. “To make sure that your Exchange organization is better protected against the latest threats (for example Emotet, TrickBot or WannaCry to name a few) we recommend disabling SMBv1 if it’s enabled on your Exchange (2013/2016/2019) server.” Please see this KB for more information. ” continues Microsoft.

Authentication

Authentication Malware Advertising Hacking

Microsoft rolled out emergency updates to fix Windows Server auth failures

Security Affairs

NOVEMBER 15, 2021

These issues impacts Windows Server 2019 and lower versions, including Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2. SecurityAffairs – hacking, Operation Cyclone). Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Authentication

Authentication Hacking Information Security

US agencies offer $2M in reward for Ukrainian hackers that breached the SEC

Security Affairs

JULY 22, 2020

The US State Department and Secret Service offered $2 million in reward money for help capturing two Ukrainian hackers that have been charged with hacking and selling insider corporate data stolen from the Securities and Exchange Commission. At the time, hackers were focused on non-public information stored in its EDGAR filing system.

Advertising

Advertising Hacking Government Cyber Attacks

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Security Affairs

JUNE 21, 2023

Russia-linked APT28 group hacked into Roundcube email servers belonging to multiple Ukrainian organizations. The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide.

Hacking

Hacking Government Phishing Malware

Google expert detailed a 5-Year-Old flaw in Apple Safari exploited in the wild

Security Affairs

JUNE 20, 2022

The vulnerability, tracked as CVE-2022-22620 , was fixed for the first time in 2013, but in 2016 experts discovered a way to bypass the fix. CVE-2022-22620 was initially fixed in 2013, reintroduced in 2016, and then disclosed as exploited in-the-wild in 2022.” Its fix was just regressed in 2016 during refactoring.

Hacking

Hacking Software Cybersecurity Data breaches

Microsoft to notify Office 365 users of nation-state attacks

Security Affairs

FEBRUARY 8, 2021

Since 2016 , Microsoft has been alerting users of nation-state activity, now the IT giant added the same service to the Defender for Office 365 dashboard. The new security alert will notify companies when their employees are being targeted by state-sponsored attacks. SecurityAffairs – hacking, nation-state hacking).

System Administration

System Administration Hacking Cyber threats Accountability

Bitfinex hacker Ilya Lichtenstein was sentenced to 5 years in prison

Cyber thieves move $760 million stolen in the 2016 Bitfinex heist

Trending Sources

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

DoJ seized credit card marketplace PopeyeTools and charges its administrators

Meet the Administrators of the RSOCKS Proxy Botnet

Telco service provider giant Syniverse had unauthorized access since 2016

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

International Civil Aviation Organization (ICAO) and ACAO Breached: Cyberespionage Groups Targeting Aviation Safety Specialists

Uber hacked, internal systems and confidential documents were allegedly compromised

New Triada Trojan comes preinstalled on Android devices

Ahold Delhaize experienced a cyber incident affecting several of its U.S. brands

Personal health information of 42M Americans leaked between 2016 and 2021

Married couple pleaded guilty to laundering billions in cryptocurrency stolen from Bitfinex in 2016

Esperts found new DoNot Team APT group’s Android malware

U.S. CISA adds Adobe ColdFusion and Oracle Agile PLM flaws to its Known Exploited Vulnerabilities catalog

Source code of Dharma ransomware now surfacing on public hacking forums

CIA elite hacking unit was not able to protect its tools and cyber weapons

Microsoft Patch Tuesday security updates for March 2025 fix six actively exploited zero-days

Taiwan Government faces 5 Million hacking attempts daily

Notorious hacker behind 40+ cyberattacks on strategic organizations arrested

Cuba ransomware gang hacked 49 US critical infrastructure organizations

U.S. authorities charged an Iranian national for long-running hacking campaign

Crooks are reviving the Grandoreiro banking trojan

TrickGate, a packer used by malware to evade detection since 2016

Crooks hacked e-shops and threaten to sell SQL databases if ransom not paid

Hikvision cameras could be remotely hacked due to critical flaw

Millions of devices could be hacked exploiting flaws targeted by tools stolen from FireEye

PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack

DoD Announces Third 'Hack the Pentagon' Bug Bounty Program

CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog

Administrator of RSOCKS Proxy Botnet Pleads Guilty

Chinese hackers exploited a Trend Micro antivirus zero-day used in Mitsubishi Electric hack

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Ukrainian Cyber Alliance destroyed the connectivity of Russian ISP Nodex

Former Uber CISO Faces Prison Time For Mishandling Cyberattack: Justice, Scapegoating, or Both?

Over 80,000 Hikvision cameras can be easily hacked

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

Russia-linked group APT29 likely breached TeamViewer’s corporate network

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Microsoft rolled out emergency updates to fix Windows Server auth failures

US agencies offer $2M in reward for Ukrainian hackers that breached the SEC

Russia-linked APT28 hacked Roundcube email servers of Ukrainian entities

Google expert detailed a 5-Year-Old flaw in Apple Safari exploited in the wild

Microsoft to notify Office 365 users of nation-state attacks

Stay Connected