Security Affairs

NOVEMBER 12, 2024

Its name comes from the 2016 merger of two companies: Ahold (Dutch) and Delhaize Group (Belgian), which both have origins in the 1800s. Ahold Delhaize is a Dutch-Belgian multinational retail and wholesale holding company.

eCommerce

Security Affairs

JANUARY 20, 2025

The Donot Team (aka APT-C-35 and Origami Elephant) has been active since 2016, it focuses ongovernment and military organizations, ministries of foreign affairs, and embassies in India, Pakistan, Sri Lanka, Bangladesh, and other South Asian countries.

Malware

Security Affairs

OCTOBER 15, 2024

The experts reported that the ATP group has been using this malware at least since 2016 to siphon millions of dollars from ATMs of small and midsize banks in Asia and Africa. In November 2018, Symantec first discovered the FastCash Trojan , which was used by the North Korea-linked APT group Lazarus in a series of attacks against ATMs.

Malware

Security Affairs

FEBRUARY 6, 2025

.” The International Civil Aviation Organization (ICAO) is investigating a significant data breach that has raised concerns about the security of its systems and employees data.

Cybercrime

Security Affairs

MARCH 12, 2025

but also affects Windows 10 (build 1809 and earlier) and Server 2016. 1/4 pic.twitter.com/qCOgYiltfs — ESET Research (@ESETresearch) March 11, 2025 The full list of vulnerabilities addressed by Microsoft Patch Tuesday security updates for March 2025 is available here.

DNS

Security Affairs

APRIL 30, 2025

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Government

Security Affairs

DECEMBER 12, 2024

The IP address of one of the C2 servers used by the surveillance tool has been linked to Wuhan Chinasoft Token Information Technology Co., a Chinese tech company founded in 2016 with fewer than 50 employees.

Surveillance

Security Affairs

OCTOBER 30, 2024

The Midnight Blizzard group along with APT28 cyber espionage group was involved in the Democratic National Committee hack and the wave of attacks aimed at the 2016 US Presidential Elections. The group is known for the SolarWinds supply chain attack that in 2020 hit more than 18,000 customer organizations, including Microsoft.

Phishing

Security Affairs

MAY 15, 2025

The Rydox marketplace has been active since February 2016, it facilitated over 7,600 sales of stolen PII, access devices, and cybercrime tools, generating $230,000 since 2016. It offered over 321,000 products to 18,000 users, including names, social security numbers, and hacking tools. Thousands of U.S. victims were affected.

Cybercrime

Security Affairs

MARCH 28, 2025

The Trojan has been active since 2016, it initially targeted Brazil but expanded to Mexico, Portugal, and Spain since 2020. Grandoreiro Banking Trojan resurfaces, targeting users in Latin America and Europe in new phishing campaigns.

Banking

Security Affairs

JANUARY 9, 2025

The Ukrainian Cyber Alliance has been active since 2016, the Pro-Ukraine group has targeted Russian entities since the invasion of Ukraine. The group published a series of screenshots as proof of the security breach. The images include the consoles of the Veeam backup and Hewlett Packard Enterprise server.

Backups

Security Affairs

MAY 21, 2025

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Technology

Security Affairs

MARCH 12, 2025

but also affects Windows 10 (build 1809 and earlier) and Server 2016. The exploit, linked to the PipeMagic backdoor , has targeted unsupported Windows versions like Server 2012 R2 and 8.1

Hacking

Security Affairs

JUNE 30, 2025

Its name comes from the 2016 merger of two companies: Ahold (Dutch) and Delhaize Group (Belgian), which both have origins in the 1800s. A ransomware attack on Dutch grocery giant Ahold Delhaize has led to a data breach affecting over 2.2 million people. Ahold Delhaize is a Dutch-Belgian multinational retail and wholesale holding company.

Data breaches

Security Affairs

MARCH 13, 2025

Kaspersky first documented the operations of the group in 2016. ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users.

Spyware

Security Affairs

AUGUST 7, 2025

Microsoft address the vulnerability in Exchange Server 2016, 2019 and Subscription Edition RTM. ” Dirk-jan Mollema, researchers with Outsider Security , reported the vulnerability. ” reads the advisory.

Cyber threats

Security Affairs

JULY 9, 2025

The Donot Team ( also known as APT-C-35 and Origami Elephant) has been active since 2016, focusing on government entities, foreign ministries, defense organizations, and NGOs in South Asia and Europe. DoNot APT uses custom Windows malware via phishing for espionage, enabling long-term access and data theft.

Malware

Security Affairs

FEBRUARY 10, 2025

The Midnight Blizzard group (aka APT29 , SVR group , Cozy Bear , Nobelium , BlueBravo , and The Dukes ) along with APT28 cyber espionage group was involved in the Democratic National Committee hack and the wave of attacks aimed at the 2016 US Presidential Elections.

Accountability

Security Affairs

JULY 22, 2025

Apply latest security updates for supported SharePoint versions (2016, 2019, Subscription Edition) immediately. Microsoft provides the following mitigations for CVE-2025-53770/53771: After patching or enabling AMSI, rotate ASP.NET machine keys and restart IIS on all servers using PowerShell or Central Admin.

Antivirus

SecureWorld News

JULY 23, 2025

Microsoft confirmed the vulnerabilities in a follow-up report published July 22nd, and released emergency patches covering the flaws across SharePoint Server Subscription Edition 2019 and 2016. But by then, the damage was well underway.

Software

Security Affairs

AUGUST 4, 2025

The threat actor also showed overlap with groups like Light Basin , UNC3886 , UNC2891 , and UNC1945 , using a mix of custom and public tools such as Microsocks, FRP, FScan, and Responder, as well as exploits for known vulnerabilities like CVE-2016-5195 , CVE-2021-4034 , and CVE-2021-3156.

DNS

Security Affairs

JANUARY 21, 2025

A former CIA analyst, Asif William Rahman, pleaded guilty to leaking top-secret National Defense Information on social media in 2024. Asif William Rahman, a former CIA analyst with Top-Secret clearance since 2016, pleaded guilty to leaking classified information on social media in October 2024.

Media

Security Affairs

MARCH 16, 2025

The cyberespionage group has been active since at least 2016, according to the CrowdStrike researchers it is using a very sophisticated toolset. LightBasin targeted and compromised mobile telephone networks around the globe and used specialized tools to access calling records and text messages from telecommunications companies.

Telecommunications

Security Affairs

FEBRUARY 12, 2025

French authorities accused Vinnik of defrauding more than 100 people in six French cities between 2016 and 2018. French prosecutors believe Vinnik was one of the authors of the Locky ransomware that was also employed in attacks on French businesses and organizations between 2016 and 2018.

Cryptocurrency

Security Affairs

JULY 22, 2025

The IT giant issued emergency patches for SharePoint Subscription Edition and 2019, with 2016 updates pending. On July 19, Microsoft confirmed active exploitation of a zero-day vulnerability, tracked as CVE-2025-53770 in on-prem SharePoint Servers. Microsoft urges customers to immediately patch the vulnerability.

Authentication

Zero Day

JULY 23, 2025

Responding to the exploits, the software giant has issued fixes for SharePoint Server Subscription Edition and SharePoint Server 2019, but is still working on a patch for SharePoint Server 2016. Install security software such as Microsoft Defender for Endpoint. For now, users of SharePoint 2016 are still vulnerable to the exploit.

Software

Security Affairs

APRIL 15, 2021

Over $760 million worth of Bitcoin that were stolen from cryptocurrency exchange Bitfinex in 2016 were moved to new accounts. More than $760 million worth of Bitcoin, stolen from Asian cryptocurrency exchange Bitfinex in 2016 , were moved on Wednesday to new accounts. No exchange will process them. Pierluigi Paganini.

Cryptocurrency

Security Affairs

OCTOBER 5, 2021

Syniverse service provider discloses a security breach, threat actors have had access to its databases since 2016 and gained some customers’ credentials. The company is a privileged target for threat actors that could hit the firm to access their customers’ information. ” states Motherboard. Pierluigi Paganini.

Mobile

Joseph Steinberg

NOVEMBER 17, 2021

He is also the inventor of several information-security technologies widely used today; his work is cited in over 500 published patents. His opinions are also frequently cited in books, law journals, security publications, and general interest periodicals. ” About Sepio Systems.

Cybersecurity

Krebs on Security

JUNE 22, 2022

The user “RSOCKS” on the Russian crime forum Verified changed his name to RSOCKS from a previous handle: “ Stanx ,” whose very first sales thread on Verified in 2016 quickly ran afoul of the forum’s rules and prompted a public chastisement by the forum’s administrator. ” the post enthuses.

Advertising

Security Affairs

DECEMBER 31, 2022

Crooks have had access to the medical records of 42 million Americans since 2016 as the number of hacks on healthcare organizations doubled. Medical records of 42 million Americans are being sold on the dark web since 2016, this information comes from cyberattacks on healthcare providers. million in 2016 to close to 16.5

Healthcare

Security Affairs

AUGUST 4, 2023

A married couple from New York pleaded guilty this week to laundering billions of dollars stolen from Bitfinex in 2016. The couple pleaded guilty to money laundering charges in connection with the hack of the cryptocurrency stock exchange Bitfinex that took place in 2016. Law enforcement also seized over $3.6

Cryptocurrency

Security Affairs

JANUARY 31, 2023

TrickGate is a shellcode-based packer offered as a service, which is used at least since July 2016, to hide malware from defense programs. TrickGate is a shellcode-based packer offered as a service to malware authors to avoid detection, CheckPoint researchers reported.

Malware

Krebs on Security

JUNE 8, 2021

CVE-2021-31959 affects everything from Windows 7 through Windows 10 and Server versions 2008 , 2012 , 2016 and 2019. .” Microsoft also patched five critical bugs — flaws that can be remotely exploited to seize control over the targeted Windows computer without any help from users.

Backups

Security Affairs

MAY 25, 2022

Some of the flaws added to the catalog in this turn are dated back to 2016, such as the issues affecting Apple ( CVE-2016-4655 , CVE-2016-4656 , CVE-2016-4657 ), Microsoft ( CVE-2016-0162 , CVE-2016-3351 , CVE-2016-3298 ) and Cisco Devices ( CVE-2016-6366 , CVE-2016-6367 ).

Software

Krebs on Security

JANUARY 24, 2023

The blog featured musings on the challenges of running a company that sells “security and anonymity services to customers around the world,” and even included a group photo of RSOCKS employees. “Thanks to you, we are now developing in the field of information security and anonymity!,” RSOCKS, circa 2016.

Cybercrime

Troy Hunt

NOVEMBER 22, 2019

i speak at conferences around the world and run workshops on how to build more secure software within organisations. i'm a pluralsight author, microsoft regional director and most valued professional (mvp) specialising in online security and cloud development.

Data breaches