Schneier on Security

AUGUST 8, 2022

In 2017, NIST received eighty-two post-quantum algorithm submissions from all over the world. Fun fact: Those three algorithms were broken by the Center of Encryption and Information Security, part of the Israeli Defense Force. Then, with input from the cryptographic community, NIST crowns a winner.

Encryption 358

Encryption Architecture Engineering Information Security 358

Security Affairs

AUGUST 17, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) has published an alert to provide technical details on a new wave of attacks delivering the KONNI remote access Trojan (RAT). The KONNI malware also employed in at least two campaigns in 2017.

Phishing 142

Phishing Malware Advertising Architecture 142

Security Affairs

AUGUST 13, 2021

The news was first reported by TheRecord website, the master decryption keys work for victims that were infected between July 2017 and early 2021. “The keys have been verified as authentic by Michael Gillespie , a malware analyst at security firm Emsisoft and the creator of the ID-Ransomware service.”

Ransomware 145

Ransomware Authentication Malware Hacking 145

Schneier on Security

JUNE 8, 2021

Transportation Command in 2017, after learning that their computerized logistical systems were mostly unclassified and on the internet. “If you think any of these systems are going to work as expected in wartime, you’re fooling yourself.” ” That was Bruce’s response at a conference hosted by U.S.

Software 363

Software Cybersecurity Backups Manufacturing 363

Security Affairs

SEPTEMBER 16, 2022

We don’t have an estimate right now as to when full access to tools will be restored, so thank you for bearing with us,” Latha Maripuri, Uber’s chief information security officer, told NYT via email. This is not the first time that the company suffered a security breach.

Hacking 145

Hacking Data breaches Engineering Information Security 145

Security Affairs

FEBRUARY 6, 2024

“According to the indictment, between 2011 and July 2017, Aliaksandr Klimenka, 42, allegedly controlled BTC-e, a digital currency exchange, with Alexander Vinnik and others.” ” reads the press release published by DoJ.

Cryptocurrency 136

Cryptocurrency Spyware Cybercrime Hacking 136

Krebs on Security

JUNE 22, 2022

Cybersecurity firm Constella Intelligence shows that in 2017, someone using the email address istanx@gmail.com registered at the Russian freelancer job site fl.ru “Thanks to you, we are now developing in the field of information security and anonymity!,” The employees who kept things running for RSOCKS, circa 2016.

Advertising 308

Advertising Cybercrime System Administration Hacking 308

Security Affairs

JUNE 20, 2022

The attack took place in April 2017 and the man is accused of conducting the attack for the Russian military intelligence service GRU. Kozachek hacked the computed of the NATO think tank in 2017 and installed a keylogger to spy on the organization. ” reported the Tagesschau website.

Hacking 145

Hacking Accountability Malware Cybersecurity 145

Security Affairs

FEBRUARY 15, 2021

The French security agency ANSSI is warming of a series of attacks targeting Centreon monitoring software used by multiple French organizations and attributes them to the Russia-linked Sandworm APT group. The first attack spotted by ANSSI experts dates back to the end of 2017 and the campaign continued until 2020.

VPN 140

VPN Software Internet Internet 140

Security Affairs

FEBRUARY 2, 2024

. “SCHULTE’s theft is the largest data breach in the history of the CIA, and his transmission of that stolen information to WikiLeaks is one of the largest unauthorized disclosures of classified information in the history of the U.S.”

Computers and Electronics 135

Computers and Electronics Engineering Hacking Data breaches 135

Security Affairs

OCTOBER 30, 2023

Further analysis revealed that the malware has been used since at least 2017. Kaspersky discovered that the detections between 2017 and 2022 had previously misclassified as a cryptocurrency miner. Kaspersky researchers discovered that over one million updates have been downloaded from the C2 infrastructure since 2017.

Malware 142

Malware Cryptocurrency Ransomware Hacking 142

Security Affairs

AUGUST 16, 2024

Many Google Pixel devices shipped since September 2017 have included a vulnerable app that could be exploited for malicious purposes. Many Google Pixel devices shipped since September 2017 have included dormant software that could be exploited by attackers to compromise them. ” reads the report. ” reads the report.

Hacking 145

Hacking Firmware Mobile Penetration Testing 145

Security Affairs

MARCH 30, 2021

In January 2018, White hackers from Google Project Zero disclosed vulnerabilities , affecting all modern Intel CPUs, dubbed Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715). The issue could be exploited by attackers to steal sensitive data processed by the CPU.

Technology 145

Technology Malware Hacking Information Security 145

Security Affairs

APRIL 28, 2024

The researchers pointed out that the use of the “script:” prefix demonstrates the exploitation of the vulnerability CVE-2017-8570 , a bypass for CVE-2017-0199. The PPSX file contains a remote link to an external OLE object. The remote script, named “widget_iframe.617766616773726468746672726a6834.html,”

VPN 141

VPN Hacking Engineering Information Security 141

Security Affairs

AUGUST 9, 2022

The emails used weaponized Microsoft Word documents exploiting the CVE-2017-11882 vulnerability. The CVE-2017-11882 flaw is a memory-corruption issue that affects all versions of Microsoft Office released between 2000 and 2017. The vulnerability affects the MS Office component EQNEDT32.EXE

Encryption 132

Encryption Antivirus Malware Hacking 132

Malwarebytes

JANUARY 16, 2024

On January 4, 2017, Case Western Reserve University (CWRU), located in Cleveland, Ohio, became aware of an infection on more than 100 of its computers. The university was notified by an undisclosed third party, who provided information to help the team find and identify the malware. This can take years, however.

Malware 127

Malware Passwords Identity Theft Data collection 127

Security Affairs

JANUARY 2, 2022

Year Total Money Lost ($) Year Increase In Money Lost (%) 2021 4,250,000,000 2020 – 2021 185% 2020 1,490,000,000 2019 – 2020 -57% 2019 3,500,156,000 2018 – 2019 259% 2018 974,000,000 2017 – 2018 51% 2017 645,901,000 2016 – 2017 341% 2016 146,509,000 2015 – 2016 -64%. The top 5 breaches in history are: 1. Gox, $615M.

Cryptocurrency 125

Cryptocurrency Scams Marketing Hacking 125

Security Affairs

MAY 6, 2024

Alexander Vinnik , a Russian national, pleaded guilty to conspiracy to commit money laundering for his involvement in operating the cryptocurrency exchange BTC-e from 2011 to 2017. In July 2017 law enforcement shut down the virtual currency exchange.

Cryptocurrency 137

Cryptocurrency Computers and Electronics Identity Theft Hacking 137

Security Affairs

JUNE 26, 2020

Schuchman, Vamp, and Drake created the Satori botnet in between July and August 2017. Between September an October 2017, Schuchman and his accomplices developed a new version of Satori named Okiru. In November 2017 the trio created a new version named Masuta , that targeted GPON routers. ” continues the DoJ.

DDOS 145

DDOS IoT Advertising Internet 145

Security Affairs

SEPTEMBER 10, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS, ImageMagick and Linux Kernel vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog. ” Attackers can exploit the flaw to take over websites running the widely used image-enhancing app.

Hacking 132

Hacking Cybersecurity Software Risk 132

Security Affairs

FEBRUARY 24, 2022

CISA, the FBI, the US Cyber Command’s Cyber National Mission Force (CNMF), UK’s National Cyber Security Centre (NCSC-UK), and the NSA, and law enforcement agencies have published a joint advisory on new malware used by Iran-linked MuddyWater APT group (aka SeedWorm and TEMP.Zagros ) in attacks aimed at critical infrastructure worldwide.

Telecommunications 145

Telecommunications Malware Government Hacking 145

Security Affairs

JUNE 3, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added an Oracle WebLogic Server vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. The issue, tracked as CVE-2017-3506 (CVSS score 7.4), is an OS command injection. The vulnerability resides in the Oracle WebLogic Server component of Oracle Fusion Middleware.

Hacking 139

Hacking Risk Cybersecurity Information Security 139

Security Affairs

MARCH 15, 2022

German Federal Office for Information Security agency, also known as BSI, recommends consumers not to use Kaspersky anti-virus software. The German Federal Office for Information Security agency, aka BSI, recommends consumers uninstall Kaspersky anti-virus software. ” reads the BSI announcement.

Antivirus 122

Antivirus Software Manufacturing Information Security 122

Security Affairs

MARCH 25, 2024

The first MuddyWater campaign was observed in late 2017, when the APT group targeted entities in the Middle East. .” The report includes Indicators of compromise (IOCs) for this campaign.

Phishing 142

Phishing Social Engineering Telecommunications Accountability 142

Security Affairs

AUGUST 11, 2023

A variant of the Gafgyt botnet is actively attempting to exploit a vulnerability, tracked as CVE-2017-18368 (CVSS v3: 9.8), impacting the end-of-life Zyxel P660HN-T1A router. Zyxel addressed the vulnerability in 2017 with the release of new firmware, however, the vendor warned that a Gafgyt variant was exploiting the flaw in 2019.

Firmware 98

Firmware Hacking Cybercrime Information Security 98

Security Affairs

JUNE 26, 2021

million unique records containing customers’ info, including customer names, addresses, emails, phone numbers, and some purchased vehicle information to determine the impact. Data belongs to individuals that provided their information to Mercedez-Benz and dealer websites between 2014 and 2017.

Data breaches 145

Data breaches Internet Internet Engineering 145

Security Affairs

JANUARY 7, 2024

Researchers from Dutch security firm Hunt & Hackett observed Sea Turtle cyber espionage group (aka Teal Kurma, Marbled Dust, SILICON and Cosmic Wolf) targeting telco, media, ISPs, IT service providers, and Kurdish websites in the Netherlands. Between 2017 and 2019, the APT group mainly used DNS hijacking in its campaigns.

Media 143

Media Accountability Telecommunications Government 143

Security Affairs

AUGUST 20, 2021

The master decryption keys work for victims that were infected between July 2017 and early 2021. The keys have been verified as authentic by Michael Gillespie , a malware analyst at security firm Emsisoft and the creator of the ID-Ransomware service.”. The gang has now rebranded as the new El_Cometa group.

Ransomware 123

Ransomware Encryption Authentication Internet 123

Security Affairs

JULY 30, 2024

Upon opening the decoy file, it relies on a remote template injection technique ( CVE-2017-0199 ) to gain initial access to the target’s system. Despite the flaw was addressed by Microsoft in April 2017, attackers are exploiting the vulnerability by targeting large organizations with outdated, fragmented, or antiquated infrastructures.

Phishing 129

Phishing Malware Hacking Information Security 129

Security Affairs

MARCH 14, 2021

” In January 2018, the expert devised two attacks dubbed Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715) , which could be conducted to steal sensitive data processed by the CPU. The Spectre proof of concept itself, leaking memory of your browser’s renderer process.”

Software 145

Software Engineering Encryption Hacking 145

Krebs on Security

APRIL 15, 2020

The Coronavirus has prompted thousands of information security professionals to volunteer their skills in upstart collaborative efforts aimed at frustrating cybercriminals who are seeking to exploit the crisis for financial gain. I am literally seeing phishing messages in every language known to man.”

Cybersecurity 310

Cybersecurity Cyber threats Government Phishing 310

Security Affairs

OCTOBER 19, 2020

In 2017, Greek Police arrested the Russian national Alexander Vinnik and they accused the man of running the BTC-e Bitcoin exchange to launder more than US$4bn worth of the cryptocurrency. The Russian man Alexander Vinnik goes on trial in Paris for having defrauded nearly 200 victims across the world of 135M euros using ransomware.

Advertising 140

Advertising Hacking Cybercrime Cryptocurrency 140

Security Affairs

NOVEMBER 11, 2021

CVE-2017-6077 NETGEAR DGN2200 devices with firmware through 10.0.0.50 Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2 CVE-2017-18368 ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3

IoT 143

IoT Firmware Malware Wireless 143

Security Affairs

NOVEMBER 30, 2021

The attackers are targeting Edgewater Networks’ devices by exploiting the CVE-2017-6079 vulnerability with a relatively unique mount file system command. ” reads the analysis published by Qihoo 360.

DDOS 145

DDOS Backups Engineering Encryption 145

Security Affairs

APRIL 18, 2024

The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. It is written in C++ and compiled with Visual Studio 2017 (15.9). “Kapeka contains a dropper that will drop and launch a backdoor on a victim’s machine and then remove itself.

Malware 138

Malware Ransomware Hacking Technology 138

Security Affairs

NOVEMBER 5, 2021

This ‘line of work’ is coordinated by the FSB’s 18th Center (Information Security Center) based in Moscow.” In the period 2017-2021 this group implemented the most numerous cyberintelligence actions on various vectors of public administration. .” reads the announcement published by the SSU.

Government 142

Government Software Cyber threats Cyber Attacks 142

Security Affairs

FEBRUARY 15, 2024

panel of experts announced an investigation into 58 suspected North Korean cyberattacks between 2017 and 2023 valued at approximately $3 billion. North Korea-linked APT groups are also known to be focused on attacks against crypto exchange and financial organizations in South Korea. Recently, a U.N.

Hacking 137

Hacking Government Accountability Information Security 137