2017, Internet and Passwords - Cyber Security Informer

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

FEBRUARY 10, 2020

Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. Compounding the confusion, on Sept.

Hacking

Hacking Identity Theft Government Phishing

CASMM (The Consumer Authentication Strength Maturity Model)

Daniel Miessler

MARCH 24, 2021

This post is an attempt to create an easy-to-use security model for the average internet user. Basically, how secure is someone’s current behavior with respect to passwords and authentication, and what can they do to improve? Related posts: My RSA 2017 Recap. The Real Internet of Things: Details and Examples.

Authentication

Authentication Passwords Internet Internet

Tricky Phish Angles for Persistence, Not Passwords

Krebs on Security

JANUARY 7, 2020

Late last year saw the re-emergence of a nasty phishing tactic that allows the attacker to gain full access to a user’s data stored in the cloud without actually stealing the account password. com — is different from the one I saw in late December, but it was hosted at the same Internet address as officesuited[.]com

Phishing

Phishing Passwords Accountability Authentication

Disqus Demonstrates How to Do Breach Disclosure Right

Troy Hunt

OCTOBER 9, 2017

From that moment, the timeline in their public disclosure began which I highlighted in this tweet: 23 hours and 42 minutes from initial private disclosure to @disqus to public notification and impacted accounts proactively protected pic.twitter.com/lctQEjHhiH — Troy Hunt (@troyhunt) October 6, 2017. That's how it should be done.

Data breaches

Data breaches Passwords Accountability Internet

Cybersecurity Firm Imperva Discloses Breach

Krebs on Security

AUGUST 27, 2019

Imperva , a leading provider of Internet firewall services that help Web sites block malicious cyberattacks, alerted customers on Tuesday that a recent data breach exposed email addresses, scrambled passwords, API keys and SSL certificates for a subset of its firewall users. Redwood Shores, Calif.-based

Cybersecurity

Cybersecurity Firewall Passwords Data breaches

NEW TECH: ‘Passwordless authentication’ takes us closer to eliminating passwords as the weak link

The Last Watchdog

OCTOBER 15, 2019

If there ever was such a thing as a cybersecurity silver bullet it would do one thing really well: eliminate passwords. Threat actors have proven to be endlessly clever at abusing and misusing passwords. So what’s stopping us from getting rid of passwords altogether? Passwords may have been very effective securing Roman roads.

Passwords

Passwords Authentication Data breaches Internet

MY TAKE: Why consumers are destined to play a big role in securing the Internet of Things

The Last Watchdog

MARCH 13, 2019

In the not too distant future, each one of us will need to give pause, on a daily basis, to duly consider how we purchase and use Internet of Things devices and services. Only when we demand it, will the Internet of Things achieve a level of trust that makes it stable. This is coming. This time the stakes are too high. Talk more soon.

Internet

Internet Internet IoT Energy and Utilities

Who’s Behind the NetWire Remote Access Trojan?

Krebs on Security

MARCH 9, 2023

A Croatian national has been arrested for allegedly operating NetWire , a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. In October 2012, the WorldWiredLabs domain moved to another dedicated server at the Internet address 198.91.90.7,

DNS

DNS Cybercrime Passwords Accountability

ICANN Urges Greater Domain Name Security

Adam Levin

FEBRUARY 27, 2019

The infrastructure at the core of the internet is vulnerable to attack from state-sponsored hackers, its governing body warned. . The hackers harvested usernames, passwords, and domain name information between 2017 and 2019. This practice is called “DNS hijacking.”.

DNS

DNS Internet Internet Technology

Stark Industries Solutions: An Iron Hammer in the Cloud

Krebs on Security

MAY 23, 2024

Two weeks before Russia invaded Ukraine in February 2022, a large, mysterious new Internet hosting firm called Stark Industries Solutions materialized and quickly became the epicenter of massive distributed denial-of-service (DDoS) attacks on government and commercial targets in Ukraine and Europe. The homepage of Stark Industries Solutions.

DDOS

DDOS Internet Internet Government

Weekly Update 226

Troy Hunt

JANUARY 15, 2021

A little bit of a change of pace this week with the video being solely on the events unfolding around removing content, people and even entire platforms from the internet. These are significant events in history, regardless of your political persuasion, and they're likely to have a very long-lasting impact on the way we communicate online.

Password Management

Password Management Internet Internet Accountability

Who Is the Network Access Broker ‘Babam’?

Krebs on Security

DECEMBER 3, 2021

More commonly, that access is purchased from a cybercriminal broker who specializes in acquiring remote access credentials — such as usernames and passwords needed to remotely connect to the target’s network. In early 2017, Babam confided to another Verified user via private message that he is from Lithuania. com (2017).

Ransomware

Ransomware Passwords Accountability Cybercrime

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

JANUARY 28, 2019

Consider that most of us spend more time navigating the Internet on our laptops and smartphones than we do behind the wheel of a car. But the larger point is that Xbash is just one of dozens of malware families circulating far and wide across the Internet. Use a password manager. percent, according to tech consultancy Gartner.

Passwords

Passwords Password Management Antivirus Internet

When Low-Tech Hacks Cause High-Impact Breaches

Krebs on Security

FEBRUARY 26, 2023

million customers, including website administrator passwords, sFTP credentials, and private SSL keys; -December 2022: Hackers gained access to and installed malware on GoDaddy’s cPanel hosting servers that “intermittently redirected random customer websites to malicious sites.”

Hacking

Hacking Social Engineering Phishing Scams

FreeWorld ransomware attacks MSSQL—get your databases off the Internet

Malwarebytes

SEPTEMBER 5, 2023

When we think of ransomware and brute force password guessing attacks, we normally think of RDP, but recent research from Securonix reminds us that anything secured with a password and exposed to the Internet is of interest to cybercriminals. A simple search on Shodan found almost 90,000 potential targets.

Internet

Internet Internet Ransomware Passwords

MyEquifax.com Bypasses Credit Freeze PIN

Krebs on Security

MARCH 8, 2019

In the wake of Equifax’s epic 2017 data breach impacting some 148 million Americans, many people did freeze their credit files at the big three in response. The portal asked me for an email address and suggested a longish, randomized password, which I accepted. Consumers in every U.S. Getting an account at myequifax.com was easy.

Accountability

Accountability Identity Theft Authentication Passwords

Experian, You Have Some Explaining to Do

Krebs on Security

JULY 10, 2022

In both cases the readers used password managers to select strong, unique passwords for their Experian accounts. Turner said he created the account at Experian in 2020 to place a security freeze on his credit file, and that he used a password manager to select and store a strong, unique password for his Experian account.

Accountability

Accountability Passwords Authentication Password Management

A Decade of Have I Been Pwned

Troy Hunt

DECEMBER 3, 2023

Back in 2018, Gizmodo reckoned HIBP was one of the top 100 websites that shaped the internet as we knew it , alongside the likes of Wikipedia, Google, Amazon and Goatse (don't Google it). 🤣", the internet quipped. Passwords This was never on the cards originally. So, in 2017, Pwned Passwords was born.

Data breaches

Data breaches Passwords Internet Internet

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

Security Affairs

JANUARY 19, 2020

This is the biggest leak of Telnet passwords even reported. The list includes the IP address, username and password for the Telnet service for each device. The list appears to be the result of an Internet scan for devices using default credentials or easy-to-guess passwords. ” reported ZDNet. ” reported ZDNet.

IoT

IoT DDOS InfoSec Internet

New Lucifer DDoS botnet targets Windows systems with multiple exploits

Security Affairs

JUNE 26, 2020

The bot uses exploits for multiple vulnerabilities, including CVE-2014-6287 , CVE-2018-1000861 , CVE-2017-10271 , ThinkPHP RCE vulnerabilities (CVE-2018-20062) , CVE-2018-7600 , CVE-2017-9791 , CVE-2019-9081 , PHPStudy Backdoor RCE , CVE-2017-0144 , CVE-2017-0145 , and CVE-2017-8464. ” concludes the report.

DDOS

DDOS Malware Advertising Passwords

Why & Where You Should You Plant Your Flag

Krebs on Security

AUGUST 12, 2020

For those who can’t be convinced to use a password manager, even writing down all of the account details and passwords on a slip of paper can be helpful, provided the document is secured in a safe place. Perhaps the most important place to enable MFA is with your email accounts.

Accountability

Accountability Mobile Banking Passwords

Hanging Up on Mobile in the Name of Security

Krebs on Security

AUGUST 16, 2018

Unauthorized SIM swaps often are perpetrated by fraudsters who have already stolen or phished a target’s password, as many banks and online services rely on text messages to send users a one-time code that needs to be entered in addition to a password for online authentication. On June 11, 2017, Terpin’s phone went dead.

Mobile

Mobile Cryptocurrency Accountability Authentication

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Security Affairs

JANUARY 7, 2024

The researchers believe that the Turkey-linked APT Sea Turtle has been active since at least 2017. Between 2017 and 2019, the APT group mainly used DNS hijacking in its campaigns. Create and enforce a password policy with adequate complexity requirements for specific accounts. Enable 2FA on all externally exposed accounts.

Media

Media Accountability Telecommunications Government

TP-Link Archer routers allow remote takeover without passwords

Security Affairs

DECEMBER 17, 2019

TP-Link has addressed a critical vulnerability impacting some TP-Link Archer routers that could allow attackers to login without passwords. “In such an event, the victim could lose access to the console and even a shell, and thereby would not be able to re-establish a new password.” ” continues the post.

Passwords

Passwords Advertising Firmware Authentication

Serial Swatter Who Caused Death Gets Five Years in Prison

Krebs on Security

JULY 21, 2021

Internet archivist Jason Scott says Herring was the creator of the successful software products Sparkware and QWIKMail; Scott has 2 hours worth of interviews with Herring from 20 years ago here. From there, the attackers can reset the password for any online account that allows password resets via SMS.

Accountability

Accountability Media Wireless Passwords

$10M Is Yours If You Can Get This Guy to Leave Russia

Krebs on Security

MAY 4, 2023

In 2017, U.S. That Bankir account was registered from the Internet address 193.27.237.66 Cyber intelligence firm Intel 471 found that Internet address also was used to register the account “Nordex” on the Russian hacking forum Exploit back in 2006. Constella tracked another Bankir[.]com ” NORDIA Nordia@yandex.ru

Marketing

Marketing Cybercrime Accountability Cryptocurrency

Karma Catches Up to Global Phishing Service 16Shop

Krebs on Security

AUGUST 17, 2023

The international police organization INTERPOL said last week it had shuttered the notorious 16Shop, a popular phishing-as-a-service platform launched in 2017 that made it simple for even complete novices to conduct complex and convincing phishing scams. A 16Shop phishing page spoofing Apple and targeting Japanese users. Image: Akamai.com.

Phishing

Phishing Passwords Internet Internet

April’s Patch Tuesday Brings Record Number of Fixes

Krebs on Security

APRIL 9, 2024

“This is the largest release from Microsoft this year and the largest since at least 2017,” said Dustin Childs , from Trend Micro’s Zero Day Initiative (ZDI). ” For links to individual security advisories indexed by severity, check out ZDI’s blog and the Patch Tuesday post from the SANS Internet Storm Center.

DNS

DNS Social Engineering Malware Media

Humans are Bad at URLs and Fonts Don’t Matter

Troy Hunt

OCTOBER 28, 2020

The victim, through no fault of their own, has been the target of numerous angry tweets designed to ridicule their role in internet security and suggest they are incapable of performing their duty. It won't match the faked domain, hence no password gets entered. That's why Troy recommends password managers.

Phishing

Phishing Password Management Passwords Internet

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Security Affairs

JUNE 22, 2021

The Windows botnet has been active since late 2017, it was mainly used to mine cryptocurrency, but it was also involved in DDoS attacks in 2018. “Recently, a new infection vector that cracks Windows machines through SMB password brute force is on the rise” reads the analysis published by AVAST.

DNS

DNS Internet Internet Malware

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

Krebs on Security

JANUARY 22, 2019

In July 2018, email users around the world began complaining of receiving spam which began with a password the recipient used at some point in the past and threatened to release embarrassing videos of the recipient unless a bitcoin ransom was paid.

DNS

DNS Internet Internet Computers and Electronics

MY TAKE: What NortonLifeLock’s $8 billion buyout of Avast portends for consumer security

The Last Watchdog

AUGUST 18, 2021

billion in 2017; Avast acquired AVG for $1.3 There are simple steps consumers can take today, for free, to lower their overall risk of a cyber attack, including using multi-factor authentication for their accounts and using strong passwords. A lot of water has flowed under the bridge since then. billion in 2016, for instance.

Antivirus

Antivirus Marketing Identity Theft Social Engineering

Parents’ Guide for Safe YouTube and Internet Streaming for Kids

Security Affairs

JULY 10, 2019

Worse, the Internet, the rise of smartphones, and the culture of social media allow us to access these things from anywhere. Fortunately, there are options available to parents when it comes to controlling YouTube and Internet access. Don’t share passwords. Shockingly, 1 in 5 U.S. As a parent, that’s terrifying.

Internet

Internet Internet Media Accountability

PurpleFox malware infected at least 2,000 computers in Ukraine

Security Affairs

FEBRUARY 2, 2024

. “As part of a detailed study of the cyber threat, a study of the received samples of malicious programs was conducted, the peculiarities of the functioning of the management server infrastructure were established, and more than 2,000 affected computers were identified in the Ukrainian segment of the Internet.”

Malware

Malware Internet Internet DDOS

The Effectiveness of Publicly Shaming Bad Security

Troy Hunt

SEPTEMBER 11, 2018

that no, you didn't just need a username and birth date to reset the account password. — Timothy Dutton (@ravenstar68) December 17, 2017. DC — NatWest (@NatWest_Help) December 12, 2017. How is this sentiment permeating into organisations like @medibank in an era of so many password abuses?

Media

Media Accountability Passwords Mobile

How to Shop Online Like a Security Pro

Krebs on Security

NOVEMBER 23, 2018

‘Tis the season when even those who know a thing or two about Internet scams tend to let down their guard in the face of an eye-popping discount or the stress of last-minute holiday shopping. Postal Service , or their wireless phone provider and/or Internet Service Provider (ISP). Maybe this was once sound advice.

Scams

Scams Wireless Phishing Banking

The Data Breach "Personal Stash" Ecosystem

Troy Hunt

JANUARY 29, 2024

The data of a significant portion of the global internet-using population, just freely flowing backwards and forwards not just in the shady corners of "the dark web" but traded out there in the clear on mainstream websites.

Data breaches

Data breaches Passwords Advertising Personal Security

Who’s Behind the Botnet-Based Service BHProxies?

Krebs on Security

FEBRUARY 24, 2023

First identified in 2017 by the security firm Deep Instinct , Mylobot employs a number of fairly sophisticated methods to remain undetected on infected hosts, such as running exclusively in the computer’s temporary memory, and waiting 14 days before attempting to contact the botnet’s command and control servers.

Accountability

Accountability Advertising Marketing Malware

Millions of Arris routers are vulnerable to path traversal attacks

Malwarebytes

AUGUST 1, 2022

ISP customer premise equipment (CPE) often uses this web server, and ISP subscribers will typically get these routers in loan for telephony and Internet access. The SSID and plaintext password of the 2G and 5G Wi-Fi networks broadcast by the device. Path traversal. Port forwarding configuration information. B05, SBR-AC3200P 1.0.7-B05,

Firmware

Firmware Internet Internet Passwords

RedTorch Formed from Ashes of Norse Corp.

Krebs on Security

MARCH 22, 2021

“And Norse’s much-vaunted interactive attack map was indeed some serious eye candy: It purported to track the source and destination of countless Internet attacks in near real-time, and showed what appeared to be multicolored fireballs continuously arcing across the globe.”

Surveillance

Surveillance Computers and Electronics Internet Internet

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

In 2017, crooks launched a phishing campaign against universities to compromise.edu accounts. In May 2021, over 36,000 email and password combinations for.edu email accounts were offered for sale on a publically available instant messaging platform. ” reads the alert published by the FBI.

Cybercrime

Cybercrime Education Accountability Phishing

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

Microsoft Threat Intelligence Center (MSTIC) researchers discovered a new variant of the Zerobot botnet (aka ZeroStresser) that was improved with the capabilities to target more Internet of Things (IoT) devices. Ensure secure configurations for devices: Change the default password to a strong one, and block SSH from external access.

IoT

IoT DDOS Malware Firmware

Hacked Robot Vacuums Hurl Racial Slurs, Show IoT Devices Risks

SecureWorld News

OCTOBER 16, 2024

The flaw has exposed the widely distributed smart vacuums to manipulation by bad actors, raising concerns about the cybersecurity of internet-connected home devices. Swenson reset the vacuum's password, only for it to begin zooming around and yelling the N-word repeatedly, all within earshot of one of his children. "I

IoT

IoT Risk Hacking Internet

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Krebs on Security

SEPTEMBER 30, 2024

In June 2016, Islam was sentenced to a year in prison for an impressive array of crimes, including stalking people online and posting their personal data on the Internet. In 2017, Taylor was sentenced to three years probation for participating in multiple swatting attacks, including the one against my home in 2013. attorney general.

Cryptocurrency

Cryptocurrency Government Internet Internet

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

CASMM (The Consumer Authentication Strength Maturity Model)

Trending Sources

Tricky Phish Angles for Persistence, Not Passwords

Disqus Demonstrates How to Do Breach Disclosure Right

Cybersecurity Firm Imperva Discloses Breach

NEW TECH: ‘Passwordless authentication’ takes us closer to eliminating passwords as the weak link

MY TAKE: Why consumers are destined to play a big role in securing the Internet of Things

Who’s Behind the NetWire Remote Access Trojan?

ICANN Urges Greater Domain Name Security

Stark Industries Solutions: An Iron Hammer in the Cloud

Weekly Update 226

Who Is the Network Access Broker ‘Babam’?

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

When Low-Tech Hacks Cause High-Impact Breaches

FreeWorld ransomware attacks MSSQL—get your databases off the Internet

MyEquifax.com Bypasses Credit Freeze PIN

Experian, You Have Some Explaining to Do

A Decade of Have I Been Pwned

Bot list with Telnet credentials for more than 500,000 servers and IoT devices leaked online

New Lucifer DDoS botnet targets Windows systems with multiple exploits

Why & Where You Should You Plant Your Flag

Hanging Up on Mobile in the Name of Security

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

TP-Link Archer routers allow remote takeover without passwords

Serial Swatter Who Caused Death Gets Five Years in Prison

$10M Is Yours If You Can Get This Guy to Leave Russia

Karma Catches Up to Global Phishing Service 16Shop

April’s Patch Tuesday Brings Record Number of Fixes

Humans are Bad at URLs and Fonts Don’t Matter

DirtyMoe botnet infected 100,000+ Windows systems in H1 2021

Bomb Threat, Sextortion Spammers Abused Weakness at GoDaddy.com

MY TAKE: What NortonLifeLock’s $8 billion buyout of Avast portends for consumer security

Parents’ Guide for Safe YouTube and Internet Streaming for Kids

PurpleFox malware infected at least 2,000 computers in Ukraine

The Effectiveness of Publicly Shaming Bad Security

How to Shop Online Like a Security Pro

The Data Breach "Personal Stash" Ecosystem

Who’s Behind the Botnet-Based Service BHProxies?

Millions of Arris routers are vulnerable to path traversal attacks

RedTorch Formed from Ashes of Norse Corp.

FBI: Compromised US academic credentials available on various cybercrime forums

A new Zerobot variant spreads by exploiting Apache flaws

Hacked Robot Vacuums Hurl Racial Slurs, Show IoT Devices Risks

Crooked Cops, Stolen Laptops & the Ghost of UGNazi

Stay Connected