2018, Cybersecurity and Hacking - Cyber Security Informer

Hacked by Police

Schneier on Security

JULY 3, 2020

French police hacked EncroChat secure phones, which are widely used by criminals: Encrochat's phones are essentially modified Android devices, with some models using the "BQ Aquaris X2," an Android handset released in 2018 by a Spanish electronics company, according to the leaked documents. Encrochat was trapped.

Hacking

Hacking Telecommunications Encryption Firewall

The US Is Unprepared for Election-Related Hacking in 2018

Schneier on Security

MAY 8, 2018

The overwhelming majority of those surveyed do not want to devote campaign resources to cybersecurity or to hire personnel to address cybersecurity issues. Less than half of those surveyed said they had taken steps to make their data secure and most were unsure if they wanted to spend any money on this protection.

Hacking

Hacking Cyber Attacks Cybersecurity Risk

What’s most interesting about the Florida water system hack? That we heard about it at all.

Krebs on Security

FEBRUARY 10, 2021

” Weiss was just one of a half-dozen experts steeped in the cybersecurity aspects of industrial control systems that KrebsOnSecurity spoke with this week. ” There is nothing in the law that requires such facilities to report cybersecurity incidents, such as the one that happened in Oldsmar this past weekend.

Hacking

Hacking Media Cybersecurity Ransomware

Webinars

How to Avoid Pitfalls In Automation: Keep Humans In the Loop

MORE WEBINARS

Norway blames China-linked APT31 for 2018 government hack

Security Affairs

JUNE 20, 2021

Norway police secret service states said that China-linked APT31 group was behind the 2018 cyberattack on the government’s IT network. Norway’s Police Security Service (PST) said that the China-linked APT31 cyberespionage group was behind the attack that breached the government’s IT network in 2018. SecurityAffairs – hacking, APT31).

Government

Government Hacking Cyber Attacks Passwords

Citrix Hack Exposes Customer Data

Adam Levin

MARCH 12, 2019

Citrix, a major network software company, had its internal network compromised by what appears to be an international hacking campaign. The details and scope of the damage caused by the attack are still unclear, but the activity has been tracked back to Iridium, a hacking group linked to the Iranian government.

Hacking

Hacking Passwords Government Software

This Simple Hack Could Tank Your Business

Adam Levin

JULY 24, 2020

Barely a day goes by without news of an elite hacking team creating a more stealth exploit– malware , elaborate spear-phishing attacks, trojans, and a killer array of ransomware that can take factories and other organizations offline, or even hobble entire cities. Cyberattacks are constantly getting more sophisticated.

Hacking

Hacking Phishing Risk Accountability

How Website Localization Strengthens Cybersecurity in Global Markets

SecureWorld News

FEBRUARY 4, 2025

This made the need for strengthening cybersecurity so apparent to everyone that U.S. The best approach one can adopt is always having cybersecurity at the forefront of their mind whichever aspect of their business they approach. The intersection of localization and cybersecurity Now, how does localization affect cybersecurity?

Marketing

Marketing Cybersecurity eCommerce Data breaches

Suspected Hack Disrupts Major Newspapers

Adam Levin

JANUARY 3, 2019

A similar attack disabled a North Carolina water utility in late 2018. The post Suspected Hack Disrupts Major Newspapers appeared first on Adam Levin. The company also announced that they had reported the incident to the FBI, and that no customer information was compromised in the attack. Read more about the story here.

Hacking

Hacking Ransomware Malware Technology

How Cyber Safe is Your Drinking Water Supply?

Krebs on Security

JUNE 21, 2021

“Identifying IT and OT assets is a critical first step in improving cybersecurity,” the report concluded. In April, federal prosecutors unsealed an indictment against a 22-year-old from Kansas who’s accused of hacking into a public water system in 2019. percent working to do so.

Hacking

Hacking Accountability Cybersecurity Technology

Warning To Employers And Their Former Employees: Ex-Engineer Sentenced To 2 Years In Prison For Hacking Cisco’s WebEx

Joseph Steinberg

DECEMBER 14, 2020

The post Warning To Employers And Their Former Employees: Ex-Engineer Sentenced To 2 Years In Prison For Hacking Cisco’s WebEx appeared first on Joseph Steinberg. Million in damage (including $1 Million of refunds to impacted customers and $1.4

Engineering

Engineering Hacking Accountability Scams

British Airways pays a penalty for data leak of 420,000 customers in 2018

CyberSecurity Insiders

JULY 6, 2021

The airliner paid the penalty for failing to protect its customer information from being accessed by hackers in 2018. As soon as the hack was discovered, a legal claim was filed by a legal firm PGMBM and the claim went through many court hearings for almost 16 months.

Hacking

Hacking Cybersecurity

FEC: Campaigns Can Use Discounted Cybersecurity Services

Krebs on Security

JULY 11, 2019

Federal Election Commission (FEC) said today political campaigns can accept discounted cybersecurity services from companies without running afoul of existing campaign finance laws, provided those companies already do the same for other non-political entities. They’re sort of making it up as they go along.” ” In May, Sen.

Cybersecurity

Cybersecurity Phishing Hacking Cyber Attacks

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

The Last Watchdog

MARCH 4, 2019

Related: We’re in the midst of ‘cyber Pearl Harbor’ Peel back the layers of just about any sophisticated, multi-staged network breach and you’ll invariably find memory hacking at the core. That’s Gartner’s estimate of global spending on cybersecurity in 2017 and 2018. Instead, memory attacks are transient.

Hacking

Hacking Energy and Utilities System Administration Accountability

New Triada Trojan comes preinstalled on Android devices

Security Affairs

APRIL 2, 2025

” said Dmitry Kalinin, a cybersecurity expert at Kaspersky Lab. In March 2018, security researchers at Antivirus firmDr.Web discovered that 42 models of low-cost Android smartphones were shipped with the Android.Triada.231 . “the authors of the new version of Triada are actively monetizing their efforts.

Malware

Malware Cryptocurrency Mobile Firmware

Better Late than Never? U.S. Bolsters Cybersecurity Ahead of Elections

Adam Levin

OCTOBER 26, 2018

Following the multitude of hacks , leaked emails , data breaches , and disinformation campaigns that marred the 2016 elections, Congress has allocated $380 million to states requesting cybersecurity assistance. unprepared to protect the 2018 elections, there is still a chance to defend American democracy in 2020.”.

Cybersecurity

Cybersecurity Data breaches Hacking Risk

U.S. Indicts North Korean Hackers in Theft of $200 Million

Krebs on Security

FEBRUARY 17, 2021

Confirmed thefts attributed to the group include the 2016 hacking of the SWIFT payment system for Bangladesh Bank, which netted thieves $81 million; $6.1 Park was previously charged in 2018 in connection with the WannaCry and Sony Pictures attacks. billion from banks and other victims worldwide. Image: CISA.

Cryptocurrency

Cryptocurrency Financial Services Banking Government

Chinese Supply-Chain Attack on Computer Systems

Schneier on Security

FEBRUARY 13, 2021

Bloomberg News has a major story about the Chinese hacking computer motherboards made by Supermicro, Levono, and others. This is a follow on, with a lot more detail, to a story Bloomberg reported on in fall 2018. From the current Bloomberg story: Mike Quinn, a cybersecurity executive who served in senior roles at Cisco Systems Inc.

Surveillance

Surveillance Internet Internet Government

Vulnerabilities in Weapons Systems

Schneier on Security

JUNE 8, 2021

A 2018 GAO report expressed concern regarding the lack of secure and patchable U.S. ” It’s a similar attitude to corporate executives who believe that they can’t be hacked — and equally naive. .” This is just one of many risks to our normal civilian computer supply chains. This is not speculative.

Software

Software Cybersecurity Backups Manufacturing

Microsoft offers deep analyses of SolarWinds Hack

CyberSecurity Insiders

FEBRUARY 16, 2021

SolarWinds hack seems to be a never-ending saga, as Microsoft President Brad Smith has made a new revelation yesterday stating over 1000 hackers could have been involved in the attack that questioned the security of the entire federal computer system by experts.

Hacking

Hacking Engineering Scams Cyber Attacks

Malware Infected Medical Equipment Shows Fake Tumors

Adam Levin

APRIL 9, 2019

Israeli cybersecurity researchers have created malware capable of showing fake cancerous growths on CT and MRI scans. The malware, called CT-GAN, served as a proof of concept to show the potential for hacking medical devices with fake medical news that was convincing enough to fool medical technicians.

Malware

Malware Healthcare Technology Ransomware

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. and its allies for hacking activities in July. Wall Street Journal reported.

Mobile

Mobile Telecommunications Data breaches Hacking

Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide

Security Affairs

NOVEMBER 2, 2024

Since 2018, Sophos has faced increasingly aggressive campaigns, including the India-based Sophos subsidiary Cyberoam, where attackers exploited a wall-mounted display for initial access. The first documented attack against a Sophos facility is the one that targeted Cyberoam in 2018.

Firmware

Firmware Government Firewall Malware

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

The Last Watchdog

APRIL 4, 2022

They are often unaware of the risks they take on, which can include hacking, fraud, phishing, and more. According to Forbes, “the first half of 2018 was marked by an increase in API-related data breaches, with the 10 largest companies reporting the loss of 63 million personal records.”

Hacking

Hacking Penetration Testing Data breaches Authentication

New LightSpy spyware variant comes with enhanced data collection features targeting social media platforms

Security Affairs

FEBRUARY 26, 2025

Cybersecurity researchers at Hunt.io ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, CVE-2018-4404) to deliver macOS implants. The experts noticed that a portion of the CVE-2018-4404 exploit is likely borrowed from the Metasploit framework.

Data collection

Data collection Spyware Media Surveillance

Remotely hack a Mercedes-Benz E-Class is possible, experts demonstrated

Security Affairs

AUGUST 8, 2020

Chinese researchers discovered tens of vulnerabilities in a Mercedes-Benz E-Class, including issues that can be exploited to remotely hack it. The research began in 2018 and in August 2019, the experts reported their findings to Daimler, which owns the Mercedes-Benz. SecurityAffairs – hacking, Mercedes). Pierluigi Paganini.

Hacking

Hacking Advertising Mobile Engineering

GUEST ESSAY: Cyber insurance 101 — for any business operating in today’s digital environment

The Last Watchdog

JANUARY 20, 2020

Cyber coverage drivers According to the World Economic Forum’s Global Risks Landscape for 2018, extreme weather events, natural disasters, and cyberattacks are the risks that you are most likely to face, with a likelihood score of 4.40, 4.17, and 4.01; respectively. All of these cost victims around $1.3

Cyber Insurance

Cyber Insurance Insurance Data breaches Risk

U.S. CISA adds Microsoft.NET Framework, Apache OFBiz, and Paessler PRTG Network Monitor flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

FEBRUARY 5, 2025

Cybersecurity and Infrastructure Security Agency (CISA) adds Microsoft.NET Framework, Apache OFBiz, and Paessler PRTG Network Monitor flaws to its Known Exploited Vulnerabilities catalog. Microsoft.NET Framework Information Disclosure Vulnerability CVE-2018-9276 (CVSS score of 7.2)

Authentication

Authentication Hacking Cybersecurity Software

HHS Office for Civil Rights Proposes Measures to Strengthen Cybersecurity in Health Care Under HIPAA

Thales Cloud Protection & Licensing

JANUARY 22, 2025

HHS Office for Civil Rights Proposes Measures to Strengthen Cybersecurity in Health Care Under HIPAA madhav Thu, 01/23/2025 - 06:25 Data Breaches in Healthcare: Why Stronger Regulations Matter A data breach involving personal health information isnt just about stolen filesits a gut punch to trust and a serious shake-up to peoples lives.

Healthcare

Healthcare Cybersecurity Data breaches Encryption

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Security Affairs

NOVEMBER 1, 2021

Researchers demonstrated how crooks could hack Diebold Nixdorf’s Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash. A research published by Positive Technologies in 2018 revealed that 69 percent of ATMs were vulnerable to such attacks and could be easily hacked in a few minutes. score of 6.8.

Hacking

Hacking Firmware Encryption Manufacturing

APT hacked a US municipal government via an unpatched Fortinet VPN

Security Affairs

MAY 27, 2021

In April, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) previously warned of attacks carried out by APT groups targeting Fortinet FortiOS servers using multiple exploits. The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591.

VPN

VPN Government Hacking Accountability

GPS Vulnerabilities

Schneier on Security

FEBRUARY 22, 2021

The 2018 National Defense Authorization Act included funding for the Departments of Defense, Homeland Security and Transportation to jointly conduct demonstrations of various alternatives to GPS, which were concluded last March. A report on the technologies was submitted to Congress last week.

Backups

Backups Technology Hacking Cybersecurity

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

Security Affairs

DECEMBER 17, 2024

The threat actors attempted to exploit multiple vulnerabilities in DVRs, including CVE-2017-7921, CVE-2018-9995 , CVE-2020-25078, CVE-2021-33044 , and CVE-2021-36260. The FBI recommends limiting or isolating vulnerable devices, monitoring networks, and following cybersecurity best practices.

Architecture

Architecture Internet Internet Malware

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

The Last Watchdog

JUNE 10, 2019

Remember when, over the course of the 2000s and 2010s, the cybersecurity industry innovated like crazy to address software flaws in operating systems and business applications? Here are the big takeaways: Bypassing protection Firmware exposures are in the early phases of an all too familiar cycle.

Firmware

Firmware Cybersecurity Technology Engineering

CIA Hacking unit APT-C-39 hit China since 2008

Security Affairs

MARCH 4, 2020

Chinese security firm Qihoo 360 revealed that the US CIA has hacked Chinese organizations in various sectors for the last 11 years. Chinese security firm Qihoo 360 is accusing that the US Central Intelligence Agency (CIA) of having hacked Chinese organizations for the last 11 years. SecurityAffairs – hacking, CIA).

Hacking

Hacking Advertising Government Engineering

SEC Sanctions Several Companies over Email Account Hacking

Hacker Combat

SEPTEMBER 6, 2021

A statement from the SEC read as follows: “According to SEC, it has penalized eight companies in three actions for negligence of their cyber protection guidelines and procedures that stimulated email account hacks exposing personal data of numerous clients and customers in each firm.” . Often, hackers use phishing emails to target employees.

Accountability

Accountability Hacking Financial Services Data breaches

Hacking Apple iPhones and iPads by sending emails to the victims

Security Affairs

APRIL 22, 2020

Two zero-day flaws in the default mailing app pre-installed on iPhones and iPads allow attackers to hack the devices just by sending emails. The post Hacking Apple iPhones and iPads by sending emails to the victims appeared first on Security Affairs. “The newly released beta update of 13.4.5 ” ZecOps concludes.

Hacking

Hacking Advertising Accountability Risk

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

A joint security advisory published by The Cybersecurity and Infrastructure Security Agency (CISA) and the Federal Bureau of Investigation (FBI) revealed that Russia-linked APT group Energetic Bear has breached US government networks and exfiltrated data. SecurityAffairs – hacking, Energetic Bear). printing access badges.

Government

Government Hacking Advertising Passwords

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

The Last Watchdog

AUGUST 29, 2023

The threat of bad actors hacking into airplane systems mid-flight has become a major concern for airlines and operators worldwide. Back in 2015, a security researcher decided to make that very point when he claimed to have hacked a plane , accessed the thrust system, and made it fly higher than intended.

Software

Software Risk Artificial Intelligence Cyber Attacks

'An 8th Grader Could Have Hacked' Colonial Pipeline

SecureWorld News

MAY 13, 2021

Here is something you never want to hear about your company after a ransomware attack: “I mean, an eighth-grader could have hacked into that system.”. Unlike cybersecurity standards that electric providers must adhere to, there is no federal requirement around cybersecurity for America's pipeline operators. Colonial Pipeline.

Hacking

Hacking Ransomware Government Cybersecurity

Hoax Email Blast Abused Poor Coding in FBI Website

Krebs on Security

NOVEMBER 13, 2021

“The FBI and CISA [the Cybersecurity and Infrastructure Security Agency ] are aware of the incident this morning involving fake emails from an @ic.fbi.gov email account,” reads the FBI statement. ” In response to a request for comment, the FBI confirmed the unauthorized messages, but declined to offer further information.

Internet

Internet Internet Hacking Accountability

CIA elite hacking unit was not able to protect its tools and cyber weapons

Security Affairs

JUNE 17, 2020

A CIA elite hacking unit that developed cyber-weapons failed in protecting its operations, states an internal report on the Vault 7 data leak. In March, Joshua Schulte , a former CIA software engineer that was accused of stealing the agency’s hacking tools and leaking them to WikiLeaks, was convicted of only minor charges.

Hacking

Hacking Engineering Data breaches Advertising

Multiple cybersecurity agencies warn of China-linked APT40 ‘s capabilities

Security Affairs

JULY 10, 2024

Multiple cybersecurity agencies released a joint advisory warning about a China-linked group APT40 ‘s capability to rapidly exploit disclosed security flaws. Cybersecurity agencies from Australia, Canada, Germany, Japan, New Zealand, South Korea, the U.K., and the U.S. ” continues the report.

Cybersecurity

Cybersecurity Hacking Software Government

Conti’s Ransomware Toll on the Healthcare Industry

Krebs on Security

APRIL 18, 2022

But new information confirms this pledge was always a lie, and that Conti has launched more than 200 attacks against hospitals and other healthcare facilities since first surfacing in 2018 under its earlier name, “ Ryuk.” But according to Microsoft and an advisory from the U.S.

Healthcare

Healthcare Ransomware Cybersecurity Malware

Hacking the infotainment system used in Mercedes-Benz cars

Security Affairs

MAY 19, 2021

The experts focused their analysis on the Mercedes-Benz User Experience (MBUX) infotainment system, which was first presented by the carmaker in 2018. SecurityAffairs – hacking, Mercedes). The post Hacking the infotainment system used in Mercedes-Benz cars appeared first on Security Affairs. Pierluigi Paganini.

Hacking

Hacking Firmware Engineering Software

Hacked by Police

The US Is Unprepared for Election-Related Hacking in 2018

Webinars

Trending Sources

What’s most interesting about the Florida water system hack? That we heard about it at all.

Webinars

Norway blames China-linked APT31 for 2018 government hack

Citrix Hack Exposes Customer Data

This Simple Hack Could Tank Your Business

How Website Localization Strengthens Cybersecurity in Global Markets

Suspected Hack Disrupts Major Newspapers

How Cyber Safe is Your Drinking Water Supply?

Warning To Employers And Their Former Employees: Ex-Engineer Sentenced To 2 Years In Prison For Hacking Cisco’s WebEx

British Airways pays a penalty for data leak of 420,000 customers in 2018

FEC: Campaigns Can Use Discounted Cybersecurity Services

MY TAKE: Memory hacking arises as a go-to tactic to carry out deep, persistent incursions

New Triada Trojan comes preinstalled on Android devices

Better Late than Never? U.S. Bolsters Cybersecurity Ahead of Elections

U.S. Indicts North Korean Hackers in Theft of $200 Million

Chinese Supply-Chain Attack on Computer Systems

Vulnerabilities in Weapons Systems

Microsoft offers deep analyses of SolarWinds Hack

Malware Infected Medical Equipment Shows Fake Tumors

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

New LightSpy spyware variant comes with enhanced data collection features targeting social media platforms

Remotely hack a Mercedes-Benz E-Class is possible, experts demonstrated

GUEST ESSAY: Cyber insurance 101 — for any business operating in today’s digital environment

U.S. CISA adds Microsoft.NET Framework, Apache OFBiz, and Paessler PRTG Network Monitor flaws to its Known Exploited Vulnerabilities catalog

HHS Office for Civil Rights Proposes Measures to Strengthen Cybersecurity in Health Care Under HIPAA

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

APT hacked a US municipal government via an unpatched Fortinet VPN

GPS Vulnerabilities

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

MY TAKE: Why locking down ‘firmware’ has now become the next big cybersecurity challenge

CIA Hacking unit APT-C-39 hit China since 2008

SEC Sanctions Several Companies over Email Account Hacking

Hacking Apple iPhones and iPads by sending emails to the victims

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

'An 8th Grader Could Have Hacked' Colonial Pipeline

Hoax Email Blast Abused Poor Coding in FBI Website

CIA elite hacking unit was not able to protect its tools and cyber weapons

Multiple cybersecurity agencies warn of China-linked APT40 ‘s capabilities

Conti’s Ransomware Toll on the Healthcare Industry

Hacking the infotainment system used in Mercedes-Benz cars

Stay Connected