2018, Hacking and Information Security - Cyber Security Informer

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

Cyber threat analysts at Silent Push said they recently received reports from a partner organization that identified an aggressive scanning effort against their website using an Internet address previously associated with a campaign by FIN7 , a notorious Russia-based hacking group. co — first came online in February 2023.

Hacking

Hacking Cybercrime Advertising Data breaches

2018 Retrospective

Troy Hunt

JANUARY 3, 2019

Here's my 2018 highlights, starting with travel: Travel "Oh yeah, I'm totally gonna travel less this year" - me every single year In reality, my travel ended up looking like this: That's the same number as last year, 4 more days and another 8,000km. Probably with my 2018 events page which lists everything I did of a public nature.

Passwords

Passwords Technology Government InfoSec

Irish Data Protection Commission (DPC) fined Meta €251 million for a 2018 data breach

Security Affairs

DECEMBER 18, 2024

Meta has been fined 251M ($263M) for a 2018 data breach affecting millions in the EU, marking another penalty for violating privacy laws. The Irish Data Protection Commission (DPC) fined Meta 251 million ($263M) for a 2018 data breach impacting 29 million Facebook accounts. ” reads the press release published by DPC.

Data breaches

Data breaches Accountability Risk Advertising

Norway blames China-linked APT31 for 2018 government hack

Security Affairs

JUNE 20, 2021

Norway police secret service states said that China-linked APT31 group was behind the 2018 cyberattack on the government’s IT network. Norway’s Police Security Service (PST) said that the China-linked APT31 cyberespionage group was behind the attack that breached the government’s IT network in 2018. Pierluigi Paganini.

Government

Government Hacking Cyber Attacks Passwords

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

RaaS rollout 2015 – 2018. The GandCrab RaaS that appeared in early 2018 was one of the last high-profile threats targeting individuals on a large scale. It vanished from the radar in June 2018, when the ransomware plague took another sharp turn. Targeting enterprises Late 2018 – present day.

Ransomware

Ransomware Hacking Encryption Penetration Testing

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] 15, 2018, the Royal Canadian Mounted Police (RCMP) charged then 27-year-old Bloom, of Thornhill, Ontario, with selling stolen personal identities online through the website LeakedSource[.]com.

Hacking

Hacking Accountability Data breaches Marketing

DMM Bitcoin $308M Bitcoin heist linked to North Korea

Security Affairs

DECEMBER 25, 2024

Researchers attributed the hack of Harmonys Horizon bridge and Sky Mavis Ronin Bridge to North Korea-linked threat actors. In 2018, the Lazarus APT group targeted several cryptocurrency exchanges , including the campaign tracked as Operation AppleJeus discovered in August 2018. FBI concludes.

Cryptocurrency

Cryptocurrency Social Engineering Hacking Cybercrime

New LightSpy spyware version targets iPhones with destructive capabilities

Security Affairs

NOVEMBER 1, 2024

ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, CVE-2018-4404) to deliver macOS implants. The experts noticed that a portion of the CVE-2018-4404 exploit is likely borrowed from the Metasploit framework. ” concludes the report that includes Indicators of compromise for this threat.

Spyware

Spyware Media Malware Hacking

Poland probes Pegasus spyware abuse under the PiS government

Security Affairs

DECEMBER 3, 2024

The news of the hack was reported by the Gazeta Wyborcza daily, and unfortunately, it isn’t the first time that the Pegasus spyware was used in the country. In 2021, the University of Toronto-based Citizen Lab Internet reported that a Polish opposition duo was hacked with NSO spyware.

Spyware

Spyware Government Surveillance Hacking

Over 6,000 email accounts belonging to Taiwan government agencies hacked by Chinese hacked

Security Affairs

AUGUST 19, 2020

Chinese hackers have hacked thousands of Taiwan Government email accounts belonging at least 10 Taiwan government agencies, officials said. SecurityAffairs – hacking, Taiwan). The post Over 6,000 email accounts belonging to Taiwan government agencies hacked by Chinese hacked appeared first on Security Affairs.

Government

Government Hacking Accountability Advertising

Authorities shut down Crimenetwork, the Germany’s largest crime marketplace

Security Affairs

DECEMBER 4, 2024

Since 2012, Crimenetwork facilitated the sale of illegal goods and services, including drugs, forged documents, hacking tools, and stolen data. Nearly $100M in cryptocurrency was traded on the platform from 2018-2024, with operators taking 1-5% commissions. Source Computerworld.ch

Cybercrime

Cybercrime Cryptocurrency Hacking Internet

New Triada Trojan comes preinstalled on Android devices

Security Affairs

APRIL 2, 2025

.” To protect against malware, experts recommend buying smartphones from authorized distributors and installing security solutions like Kaspersky for Android immediately. In March 2018, security researchers at Antivirus firmDr.Web discovered that 42 models of low-cost Android smartphones were shipped with the Android.Triada.231

Malware

Malware Cryptocurrency Mobile Firmware

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

The Last Watchdog

APRIL 4, 2022

They are often unaware of the risks they take on, which can include hacking, fraud, phishing, and more. SMBs and enterprises alike have been struggling with APIs as a mechanism for information security. A primary culprit of these attacks is the lack of understanding of application programming interfaces, or APIs.

Hacking

Hacking Penetration Testing Data breaches Authentication

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

T-Mobile confirmed being a victim of recent hacking campaigns linked to China-based threat actors targeting telecom companies. T-Mobile confirms it was hacked as part of a long-running cyber espionage campaign targeting Telco companies. and its allies for hacking activities in July. Wall Street Journal reported.

Mobile

Mobile Telecommunications Data breaches Hacking

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

The use of popular instant messaging apps on both mobile and desktop devices broadens the attack surface, creating uncontrolled information exchange channels that bypass security measures. DCRat first appeared in the threat landscape in 2018, but a year later it was redesigned and relaunched.

Computers and Electronics

Computers and Electronics Telecommunications Malware Surveillance

Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide

Security Affairs

NOVEMBER 2, 2024

Since 2018, Sophos has faced increasingly aggressive campaigns, including the India-based Sophos subsidiary Cyberoam, where attackers exploited a wall-mounted display for initial access. Improved operational security, including disrupting firewall telemetry to hinder detection and minimize their digital footprint.

Firmware

Firmware Government Firewall Malware

New LightSpy spyware variant comes with enhanced data collection features targeting social media platforms

Security Affairs

FEBRUARY 26, 2025

ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, CVE-2018-4404) to deliver macOS implants. The experts noticed that a portion of the CVE-2018-4404 exploit is likely borrowed from the Metasploit framework.

Data collection

Data collection Spyware Media Surveillance

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Security Affairs

NOVEMBER 1, 2021

Researchers demonstrated how crooks could hack Diebold Nixdorf’s Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash. A research published by Positive Technologies in 2018 revealed that 69 percent of ATMs were vulnerable to such attacks and could be easily hacked in a few minutes. score of 6.8.

Hacking

Hacking Firmware Encryption Manufacturing

Threat actor has been targeting the aviation industry since at least 2018

Security Affairs

SEPTEMBER 18, 2021

” Our research shows that this actor has been targeting the aviation industry since at least 2018, with files mentioning both “Trip Itinerary Details” and “Bombardier” at the time using the URL akconsult[.]linkpc[.]net.” SecurityAffairs – hacking, malware). Pierluigi Paganini.

Malware

Malware Phishing DNS Cybercrime

Vulnerabilities in Weapons Systems

Schneier on Security

JUNE 8, 2021

A 2018 GAO report expressed concern regarding the lack of secure and patchable U.S. ” It’s a similar attitude to corporate executives who believe that they can’t be hacked — and equally naive. This is just one of many risks to our normal civilian computer supply chains. This is not speculative.

Software

Software Cybersecurity Backups Manufacturing

U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

Security Affairs

DECEMBER 23, 2024

NSO Group continued using WhatsApp exploits, including spyware called Erised, even after being sued for violating anti-hacking laws. from April 29, 2018, to May 10, 2020). Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,NSO Group)

Spyware

Spyware Surveillance Software Hacking

From 2018: DeepMasterPrints: deceive fingerprint recognition systems with MasterPrints generated with GANs

Security Affairs

AUGUST 18, 2024

The technique is effective across different fingerprint matchers and datasets and has potential applications in both security and computational creativity research. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, MasterPrints)

Architecture

Architecture Hacking Risk Information Security

APT hacked a US municipal government via an unpatched Fortinet VPN

Security Affairs

MAY 27, 2021

In April, the FBI and the Cybersecurity and Infrastructure Security Agency (CISA) previously warned of attacks carried out by APT groups targeting Fortinet FortiOS servers using multiple exploits. The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591.

VPN

VPN Government Hacking Accountability

U.S. CISA adds Microsoft.NET Framework, Apache OFBiz, and Paessler PRTG Network Monitor flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

FEBRUARY 5, 2025

Cybersecurity and Infrastructure Security Agency (CISA) added the following vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog : CVE-2024-45195 (CVSS score of 9.8) Microsoft.NET Framework Information Disclosure Vulnerability CVE-2018-9276 (CVSS score of 7.2)

Authentication

Authentication Hacking Cybersecurity Software

Hacking the infotainment system used in Mercedes-Benz cars

Security Affairs

MAY 19, 2021

Security researchers with Tencent Security Keen Lab identified five vulnerabilities, tracked as CVE-2021-23906, CVE-2021-23907, CVE-2021-23908, CVE-2021-23909, and CVE-2021-23910, in the latest infotainment system in Mercedes-Benz cars. SecurityAffairs – hacking, Mercedes). Follow me on Twitter: @securityaffairs and Facebook.

Hacking

Hacking Firmware Engineering Software

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

Security Affairs

DECEMBER 17, 2024

The threat actors attempted to exploit multiple vulnerabilities in DVRs, including CVE-2017-7921, CVE-2018-9995 , CVE-2020-25078, CVE-2021-33044 , and CVE-2021-36260. Follow me on Twitter: @securityaffairs and Facebook and Mastodon PierluigiPaganini ( SecurityAffairs hacking,HiatusRAT)

Architecture

Architecture Internet Internet Malware

Experts found multiple flaws in Mercedes-Benz infotainment system

Security Affairs

JANUARY 21, 2025

In May 2019, Security researchers with Tencent Security Keen Lab identified five vulnerabilities , tracked as CVE-2021-23906, CVE-2021-23907, CVE-2021-23908, CVE-2021-23909, and CVE-2021-23910, in the latest infotainment system in Mercedes-Benz cars.

Software

Software Architecture Media Engineering

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

Security Affairs

OCTOBER 23, 2020

In March 2018, the Department of Homeland Security and Federal Bureau of Investigation issued a joint technical alert to warn of attacks on US critical infrastructure powered by Russian threat actors. Hackers also targeted Exim mail agents ( CVE 2019-10149 ) and Fortinet SSL VPNs ( CVE-2018-13379 ). Pierluigi Paganini.

Government

Government Hacking Advertising Passwords

DoD Announces Third 'Hack the Pentagon' Bug Bounty Program

SecureWorld News

JANUARY 18, 2023

Department of Defense (DoD) is turning to the private sector to bolster its cyber defenses with the launch of the third iteration of its "Hack the Pentagon" bug bounty program. The third installment of the "Hack the Pentagon" bug bounty program comes almost five years after the second one, which was unveiled in April 2018.

Hacking

Hacking Government Information Security Cybersecurity

DoJ charged three Russian citizens with operating crypto-mixing services

Security Affairs

JANUARY 11, 2025

By allegedly operating these mixers, the defendants made it easier for state-sponsored hacking groups and other cybercriminals to profit from offenses that jeopardized both public safety and national security. was active from 2018 to 2022, while Sinbad.io Wible, head of the Justice Department’s Criminal Division.

Cybercrime

Cybercrime Cryptocurrency Hacking Ransomware

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Security Affairs

DECEMBER 16, 2024

Development traces back to at least 2018. “As security improvements make zero-click and other remote spyware attacks prohibitively expensive or unfeasible, authorities may increasingly turn to infecting devices with spyware through physical access to a device. . At this time, the origin of NoviSpy remains unclear.

Spyware

Spyware Surveillance Technology Mobile

New Atrium Health data breach impacts 585,000 individuals

Security Affairs

DECEMBER 6, 2024

In November 2018, Hospital network Atrium Health suffered another data breach , hackers accessed patients’ personal information after compromising the technology solutions provider AccuDoc. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,Atrium Health)

Data breaches

Data breaches Identity Theft Accountability Technology

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

Security Affairs

DECEMBER 26, 2024

The new Mirai malware variant also targetsthe TP-Link flaw CVE-2023-1389 and the vulnerability CVE-2018-17532 affecting Teltonika RUT9XX routers. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,botnet)

Manufacturing

Manufacturing Malware Firmware IoT

USPS Site Exposed Data on 60 Million Users

Krebs on Security

NOVEMBER 21, 2018

No special hacking tools were needed to pull this data, other than knowledge of how to view and modify data elements processed by a regular Web browser like Chrome or Firefox. A USPS brochure advertising the features and benefits of Informed Visibility. .”

Accountability

Accountability Authentication Identity Theft Advertising

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

Krebs on Security

JULY 21, 2023

Many things have changed since 2018, such as the names of the companies in the Fortune 100 list. But one aspect of that vaunted list that hasn’t shifted much since is that very few of these companies list any security professionals within their top executive ranks.

CSO

CSO CISO Insurance Risk

Crooks made more than $560K with a simple clipboard hijacker

Security Affairs

APRIL 19, 2021

The antivirus company Avast analyzed the case of a simple malware dubbed HackBoss and how it allowed its operators to earn more $560K worth of cryptocurrency since November 2018. The tools were published on a Telegram channel named Hack Boss that was created on November 26, 2018, and has over 2,500 subscribers.

Cryptocurrency

Cryptocurrency Hacking Malware Banking

Russian APT Nomadic Octopus hacked Tajikistani carrier

Security Affairs

MAY 1, 2023

Russian APT group Nomadic Octopus hacked a Tajikistani carrier to spy on government officials and public service infrastructures. The cyberspies compromised a broad range of devices, from individuals’ computers to OT devices, as part of an operation tracked as Paperbug.

Hacking

Hacking Telecommunications Government Firewall

Increased GDPR Enforcement Highlights the Need for Data Security

Security Affairs

NOVEMBER 18, 2024

The General Data Protection Regulation ( GDPR ), enacted in 2018, has set a new standard for data privacy across the European Union (EU). Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs – hacking, GDPR ) What is GDPR and Why Does It Matter?

Data privacy

Data privacy Risk Surveillance Government

Old vulnerabilities in Cisco products actively exploited in the wild

Security Affairs

DECEMBER 19, 2022

CVE-2018-0125 (CVSS score of 9.8) – A vulnerability in the web interface of the Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. .

Wireless

Wireless VPN Software Hacking

Experts found a macOS version of the sophisticated LightSpy spyware

Security Affairs

MAY 30, 2024

ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, CVE-2018-4404) to deliver macOS implants. The experts noticed that a portion of the CVE-2018-4404 exploit is likely borrowed from the Metasploit framework. The flaw resides in WebKit and impacts macOS version 10.13.3

Spyware

Spyware Malware Surveillance Mobile

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

Security Affairs

MARCH 13, 2025

ScarCruft has been active since at least 2012, it made the headlines in early February 2018 when researchers revealed that the APT group leveraged a zero-day vulnerability in Adobe Flash Player to deliver malware to South Korean users. Kaspersky first documented the operations of the group in 2016. ” concludes the report.

Spyware

Spyware Surveillance Encryption Malware

CISA adds JBoss RichFaces Framework flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

SEPTEMBER 28, 2023

US CISA added the flaw CVE-2018-14667 in Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the critical flaw CVE-2018-14667 (CVSS score 9.8) X through 3.3.4. CISA orders federal agencies to fix this flaw by October 19, 2023.

Hacking

Hacking Risk Cybersecurity Information Security

Chinese threat actor exploits old ThinkPHP flaws since October 2023

Security Affairs

JUNE 7, 2024

Akamai observed a Chinese-speaking group exploiting two flaws, tracked as CVE-2018-20062 and CVE-2019-9082, in ThinkPHP applications. Akamai researchers observed a Chinese threat actor exploiting two old remote code execution vulnerabilities, tracked as CVE-2018-20062 and CVE-2019-9082 , in ThinkPHP.

Passwords

Passwords Hacking Information Security

U.S. CISA adds Multiple Cisco Small Business RV Series Routers, Hitachi Vantara Pentaho BA Server, Microsoft Windows Win32k, and Progress WhatsUp Gold flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

MARCH 3, 2025

CVE-2018-8639 (CVSS score of 7.8) – an elevation of privilege vulnerability that impacts Windows when the Win32k component fails to properly handle objects in memory. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking, CISA ) ” reads the advisory.

Small Business

Small Business Authentication Hacking Accountability

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

2018 Retrospective

Trending Sources

Irish Data Protection Commission (DPC) fined Meta €251 million for a 2018 data breach

Norway blames China-linked APT31 for 2018 government hack

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

DMM Bitcoin $308M Bitcoin heist linked to North Korea

New LightSpy spyware version targets iPhones with destructive capabilities

Poland probes Pegasus spyware abuse under the PiS government

Over 6,000 email accounts belonging to Taiwan government agencies hacked by Chinese hacked

Authorities shut down Crimenetwork, the Germany’s largest crime marketplace

New Triada Trojan comes preinstalled on Android devices

GUEST ESSAY : Advanced tech to defend API hacking is now readily available to SMBs

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Sophos details five years of China-linked threat actors’ activity targeting network devices worldwide

New LightSpy spyware variant comes with enhanced data collection features targeting social media platforms

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Threat actor has been targeting the aviation industry since at least 2018

Vulnerabilities in Weapons Systems

U.S. Court rules against NSO Group in WhatsApp spyware Lawsuit

From 2018: DeepMasterPrints: deceive fingerprint recognition systems with MasterPrints generated with GANs

APT hacked a US municipal government via an unpatched Fortinet VPN

U.S. CISA adds Microsoft.NET Framework, Apache OFBiz, and Paessler PRTG Network Monitor flaws to its Known Exploited Vulnerabilities catalog

Hacking the infotainment system used in Mercedes-Benz cars

The FBI warns of HiatusRAT scanning campaigns against Chinese-branded web cameras and DVRs

Experts found multiple flaws in Mercedes-Benz infotainment system

FBI and CISA joint alert blames Russia’s Energetic Bear APT for US government networks hack

DoD Announces Third 'Hack the Pentagon' Bug Bounty Program

DoJ charged three Russian citizens with operating crypto-mixing services

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

New Atrium Health data breach impacts 585,000 individuals

A new Mirai botnet variant targets DigiEver DS-2105 Pro DVRs

USPS Site Exposed Data on 60 Million Users

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

Crooks made more than $560K with a simple clipboard hijacker

Russian APT Nomadic Octopus hacked Tajikistani carrier

Increased GDPR Enforcement Highlights the Need for Data Security

Old vulnerabilities in Cisco products actively exploited in the wild

Experts found a macOS version of the sophisticated LightSpy spyware

North Korea-linked APT group ScarCruft spotted using new Android spyware KoSpy

CISA adds JBoss RichFaces Framework flaw to its Known Exploited Vulnerabilities catalog

Chinese threat actor exploits old ThinkPHP flaws since October 2023

U.S. CISA adds Multiple Cisco Small Business RV Series Routers, Hitachi Vantara Pentaho BA Server, Microsoft Windows Win32k, and Progress WhatsUp Gold flaws to its Known Exploited Vulnerabilities catalog

Stay Connected