Schneier on Security

DECEMBER 3, 2020

From a ZDNet article : GitHub launched a deep-dive into the state of open source security, comparing information gathered from the organization’s dependency security features and the six package ecosystems supported on the platform across October 1, 2019, to September 30, 2020, and October 1, 2018, to September 30, 2019.

Engineering 342

Engineering Software Cybersecurity 342

Schneier on Security

JANUARY 5, 2021

Separately, it seems that the SVR conducted a dry run of the attack five months before the actual attack: The hackers distributed malicious files from the SolarWinds network in October 2019, five months before previously reported files were sent to victims through the company’s software update servers. We know at minimum they had access Oct.

Hacking 356

Hacking System Administration Software Surveillance 356

Security Affairs

DECEMBER 23, 2024

Court documents state that on October 29, 2019, plaintiffs filed this lawsuit, alleging that the defendants used WhatsApp to target approximately 1,400 mobile phones and devices to infect them with the surveillance software.

Spyware 107

Spyware Surveillance Software Hacking 107

Krebs on Security

NOVEMBER 26, 2019

The other three restaurants are all part of the same parent company and disclosed breaches in August 2019. Focus Brands (which owns Moe’s, McAlister’s, and Schlotzsky’s) was breached between April and July 2019, and publicly disclosed this on August 23. Krystal announced a card breach last month. percent worldwide.

Marketing 345

Marketing Cybercrime Retail Advertising 345

Krebs on Security

MARCH 11, 2025

Launched in 2019, Garantex was first sanctioned by the U.S. Department of Justice (DOJ) unsealed an indictment against Besciokov and the other alleged co-founder of Garantex, Aleksandr Mira Serda , 40, a Russian national living in the United Arab Emirates.

Ransomware 265

Ransomware Cryptocurrency Marketing Government 265

Krebs on Security

FEBRUARY 4, 2025

In this 2019 post from Cracked, a forum moderator told the author of the post (Buddie) that the owner of the RDP service was the founder of Nulled, a.k.a. Constella found that a user named Shoppy registered on Cracked in 2019 using the email address finn@shoppy[.]gg. “Finndev.” ” Image: Ke-la.com. .

eCommerce 206

eCommerce Cybercrime Accountability Passwords 206

Krebs on Security

DECEMBER 8, 2020

Additionally, Microsoft released an advisory on how to minimize the risk from a DNS spoofing weakness in Windows Server 2008 through 2019. These vulnerabilities affect Microsoft Excel 2013 through 2019, Microsoft 365 32 and 64 bit versions, Microsoft Office 2019 32 and 64 bit versions, and Microsoft Excel for Mac 2019.”

DNS 337

DNS Backups Malware Software 337

Adam Shostack

JANUARY 2, 2025

Just a few things for now Trail of Bits released a threat model for Kubernetes [link to [link] no longer works]. There's some context from Aaron Small, who made the project happen. Continuum has a blog and a spreadsheet on threat modeling lambdas (as a category, not specific to Amazon Lambda), and also a post on threat modeling with CAPEC.

130

130

Adam Shostack

JANUARY 2, 2025

Just what the title says. Cyber Making Software "What Really Works, and Why We Believe It" by Andy Oram and Greg Wilson. This collection of essays is a fascinating view into the state of the art in empirical analysis software engineering. Agile Application Security by Laura Bell, Michael Brunton-Spall, Rich Smith and Jim Bird.

Marketing 130

Marketing Internet Internet Software 130

Schneier on Security

FEBRUARY 15, 2021

In September 2019, another similar vulnerability was found being exploited by the same hacking group. More discoveries in November 2019, January 2020, and April 2020 added up to at least five zero-day vulnerabilities being exploited from the same bug class in short order. Microsoft issued a patch and fixed the flaw, sort of.

Technology 353

Technology Hacking Software 353

Schneier on Security

JANUARY 25, 2024

Since at least 2019, I have been saying that this is hard. Interesting article. I am also skeptical that we are going to see useful quantum computers anytime soon. And that we don’t know if it’s “land a person on the surface of the moon” hard, or “land a person on the surface of the sun” hard.

305

305

Adam Shostack

JANUARY 2, 2025

Some books worth reading, particularly related to space and history A Man on the Moon , Andrew Chaikin is probably the best of the general histories of the moon landings. Failure is not an Option , by Gene Kranz, who didn't actually say that during Apollo 13. Marketing The Moon by David Scott and Richard Jurek.

Marketing 130

Marketing 130

Krebs on Security

JULY 23, 2020

In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. billion in 2019. In August 2019, the company said a third-party investigation into the exposure identified just 32 consumers whose non-public personal information likely was accessed without authorization.

Insurance 350

Insurance Financial Services Penetration Testing Scams 350

Security Affairs

DECEMBER 6, 2024

Atrium Health launched an investigation into the security breach and discovered that from January 2015 to July 2019, certain online tracking technologies were active on its MyAtriumHealth (formerly MyCarolinas) Patient Portal, accessible via web and mobile. The company notified the US Department of Health and Human Services (HHS).

Data breaches 109

Data breaches Identity Theft Accountability Technology 109

Krebs on Security

SEPTEMBER 8, 2020

Among the chief concerns for enterprises this month is CVE-2020-16875 , which involves a critical flaw in the email software Microsoft Exchange Server 2016 and 2019. Security firm Tenable notes that this bug is reminiscent of CVE-2019-0604 , another Sharepoint problem that’s been exploited for cybercriminal gains since April 2019.

Software 311

Software Backups Authentication Internet 311

Krebs on Security

MARCH 11, 2025

Rapid7’s lead software engineer Adam Barnett said Windows 11 and Server 2019 onwards are not listed as receiving patches, so are presumably not vulnerable. However, ESET notes the vulnerability itself also is present in newer Windows OS versions, including Windows 10 build 1809 and the still-supported Windows Server 2016.

System Administration 225

System Administration Engineering Internet Internet 225

Security Affairs

NOVEMBER 7, 2024

CVE-2019-16278 – is a directory traversal issue in the function http_verify in nostromo nhttpd through 1.9.6 Versions up to 2.3.6 and unpatched 2.3.7 are affected, with active exploitation reported in October 2024 by PSAUX. that allows an attacker to achieve remote code execution via a crafted HTTP request.

Firewall 122

Firewall Authentication Accountability Risk 122

Penetration Testing

NOVEMBER 27, 2024

Active since 2019, SMOKEDHAM plays a... The post SMOKEDHAM Backdoor: UNC2465’s Stealth Weapon for Extortion and Ransomware Campaigns appeared first on Cybersecurity News. A comprehensive analysis by TRAC Labs has shed light on the SMOKEDHAM backdoor, a malicious tool leveraged by the financially motivated threat actor UNC2465.

Ransomware 95

Ransomware Cybersecurity Malware 95

Schneier on Security

FEBRUARY 1, 2021

If Georgia had still been using the paperless touchscreen DRE voting machines that they used from 2003 to 2019, then there would have been no paper ballots to recount, and no way to disprove the allegations that the election was hacked. That would have been a nightmare scenario.

Hacking 346

Hacking Software 346

Schneier on Security

MARCH 8, 2021

In 2019, Mladenov et al. Interesting paper: “ Shadow Attacks: Hiding and Replacing Content in Signed PDFs “: Abstract: Digitally signed PDFs are used in contracts and invoices to guarantee the authenticity and integrity of their content. A user opening a signed PDF expects to see a warning in case of any modification.

Hacking 362

Hacking Authentication 362

Schneier on Security

NOVEMBER 2, 2023

These latest warnings build on repeated instances of cyber intrusion and spyware usage, and highlights the surveillance impunity in India that continues to flourish despite the public outcry triggered by the 2019 Pegasus Project revelations.

Spyware 304

Spyware Surveillance Government 304

Krebs on Security

JANUARY 28, 2020

In late December 2019, fuel and convenience store chain Wawa Inc. The fraud bazaar Joker’s Stash on Monday began selling some 30 million stolen payment card accounts that experts say have been tied back to a breach at Wawa in 2019. Representatives from MasterCard did not respond to requests for comment.

Retail 334

Retail Banking Malware Accountability 334

Security Affairs

DECEMBER 18, 2024

The APT group targeted an organization in Latin America in 2019 and 2022. While investigating the 2022 attack, the researchers noticed that the victim organization had also suffered a 2019 attack using “Careto2” and “Goreto” frameworks. ” reads the analysis published by Kaspersky.

Cyber Attacks 112

Cyber Attacks Hacking Government Malware 112

Krebs on Security

JANUARY 12, 2021

In October 2019, SolarWinds pushed an update to their Orion customers that contained the modified test code. More worrisome, the research suggests the insidious methods used by the intruders to subvert the company’s software development pipeline could be repurposed against many other major software providers.

Software 355

Software Malware Government 355

Krebs on Security

FEBRUARY 11, 2020

Allan Liska , intelligence analyst at Recorded Future , says Microsoft considers exploitation of the vulnerability unlikely, but that a similar vulnerability discovered last year, CVE-2019-1280 , was being actively exploited by the Astaroth trojan as recently as September.

Backups 64

Backups Malware Internet Internet 64

Schneier on Security

JANUARY 17, 2023

No details , though: According to the complaint against him, Al-Azhari allegedly visited a dark web site that hosts “unofficial propaganda and photographs related to ISIS” multiple times on May 14, 2019.

Surveillance 363

Surveillance Media Hacking 363

Krebs on Security

MAY 18, 2020

Intel 471 says a rumor has been circulating on Exploit and other forums upO frequented that he was the mastermind behind GandCrab , another ransomware-as-a-service affiliate program that first surfaced in January 2018 and later bragged about extorting billions of dollars from hacked businesses when it closed up shop in June 2019.

Malware 352

Malware Cybercrime Ransomware Marketing 352

Krebs on Security

OCTOBER 15, 2020

Q6Cyber CEO Eli Dominitz said the breach appears to extend from May 2019 through September 2020. Gemini puts the exposure window between July 2019 and August 2020. The NYU researchers found BriansClub earned close to $104 million in gross revenue from 2015 to early 2019, and listed over 19 million unique card numbers for sale.

Data breaches 361

Data breaches Cybercrime Retail Banking 361

Krebs on Security

FEBRUARY 28, 2025

And BEARHOST has been cultivating its reputation since at least 2019. Bulletproof hosts are so named when they earn or cultivate a reputation for ignoring legal demands and abuse complaints. “We completely ignore all abuses without exception, including SPAMHAUS and other organizations.”

Malware 245

Malware Antivirus Software DDOS 245

Schneier on Security

NOVEMBER 30, 2021

After planning began in mid-2018, the Long-Term Retention Lab was up and running in the second half of 2019. The warehouse stores around 3,000 pieces of hardware and software, going back about a decade.

Technology 321

Technology Engineering Software Cybersecurity 321

Troy Hunt

MARCH 18, 2020

troyhunt #NDCLondon pic.twitter.com/wxzhM6uOCG — HarryMiller (@HarryMillerr) January 31, 2019 Scott and I have been doing these for a couple of years now, initially as a bit of a space-filler at NDC Security on the Gold Coast. pic.twitter.com/ypKONdzVmP — Troy Hunt (@troyhunt) July 1, 2019 It's fun. Such a fun talk!

Advertising 317

Advertising Media 317

Troy Hunt

MARCH 19, 2022

that's a link through to 1Password's Masked Email feature that leverages Fastmail, the video is a good primer) Sponsored by: CrowdSec - The open-source & collaborative IPS: respond to attacks & share signals across the community.

IoT 316

IoT 316

Krebs on Security

JULY 31, 2024

Back in 2019, KrebsOnSecurity wrote about thieves employing this method to seize control over thousands of domains registered at GoDaddy, and using those to send bomb threats and sextortion emails (GoDaddy says they fixed that weakness in their systems not long after that 2019 story).

DNS 313

DNS Internet Internet Phishing 313

Schneier on Security

SEPTEMBER 6, 2021

” “All products launched after 2019 randomize their MAC-addresses on a frequent basis as it has become the market standard to do so,” Gamborg says. Jens Bjørnkjær Gamborg, head of communications at Bang & Olufsen, says that “this is products that were launched several years ago.”

Wireless 313

Wireless Marketing Manufacturing Risk 313

Krebs on Security

NOVEMBER 3, 2020

Prosecutors say on June 26, 2019, “Bryan called the Baltimore County Police Department and falsely reported that he, purporting to be a resident of the Milleson family residence, had shot his father at the residence.” Interestingly, the conspiracy appears to have unraveled over a business dispute between the two men.

Scams 343

Scams Wireless Identity Theft Mobile 343

Krebs on Security

AUGUST 10, 2021

The software giant warned that attackers already are pouncing on one of the flaws, which ironically enough involves an easy-to-exploit bug in the software component responsible for patching Windows 10 PCs and Windows Server 2019 machines. “In the case of ransomware attacks, they have also been used to ensure maximum damage.”

Software 327

Software Internet Internet Backups 327

Krebs on Security

JANUARY 27, 2021

. “Chainalysis has traced more than $46 million worth of funds in NetWalker ransoms since it first came on the scene in August 2019,” the company said in a blog post detailing its assistance with the investigation. “It picked up steam in mid-2020, growing the average ransom to $65,000 last year, up from $18,800 in 2019.”

Ransomware 337

Ransomware Cybercrime Antivirus Encryption 337