Schneier on Security

JANUARY 5, 2021

Separately, it seems that the SVR conducted a dry run of the attack five months before the actual attack: The hackers distributed malicious files from the SolarWinds network in October 2019, five months before previously reported files were sent to victims through the company’s software update servers. We know at minimum they had access Oct.

Hacking 361

Hacking System Administration Software Surveillance 361

Krebs on Security

JANUARY 13, 2021

Allan Liska , senior security architect at Recorded Future , said while it is concerning that so many vulnerabilities around the same component were released simultaneously, two previous vulnerabilities in RPC — CVE-2019-1409 and CVE-2018-8514 — were not widely exploited.

Backups 309

Backups Malware Marketing Software 309

Krebs on Security

MARCH 11, 2025

Launched in 2019, Garantex was first sanctioned by the U.S. Department of Justice (DOJ) unsealed an indictment against Besciokov and the other alleged co-founder of Garantex, Aleksandr Mira Serda , 40, a Russian national living in the United Arab Emirates.

Ransomware 255

Ransomware Cryptocurrency Marketing Government 255

Schneier on Security

JANUARY 25, 2024

Since at least 2019, I have been saying that this is hard. Interesting article. I am also skeptical that we are going to see useful quantum computers anytime soon. And that we don’t know if it’s “land a person on the surface of the moon” hard, or “land a person on the surface of the sun” hard.

323

323

Krebs on Security

NOVEMBER 26, 2019

The other three restaurants are all part of the same parent company and disclosed breaches in August 2019. Focus Brands (which owns Moe’s, McAlister’s, and Schlotzsky’s) was breached between April and July 2019, and publicly disclosed this on August 23. Krystal announced a card breach last month. percent worldwide.

Marketing 339

Marketing Cybercrime Retail Advertising 339

Schneier on Security

FEBRUARY 15, 2021

In September 2019, another similar vulnerability was found being exploited by the same hacking group. More discoveries in November 2019, January 2020, and April 2020 added up to at least five zero-day vulnerabilities being exploited from the same bug class in short order. Microsoft issued a patch and fixed the flaw, sort of.

Technology 360

Technology Hacking Software 360

Adam Shostack

JANUARY 2, 2025

Just a few things for now Trail of Bits released a threat model for Kubernetes [link to [link] no longer works]. There's some context from Aaron Small, who made the project happen. Continuum has a blog and a spreadsheet on threat modeling lambdas (as a category, not specific to Amazon Lambda), and also a post on threat modeling with CAPEC.

130

130

Adam Shostack

JANUARY 2, 2025

Just what the title says. Cyber Making Software "What Really Works, and Why We Believe It" by Andy Oram and Greg Wilson. This collection of essays is a fascinating view into the state of the art in empirical analysis software engineering. Agile Application Security by Laura Bell, Michael Brunton-Spall, Rich Smith and Jim Bird.

Marketing 130

Marketing Internet Internet Software 130

Krebs on Security

MARCH 11, 2025

Rapid7’s lead software engineer Adam Barnett said Windows 11 and Server 2019 onwards are not listed as receiving patches, so are presumably not vulnerable. However, ESET notes the vulnerability itself also is present in newer Windows OS versions, including Windows 10 build 1809 and the still-supported Windows Server 2016.

System Administration 215

System Administration Engineering Internet Internet 215

Krebs on Security

FEBRUARY 4, 2025

In this 2019 post from Cracked, a forum moderator told the author of the post (Buddie) that the owner of the RDP service was the founder of Nulled, a.k.a. Constella found that a user named Shoppy registered on Cracked in 2019 using the email address finn@shoppy[.]gg. “Finndev.” ” Image: Ke-la.com. .

eCommerce 197

eCommerce Cybercrime Accountability Passwords 197

Krebs on Security

DECEMBER 8, 2020

Additionally, Microsoft released an advisory on how to minimize the risk from a DNS spoofing weakness in Windows Server 2008 through 2019. These vulnerabilities affect Microsoft Excel 2013 through 2019, Microsoft 365 32 and 64 bit versions, Microsoft Office 2019 32 and 64 bit versions, and Microsoft Excel for Mac 2019.”

DNS 329

DNS Backups Malware Software 329

Security Affairs

DECEMBER 6, 2024

Atrium Health launched an investigation into the security breach and discovered that from January 2015 to July 2019, certain online tracking technologies were active on its MyAtriumHealth (formerly MyCarolinas) Patient Portal, accessible via web and mobile. The company notified the US Department of Health and Human Services (HHS).

Data breaches 111

Data breaches Identity Theft Accountability Technology 111

Adam Shostack

JANUARY 2, 2025

Some books worth reading, particularly related to space and history A Man on the Moon , Andrew Chaikin is probably the best of the general histories of the moon landings. Failure is not an Option , by Gene Kranz, who didn't actually say that during Apollo 13. Marketing The Moon by David Scott and Richard Jurek.

Marketing 130

Marketing 130

Krebs on Security

JULY 23, 2020

In May 2019, KrebsOnSecurity broke the news that the website of mortgage title insurance giant First American Financial Corp. billion in 2019. In August 2019, the company said a third-party investigation into the exposure identified just 32 consumers whose non-public personal information likely was accessed without authorization.

Insurance 343

Insurance Financial Services Penetration Testing Scams 343

Security Affairs

NOVEMBER 7, 2024

CVE-2019-16278 – is a directory traversal issue in the function http_verify in nostromo nhttpd through 1.9.6 Versions up to 2.3.6 and unpatched 2.3.7 are affected, with active exploitation reported in October 2024 by PSAUX. that allows an attacker to achieve remote code execution via a crafted HTTP request.

Firewall 125

Firewall Authentication Accountability Risk 125

Schneier on Security

NOVEMBER 2, 2023

These latest warnings build on repeated instances of cyber intrusion and spyware usage, and highlights the surveillance impunity in India that continues to flourish despite the public outcry triggered by the 2019 Pegasus Project revelations.

Spyware 319

Spyware Surveillance Government 319

Schneier on Security

FEBRUARY 1, 2021

If Georgia had still been using the paperless touchscreen DRE voting machines that they used from 2003 to 2019, then there would have been no paper ballots to recount, and no way to disprove the allegations that the election was hacked. That would have been a nightmare scenario.

Hacking 353

Hacking Software 353

Krebs on Security

SEPTEMBER 8, 2020

Among the chief concerns for enterprises this month is CVE-2020-16875 , which involves a critical flaw in the email software Microsoft Exchange Server 2016 and 2019. Security firm Tenable notes that this bug is reminiscent of CVE-2019-0604 , another Sharepoint problem that’s been exploited for cybercriminal gains since April 2019.

Software 300

Software Backups Authentication Internet 300

Krebs on Security

FEBRUARY 28, 2025

And BEARHOST has been cultivating its reputation since at least 2019. Bulletproof hosts are so named when they earn or cultivate a reputation for ignoring legal demands and abuse complaints. “We completely ignore all abuses without exception, including SPAMHAUS and other organizations.”

Malware 234

Malware Antivirus Software DDOS 234

Schneier on Security

MARCH 8, 2021

In 2019, Mladenov et al. Interesting paper: “ Shadow Attacks: Hiding and Replacing Content in Signed PDFs “: Abstract: Digitally signed PDFs are used in contracts and invoices to guarantee the authenticity and integrity of their content. A user opening a signed PDF expects to see a warning in case of any modification.

Hacking 363

Hacking Authentication 363

Security Affairs

DECEMBER 18, 2024

The APT group targeted an organization in Latin America in 2019 and 2022. While investigating the 2022 attack, the researchers noticed that the victim organization had also suffered a 2019 attack using “Careto2” and “Goreto” frameworks. ” reads the analysis published by Kaspersky.

Cyber Attacks 115

Cyber Attacks Hacking Government Malware 115

Krebs on Security

JANUARY 28, 2020

In late December 2019, fuel and convenience store chain Wawa Inc. The fraud bazaar Joker’s Stash on Monday began selling some 30 million stolen payment card accounts that experts say have been tied back to a breach at Wawa in 2019. Representatives from MasterCard did not respond to requests for comment.

Retail 328

Retail Banking Malware Accountability 328

Penetration Testing

NOVEMBER 27, 2024

Active since 2019, SMOKEDHAM plays a... The post SMOKEDHAM Backdoor: UNC2465’s Stealth Weapon for Extortion and Ransomware Campaigns appeared first on Cybersecurity News. A comprehensive analysis by TRAC Labs has shed light on the SMOKEDHAM backdoor, a malicious tool leveraged by the financially motivated threat actor UNC2465.

Ransomware 91

Ransomware Cybersecurity Malware 91

Schneier on Security

NOVEMBER 30, 2021

After planning began in mid-2018, the Long-Term Retention Lab was up and running in the second half of 2019. The warehouse stores around 3,000 pieces of hardware and software, going back about a decade.

Technology 337

Technology Engineering Software Cybersecurity 337

Schneier on Security

JANUARY 17, 2023

No details , though: According to the complaint against him, Al-Azhari allegedly visited a dark web site that hosts “unofficial propaganda and photographs related to ISIS” multiple times on May 14, 2019.

Surveillance 363

Surveillance Media Hacking 363

Krebs on Security

JANUARY 12, 2021

In October 2019, SolarWinds pushed an update to their Orion customers that contained the modified test code. More worrisome, the research suggests the insidious methods used by the intruders to subvert the company’s software development pipeline could be repurposed against many other major software providers.

Software 351

Software Malware Government 351

Schneier on Security

SEPTEMBER 6, 2021

” “All products launched after 2019 randomize their MAC-addresses on a frequent basis as it has become the market standard to do so,” Gamborg says. Jens Bjørnkjær Gamborg, head of communications at Bang & Olufsen, says that “this is products that were launched several years ago.”

Wireless 329

Wireless Marketing Manufacturing Risk 329

Krebs on Security

OCTOBER 15, 2020

Q6Cyber CEO Eli Dominitz said the breach appears to extend from May 2019 through September 2020. Gemini puts the exposure window between July 2019 and August 2020. The NYU researchers found BriansClub earned close to $104 million in gross revenue from 2015 to early 2019, and listed over 19 million unique card numbers for sale.

Data breaches 360

Data breaches Cybercrime Retail Banking 360

Krebs on Security

MAY 18, 2020

Intel 471 says a rumor has been circulating on Exploit and other forums upO frequented that he was the mastermind behind GandCrab , another ransomware-as-a-service affiliate program that first surfaced in January 2018 and later bragged about extorting billions of dollars from hacked businesses when it closed up shop in June 2019.

Malware 348

Malware Cybercrime Ransomware Marketing 348

Schneier on Security

OCTOBER 1, 2021

The Wall Street Journal is reporting on a baby’s death at an Alabama hospital in 2019, which they argue was a direct result of the ransomware attack the hospital was undergoing. Attending obstetrician Katelyn Parnell texted the nurse manager that she would have delivered the baby by caesarean section had she seen the monitor readout.

Ransomware 337

Ransomware Hacking Accountability Healthcare 337

Troy Hunt

MARCH 19, 2022

that's a link through to 1Password's Masked Email feature that leverages Fastmail, the video is a good primer) Sponsored by: CrowdSec - The open-source & collaborative IPS: respond to attacks & share signals across the community.

IoT 305

IoT 305

Adam Shostack

JANUARY 2, 2025

Some somewhat lazy searching reveals: CISA (with other agencies) said 1,700 in Understanding Lockbit (June, 2023) Department of Justice said more than 2,500 victims in U.S.

Ransomware 130

Ransomware Cybersecurity 130

Krebs on Security

APRIL 10, 2020

Most people who who filed a tax return in 2018 and/or 2019 and provided their bank account information for a debit or credit should soon see an Economic Impact Payment direct-deposited into their bank accounts. Likewise, people drawing Social Security payments from the government will receive stimulus payments the same way.

Computers and Electronics 359

Computers and Electronics Banking Accountability Scams 359

Krebs on Security

JULY 31, 2024

Back in 2019, KrebsOnSecurity wrote about thieves employing this method to seize control over thousands of domains registered at GoDaddy, and using those to send bomb threats and sextortion emails (GoDaddy says they fixed that weakness in their systems not long after that 2019 story).

DNS 302

DNS Internet Internet Phishing 302

Krebs on Security

NOVEMBER 3, 2020

Prosecutors say on June 26, 2019, “Bryan called the Baltimore County Police Department and falsely reported that he, purporting to be a resident of the Milleson family residence, had shot his father at the residence.” Interestingly, the conspiracy appears to have unraveled over a business dispute between the two men.

Scams 338

Scams Wireless Identity Theft Mobile 338

Krebs on Security

AUGUST 10, 2021

The software giant warned that attackers already are pouncing on one of the flaws, which ironically enough involves an easy-to-exploit bug in the software component responsible for patching Windows 10 PCs and Windows Server 2019 machines. “In the case of ransomware attacks, they have also been used to ensure maximum damage.”

Software 320

Software Internet Internet Backups 320

Troy Hunt

JANUARY 1, 2021

References NZBGeek reported a data breach (the sire is offline now and the Twitter thread suggests that it perhaps on the shadier side of copyright law) Thousands of Aussies have been targeted by Coronavirus scams (no surprises there really, and it certainly goes well beyond just Aussies) CafePress has copped a $2M settlement related to their 2019 (..)

Data breaches 335

Data breaches Password Management Scams Passwords 335