Security Affairs

OCTOBER 27, 2024

Vasinskyi is a REvil ransomware affiliate since at least March 1st, 2019. Vasinskyi (aka Profcomserv, Rabotnik, Rabotnik_New, Yarik45, Yaraslav2468, and Affiliate 22) was arrested on October 8, 2021, while he was trying to enter Poland. Vasinskyi was extradited to the U.S. in March 2022.

Ransomware 143

Ransomware Hacking Malware Cybercrime 143

Krebs on Security

NOVEMBER 2, 2021

Fortinet said the credentials were collected from systems that hadn’t yet implemented a patch issued in May 2019. Some security experts said the post of the Fortinet VPN usernames and passwords was aimed at drawing new affiliates to Groove. Triggering the directors of information security companies.

Ransomware 313

Ransomware Cybercrime VPN Media 313

Krebs on Security

JUNE 8, 2021

CVE-2021-31959 affects everything from Windows 7 through Windows 10 and Server versions 2008 , 2012 , 2016 and 2019. .” Microsoft also patched five critical bugs — flaws that can be remotely exploited to seize control over the targeted Windows computer without any help from users.

Backups 337

Backups Ransomware Cyber threats Phishing 337

Security Affairs

NOVEMBER 18, 2024

Salt Typhoon is a China-linked APT group active since at least 2019. internet-service providers in recent months in pursuit of sensitive information, according to people familiar with the matter.” In December 2020, T-Mobile disclosed a data breach that exposed customers’ network information (CPNI).

Mobile 114

Mobile Telecommunications Data breaches Hacking 114

Security Affairs

MARCH 27, 2025

CVE-2019-9874 (CVSS score of 9.8) is a Deserialization of Untrusted Data in the anti CSRF module in Sitecore through 9.1 the allows an authenticated attacker to execute arbitrary code by sending a serialized.NET object in an HTTP POST parameter. is a Deserialization of Untrusted Data in the anti CSRF module in Sitecore through 9.1

Authentication 63

Authentication Hacking Cybersecurity Risk 63

Krebs on Security

JUNE 22, 2022

A copy of the passport for Denis Kloster, as posted to his Vkontakte page in 2019. 2019, he obtained a visa from the American Embassy in Bangkok, Thailand. “Thanks to you, we are now developing in the field of information security and anonymity!,” info , allproxy[.]info It shows that in Oct.

Advertising 313

Advertising Cybercrime System Administration Hacking 313

Security Affairs

FEBRUARY 10, 2025

The group was also observed exploiting vulnerabilities in Telerik UI such as CVE-2017-9248 and CVE-2019-18935. CVE-2024-57968 allows remote authenticated users to upload files to unintended folders, while CVE-2025-25181 is an SQL injection flaw enabling remote SQL execution (no patch available).

Manufacturing 111

Manufacturing Cybercrime Passwords Authentication 111

Security Affairs

DECEMBER 3, 2024

According to the Gazeta Wyborcza daily, the spyware was used to spy on the phone of Jacek Karnowski, mayor of the city of Sopot, in 2018-2019. The PiS government admitted having used the spyware, but pointed out the Pegasus was never used against political opponents.

Spyware 119

Spyware Government Surveillance Hacking 119

The Last Watchdog

JANUARY 6, 2022

But they have more disadvantages than benefits if we talk about ensuring information security. G-71 is a New York-based data leak deterrence software company that was founded in 2019 by experts in IT & cybersecurity with 20 years of experience in the field. Yes, they are cheap to apply. They can be dynamic.

Marketing 279

Marketing Software Surveillance Information Security 279

Cisco Security

MAY 5, 2022

ISO IEC 27001:2013 – Information technology — Security techniques — Information security management systems — Requirements. ISO/IEC 27017:2015 – Information technology — Security techniques — Code of practice for information security controls based on ISO/IEC 27002 for cloud services.

Marketing 145

Marketing InfoSec Risk Technology 145

Security Affairs

JANUARY 21, 2025

In May 2019, Security researchers with Tencent Security Keen Lab identified five vulnerabilities , tracked as CVE-2021-23906, CVE-2021-23907, CVE-2021-23908, CVE-2021-23909, and CVE-2021-23910, in the latest infotainment system in Mercedes-Benz cars.

Software 133

Software Architecture Media Engineering 133

Security Affairs

FEBRUARY 2, 2025

Court documents state that on October 29, 2019, plaintiffs filed this lawsuit, alleging that the defendants used WhatsApp to target approximately 1,400 mobile phones and devices to infect them with the surveillance software.

Spyware 109

Spyware Hacking Surveillance Malware 109

Security Affairs

NOVEMBER 19, 2024

Phobos operation uses a ransomware-as-a-service (RaaS) model, it has been active since May 2019. Based on information from open sources, government experts linked multiple Phobos ransomware variants to Phobos intrusions due to observed similarities in Tactics, Techniques, and Procedures (TTPs).

Cybercrime 116

Cybercrime Ransomware Healthcare Education 116

Krebs on Security

FEBRUARY 22, 2024

Security experts who reviewed the leaked data say they believe the information is legitimate, and that i-SOON works closely with China’s Ministry of State Security and the military. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government 320

Government Hacking Cyber threats Mobile 320

Security Affairs

DECEMBER 21, 2024

The NetWalker ransomware group has been active since 2019, it was operating using the Ransomware-as-a-Service (RaaS) model. .” Romanian authorities arrested Daniel Hulea on July 11, 2023, in Cluj, and extradited him to the U.S. under the U.S.-Romania Romania extradition treaty. million ransom to recover its files.

Ransomware 108

Ransomware Healthcare Government Cryptocurrency 108

Security Affairs

MARCH 2, 2024

In October 2019, WhatsApp sued the Israeli surveillance firm NSO Group accusing it of carrying out malicious attacks against its users. In May 2019, Facebook patched a critical zero-day vulnerability in WhatsApp, tracked as CVE-2019-3568 , that has been exploited to remotely install spyware on phones by calling the targeted device.

Spyware 144

Spyware Surveillance Software Architecture 144

Security Affairs

JANUARY 12, 2022

The threat actors also exploited known vulnerabilities to compromise target networks and accounts, including: CVE-2018-13379 FortiGate VPNs CVE-2019-1653 Cisco router CVE-2019-2725 Oracle WebLogic Server CVE-2019-7609 Kibana CVE-2019-9670 Zimbra software CVE-2019-10149 Exim Simple Mail Transfer Protocol CVE-2019-11510 Pulse Secure CVE-2019-19781 Citrix (..)

Malware 143

Malware Cyber threats Government Hacking 143

Schneier on Security

AUGUST 8, 2022

Twenty-six advanced to Round 2 in 2019, and seven (plus another eight alternates) were announced as Round 3 finalists in 2020. Fun fact: Those three algorithms were broken by the Center of Encryption and Information Security, part of the Israeli Defense Force. Sixty-nine were considered complete enough to be Round 1 candidates.

Encryption 359

Encryption Architecture Engineering Information Security 359

Security Affairs

APRIL 28, 2025

.” io_uring is a Linux API for asynchronous I/O that uses shared ring buffers between user and kernel space, letting applications perform actions without system calls, making syscall-based security tools ineffective. in March 2019. The io_uring was introduced in the Linux kernel version 5.1

Risk 87

Risk Hacking Information Security Malware 87

The Last Watchdog

AUGUST 15, 2019

In the first four months of 2019 alone, some 22 attacks have been disclosed. days in Q2 2019, as compared to 7.3 days in Q1 2019. schools are among at least 24 local government entities hit hard in the first half of the 2019. This shift has grabbed the attention of municipalities nationwide, so much so that 225 U.S.

Ransomware 196

Ransomware Internet Internet Hacking 196

Krebs on Security

JANUARY 24, 2023

The plea comes just months after Emelyantsev was extradited from Bulgaria, where he told investigators, “America is looking for me because I have enormous information and they need it.” Denis Kloster, as posted to his Vkontakte page in 2019. “Thanks to you, we are now developing in the field of information security and anonymity!,”

Cybercrime 274

Cybercrime Advertising IoT Malware 274

Security Affairs

MARCH 30, 2024

The German Federal Office for Information Security (BSI) warned of thousands of Microsoft Exchange servers in the country vulnerable to critical flaws. According to current findings from the BSI , around twelve percent of them are so outdated that security updates are no longer offered for them.

Information Security 139

Information Security Internet Internet Healthcare 139

Malwarebytes

FEBRUARY 16, 2024

Today, I was alerted to the fact after spotting a warning by the German Federal Office for Information Security (BSI) about the same vulnerability, Something the BSI does not do lightly. When Microsoft said in its update guide for CVE-2024-21410 that the vulnerability was likely to be exploited by attackers, they weren’t kidding.

Authentication 140

Authentication Ransomware Information Security Technology 140

Security Affairs

APRIL 21, 2025

“In some systems, initial access was gained through exploiting the RDP vulnerability (BlueKeep, CVE-2019-0708). Attackers exploited an RDP vulnerability to gain initial access to the target systems. While an RDP vulnerability scanner was found in the compromised system, there is no evidence of its actual use.”

Phishing 80

Phishing Malware Security Intelligence Hacking 80

Security Affairs

JUNE 7, 2024

Akamai observed a Chinese-speaking group exploiting two flaws, tracked as CVE-2018-20062 and CVE-2019-9082, in ThinkPHP applications. Akamai researchers observed a Chinese threat actor exploiting two old remote code execution vulnerabilities, tracked as CVE-2018-20062 and CVE-2019-9082 , in ThinkPHP.

Passwords 138

Passwords Hacking Information Security 138

Krebs on Security

SEPTEMBER 24, 2022

At a court hearing in Bulgaria this month, the accused hacker requested and was granted extradition to the United States, reportedly telling the judge, “America is looking for me because I have enormous information and they need it.” ” A copy of the passport for Denis Kloster, as posted to his Vkontakte page in 2019.

Cybercrime 251

Cybercrime Data breaches Malware Ransomware 251

Daniel Miessler

NOVEMBER 6, 2020

I think there are four main trends that will play out in the field of information security in the next 20 years. I think there are four main trends that will play out in the field of information security in the next 20 years. ISC) 2 says there were over 4 million too few cybersecurity people in 2019.

InfoSec 255

InfoSec Insurance Artificial Intelligence Cybersecurity 255

Security Affairs

NOVEMBER 15, 2021

These issues impacts Windows Server 2019 and lower versions, including Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2.

Authentication 138

Authentication Hacking Information Security 138

Krebs on Security

APRIL 14, 2019

Here’s one from would-be victim Shanon, on March 28, 2019, to the scammers. The price is € 250 + €500 secure deposit. As security deposit needs to be added ,discount needs to be applied please follow the airbnb link” (which goes to the fake Airbnb page).

Scams 271

Scams Advertising Accountability Phishing 271

Security Affairs

SEPTEMBER 19, 2021

The trio has worked as hackers-for-hire for the United Arab Emirates cybersecurity company DarkMatter between January 2016 and November 2019. DOJ also ordered the former intelligence employees to cooperate with the relevant department and FBI components; they are also condemned to a lifetime ban on future US security clearances.

Surveillance 145

Surveillance VPN Hacking Cybersecurity 145

Security Affairs

SEPTEMBER 28, 2024

In 2019, Meta disclosed that it had inadvertently stored some users’ passwords in plaintext on its internal systems, without encrypting them. “As part of a routine security review in January, we found that some user passwords were being stored in a readable format within our internal data storage systems.

Passwords 133

Passwords Media Encryption Internet 133

Security Affairs

NOVEMBER 22, 2021

” said Demetrius Comes, GoDaddy’s Chief Information Security Officer. The hosting provider submitted a data breach notice with the California Attorney General and revealed that the intrusion took place in October 2019. million customers appeared first on Security Affairs. Pierluigi Paganini.

Data breaches 142

Data breaches Passwords Accountability Information Security 142

Security Affairs

AUGUST 17, 2022

Recorded Future identified a link between RedAlpha and a Chinese information security company, whose name appears in the registration of multiple RedAlpha domains. The company called “Nanjing Qinglan Information Technology Co., ” is now known as “Jiangsu Cimer Information Security Technology Co.

Phishing 138

Phishing Government Information Security Technology 138

Security Affairs

APRIL 3, 2021

The data was amassed by threat actors by exploiting a vulnerability fixed in 2019 that allowed data scraping from the social network. In September 2019, another privacy incident involved Facebook , according to TechCruch, phone numbers associated with 419 million accounts of the social networking giant were exposed online.

Hacking 145

Hacking Accountability Passwords Data breaches 145

Security Affairs

DECEMBER 27, 2021

“It is important to note that there is a free decryptor for files locked with an older version (before July 17th, 2019) of eCh0raix ransomware. In 2019, Anomali researchers reported a wave of eCh0raix attacks against Synology NAS devices, threat actors conducted brute-force attacks against them. TXTT” extension. and 1.0.6).”

Ransomware 142

Ransomware Encryption Manufacturing Hacking 142

Security Affairs

OCTOBER 1, 2024

CVE-2019-0344 is a deserialization of untrusted data vulnerability. Since March 2023, Unit 42 researchers have observed a variant of the Mirai botnet spreading by targeting tens of flaws in D-Link, Zyxel, and Netgear devices, including CVE-2023-25280. CVE-2020-15415 is an OS command injection vulnerability in DrayTek Multiple Vigor Routers.

IoT 128

IoT Hacking Cybersecurity Risk 128

Security Affairs

JULY 22, 2021

The CVE-2019-2729 flaw is a remote code execution vulnerability that could be exploited by an unauthenticated attacker. “This Security Alert addresses CVE-2019-2729, a deserialization vulnerability via XMLDecoder in Oracle WebLogic Server Web Services. ” reads the advisory published by Oracle. and 11.2.5.0.

Passwords 140

Passwords Authentication Hacking Technology 140