Krebs on Security

FEBRUARY 22, 2024

Security experts who reviewed the leaked data say they believe the information is legitimate, and that i-SOON works closely with China’s Ministry of State Security and the military. In 2021, the Sichuan provincial government named i-SOON as one of “the top 30 information security companies.”

Government 302

Government Hacking Cyber threats Mobile 302

Security Affairs

MARCH 30, 2024

The German Federal Office for Information Security (BSI) warned of thousands of Microsoft Exchange servers in the country vulnerable to critical flaws. According to current findings from the BSI , around twelve percent of them are so outdated that security updates are no longer offered for them.

Information Security 142

Information Security Internet Internet Healthcare 142

Security Affairs

MAY 7, 2021

Below the full list vulnerabilities exploited by Russian SVR in multiple attacks: • CVE-2018-13379 FortiGate • CVE-2019-1653 Cisco router • CVE-2019-2725 Oracle WebLogic Server • CVE-2019-9670 Zimbra • CVE-2019-11510 Pulse Secure • CVE-2019-19781 Citrix • CVE-2019-7609 Kibana • CVE-2020-4006 VMWare • CVE-2020-5902 F5 Big-IP • CVE-2020-14882 Oracle (..)

Cybersecurity 143

Cybersecurity Hacking Government Malware 143

Malwarebytes

FEBRUARY 16, 2024

Today, I was alerted to the fact after spotting a warning by the German Federal Office for Information Security (BSI) about the same vulnerability, Something the BSI does not do lightly. When Microsoft said in its update guide for CVE-2024-21410 that the vulnerability was likely to be exploited by attackers, they weren’t kidding.

Authentication 144

Authentication Technology Ransomware Information Security 144

Schneier on Security

AUGUST 8, 2022

Twenty-six advanced to Round 2 in 2019, and seven (plus another eight alternates) were announced as Round 3 finalists in 2020. Fun fact: Those three algorithms were broken by the Center of Encryption and Information Security, part of the Israeli Defense Force. Sixty-nine were considered complete enough to be Round 1 candidates.

Encryption 358

Encryption Architecture Engineering Information Security 358

Security Affairs

JANUARY 12, 2022

The threat actors also exploited known vulnerabilities to compromise target networks and accounts, including: CVE-2018-13379 FortiGate VPNs CVE-2019-1653 Cisco router CVE-2019-2725 Oracle WebLogic Server CVE-2019-7609 Kibana CVE-2019-9670 Zimbra software CVE-2019-10149 Exim Simple Mail Transfer Protocol CVE-2019-11510 Pulse Secure CVE-2019-19781 Citrix (..)

Malware 144

Malware Cyber threats Government Hacking 144

Security Affairs

DECEMBER 6, 2024

Atrium Health launched an investigation into the security breach and discovered that from January 2015 to July 2019, certain online tracking technologies were active on its MyAtriumHealth (formerly MyCarolinas) Patient Portal, accessible via web and mobile. The company notified the US Department of Health and Human Services (HHS).

Data breaches 118

Data breaches Identity Theft Accountability Healthcare 118

Krebs on Security

JANUARY 24, 2023

The plea comes just months after Emelyantsev was extradited from Bulgaria, where he told investigators, “America is looking for me because I have enormous information and they need it.” Denis Kloster, as posted to his Vkontakte page in 2019. “Thanks to you, we are now developing in the field of information security and anonymity!,”

Cybercrime 259

Cybercrime Advertising IoT Malware 259

Security Affairs

JUNE 7, 2024

Akamai observed a Chinese-speaking group exploiting two flaws, tracked as CVE-2018-20062 and CVE-2019-9082, in ThinkPHP applications. Akamai researchers observed a Chinese threat actor exploiting two old remote code execution vulnerabilities, tracked as CVE-2018-20062 and CVE-2019-9082 , in ThinkPHP.

Passwords 141

Passwords Hacking Information Security 141

Security Affairs

APRIL 8, 2024

In 2019 the company made the headlines for its 10M USD bug bounty program along with its unique “ Vulnerability Research Hub ” (VRH) online platform. In 2019 price list , the company offered $3 million for a zero-click remote code execution expploit for Android and iOS.

Hacking 140

Hacking Software Government Information Security 140

Daniel Miessler

NOVEMBER 6, 2020

I think there are four main trends that will play out in the field of information security in the next 20 years. I think there are four main trends that will play out in the field of information security in the next 20 years. ISC) 2 says there were over 4 million too few cybersecurity people in 2019.

InfoSec 255

InfoSec Insurance Artificial Intelligence Cybersecurity 255

Security Affairs

NOVEMBER 15, 2021

These issues impacts Windows Server 2019 and lower versions, including Windows Server 2016, Windows Server 2012 R2, Windows Server 2012, Windows Server 2008 R2 SP1, and Windows Server 2008 SP2.

Authentication 142

Authentication Hacking Information Security 142

Security Affairs

SEPTEMBER 28, 2024

In 2019, Meta disclosed that it had inadvertently stored some users’ passwords in plaintext on its internal systems, without encrypting them. “As part of a routine security review in January, we found that some user passwords were being stored in a readable format within our internal data storage systems.

Passwords 138

Passwords Media Encryption Internet 138

Daniel Miessler

SEPTEMBER 29, 2020

SafetyDetectives reports the average cost of a ransomware-caused downtime incident has risen from $46,800 in 2018, to $141,000 in 2019, to $283,800 in 2020. New York City’s capital was hit with a ransomware attack in 2019 that took several key services offline. IBM says 1 in 4 of attacks its X-Force Team sees is caused by Ransomware.

Ransomware 246

Ransomware Government Social Engineering Small Business 246

Security Affairs

JULY 7, 2021

WildPressure APT is targeting industrial organizations in the Middle East since 2019 and was spotted using now a new malware that targets both Windows and macOS. Further investigation led to the discovery of other samples of the same malware that infected systems back in May, 2019.

Malware 141

Malware VPN Architecture Hacking 141

Security Affairs

AUGUST 17, 2022

Recorded Future identified a link between RedAlpha and a Chinese information security company, whose name appears in the registration of multiple RedAlpha domains. The company called “Nanjing Qinglan Information Technology Co., ” is now known as “Jiangsu Cimer Information Security Technology Co.

Phishing 141

Phishing Government Information Security Technology 141

Security Affairs

SEPTEMBER 19, 2021

The trio has worked as hackers-for-hire for the United Arab Emirates cybersecurity company DarkMatter between January 2016 and November 2019. DOJ also ordered the former intelligence employees to cooperate with the relevant department and FBI components; they are also condemned to a lifetime ban on future US security clearances.

Surveillance 145

Surveillance VPN Hacking Cybersecurity 145

Security Affairs

OCTOBER 1, 2024

CVE-2019-0344 is a deserialization of untrusted data vulnerability. Since March 2023, Unit 42 researchers have observed a variant of the Mirai botnet spreading by targeting tens of flaws in D-Link, Zyxel, and Netgear devices, including CVE-2023-25280. CVE-2020-15415 is an OS command injection vulnerability in DrayTek Multiple Vigor Routers.

IoT 134

IoT Hacking Cybersecurity Risk 134

Security Affairs

NOVEMBER 22, 2021

” said Demetrius Comes, GoDaddy’s Chief Information Security Officer. The hosting provider submitted a data breach notice with the California Attorney General and revealed that the intrusion took place in October 2019. million customers appeared first on Security Affairs. Pierluigi Paganini.

Data breaches 144

Data breaches Passwords Accountability Information Security 144

Security Affairs

DECEMBER 27, 2021

“It is important to note that there is a free decryptor for files locked with an older version (before July 17th, 2019) of eCh0raix ransomware. In 2019, Anomali researchers reported a wave of eCh0raix attacks against Synology NAS devices, threat actors conducted brute-force attacks against them. TXTT” extension. and 1.0.6).”

Ransomware 144

Ransomware Encryption Manufacturing Hacking 144

Security Affairs

NOVEMBER 7, 2024

CVE-2019-16278 – is a directory traversal issue in the function http_verify in nostromo nhttpd through 1.9.6 Versions up to 2.3.6 and unpatched 2.3.7 are affected, with active exploitation reported in October 2024 by PSAUX. that allows an attacker to achieve remote code execution via a crafted HTTP request.

Firewall 133

Firewall Authentication Accountability Risk 133

Krebs on Security

SEPTEMBER 24, 2022

At a court hearing in Bulgaria this month, the accused hacker requested and was granted extradition to the United States, reportedly telling the judge, “America is looking for me because I have enormous information and they need it.” ” A copy of the passport for Denis Kloster, as posted to his Vkontakte page in 2019.

Cybercrime 228

Cybercrime Data breaches Malware Ransomware 228

Security Affairs

JULY 22, 2021

The CVE-2019-2729 flaw is a remote code execution vulnerability that could be exploited by an unauthenticated attacker. “This Security Alert addresses CVE-2019-2729, a deserialization vulnerability via XMLDecoder in Oracle WebLogic Server Web Services. ” reads the advisory published by Oracle. and 11.2.5.0.

Authentication 143

Authentication Passwords Hacking Technology 143

Malwarebytes

MARCH 16, 2022

According to Samuel Levine, Director of the FTC’s Bureau of Consumer Protection: “CafePress employed careless security practices and concealed multiple breaches from consumers.”. CafePress waited seven months to publicly disclose a 2019 breach, and only did so after it had been reported in the news. The breach. Proposed settlement.

Data breaches 141

Data breaches Passwords Authentication Social Engineering 141

Krebs on Security

APRIL 14, 2019

Here’s one from would-be victim Shanon, on March 28, 2019, to the scammers. The price is € 250 + €500 secure deposit. As security deposit needs to be added ,discount needs to be applied please follow the airbnb link” (which goes to the fake Airbnb page).

Scams 249

Scams Advertising Accountability Phishing 249

Security Affairs

SEPTEMBER 30, 2024

.” reads the press release published by DoJ. “From January 2019 through May 2020, Westbrook executed a hack-to-trade scheme through which he generated millions of dollars in profits.” From January 2019 to May 2020, the man carried out a hack-to-trade scheme, earning over $3 million in profits.

Hacking 141

Hacking Accountability Passwords Cybercrime 141

Security Affairs

SEPTEMBER 10, 2021

“Back in 2019, we analyzed one of these vulnerabilities, CVE-2019-5736. Our blog post, “ Breaking out of Docker via runC – Explaining CVE-2019-5736 ,” shared our analysis and a proof-of-concept (PoC) exploit for it.” The version used by the ACI is v1.0.0-rc2, ” reported PaloAlto Networks.

Hacking 145

Hacking Information Security 145

Security Affairs

SEPTEMBER 17, 2022

“We’re pleased to announce the availability of a new decryptor for LockerGoga, a strain of ransomware that rose to fame in 2019 with the attack of the Norsk Hydro company.” ” reads the announcement published by the security firm. ” continues the announcement.

Ransomware 141

Ransomware Encryption Backups Cybercrime 141

Security Affairs

JULY 19, 2024

The incident impacted individuals who received services from MediSecure between March 2019 and November 2023. million Australians who used the MediSecure prescription delivery service during the approximate period of March 2019 to November 2023 are impacted by this Incident based on individuals’ healthcare identifiers.

Data breaches 138

Data breaches Unstructured Data Healthcare Identity Theft 138

Security Affairs

NOVEMBER 16, 2024

“Even after WhatsApp detected and blocked the exploit described in the Complaint in May 2019, NSO admits that it developed yet another installation vector (known as Erised) that also used WhatsApp servers to install Pegasus.2 WhatsApp claims it suffered damages as a result of these violations.

Spyware 126

Spyware Surveillance Malware Hacking 126

Security Affairs

NOVEMBER 18, 2023

The man was arrested in September 2019 while traveling to the U. “From approximately November 2014 to September 2019, AZARI engaged in an extensive spearphishing campaign that targeted individuals and companies in the U. and around worldwide. from abroad. According to DoJ, the Israeli man netted over $4.8 and around the globe.”

Identity Theft 142

Identity Theft Phishing Hacking Accountability 142

Security Affairs

MARCH 26, 2022

. – to its list of communications equipment and services that have been deemed a threat to national security, consistent with requirements in the Secure and Trusted Communications Networks Act of 2019.” ” reads the FCC’s press release.

Risk 125

Risk Telecommunications Mobile Antivirus 125

Security Affairs

MAY 1, 2024

The China-linked threat actors Muddling Meerkat are manipulating DNS to probe networks globally since 2019. Infoblox researchers observed China-linked threat actors Muddling Meerkat using sophisticated DNS activities since 2019 to bypass traditional security measures and probe networks worldwide.

DNS 144

DNS Firewall DDOS Hacking 144

CyberSecurity Insiders

DECEMBER 21, 2022

According to International Data Corporation (IDC) the digital lifestyle of the world seems to be a never-ending expansion and estimates are in that the world will require approximately 180Zetta Bytes (ZB) holding media, up from just 43ZB in the year 2019.

Media 119

Media Manufacturing Information Security Cybersecurity 119

Security Affairs

NOVEMBER 23, 2021

Microsoft addressed the flaw with the release of Microsoft Patch Tuesday security updates for November 2021 , the vulnerability impacts on-premises Exchange Server 2016 and Exchange Server 2019. “We Our recommendation is to install these updates immediately to protect your environment.”

Authentication 142

Authentication Hacking Information Security 142

Security Affairs

SEPTEMBER 19, 2024

CVE-2019-1069 vulnerability (CVSS score of 7.8) is a remote code execution issue in the Oracle JDeveloper product of Oracle Fusion Middleware (component: ADF Faces). An unauthenticated attacker with network access via IIOP could exploit this vulnerability to compromise Oracle WebLogic Server. The flaw affects versions 12.2.1.3.0,

Hacking 138

Hacking Cybersecurity Risk Information Security 138

Security Affairs

NOVEMBER 16, 2022

DTrack is a modular backdoor used by the Lazarus group since 2019 , it was employed in attacks against a wide variety of targets, from financial environments to a nuclear power plan. Despite this, Lazarus has not changed the backdoor much since 2019, when it was initially discovered.” ” concludes the report.

Telecommunications 144

Telecommunications Manufacturing Malware Education 144