Schneier on Security

JANUARY 24, 2022

Crowdstrike is reporting that malware targeting Linux has increased considerably in 2021: Malware targeting Linux systems increased by 35% in 2021 compared to 2020. Ten times more Mozi malware samples were observed in 2021 compared to 2020. Lots of details in the report.

Malware 348

Malware Accountability 348

Adam Shostack

JANUARY 2, 2025

These are the books that I read in Q2 2020 that I think are worth your time. These are the books that I read in Q2 2020 that I think are worth your time. Sorry it's late. They're still worthwhile. :) Cyber You'll See This Message When It Is Too Late , by Josephine Wolff.

Internet 130

Internet Internet Software Government 130

Penetration Testing

DECEMBER 11, 2024

for his alleged role in... The post CVE-2020-12271 Exploited: FBI Seeks Chinese Hacker Behind 81,000 Device Breach appeared first on Cybersecurity News. The US Department of Justice announced the unsealing of an indictment against Guan Tianfeng, a Chinese national associated with Sichuan Silence Information Technology Co.

Technology 58

Technology Cybersecurity Firewall 58

Krebs on Security

AUGUST 16, 2020

11’s Patch Tuesday was CVE-2020-1464 , a problem with the way every supported version of Windows validates digital signatures for computer programs. In fact, CVE-2020-1464 was first spotted in attacks used in the wild back in August 2018. One of the 120 security holes Microsoft fixed on Aug. Image: Securityinbits.com.

Antivirus 363

Antivirus Malware Software 363

Security Affairs

FEBRUARY 6, 2025

The vulnerability CVE-2020-15069 (CVSS score of 9.8) is a Remote Code Execution flaw in Microsoft Outlook. . “Successful exploitation of this vulnerability would allow an attacker to bypass the Office Protected View and open in editing mode rather than protected mode.” ” reads the advisory published by Microsoft.

Firewall 122

Firewall Hacking Cybersecurity Risk 122

Tech Republic Security

OCTOBER 1, 2024

A report from insurer QBE predicts that the world will experience 211 significant cyber attacks this year, marking a 105% increase over four years.

Cyber Attacks 195

Cyber Attacks Insurance Artificial Intelligence 195

Schneier on Security

FEBRUARY 10, 2021

Analyzing cryptocurrency data, a research group has estimated a lower-bound on 2020 ransomware revenue: $350 million, four times more than in 2019.

Ransomware 358

Ransomware Cryptocurrency 358

Tech Republic Security

APRIL 18, 2024

Nearly 10 million devices were infected with data-stealing malware in 2023, with criminals stealing an average of 50.9 credentials per device.

Malware 213

Malware Big data Data breaches Ransomware 213

Krebs on Security

FEBRUARY 26, 2023

But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee. GoDaddy described the incident at the time in general terms as a social engineering attack, but one of its customers affected by that March 2020 breach actually spoke to one of the hackers involved.

Hacking 323

Hacking Social Engineering Phishing Scams 323

Malwarebytes

JANUARY 6, 2025

A US chain of dental offices known as Westend Dental LLC denied a 2020 ransomware attack and its associated data breach, instead telling their customers that data was lost due to an accidentally formatted hard drive. In October 2020, Westend Dental was attacked by the Medusa Locker ransomware group.

Data breaches 144

Data breaches Ransomware Passwords Insurance 144

Krebs on Security

JANUARY 22, 2025

From June 30, 2020 until January 14, 2025, one of the core Internet servers that MasterCard uses to direct traffic for portions of the mastercard.com network was misnamed. The misconfiguration persisted for nearly five years until a security researcher spent $300 to register the domain and prevent it from being grabbed by cybercriminals.

DNS 361

DNS Internet Internet Risk 361

Schneier on Security

JANUARY 6, 2021

“The plaintext password was visible in one of the binaries on the system,” the Dutch researchers said in a report published before the Christmas 2020 holiday. aN_fXp” password.

Firewall 350

Firewall VPN Passwords Accountability 350

Security Affairs

JANUARY 4, 2025

The botnet has been active since at least May 2020, reaching its peak with 60,000 compromised devices in June 2023. In September 2024, cybersecurity researchers from Lumens Black Lotus Labs discovered a new botnet, named Raptor Train, composed of small office/home office (SOHO) and IoT devices.

Cybersecurity 122

Cybersecurity IoT Hacking Technology 122

Troy Hunt

NOVEMBER 2, 2020

pic.twitter.com/YUJIqgYNXf — Troy Hunt (@troyhunt) November 1, 2020 Beautiful day out! Hope I'm not just jeolous or the Twitter AI — elconas.de (@BugBuster666) November 1, 2020 In my mind I'm hearing this person in his best Ricky Gervais voice grumbling "but I don't f **g like boats"! Just one screen?

Data breaches 352

Data breaches InfoSec Media Technology 352

Krebs on Security

DECEMBER 19, 2024

In early 2020, Exorn promoted a website called “ orndorks[.]com According to DomainTools, altugsara321@gmail.com was used in 2020 to register the domain name altugsara[.]com. co as one of their projects. That user, “ Exorn ,” has posts dating back to August 2018.

Hacking 227

Hacking Cybercrime Advertising Data breaches 227

Tech Republic Security

DECEMBER 11, 2024

Chinese cybersecurity firm Sichuan Silence has been sanctioned for exploiting a vulnerability in Sophos firewalls used at critical infrastructure organizations in the U.S.

Cybersecurity 152

Cybersecurity Firewall Ransomware Software 152

Schneier on Security

FEBRUARY 15, 2021

More discoveries in November 2019, January 2020, and April 2020 added up to at least five zero-day vulnerabilities being exploited from the same bug class in short order. Microsoft issued a patch and fixed the flaw, sort of. In September 2019, another similar vulnerability was found being exploited by the same hacking group.

Technology 359

Technology Hacking Software 359

Schneier on Security

JANUARY 6, 2022

jump over 2020 (23.6 DuckDuckGo has had a banner year : And yet, DuckDuckGo. The privacy-oriented search engine netted more than 35 billion search queries in 2021 , a 46.4% That’s big.

Engineering 360

Engineering Internet Internet 360

Adam Shostack

JANUARY 2, 2025

At Blackhat this summer, I'll be offering threat modeling training at Blackhat. Last year, these sold out quickly, so don't wait! This hands-on, interactive class will focus on learning to threat model by executing each of the steps.

130

130

Troy Hunt

OCTOBER 28, 2020

— NordVPN (@NordVPN) October 23, 2020 Ah, tricky! That and slashed zeros, and maybe a warning popup for URLs visually similar to (but different from) popular ones, would go a long way to mitigate it — Jon (@heeerrresjonny) October 25, 2020 So. That’s how [link] became [link]. — Bartek ?wierczy?ski Poor Googie!

Phishing 362

Phishing Password Management Passwords Internet 362

Krebs on Security

FEBRUARY 9, 2021

Windows Server users also should be aware that Microsoft this month is enforcing the second round of security improvements as part of a two-phase update to address CVE-2020-1472 , a severe vulnerability that first saw active exploitation back in September 2020.

DNS 339

DNS Backups Software Phishing 339

Schneier on Security

NOVEMBER 20, 2020

The attackers extensively use DLL side-loading in this campaign, and were also seen leveraging the ZeroLogon vulnerability that was patched in August 2020. Interesting details about the group’s tactics. News article.

Malware 350

Malware 350

Schneier on Security

MAY 2, 2024

It banned default passwords in 2018, the law taking effect in 2020. The Product Security and Telecommunications Infrastructure Act 2022 (PSTI) introduces new minimum-security standards for manufacturers, and demands that these companies are open with consumers about how long their products will receive security updates for.

Passwords 338

Passwords IoT Manufacturing Telecommunications 338

Schneier on Security

FEBRUARY 4, 2022

Lindsey Graham (R-SC) have re-introduced the EARN IT Act , an incredibly unpopular bill from 2020 that was dropped in the face of overwhelming opposition. Senators have reintroduced the EARN IT Act, requiring social media companies (among others) to administer a massive surveillance operation on their users: A group of lawmakers led by Sen.

Surveillance 357

Surveillance Backups Media Technology 357

Troy Hunt

AUGUST 7, 2020

link] — Junade Ali (@IcyApril) August 5, 2020 This tweet isn't entirely accurate; it was all Junade's idea and he designed the k-anonymity implementation for HIBP's Pwned Passwords. I asked on Twitter earlier today, and it's, well, extensive: Chromium — Isaac Weaver (@IsaacjWeaver) August 7, 2020 Wordpress.

Passwords 364

Passwords Architecture Data breaches Internet 364

Schneier on Security

AUGUST 29, 2023

The facial recognition technology is used by the Maine Bureau of Motor Vehicles to ensure no one obtains multiple credentials or credentials under someone else’s name, said Emily Cook, spokesperson for the secretary of state’s office.

Identity Theft 319

Identity Theft Technology Software 319

Security Affairs

NOVEMBER 1, 2024

The experts discovered five active C2 servers linked to the new version, with the latest deployment date listed as October 26, 2022, despite using a vulnerability patched in 2020. The authors utilized the publicly available Safari exploit CVE-2020-9802 for initial access and CVE-2020-3837 for privilege escalation.

Spyware 142

Spyware Media Malware Hacking 142

Krebs on Security

APRIL 6, 2021

Facebook says the data was collected before 2020 when it changed things to prevent such information from being scraped from profiles. 2020) was not in HaveIBeenPwned, but then again Facebook claims to have more than 2.7 A cybercrime forum ad from June 2020 selling a database of 533 Million Facebook users. According to a Jan.

Mobile 358

Mobile Accountability Passwords Authentication 358

Security Affairs

MARCH 8, 2025

In May 2020, NTT Communications (NTT Com) disclosed a data breach that impacted hundreds of customers. The company launched an investigation after discovering unauthorized access to some systems on May 7, 2020, and then this week, it confirmed that threat actors may have been stolen.

Data breaches 115

Data breaches Mobile Hacking Malware 115

Krebs on Security

AUGUST 14, 2020

It’s unclear when the intruders first breached R1’s networks, but the ransomware was unleashed more than a week ago, right around the time the company was set to release its 2nd quarter financial results for 2020. R1 RCM declined to discuss the strain of ransomware it is battling or how it was compromised.

Ransomware 363

Ransomware Healthcare Insurance Phishing 363

Schneier on Security

APRIL 3, 2024

The agreement, part of a settlement in a class action lawsuit filed in 2020, caps off years of disclosures about Google’s practices that shed light on how much data the tech giant siphons from its users­—even when they’re in private-browsing mode.

Data collection 333

Data collection 333

Krebs on Security

NOVEMBER 19, 2024

In March 2020, Finastra suffered a ransomware attack that sidelined a number of the company’s core businesses for days. The simplest explanation is that something spooked abyss0 enough for them to abandon a number of pending sales opportunities, in addition to a well-manicured cybercrime persona.

Data breaches 290

Data breaches Banking Cybercrime Advertising 290

Schneier on Security

JUNE 15, 2021

Really interesting two part analysis of the audit conducted after the 2020 election in Windham, New Hampshire.

Risk 321

Risk 321

Schneier on Security

MAY 3, 2023

New reporting from Wired reveals that the Department of Justice detected the SolarWinds attack six months before Mandient detected it in December 2020, but didn’t realize what they detected—and so ignored it. In July 2020, with the mystery still unresolved, communication between investigators and SolarWinds stopped.

System Administration 271

System Administration Software Engineering Internet 271