Krebs on Security

AUGUST 16, 2020

11’s Patch Tuesday was CVE-2020-1464 , a problem with the way every supported version of Windows validates digital signatures for computer programs. In fact, CVE-2020-1464 was first spotted in attacks used in the wild back in August 2018. One of the 120 security holes Microsoft fixed on Aug. Image: Securityinbits.com.

Antivirus 363

Antivirus Malware Software 363

Security Affairs

FEBRUARY 6, 2025

The vulnerability CVE-2020-15069 (CVSS score of 9.8) is a Remote Code Execution flaw in Microsoft Outlook. . “Successful exploitation of this vulnerability would allow an attacker to bypass the Office Protected View and open in editing mode rather than protected mode.” ” reads the advisory published by Microsoft.

Firewall 119

Firewall Hacking Cybersecurity Risk 119

Tech Republic Security

OCTOBER 1, 2024

A report from insurer QBE predicts that the world will experience 211 significant cyber attacks this year, marking a 105% increase over four years.

Cyber Attacks 198

Cyber Attacks Insurance Artificial Intelligence 198

Tech Republic Security

APRIL 18, 2024

Nearly 10 million devices were infected with data-stealing malware in 2023, with criminals stealing an average of 50.9 credentials per device.

Malware 215

Malware Big data Data breaches Ransomware 215

Krebs on Security

FEBRUARY 26, 2023

But we do know the March 2020 attack was precipitated by a spear-phishing attack against a GoDaddy employee. GoDaddy described the incident at the time in general terms as a social engineering attack, but one of its customers affected by that March 2020 breach actually spoke to one of the hackers involved.

Hacking 328

Hacking Social Engineering Phishing Scams 328

Schneier on Security

FEBRUARY 10, 2021

Analyzing cryptocurrency data, a research group has estimated a lower-bound on 2020 ransomware revenue: $350 million, four times more than in 2019.

Ransomware 352

Ransomware Cryptocurrency 352

Malwarebytes

JANUARY 6, 2025

A US chain of dental offices known as Westend Dental LLC denied a 2020 ransomware attack and its associated data breach, instead telling their customers that data was lost due to an accidentally formatted hard drive. In October 2020, Westend Dental was attacked by the Medusa Locker ransomware group.

Data breaches 145

Data breaches Ransomware Passwords Insurance 145

Krebs on Security

JANUARY 22, 2025

From June 30, 2020 until January 14, 2025, one of the core Internet servers that MasterCard uses to direct traffic for portions of the mastercard.com network was misnamed. The misconfiguration persisted for nearly five years until a security researcher spent $300 to register the domain and prevent it from being grabbed by cybercriminals.

DNS 362

DNS Internet Internet Risk 362

Troy Hunt

NOVEMBER 2, 2020

pic.twitter.com/YUJIqgYNXf — Troy Hunt (@troyhunt) November 1, 2020 Beautiful day out! Hope I'm not just jeolous or the Twitter AI — elconas.de (@BugBuster666) November 1, 2020 In my mind I'm hearing this person in his best Ricky Gervais voice grumbling "but I don't f **g like boats"! Just one screen?

Data breaches 359

Data breaches InfoSec Media Technology 359

Krebs on Security

DECEMBER 19, 2024

In early 2020, Exorn promoted a website called “ orndorks[.]com According to DomainTools, altugsara321@gmail.com was used in 2020 to register the domain name altugsara[.]com. co as one of their projects. That user, “ Exorn ,” has posts dating back to August 2018.

Hacking 233

Hacking Cybercrime Advertising Data breaches 233

Tech Republic Security

DECEMBER 11, 2024

Chinese cybersecurity firm Sichuan Silence has been sanctioned for exploiting a vulnerability in Sophos firewalls used at critical infrastructure organizations in the U.S.

Cybersecurity 158

Cybersecurity Firewall Ransomware Software 158

Schneier on Security

JANUARY 6, 2021

“The plaintext password was visible in one of the binaries on the system,” the Dutch researchers said in a report published before the Christmas 2020 holiday. aN_fXp” password.

Firewall 342

Firewall VPN Passwords Accountability 342

Security Affairs

JANUARY 4, 2025

The botnet has been active since at least May 2020, reaching its peak with 60,000 compromised devices in June 2023. In September 2024, cybersecurity researchers from Lumens Black Lotus Labs discovered a new botnet, named Raptor Train, composed of small office/home office (SOHO) and IoT devices.

Cybersecurity 119

Cybersecurity IoT Hacking Technology 119

Adam Shostack

JANUARY 2, 2025

At Blackhat this summer, I'll be offering threat modeling training at Blackhat. Last year, these sold out quickly, so don't wait! This hands-on, interactive class will focus on learning to threat model by executing each of the steps.

130

130

Schneier on Security

JANUARY 6, 2022

jump over 2020 (23.6 DuckDuckGo has had a banner year : And yet, DuckDuckGo. The privacy-oriented search engine netted more than 35 billion search queries in 2021 , a 46.4% That’s big.

Engineering 357

Engineering Internet Internet 357

Troy Hunt

OCTOBER 28, 2020

— NordVPN (@NordVPN) October 23, 2020 Ah, tricky! That and slashed zeros, and maybe a warning popup for URLs visually similar to (but different from) popular ones, would go a long way to mitigate it — Jon (@heeerrresjonny) October 25, 2020 So. That’s how [link] became [link]. — Bartek ?wierczy?ski Poor Googie!

Phishing 363

Phishing Password Management Passwords Internet 363

Schneier on Security

FEBRUARY 15, 2021

More discoveries in November 2019, January 2020, and April 2020 added up to at least five zero-day vulnerabilities being exploited from the same bug class in short order. Microsoft issued a patch and fixed the flaw, sort of. In September 2019, another similar vulnerability was found being exploited by the same hacking group.

Technology 353

Technology Hacking Software 353

Krebs on Security

FEBRUARY 9, 2021

Windows Server users also should be aware that Microsoft this month is enforcing the second round of security improvements as part of a two-phase update to address CVE-2020-1472 , a severe vulnerability that first saw active exploitation back in September 2020.

DNS 341

DNS Backups Software Phishing 341

Schneier on Security

FEBRUARY 4, 2022

Lindsey Graham (R-SC) have re-introduced the EARN IT Act , an incredibly unpopular bill from 2020 that was dropped in the face of overwhelming opposition. Senators have reintroduced the EARN IT Act, requiring social media companies (among others) to administer a massive surveillance operation on their users: A group of lawmakers led by Sen.

Surveillance 351

Surveillance Backups Media Technology 351

Krebs on Security

DECEMBER 14, 2020

released between March 2020 and June 2020.” In its own advisory, FireEye said multiple updates poisoned with a malicious backdoor program were digitally signed with a SolarWinds certificate from March through May 2020, and posted to the SolarWindws update website. HF 5 through 2020.2.1, ”

Hacking 364

Hacking Antivirus Software Accountability 364

Schneier on Security

MAY 2, 2024

It banned default passwords in 2018, the law taking effect in 2020. The Product Security and Telecommunications Infrastructure Act 2022 (PSTI) introduces new minimum-security standards for manufacturers, and demands that these companies are open with consumers about how long their products will receive security updates for.

Passwords 324

Passwords IoT Manufacturing Telecommunications 324

Krebs on Security

APRIL 6, 2021

Facebook says the data was collected before 2020 when it changed things to prevent such information from being scraped from profiles. 2020) was not in HaveIBeenPwned, but then again Facebook claims to have more than 2.7 A cybercrime forum ad from June 2020 selling a database of 533 Million Facebook users. According to a Jan.

Mobile 359

Mobile Accountability Passwords Authentication 359

Krebs on Security

AUGUST 14, 2020

It’s unclear when the intruders first breached R1’s networks, but the ransomware was unleashed more than a week ago, right around the time the company was set to release its 2nd quarter financial results for 2020. R1 RCM declined to discuss the strain of ransomware it is battling or how it was compromised.

Ransomware 363

Ransomware Healthcare Insurance Phishing 363

Security Affairs

NOVEMBER 1, 2024

The experts discovered five active C2 servers linked to the new version, with the latest deployment date listed as October 26, 2022, despite using a vulnerability patched in 2020. The authors utilized the publicly available Safari exploit CVE-2020-9802 for initial access and CVE-2020-3837 for privilege escalation.

Spyware 140

Spyware Media Malware Hacking 140

Krebs on Security

NOVEMBER 19, 2024

In March 2020, Finastra suffered a ransomware attack that sidelined a number of the company’s core businesses for days. The simplest explanation is that something spooked abyss0 enough for them to abandon a number of pending sales opportunities, in addition to a well-manicured cybercrime persona.

Data breaches 297

Data breaches Banking Cybercrime Advertising 297

Security Affairs

JANUARY 28, 2025

The EU sanctioned three members of Russia’s GRU Unit 29155 for cyberattacks on Estonia’s government agencies in 2020. “The Council today adopted additional restrictive measures against three Russian individuals responsible for a series of cyberattacks carried out against the Republic of Estonia in 2020. .

Cyber Attacks 87

Cyber Attacks Government Healthcare Financial Services 87

Krebs on Security

OCTOBER 30, 2024

But the Federal Trade Commission notes that the big three bureaus have permanently extended a program enacted in 2020 that lets you check your credit report at each of the agencies once a week for free. By law, everyone is entitled to one free credit report every 12 months from each of the three credit reporting agencies.

Healthcare 298

Healthcare Insurance Computers and Electronics Data breaches 298

Krebs on Security

APRIL 18, 2022

Conti ravaged the healthcare sector throughout 2020, and leaked internal chats from the Conti ransomware group show the gang had access to more than 400 healthcare facilities in the U.S. alone by October 2020. In June 2021, the HSE’s director general said the recovery costs for that attack were likely to exceed USD $600 million.

Healthcare 341

Healthcare Ransomware Cybersecurity Malware 341

Schneier on Security

AUGUST 14, 2023

The NSA discovered the intrusion in 2020—we don’t know how—and alerted the Japanese. and Japanese officials interviewed, who spoke on the condition of anonymity because of the matter’s sensitivity. […] The 2020 penetration was so disturbing that Gen. Paul Nakasone, the head of the NSA and U.S.

Hacking 241

Hacking Cybersecurity 241

Security Affairs

NOVEMBER 25, 2024

In September 2024, the FBI, CISA, and NSA linked threat actors from Russia’s GRU Unit 29155 to global cyber operations since at least 2020. Since 2020, the unit has expanded into offensive cyber operations aimed at espionage, reputational harm, and data destruction.

Cyber Attacks 111

Cyber Attacks Government Hacking Cyber threats 111

Schneier on Security

MARCH 16, 2022

The creation date for the all the weak keys was 2020 or later. Some of the keys are from printers from two manufacturers, Canon and Fujifilm (originally branded as Fuji Xerox). Printer users can use the keys to generate a Certificate Signing Request. The weak Canon keys are tracked as CVE-2022-26351.

Manufacturing 309

Manufacturing Encryption 309

Krebs on Security

DECEMBER 2, 2020

OGUsers was hacked at least twice previously, in May 2019 and again in March 2020. In the meantime, someone has been taunting forum members, saying they can have their profiles and private messages removed from an impending database leak by paying between $50 and $100.

Accountability 347

Accountability Hacking Scams Media 347

Schneier on Security

JANUARY 5, 2021

The government’s emphasis on election defense, while critical in 2020, may have diverted resources and attention from long-brewing problems like protecting the “supply chain” of software. There is also no indication yet that any human intelligence alerted the United States to the hacking. We know at minimum they had access Oct.

Hacking 356

Hacking System Administration Software Surveillance 356

Schneier on Security

MAY 3, 2023

New reporting from Wired reveals that the Department of Justice detected the SolarWinds attack six months before Mandient detected it in December 2020, but didn’t realize what they detected—and so ignored it. In July 2020, with the mystery still unresolved, communication between investigators and SolarWinds stopped.

System Administration 256

System Administration Software Engineering Internet 256