2020, Encryption and Hacking - Cyber Security Informer

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

Krebs on Security

JUNE 15, 2024

A 22-year-old man from the United Kingdom arrested this week in Spain is allegedly the ringleader of Scattered Spider , a cybercrime group suspected of hacking into Twilio , LastPass , DoorDash , Mailchimp , and nearly 130 other organizations over the past two years. man arrested was a SIM-swapper who went by the alias “ Tyler.”

Hacking

Hacking Phishing Cybercrime Passwords

On the Irish Health Services Executive Hack

Schneier on Security

FEBRUARY 11, 2022

The antivirus server was later encrypted in the attack). Over 30,000 machines were running Windows 7 (out of support since January 2020). Antivirus software triggered numerous alerts after detecting Cobalt Strike activity but these were not escalated. There was a lack of effective patching (updates, bug fixes etc.)

Antivirus

Antivirus Hacking Ransomware CISO

No, I Did Not Hack Your MS Exchange Server

Krebs on Security

MARCH 28, 2021

26, Shadowserver saw an attempt to install a new type of backdoor in compromised Exchange Servers, and with each hacked host it installed the backdoor in the same place: “ /owa/auth/babydraco.aspx. Further reading: A Basic Timeline of the Exchange Mass-Hack. That same list today would be pages long. At Least 30,000 U.S.

Hacking

Hacking Cybercrime DNS Antivirus

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Krebs on Security

OCTOBER 28, 2020

In March 2020, KrebsOnSecurity alerted Swedish security giant Gunnebo Group that hackers had broken into its network and sold the access to a criminal group which specializes in deploying ransomware. He declined to comment on the particulars of the extortion incident.

Hacking

Hacking Ransomware Banking Accountability

Twitter Hacking for Profit and the LoLs

Krebs on Security

JULY 22, 2020

The New York Times last week ran an interview with several young men who claimed to have had direct contact with those involved in last week’s epic hack against Twitter. ” Twice in the past year, the OGUsers forum was hacked , and both times its database of usernames, email addresses and private messages was leaked online.

Hacking

Hacking Accountability Scams Media

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The epidemic went truly mainstream with the release of CryptoLocker back in 2013, and it has since transformed into a major dark web economy spawning the likes of Sodinokibi, Ryuk, and Maze lineages that are targeting the enterprise on a huge scale in 2020. File encryption 2013 – 2015. pharma giant ExecuPharm.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Q&A: SolarWinds, Mimecast hacks portend intensified third-party, supply-chain compromises

The Last Watchdog

JANUARY 25, 2021

Thanks to a couple of milestone hacks disclosed at the close of 2020 and start of 2021, they will forever be associated with putting supply-chain vulnerabilities on the map. Similarly, the SolarWinds and Mimecast hacks are precursors of increasingly clever and deeply-damaging hacks of the global supply chain sure to come.

Hacking

Hacking B2B Authentication Software

FragAttacks vulnerabilities expose all WiFi devices to hack

Security Affairs

MAY 12, 2021

.” Summarizing, the design flaws discovered by the expert are: CVE-2020-24588 : aggregation attack (accepting non-SPP A-MSDU frames). CVE-2020-24587 : mixed key attack (reassembling fragments encrypted under different keys). CVE-2020-26140 : Accepting plaintext data frames in a protected network. Pierluigi Paganini.

Hacking

Hacking Encryption Authentication Internet

Hackers Were Inside Citrix for Five Months

Krebs on Security

FEBRUARY 19, 2020

It is perhaps best known for selling virtual private networking (VPN) software that lets users remotely access networks and computers over an encrypted connection. 10, 2020, Citrix disclosed additional details about the incident. But in a letter sent to affected individuals dated Feb. 13, 2018 and Mar.

VPN

VPN Passwords Software Telecommunications

The source code of the Paradise Ransomware was leaked on XSS hacking forum

Security Affairs

JUNE 15, 2021

The source code for the Paradise Ransomware has been released on a hacking forum allowing threat actors to develop their customized variant. The source code for the Paradise Ransomware has been released on the hacking forum XSS allowing threat actors to develop their own customized ransomware operation. Pierluigi Paganini.

Ransomware

Ransomware Hacking Encryption Malware

Iranian hacking group caught spreading ransomware

CyberSecurity Insiders

MAY 12, 2022

According to research carried out by SecureWorks, an Iranian Hacking group dubbed “Cobalt Mirage” was discovered to be distributing ransomware. In most cases, the hackers from Iran are seen breaching networks by exploiting Log4j vulnerabilities and ProxyShell, along with Fortinet Security flaws- discovered in the early months of 2020.

Hacking

Hacking Ransomware Encryption Government

Astaroth malware uses YouTube channel descriptions for hacks

SecureBlitz

FEBRUARY 21, 2024

In 2020, the digital landscape witnessed a cunning maneuver by the infamous Astaroth malware. Cisco Talos researchers first uncovered this devious strategy, revealing that Astaroth embedded encrypted and […] The post Astaroth malware uses YouTube channel descriptions for hacks appeared first on SecureBlitz Cybersecurity.

Malware

Malware Hacking Encryption Cybersecurity

Which is the Threat landscape for the ICS sector in 2020?

Security Affairs

MARCH 22, 2021

The Kaspersky ICS CERT published a report that provided details about the threat landscape for computers in the ICS engineering and integration sector in 2020. Kaspersky ICS CERT published a report that provided details about the threat landscape for ICS engineering and integration sector in 2020. In H2 2020, 39.3%

Engineering

Engineering VPN Accountability Software

Most of Exim email servers could be hacked by exploiting 21Nails flaws

Security Affairs

MAY 4, 2021

This is not the first time that experts disclose vulnerabilities in EXIM software, in May 2020 the U.S. Experts announced they will not publish that exploits for now.

Hacking

Hacking Software Engineering Encryption

Hacking Nespresso machines to have unlimited funds to purchase coffee

Security Affairs

FEBRUARY 7, 2021

Some commercial Nespresso machines that are used in Europe could be hacked to add unlimited funds to purchase coffee. Some Nespresso Pro machines in Europe could be hacked to add unlimited funds to purchase coffee. The researchers wrote a Python script that used to crack the weak encryption and dumped the card’s binary.

Hacking

Hacking Technology Software Engineering

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Security Affairs

DECEMBER 4, 2021

Cuba ransomware has been active since at least January 2020. The ransomware encrypts files on the targeted systems using the “ cuba” extension. The FBI discourages paying the ransom because there is no guarantee to recover the encrypted files. SecurityAffairs – hacking, ransomware). Pierluigi Paganini.

Ransomware

Ransomware Hacking Malware Encryption

Analysis of Xloader’s C2 Network Encryption

Security Boulevard

JANUARY 21, 2022

Xloader is an information stealing malware that is the successor to Formbook, which had been sold in hacking forums since early 2016. In October 2020, Formbook was rebranded as Xloader and some significant improvements were introduced, especially related to the command and control (C2) network encryption. Execute commands.

Encryption

Encryption Malware Backups Passwords

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

Security Affairs

OCTOBER 9, 2023

pic.twitter.com/YJavUu53v3 — vx-underground (@vxunderground) October 7, 2023 BleepingComputer was able to verify with the help of the popular malware researcher Michael Gillespie that that source code is legitimate and is related to the first version of the ransomware that was employed in 2020.

Cybercrime

Cybercrime Ransomware DDOS Encryption

Cryptocurrency exchange BuyUcoin hacked, data of 325K+ users leaked

Security Affairs

JANUARY 25, 2021

Leaked data includes names, e-mails, mobile numbers, encrypted passwords, user wallet details, order details, bank details, KYC details (PAN number, passport numbers) and deposit history. SecurityAffairs – hacking, data breach). BuyUcoin has yet to confirm the security incident, it only announced the launch of an investigation.

Cryptocurrency

Cryptocurrency Hacking InfoSec Data breaches

More Than 90 Percent of Malware in Q2 Came Via Encrypted Traffic: WatchGuard

eSecurity Planet

OCTOBER 4, 2021

percent of all malware detected on networks of WatchGuard Technologies customers in the second quarter came over encrypted connections, raising the security risk for the 80 percent of such organizations that lack processes for decrypting and scanning HTTPS traffic for threats. Malware in Encrypted Traffic. A surprising 91.5

Encryption

Encryption Malware Ransomware Firewall

APT hacked a US municipal government via an unpatched Fortinet VPN

Security Affairs

MAY 27, 2021

The threat actors are actively exploiting the following vulnerabilities in Fortinet FortiOS: CVE-2018-13379 ; CVE-2020-12812 ; CVE-2019-5591. SecurityAffairs – hacking, Fortinet VPN). The post APT hacked a US municipal government via an unpatched Fortinet VPN appeared first on Security Affairs. Pierluigi Paganini.

VPN

VPN Government Hacking Accountability

Attacking Machine Learning Systems

Schneier on Security

FEBRUARY 6, 2023

But what if, instead, somebody hacked into the system and just switched the labels for “gun” and “turtle” or swapped “stop” and “45 mi/h”? Like everything else, these systems will be hacked through vulnerabilities in those more conventional parts of the system. Most of us are simply too low on its priorities list to ever get hacked.

Encryption

Encryption Hacking Software Social Engineering

Chinese national charged for hacking thousands of Sophos firewalls

Security Affairs

DECEMBER 11, 2024

has charged a Chinese national for hacking thousands of Sophos firewall devices worldwide in 2020. has charged the Chinese national Guan Tianfeng (aka gbigmao and gxiaomao) for hacking thousands of Sophos firewall devices worldwide in 2020. The malware stole data and encrypted files to block remediation attempts.

Firewall

Firewall Hacking Malware Passwords

Morgan Stanley discloses data breach after the hack of a third-party vendor

Security Affairs

JULY 8, 2021

The American multinational investment bank and financial services firm Morgan Stanley discloses a data breach caused by the hack of an Accellion FTA server of a third-party vendor. The hack of the FTA server took place in March, but the hacker had access to the data of Morgan Stanley customers in May. Pierluigi Paganini.

Data breaches

Data breaches Hacking Banking Financial Services

Microsoft Patch Tuesday, May 2021 Edition

Krebs on Security

MAY 11, 2021

.” Another curious bug fixed this month is CVE-2020-24587 , described as a “Windows Wireless Networking Information Disclosure Vulnerability.” “This patch fixes a vulnerability that could allow an attacker to disclose the contents of encrypted wireless packets on an affected system,” he said.

Wireless

Wireless Internet Internet Backups

Energy giant Shell discloses data breach caused by Accellion FTA hack

Security Affairs

MARCH 23, 2021

billion in 2020. FireEye pointed out that despite FIN11 hackers are publishing data from Accellion FTA customers on the Clop ransomware leak site, they did not encrypt systems on the compromised networks. SecurityAffairs – hacking, Shell). continues FireEye. Follow me on Twitter: @securityaffairs and Facebook.

Data breaches

Data breaches Hacking Cybercrime Cyber Attacks

Fidelis, Mimecast, Palo Alto Networks, Qualys also impacted by SolarWinds hack

Security Affairs

JANUARY 26, 2021

“Our investigation also showed that the threat actor accessed, and potentially exfiltrated, certain encrypted service account credentials created by customers hosted in the United States and the United Kingdom.” SecurityAffairs – hacking, SolarWinds). ” reads the update. ” reported Forbes. Pierluigi Paganini.

Hacking

Hacking Accountability Software Media

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Krebs on Security

SEPTEMBER 5, 2023

In November 2022, the password manager service LastPass disclosed a breach in which hackers stole password vaults containing both encrypted and plaintext data for more than 25 million users. LastPass disclosed that criminal hackers had compromised encrypted copies of some password vaults, as well as other personal information.

Cryptocurrency

Cryptocurrency Passwords Encryption Accountability

Bitdefender releases free decrypter for Darkside ransomware

Security Affairs

JANUARY 12, 2021

Darkside ransomware first appeared in the threat landscape in August 2020, its operators were distributing it using a ransomware-as-a-service business model. Darkside ransomware first appeared in the threat landscape in August 2020, its operators were distributing it using a ransomware-as-a-service business model. Pierluigi Paganini.

Ransomware

Ransomware Encryption Hacking Information Security

Two flaws could allow bypassing AMD SEV protection system

Security Affairs

MAY 16, 2021

The chipmaker AMD published guidance for two new attacks against its SEV ( Secure Encrypted Virtualization ) protection technology. SecurityAffairs – hacking, AMD). The findings about the two attacks will be presented by two research teams at this year’s 15th IEEE Workshop on Offensive Technologies (WOOT’21). Pierluigi Paganini.

Encryption

Encryption Technology Hacking Information Security

Black Kingdom ransomware is targeting Microsoft Exchange servers

Security Affairs

MARCH 24, 2021

Black Kingdom ransomware was first spotted in late February 2020 by security researcher GrujaRS , the ransomware encrypts files and appends the.DEMON extension to filenames of the encrypted documents. It does indeed encrypt files. SecurityAffairs – hacking, Microsoft Exchange). Pierluigi Paganini.

Ransomware

Ransomware Encryption VPN Malware

Mount Locker ransomware operators demand multi-million dollar ransoms

Security Affairs

SEPTEMBER 28, 2020

A new ransomware gang named Mount Locker has started its operations stealing victims’ data before encrypting. Like other ransomware operators, Mount Locker started targeting corporate networks, it has been active since the end of July 2020. to the filenames of the encrypted files. SecurityAffairs – hacking, ransomware).

Ransomware

Ransomware Encryption Advertising Engineering

Fake mobile version of Cyberpunk 2077 spreads ransomware

Security Affairs

DECEMBER 18, 2020

Cyberpunk 2077 is a 2020 action role-playing video game developed and published by CD Projekt, it was one of the most. RC4 algorithm with hardcoded key (in this example – "21983453453435435738912738921") is used for encryption. link] — Tatyana Shishkova (@sh1shk0va) December 17, 2020. "CyberPunk2077.sfx.exe"

Mobile

Mobile Ransomware Encryption Malware

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Krebs on Security

JANUARY 30, 2024

Sources close to the investigation tell KrebsOnSecurity the accused was a key member of a criminal hacking group blamed for a string of cyber intrusions at major U.S. Multiple security firms soon assigned the hacking group the nickname “ Scattered Spider.” 9, 2024, U.S. technology companies during the summer of 2022.

Social Engineering

Social Engineering Mobile Passwords Cybercrime

Victims of ThunderX ransomware can recover their files for free

Security Affairs

SEPTEMBER 26, 2020

ThunderX is ransomware that appeared in the threat landscape recently, infections were discovered at the end of August 2020. . Researchers developed a decryptor for the ransomware after they have discovered a bug in the encryption process implemented by the threat. SecurityAffairs – hacking, ransomware). Pierluigi Paganini.

Ransomware

Ransomware Encryption Advertising Hacking

Victims of FonixCrypter ransomware could decrypt their files for free

Security Affairs

JANUARY 30, 2021

The availability of the master decryption key allows the victims to recover their encrypted files for free. Fonix Ransomware Master RSA Key (Spub.key & Spriv.key) and Sample Decryptor : #Fonix #ransomware #XINOF #FonixCrypter #close_project #hack #Malware #raas #ransomware_as_a_service [link] — fnx (@fnx67482837) January 29, 2021.

Ransomware

Ransomware Encryption Malware Cybercrime

Chip maker Advantech hit by Conti ransomware gang

Security Affairs

NOVEMBER 28, 2020

The Conti ransomware gang hit infected the systems of industrial automation and Industrial IoT (IIoT) chip maker Advantech and is demanding over $13 million ransom (roughly 750 BTC) to avoid leaking stolen files and to provide a key to restore the encrypted files. SecurityAffairs – hacking, Advantech). billion in 2019.

Ransomware

Ransomware Encryption IoT Malware

Akira ransomware received $42M in ransom payments from over 250 victims

Security Affairs

APRIL 21, 2024

The Akira ransomware has been active since March 2023, the threat actors behind the malware claim to have already hacked multiple organizations in multiple industries, including education, finance, and real estate. The Akira ransomware operators implement a double extortion model by exfiltrating victims’ data before encrypting it.

Ransomware

Ransomware Encryption Antivirus VPN

ViperSoftX uses more sophisticated encryption and anti-analysis techniques

Security Affairs

APRIL 29, 2023

xyz pic.twitter.com/VLhISark8Y — Goldwave (@OGoldwave) March 13, 2023 The variant employed in the campaign supports a more sophisticated encryption method of byte remapping and a monthly rotation of the C2 server. #ViperSoftX is back, doesn't look like much has changed. c2 arrowlchat[.]com ” concludes the report.

Encryption

Encryption Malware Cryptocurrency Software

Breached Mathway App Credentials Offered on Dark Web

Adam Levin

MAY 26, 2020

Mathway, a popular app for iOS and Android devices, recently uncovered evidence of the breach after a hacking group announced it was selling Mathway user data on the dark web for roughly $4,000 in Bitcoin. . ShinyGroup, a hacking group notorious for selling compromised data, announced that they had breached Mathway in January 2020.

Data breaches

Data breaches Passwords Accountability Encryption

3CX Breach Was a Double Supply Chain Compromise

Krebs on Security

APRIL 20, 2023

Mandiant concluded that the 3CX attack was orchestrated by the North Korean state-sponsored hacking group known as Lazarus , a determination that was independently reached earlier by researchers at Kaspersky Lab and Elastic Security. Microsoft Corp.

Malware

Malware Software Technology Accountability

FBI issued an alert on Ragnar Locker ransomware activity

Security Affairs

NOVEMBER 23, 2020

FBI is warning private industry partners of a surge in Ragnar Locker ransomware activity following a confirmed attack from April 2020. Federal Bureau of Investigation (FBI) issued a flash alert (MU-000140-MW) to warn private industry partners of an increase of the Ragnar Locker ransomware activity following a confirmed attack from April 2020.

Ransomware

Ransomware Encryption VPN Backups

SHARED INTEL: Report details how cyber criminals leverage HTTPS TLS to hide malware

The Last Watchdog

APRIL 21, 2021

From January through March 2021, TLS concealed 45 percent of the malware Sophos analysts observed circulating on the Internet; that’s double the rate – 23 percent – seen in early 2020, Dan Schiappa, Sophos’ chief product officer, told me in a briefing. How TLS works is that there is an encryption point and a decryption point.

Malware

Malware Firewall Encryption Digital transformation

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

The Last Watchdog

AUGUST 29, 2023

The threat of bad actors hacking into airplane systems mid-flight has become a major concern for airlines and operators worldwide. Back in 2015, a security researcher decided to make that very point when he claimed to have hacked a plane , accessed the thrust system, and made it fly higher than intended.

Software

Software Risk Artificial Intelligence Engineering

Alleged Boss of ‘Scattered Spider’ Hacking Group Arrested

On the Irish Health Services Executive Hack

Trending Sources

No, I Did Not Hack Your MS Exchange Server

Security Blueprints of Many Companies Leaked in Hack of Swedish Firm Gunnebo

Twitter Hacking for Profit and the LoLs

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Q&A: SolarWinds, Mimecast hacks portend intensified third-party, supply-chain compromises

FragAttacks vulnerabilities expose all WiFi devices to hack

Hackers Were Inside Citrix for Five Months

The source code of the Paradise Ransomware was leaked on XSS hacking forum

Iranian hacking group caught spreading ransomware

Astaroth malware uses YouTube channel descriptions for hacks

Which is the Threat landscape for the ICS sector in 2020?

Most of Exim email servers could be hacked by exploiting 21Nails flaws

Hacking Nespresso machines to have unlimited funds to purchase coffee

Cuba ransomware gang hacked 49 US critical infrastructure organizations

Analysis of Xloader’s C2 Network Encryption

The source code of the 2020 variant of HelloKitty ransomware was leaked on a cybercrime forum

Cryptocurrency exchange BuyUcoin hacked, data of 325K+ users leaked

More Than 90 Percent of Malware in Q2 Came Via Encrypted Traffic: WatchGuard

APT hacked a US municipal government via an unpatched Fortinet VPN

Attacking Machine Learning Systems

Chinese national charged for hacking thousands of Sophos firewalls

Morgan Stanley discloses data breach after the hack of a third-party vendor

Microsoft Patch Tuesday, May 2021 Edition

Energy giant Shell discloses data breach caused by Accellion FTA hack

Fidelis, Mimecast, Palo Alto Networks, Qualys also impacted by SolarWinds hack

Experts Fear Crooks are Cracking Keys Stolen in LastPass Breach

Bitdefender releases free decrypter for Darkside ransomware

Two flaws could allow bypassing AMD SEV protection system

Black Kingdom ransomware is targeting Microsoft Exchange servers

Mount Locker ransomware operators demand multi-million dollar ransoms

Fake mobile version of Cyberpunk 2077 spreads ransomware

Fla. Man Charged in SIM-Swapping Spree is Key Suspect in Hacker Groups Oktapus, Scattered Spider

Victims of ThunderX ransomware can recover their files for free

Victims of FonixCrypter ransomware could decrypt their files for free

Chip maker Advantech hit by Conti ransomware gang

Akira ransomware received $42M in ransom payments from over 250 victims

ViperSoftX uses more sophisticated encryption and anti-analysis techniques

Breached Mathway App Credentials Offered on Dark Web

3CX Breach Was a Double Supply Chain Compromise

FBI issued an alert on Ragnar Locker ransomware activity

SHARED INTEL: Report details how cyber criminals leverage HTTPS TLS to hide malware

GUEST ESSAY: Where we stand on mitigating software risks associated with fly-by-wire jetliners

Stay Connected