2013 and Security - Information Management Today

Hacking Kia cars made after 2013 using just their license plate

Security Affairs

SEPTEMBER 26, 2024

Researchers discovered critical flaws in Kia’s dealer portal that could allow to hack Kia cars made after 2013 using just their license plate. This will allow us to send arbitrary commands to the vehicle.” ” concludes Curry.

Access

Access Sales Cybersecurity IT

6 cyber-espionage campaigns since 2013 attributed to PKPLUG China-linked group

Security Affairs

OCTOBER 3, 2019

Security experts linked a number of cyber-espionage campaigns observed over the years to the same Chinese threat actor, tracked as PKPLUG. Security experts linked a number of cyber-espionage campaigns observed over the years to the same Chinese threat actor, tracked as PKPLUG. Pierluigi Paganini. SecurityAffairs – PKPLUG, China).

Archiving

Archiving Cybersecurity Security IT

A bug in Tor Browser allows execution of JavaScript even in Safest security level

Security Affairs

MARCH 14, 2020

Such kind of scripts was also employed in investigations conducted by law enforcement, in 2013, the FBI admitted attack against the Freedom Hosting, probably the most popular Tor hidden service operator company at the time. that features important security updates to Firefox. ” reads the post published by the Tor team.

Security

Security Privacy IT Information Security

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

CIRWA Project tracks ransomware attacks on critical infrastructure

Security Affairs

SEPTEMBER 14, 2020

The project was launched in September 2019 and as of August 2020, the experts collected 680 records of ransomware attacks that took place since November 2013. These are based on publicly disclosed incidents in the media or security reports.” The maintainers of the project also mapped the attacks to the MITRE ATT&CK framework.

Ransomware

Ransomware Data collection Education Security

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Think your customers will pay more for data visualizations in your application? Five years ago they may have. But today, dashboards and visualizations have become table stakes. Discover which features will differentiate your application and maximize the ROI of your embedded analytics. Brought to you by Logi Analytics.

Analytics

Three security bugs found in the popular Linux suite systemd

Security Affairs

JANUARY 10, 2019

Security firm Qualys has disclosed three flaws (CVE-2018-16864, CVE-2018-16865, and CVE-2018-16866 ) in a component of systemd , a software suite that provides fundamental building blocks for a Linux operating system used in most major Linux distributions. ” reads the security advisory. ” continues the advisory.

Security

Security Access IT

Google expert detailed a 5-Year-Old flaw in Apple Safari exploited in the wild

Security Affairs

JUNE 20, 2022

The vulnerability, tracked as CVE-2022-22620 , was fixed for the first time in 2013, but in 2016 experts discovered a way to bypass the fix. CVE-2022-22620 was initially fixed in 2013, reintroduced in 2016, and then disclosed as exploited in-the-wild in 2022.” reads the security advisory published by Apple. “A

Security

Security IT Cybersecurity Data breaches

Voter information for 2 millions of Indonesians leaked online

Security Affairs

MAY 23, 2020

Leaked details include names, addresses, ID numbers, birth dates, and more, they appear to date back to 2013. Appears to date back to 2013. The post Voter information for 2 millions of Indonesians leaked online appeared first on Security Affairs. Actor leaks information on 2,300,000 Indonesian citizens. Pierluigi Paganini.

IT

IT Security Data breaches

Medical Center Fined $4.75M in Insider ID Theft Incident

Data Breach Today

FEBRUARY 6, 2024

HHS OCR Says a Malicious Worker Stole and Sold Patient Information in 2013 HHS has fined a New York City medical center $4.75 million to settle potential HIPAA violations discovered during an investigation into a hospital insider who sold patient data to identity thieves in 2013.

Privacy

Privacy Security IT

Prestige reservation platform exposes millions of hotel guests

Security Affairs

NOVEMBER 10, 2020

Exposed data, some of which go back to 2013, include sensitive information and credit card details. The researchers pointed out that Prestige could face penalties in case authorities will determine violations of the General Data Protection Regulation and the Payment Card Industry Data Security Standard (PCI DSS). Pierluigi Paganini.

Cloud

Cloud Phishing Access Privacy

Most organizations have yet to fix CVE-2020-0688 Microsoft Exchange flaw

Security Affairs

MARCH 16, 2020

Security experts Simon Zuckerbraun from Zero Day Initiative published technical details on how to exploit the Microsoft Exchange CVE-2020-0688 along with a video PoC. The vulnerability impacts Microsoft Exchange 2010, 2013, 2016, and 2019. ” reads the report published by Kenna Security. ” concludes the report.

Authentication

Authentication Access Security Cybersecurity

Google announced the completion of the acquisition of Mandiant for $5.4 billion

Security Affairs

SEPTEMBER 12, 2022

Mandiant is considered a leading cyber security firm, in 2013 FireEye acquired it, but FireEye separated Mandiant Solutions in 2021 as part of a $1.2 billion appeared first on Security Affairs. (NASDAQ: MNDT) today announced that it has entered into a definitive agreement to be acquired by Google LLC for $23.00

Cybersecurity

Cybersecurity Cloud Analytics Security

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

Security Affairs

JANUARY 31, 2024

“This is the most extensive security of Bitcoins by law enforcement authorities in the Federal Republic of Germany to date.” It was operating between 2008 and 2013. In 2013, the Motion Picture Association of America (MPAA) shut down the website due to concerns related to copyright infringement.

IT

IT Security Information Security

Microsoft recommends Exchange admins to disable the SMBv1 protocol

Security Affairs

FEBRUARY 13, 2020

. “To make sure that your Exchange organization is better protected against the latest threats (for example Emotet, TrickBot or WannaCry to name a few) we recommend disabling SMBv1 if it’s enabled on your Exchange (2013/2016/2019) server.” ” reads an advisory published by the Microsoft Tech Community. Pierluigi Paganini.

Authentication

Authentication Communications Encryption IT

CISA urges to fix actively exploited Firefox zero-days by March 21

Security Affairs

MARCH 8, 2022

Cybersecurity and Infrastructure Security Agency (CISA) added recently disclosed Firefox zero-days to its Known Exploited Vulnerabilities Catalog. The post CISA urges to fix actively exploited Firefox zero-days by March 21 appeared first on Security Affairs. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Cybersecurity

Cybersecurity Authentication Cloud Security

Using steganography to obfuscate PDF exploits

Security Affairs

JANUARY 26, 2019

The sample was detected as “ exploit CVE-2013-3346 ” by our EdgeLogic engine, same as the previous one.” According to the researchers, the author of the sample exploited CVE-2013-3346 vulnerability, they speculate that the same individual created another document recently spotted by the firm. Pierluigi Paganini.

IT

IT Security

Hacker who disrupted Sony gaming gets a 27-months jail sentence

Security Affairs

JULY 4, 2019

The hacker who brought offline with massive DDoS attacks online gaming networks between December 2013 and January 2014 has been sentenced to 27 months in prison. Austin Thompson (23) from Utah hit the principal gamins networks in 2013 and 2014, including Sony Online Entertainment. ” reads the press release published by DoJ. .

Computer and Electronics

Computer and Electronics Access Security IT

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

Security Affairs

APRIL 23, 2020

A security expert uncovered an old APT operation, tracked Nazar, by analyzing the NSA hacking tools included in the dump leaked by Shadow Brokers in 2017. The analysis of the submissions times in VirusTotal for the artifacts employed in the Nazar campaign allowed the expert to date the campaign between 2010 and 2013.

Libraries

Libraries Cybersecurity Access IT

CERT-UA warns of a phishing campaign targeting government entities

Security Affairs

AUGUST 13, 2024

CERT-UA warned that Russia-linked actor is impersonating the Security Service of Ukraine (SSU) in a new phishing campaign to distribute malware. Threat actors sent out emails attempting to impersonate Security Service of Ukraine (SSU) and contains a link to download a file named “Documents.zip.”

Phishing

Phishing Government File names Access

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Security Affairs

APRIL 5, 2022

Ukraine CERT-UA published a security advisory to warn of spear-phishing attacks conducted by Russia-linked Armageddon APT (aka Gamaredon , Primitive Bear, Armageddon, Winterflounder, or Iron Tilden) targeting local state organizations. The phishing messages have been sent from “vadim_melnik88@i[.]ua,” Pierluigi Paganini.

Military

Military Phishing File names Archiving

CISA adds Stuxnet bug to its Known Exploited Vulnerabilities Catalog

Security Affairs

SEPTEMBER 17, 2022

Cybersecurity and Infrastructure Security Agency (CISA) adds new vulnerabilities to its Known Exploited Vulnerabilities Catalog, including the bug used in the Stuxnet attacks. Cybersecurity and Infrastructure Security Agency (CISA) has added six new vulnerabilities to its Known Exploited Vulnerabilities Catalog. Pierluigi Paganini.

IT

IT Cybersecurity Risk Security

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

Security Affairs

AUGUST 1, 2019

Back in 2008, a whistle-blower identifies a vulnerability in Cisco video surveillance software, but the tech giant continued to sell the software to US agencies until July 2013. Cisco finally addressed the flaws in 2013 and stopped selling Cisco Video Surveillance Manager (VSM) in 2014. Cisco is going to pay $8.6 Pierluigi Paganini.

Government

Government Sales Access Security

Two former NSA Officials appointed by Joe Biden for prominent cyber roles

Security Affairs

APRIL 12, 2021

President Joe Biden has assigned to two former senior National Security Agency (NSA) officials key cyber roles in his administration. Inglis retired from NSA in 2014 where he served the US government for 28 years, since 2013 as the agency’s deputy director. I’m proud of what we are building across the U.S. Pierluigi Paganini.

Military

Military Government Cybersecurity Security

Sextortion campaign uses Goontact spyware to target Android and iOS users

Security Affairs

DECEMBER 16, 2020

Security experts spotted a new malware strain, named Goontact, that allows its operators to spy on both Android and iOS users. Security researchers from Lookout have discovered new spyware, dubbed Goontcat, that could target both Android and iOS users. ” continues the report. ” conclude the experts. .”

Communications

Communications Security IT Information Security

Data belonging 44 Million Pakistani mobile users leaked online

Security Affairs

MAY 6, 2020

It seems that the huge trove of data was the result of a data breach that took place in 2017, the oldest entries are dated back as 2013. Please vote Security Affairs for European Cybersecurity Blogger Awards – VOTE FOR YOUR WINNERS [link]. – Database apparently got hacked in 2017. Pierluigi Paganini.

Sales

Sales Data breaches Authentication Personal data

PoC exploit code for ProxyNotShell Microsoft Exchange bugs released online

Security Affairs

NOVEMBER 20, 2022

they impact Exchange Server 2013, 2016, and 2019, an authenticated attacker can trigger them to elevate privileges to run PowerShell in the context of the system and gain arbitrary or remote code execution on vulnerable servers. It's perhaps just Exchange 2013 that requires a tweak. Pierluigi Paganini.

Authentication

Authentication Cybersecurity Security IT

US offers $2.5M reward for Belarusian man involved in mass malware distribution

Security Affairs

AUGUST 28, 2024

The indictment alleges that from 2013 to 2022, Kadariya played a key role in distributing the Angler Exploit Kit, which was used to spread various malware, including ransomware, through malvertising and other methods. Kadariya has been indicted for distributing the Angler Exploit Kit and other malware to millions of victims.

Computer and Electronics

Computer and Electronics Access Ransomware Information Security

Exploit broker Zerodium is looking for Pidgin 0day exploits

Security Affairs

JUNE 2, 2021

Researchers from Trend Micro reported the existence of Asrar al-Dardashah, a plugin released in 2013 that was developed for Pidgin to add encryption to the instant messaging functions, securing instant messaging with the press of a single button. Follow me on Twitter: @securityaffairs and Facebook. Pierluigi Paganini.

Encryption

Encryption Communications Security IT

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

Security Affairs

MARCH 16, 2021

On March 2nd, Microsoft released emergency out-of-band security updates that address four zero-day issues (CVE-2021-26855, CVE-2021-26857, CVE-2021-26858, and CVE-2021-27065) in all supported MS Exchange versions that are actively exploited in the wild. We have tested this tool across Exchange Server 2013, 2016, and 2019 deployments.”

Military

Military Manufacturing Access Security

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

Security Affairs

MAY 26, 2024

UAC-0006 has been active since at least 2013. IT shared indicators of compromise for this campaign and is urging to implement proper security policies and protection mechanisms. The Computer Emergency Response Team of Ukraine (CERT-UA) warned of surge in in cyberattacks linked to the financially-motivated threat actor UAC-0006.

Archiving

Archiving Phishing Access Cybersecurity

Notorious Finnish Hacker sentenced to more than six years in prison

Security Affairs

APRIL 30, 2024

In 2013, investigators discovered malicious code on devices seized from Kivimäki, which was used by HTP to compromise over 60,000 servers exploiting an Adobe ColdFusion zero-day. This exploit was reported by Brian Krebs in September 2013, after the hackers breached the servers of LexisNexis, Kroll, and Dun & Bradstreet.

Data breaches

Data breaches IT Information Security Security

Sophos Sandboxie is now available as an open-source tool

Security Affairs

APRIL 10, 2020

” The sandbox was developed by Ronen Tzur and released on June 26, 2004, he sold the solution to Invincea in 2013. The security firm confirmed that all restricted features have been made completely free in this version. The post Sophos Sandboxie is now available as an open-source tool appeared first on Security Affairs.

Marketing

Marketing IT Security Information Security

ISO 27002:2022: Unpacking the InfoSec Management Standard

Data Breach Today

MARCH 15, 2022

Gary Hibberd, known as "The Professor of Communicating Cyber" at cybersecurity services provider Cyberfort Group, discusses the biggest changes made since 2013 to the ISO 27001 international standard for an information security management system, which helps organizations secure their data assets.

Communications

Communications Information Security Cybersecurity Security

Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs

Security Affairs

NOVEMBER 22, 2020

Researchers from Bank Security first reported the availability of the list of 49,577 IPs vulnerable to Fortinet SSL VPN CVE-2018-13379. link] — Bank Security (@Bank_Security) November 20, 2020. The post Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs appeared first on Security Affairs.

Government

Government Ransomware Access Cybersecurity

PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack

Security Affairs

JULY 23, 2020

CVE-2020-1147 is a critical vulnerability in.NET Framework, SharePoint, and Visual Studio that was recently addressed by Microsoft with the release of the July 2020 Patch Tuesday security updates. ” reads the security advisory published by Microsoft. The CVE-2020-1147 vulnerability impacts.NET Core 2.1,NET NET Framework 2.0

Security

Security IT Information Security

Experts spotted two Android spyware used by Indian APT Confucius

Security Affairs

FEBRUARY 11, 2021

Researchers at mobile security firm Lookout have provided details about two recently discovered Android spyware families, dubbed Hornbill and SunBird, used by an APT group named Confucius. Confucius is a pro-India APT group that has been active since 2013, it mainly focused on Pakistani and other South Asian targets. .

Metadata

Metadata Military Manufacturing Access

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

CDHE discovered the ransomware attack on June 19, 2023, it immediately launched an investigation into the security breach with the help of third-party specialists. At the time of this writing, no ransomware group has claimed responsibility for the security breach. ” reads the Notice of Data Incident published by the company.

Education

Education Data breaches Ransomware Access

Hunting the ICEFOG APT group after years of silence

Security Affairs

JUNE 8, 2019

A security researcher found new evidence of activities conducted by the ICEFOG APT group, also tracked by the experts as Fucobha. Chi-en (Ashley) Shen, a senior security researcher at FireEye, collected evidence that demonstrates that China-linked APT group ICEFOG (aka Fucobha ) is still active. Feedbacks and questions are welcome!

Agriculture

Agriculture Government Military Communications

Meet the Administrators of the RSOCKS Proxy Botnet

Krebs on Security

JUNE 22, 2022

Stanx said he was a longtime member of several major forums, including the Russian hacker forum Antichat (since 2005), and the Russian crime forum Exploit (since April 2013). “Something new was required and I decided to leave Omsk and try to live in the States,” Kloster wrote in 2013. ” the post enthuses.

Sales

Sales Access Systems administration Marketing

Over 61% of Exchange servers vulnerable to CVE-2020-0688 attacks

Security Affairs

SEPTEMBER 30, 2020

Security experts Simon Zuckerbraun from Zero Day Initiative published technical details on how to exploit the Microsoft Exchange CVE-2020-0688 along with a video PoC. Researchers from Rapid7 reported that 61 percent of Exchange 2010, 2013, 2016 and 2019 servers are still vulnerable to the vulnerability. Pierluigi Paganini.

Authentication

Authentication Cybersecurity Risk Security

FBI shuts down the Russian-based hacker platform DEER.IO

Security Affairs

MARCH 26, 2020

platform since October 2013. Social Security Numbers, dates of birth, and victim addresses. Hackers are a threat to our economy, and our privacy and national security, and cannot be tolerated.” appeared first on Security Affairs. Once crooks purchased shop access through the DEER.IO Attorney Robert Brewer.

Sales

Sales Marketing Passwords Authentication

US ballistic missile defense systems (BMDS) open to cyber attacks

Security Affairs

DECEMBER 16, 2018

US DoD Inspector General’s report revealed United States’ ballistic missile defense systems (BMDS) fail to implements cyber security requirements. More than four years later the situation is worrisome, according to a new DoD report the BMDS facilities have failed to implement security controls requested by the standard.

Encryption

Encryption Authentication Cybersecurity Security

Russia-linked group APT29 likely breached TeamViewer’s corporate network

Security Affairs

JUNE 30, 2024

“A comprehensive taskforce consisting of TeamViewer’s security team together with globally leading cyber security experts has worked 24/7 on investigating the incident with all means available. Der Spiegel pointed out that TeamViewer did not disclose the security breach to the public. “In said company spokesman.

Access

Access Security IT Information Security

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Security Affairs

NOVEMBER 5, 2021

Ukraine’s premier law enforcement and counterintelligence disclosed the real identities of five alleged members of the Russia-linked APT group Gamaredon (aka Primitive Bear, Armageddon, Winterflounder, or Iron Tilden) that are suspected to be components of the Russian Federal Security Service (FSB). ” concludes the announcement.

Military

Military Metadata Government Passwords

Hacking Kia cars made after 2013 using just their license plate

6 cyber-espionage campaigns since 2013 attributed to PKPLUG China-linked group

Webinars

Trending Sources

A bug in Tor Browser allows execution of JavaScript even in Safest security level

Webinars

CIRWA Project tracks ransomware attacks on critical infrastructure

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Three security bugs found in the popular Linux suite systemd

Google expert detailed a 5-Year-Old flaw in Apple Safari exploited in the wild

Voter information for 2 millions of Indonesians leaked online

Medical Center Fined $4.75M in Insider ID Theft Incident

Prestige reservation platform exposes millions of hotel guests

Most organizations have yet to fix CVE-2020-0688 Microsoft Exchange flaw

Google announced the completion of the acquisition of Mandiant for $5.4 billion

Police seized 50,000 Bitcoin from operator of the now-defunct piracy site movie2k

Microsoft recommends Exchange admins to disable the SMBv1 protocol

CISA urges to fix actively exploited Firefox zero-days by March 21

Using steganography to obfuscate PDF exploits

Hacker who disrupted Sony gaming gets a 27-months jail sentence

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

CERT-UA warns of a phishing campaign targeting government entities

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

CISA adds Stuxnet bug to its Known Exploited Vulnerabilities Catalog

Cisco to pay $8.6 million fine for selling flawed surveillance technology to the US Gov

Two former NSA Officials appointed by Joe Biden for prominent cyber roles

Sextortion campaign uses Goontact spyware to target Android and iOS users

Data belonging 44 Million Pakistani mobile users leaked online

PoC exploit code for ProxyNotShell Microsoft Exchange bugs released online

US offers $2.5M reward for Belarusian man involved in mass malware distribution

Exploit broker Zerodium is looking for Pidgin 0day exploits

Microsoft releases On-premises Mitigation Tool (EOMT) tool to fix ProxyLogon issues

CERT-UA warns of malware campaign conducted by threat actor UAC-0006

Notorious Finnish Hacker sentenced to more than six years in prison

Sophos Sandboxie is now available as an open-source tool

ISO 27002:2022: Unpacking the InfoSec Management Standard

Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs

PoC Released for Critical CVE-2020-1147 flaw, SharePoint servers exposed to hack

Experts spotted two Android spyware used by Indian APT Confucius

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Hunting the ICEFOG APT group after years of silence

Meet the Administrators of the RSOCKS Proxy Botnet

Over 61% of Exchange servers vulnerable to CVE-2020-0688 attacks

FBI shuts down the Russian-based hacker platform DEER.IO

US ballistic missile defense systems (BMDS) open to cyber attacks

Russia-linked group APT29 likely breached TeamViewer’s corporate network

Ukraine intelligence doxed 5 FSB Officers that are members of Gamaredon APT Group

Stay Connected