2015 and Security - Information Management Today

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

Krebs on Security

JULY 8, 2021

Last week cybercriminals deployed ransomware to 1,500 organizations that provide IT security and technical support to many other companies. Now it appears Kaseya’s customer service portal was left vulnerable until last week to a data-leaking security flaw that was first identified in the same software six years ago.

IT

IT Ransomware Systems administration Authentication

A Retrospective on the 2015 Ashley Madison Breach

Krebs on Security

JULY 27, 2022

As first reported by KrebsOnSecurity on July 19, 2015 , a group calling itself the “ Impact Team ” released data sampled from millions of users, as well as maps of internal company servers, employee network account information, company bank details and salary information. 18, 2015, the Impact Team posted a “Time’s up!”

Sales

Sales Archiving IT Privacy

New Atrium Health data breach impacts 585,000 individuals

Security Affairs

DECEMBER 6, 2024

Atrium Health launched an investigation into the security breach and discovered that from January 2015 to July 2019, certain online tracking technologies were active on its MyAtriumHealth (formerly MyCarolinas) Patient Portal, accessible via web and mobile. . The company notified the US Department of Health and Human Services (HHS).

Data breaches

Data breaches Access Phishing Privacy

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Microsoft Patch Tuesday security updates for September 2024 addressed four actively exploited zero-days

Security Affairs

SEPTEMBER 11, 2024

Microsoft Patch Tuesday security updates for September 2024 addressed 79 flaws, including four actively exploited zero-day flaws. CVE-2024-38217 – Windows Mark of the Web Security Feature Bypass Vulnerability. CVE-2024-38226 – Microsoft Publisher Security Feature Bypass Vulnerability.

Security

Security IoT Authentication IT

MI5 seized Boris Johnson’s phone over security risk fears

Security Affairs

JUNE 21, 2021

The British Security Service, also known as MI5, has seized the mobile devices used by PM Boris Johnson over concerns that were raised after the discovery of the availability of its number online for the last 15 years. ” The case raises the importance of a good cyber security posture for politicians and government officials.

Risk

Risk Security Government Access

Zero-day in Cisco AnyConnect Secure Mobility Client yet to be fixed

Security Affairs

NOVEMBER 4, 2020

Cisco disclosed a zero-day vulnerability in the Cisco AnyConnect Secure Mobility Client software and the availability of PoC exploit code. Cisco has disclosed a zero-day vulnerability, tracked as CVE-2020-3556, in the Cisco AnyConnect Secure Mobility Client software with the public availability of a proof-of-concept exploit code.

Security

Security Authentication Communications IT

The head of the Federal Cyber Security Authority (BSI) faces dismissal

Security Affairs

OCTOBER 10, 2022

The German Interior Minister wants to dismiss the head of the Federal Cyber Security Authority (BSI), Arne Schoenbohm, due to possible contacts with Russian security services. In 2015, Russia-linked hackers paralysed the computer network of the lower house of parliament, the Bundestag. Pierluigi Paganini.

Security

Security Government Cybersecurity IT

France national cyber-security agency warns of a surge in Emotet attacks

Security Affairs

SEPTEMBER 7, 2020

The French national cyber-security agency warns of a surge in Emotet attacks targeting the private sector and public administration entities. The French national cyber-security agency published an alert to warn of a significant increase of Emotet attacks targeting the private sector and public administration entities in France.

Security

Security Ransomware Access Information Security

Microsoft: North Korea-linked Zinc APT targets security experts

Security Affairs

JANUARY 29, 2021

. “In recent months, Microsoft has detected cyberattacks targeting security researchers by an actor we track as ZINC. “Observed targeting includes pen testers, private offensive security researchers, and employees at security and tech companies. .” ” states the report published by Microsoft.

Security

Security Encryption Passwords Communications

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

North Korea-linked threat actors posed as Samsung recruiters in a spear-phishing campaign aimed at employees at South Korean security firms. North Korea-linked APT group posed as Samsung recruiters is a spear-phishing campaign that targeted South Korean security companies that sell anti-malware solutions, Google TAG researchers reported.

Security

Security Phishing Information Security Communications

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

Cybersecurity experts at CyberNews hijacked close to 28,000 unsecured printers worldwide and forced them to print out a guide on printer security. Most of us already know the importance of using antivirus , anti-malware, and VPNs to secure our computers, phones, and other devices against potential attacks. Original post: [link].

Security

Security IoT Passwords Manufacturing

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Security Affairs

NOVEMBER 4, 2020

Ahead of the 2020 Presidential election a mysterious transaction was noticed by cyber security experts and researchers. The wallet was monitored since 2015 because it was associated with hacking activities, it had been “ dormant ” since 2015. 2015* apparently, maybe the owner? Pierluigi Paganini.

Passwords

Passwords Security IT Information Security

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

Security Affairs

MARCH 5, 2025

“Pursuant to Regulation 30 of the SEBI (Listing Obligations and Disclosure Requirements) Regulations, 2015, this is to inform you that the Company has become aware of a ransomware incident that has affected a few of our IT assets.” The company confirmed that the security breach impacted some of its IT systems.

Ransomware

Ransomware Manufacturing IT Security

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

Krebs on Security

JANUARY 31, 2025

The proprietors of the service, who use the collective nickname “ The Manipulaters ,” have been the subject of three stories published here since 2015. The FBI and authorities in The Netherlands this week seized dozens of servers and domains for a hugely popular spam and malware dissemination service operating out of Pakistan.

Phishing

Phishing e-Delivery Sales Passwords

CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

Security Affairs

FEBRUARY 11, 2022

CISA has added to the catalog of vulnerabilities another 15 security vulnerabilities actively exploited in the wild. The US Cybersecurity & Infrastructure Security Agency (CISA) has added fifteen more flaws to the Known Exploited Vulnerabilities Catalog. ” reads the advisory published by Microsoft. Pierluigi Paganini.

IT

IT IoT Cybersecurity Authentication

Bill Looks to Close Federal Cybersecurity Loopholes

Data Breach Today

NOVEMBER 23, 2020

Lawmakers Want to Restrict Agencies From Postponing Security Measures Sen. have introduced a bill designed to patch loopholes in the Federal Cybersecurity Enhancement Act of 2015 that they say allow federal agencies to easily avoid implementing required cybersecurity procedures. Ron Wyden, D-Ore., Lauren Underwood, D-Ill.,

Cybersecurity

Cybersecurity Security

Security Affairs newsletter Round 429 by Pierluigi Paganini – International edition

Security Affairs

JULY 23, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Ransomware Marketing Cloud

Operation TOURNIQUET: Authorities shut down dark web marketplace RaidForums

Security Affairs

APRIL 12, 2022

1, 2015, and on or about Jan. ” RaidForums was launched in 2015, its community reached over half a million users. The post Operation TOURNIQUET: Authorities shut down dark web marketplace RaidForums appeared first on Security Affairs. The police arrested Coelho in the United Kingdom on Jan. Pierluigi Paganini.

Data breaches

Data breaches Sales Passwords Marketing

D-Link confirms data breach, but downplayed the impact

Security Affairs

OCTOBER 18, 2023

The company became aware of the a claim of data breach on October 2, 2023 and immediately launched an investigation into the alleged incident with the help of the security firm Trend Micro. The investigation revealed that the data was stolen from an old D-View 6 system, which reached its end of life as early as 2015.

Data breaches

Data breaches Sales Phishing Manufacturing

Staples discloses data breach exposing customer order data

Security Affairs

SEPTEMBER 14, 2020

The popular security expert Troy Hunt , who runs the data breach notification service HaveIBeenPwned published on Twitter the incident notice sent out by the company to its customers. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Retail Access Security

Hackers targeted the US Census Bureau network, DHS report warns

Security Affairs

OCTOBER 11, 2020

The US Department of Homeland Security revealed that unknown threat actors have targeted the network of the US Census Bureau during the last year. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Hackers targeted the US Census Bureau network, DHS report warns appeared first on Security Affairs.

Government

Government Data collection Access Communications

Israel announced to have foiled an attempted cyber-attack on defence firms

Security Affairs

AUGUST 13, 2020

’ The Lazarus APT is linked to North Korea, the activity of the Group surged in 2014 and 2015, its members used mostly custom-tailored malware in their attacks. Organizations are recommended to implement supplementary security measures to protect SCADA systems used in the water and energy sectors. Pierluigi Paganini.

Agriculture

Agriculture Manufacturing Phishing Passwords

UberEats data leaked on the dark web

Security Affairs

AUGUST 4, 2020

Security researchers from threat intelligence firm Cyble have discovered user records of American online food ordering and delivery platform UberEats on DarkWeb. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The post UberEats data leaked on the dark web appeared first on Security Affairs.

Data breaches

Data breaches Passwords Authentication Security

New Ttint IoT botnet exploits two zero-days in Tenda routers

Security Affairs

OCTOBER 5, 2020

Security researchers provided technical details about an IoT botnet dubbed Ttint that has been exploiting two zero-days in Tenda routers. Security researchers at Netlab, the network security division Qihoo 360, have published a report that details an IoT botnet dubbed Ttint. Pierluigi Paganini.

IoT

IoT Encryption Communications Access

Hackers hit Luxottica, production stopped at two Italian plants

Security Affairs

SEPTEMBER 22, 2020

Security experts believe that threat actor exploited the above flaw to infect the systems at the company with ransomware. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Security experts believe that threat actor exploited the above flaw to infect the systems at the company with ransomware.

Retail

Retail Manufacturing Ransomware Security

Second-ever UEFI rootkit used in North Korea-themed attacks

Security Affairs

OCTOBER 5, 2020

In 2015, the hacker who breached the systems of the Italian surveillance firm Hacking Team leaked a 400GB package containing hacking tools and exploits codes. “With this in mind, we see that UEFI continues to be a point of interest to APT actors, while at large being overlooked by security vendors.” Pierluigi Paganini.

Archiving

Archiving Authentication Security IT

Hackers stole $5.4 million from cryptocurrency exchange ETERBASE

Security Affairs

SEPTEMBER 10, 2020

Slovak cryptocurrency exchange ETERBASE disclosed a security breach, hackers stole cryptocurrency funds worth $5.4 Slovak cryptocurrency exchange ETERBASE disclosed a security breach, the hackers stole Bitcoin, Ether, ALGO, Ripple, Tezos, and TRON assets worth $5.4 million were stolen.” Pierluigi Paganini.

Data breaches

Data breaches Security IT Information Security

Thousands of WordPress WooCommerce stores potentially exposed to hack

Security Affairs

AUGUST 22, 2020

Researchers from security firm WebArx reported that Hackers are actively attempting to exploit numerous flaws in the Discount Rules for WooCommerce WordPress plugin. The list of vulnerabilities includes SQL injection, authorization flaws, and unauthenticated stored cross-site scripting (XSS) security vulnerabilities.

Security

Security Information Security IT

Russia-linked APT groups exploited Lithuanian infrastructure to launch attacks

Security Affairs

MARCH 7, 2021

The annual national security threat assessment report released by Lithuania’s State Security Department states that Russia-linked APT groups conducted cyber-attacks against top Lithuanian officials and decision-makers last in 2020. If you want to receive the weekly Security Affairs Newsletter for free subscribe here.

Military

Military Government Security IT

Hackers stole a six-figure amount from Swiss universities

Security Affairs

OCTOBER 5, 2020

” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Hackers stole a six-figure amount from Swiss universities appeared first on Security Affairs. . “Umbrella organisation swissuniversities has sent a warning email to keep universities on their guard.” Pierluigi Paganini.

Phishing

Phishing Access IT Security

Researchers found alleged sensitive documents of NATO and Turkey

Security Affairs

OCTOBER 12, 2020

Security experts from Cyble found alleged sensitive documents of NATO and Turkey, is it a case of cyber hacktivism or cyber espionage? Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Researchers found alleged sensitive documents of NATO and Turkey appeared first on Security Affairs.

Military

Military Manufacturing Phishing Government

U.S. CISA adds Versa Director bug to its Known Exploited Vulnerabilities catalog

Security Affairs

AUGUST 25, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds Versa Director bug to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added Versa Director Dangerous File Type Upload Vulnerability CVE-2024-39717 (CVSS score: 6.6) to its Known Exploited Vulnerabilities (KEV) catalog.

IT

IT Cybersecurity Authentication Risk

A data breach broker is selling account databases of 17 companies

Security Affairs

NOVEMBER 1, 2020

According to the seller, the account databases are the results of data breaches that took place in 2020, none of the companies have disclosed security breaches prior to this week. Only RedMart, after being informed by Bleeping computer, disclosed a security breach. The seventeen companies are 8.1 million (8.1 million), Clip.mx (4.7

Data breaches

Data breaches Passwords Sales Security

VMware finally fixed the critical CVE-2020-3992 flaw in ESXi

Security Affairs

NOVEMBER 5, 2020

VMware learned about the security hole in July from Lucas Leong of Trend Micro’s Zero Day Initiative (ZDI). Now the company has released security patches to address the flaw in ESXi 6.5, Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. On October 20, 2020, an advisory was publicly released.

Cloud

Cloud Access Security IT

Victims of ThunderX ransomware can recover their files for free

Security Affairs

SEPTEMBER 26, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. The post Victims of ThunderX ransomware can recover their files for free appeared first on Security Affairs. When the decryption process is completed, the decryptor will show a summary of the files successfully and those once for which the recovery failed.

Ransomware

Ransomware Encryption Cybersecurity Security

Egregor ransomware gang leaked data alleged stolen from Ubisoft, Crytek

Security Affairs

OCTOBER 15, 2020

At the time of writing the post, media outlets only confirmed the ransomware attack against Crytek, while it is not clear if Ubisoft suffered a security breach. Security researcher MalwareHunterTeam has attempted, without success, to warn Ubisoft for almost a year that their employees were the victims of phishing attacks. .

Ransomware

Ransomware Phishing Archiving Encryption

CIRWA Project tracks ransomware attacks on critical infrastructure

Security Affairs

SEPTEMBER 14, 2020

These are based on publicly disclosed incidents in the media or security reports.” Data collected by the researchers are very interesting and very useful for future research projects on the security of the critical infrastructure. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Data collection Education Security

CISA Named Top-Level Root CVE Numbering Authority (CNA)

Security Affairs

SEPTEMBER 18, 2020

Cybersecurity and Infrastructure Security Agency (CISA) has been named a Top-Level Root CVE Numbering Authority (CNA). Recently the OT and IoT security firm Nozomi Networks announced that it has become a Common Vulnerabilities and Exposures (CVE) Numbering Authority (CNA). Pierluigi Paganini. SecurityAffairs – hacking, CNA).

IoT

IoT Cybersecurity Risk Security

New MrbMiner malware infected thousands of MSSQL DBs

Security Affairs

SEPTEMBER 16, 2020

According to security firm Tencent, the team of hackers has been active over the past few months by hacking into Microsoft SQL Servers (MSSQL) to install a crypto-miner. “Tencent Security Threat Intelligence Center detected a new type of mining Trojan family MrbMiner. ” continues the analysis. Pierluigi Paganini.

Mining

Mining Passwords Access Security

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Security Affairs

APRIL 5, 2022

Ukraine CERT-UA published a security advisory to warn of spear-phishing attacks conducted by Russia-linked Armageddon APT (aka Gamaredon , Primitive Bear, Armageddon, Winterflounder, or Iron Tilden) targeting local state organizations. The phishing messages have been sent from “vadim_melnik88@i[.]ua,” Pierluigi Paganini.

Military

Military Phishing File names Archiving

Google researcher found BleedingTooth flaws in Linux Bluetooth

Security Affairs

OCTOBER 14, 2020

Google security researcher discovered Bluetooth vulnerabilities (BleedingTooth) in the Linux kernel that could allow zero-click attacks. According to the Google security researcher, the issue is a zero-click flaw that means that it does not require user interaction to be exploited. ” reads the security advisory.

Encryption

Encryption Security Risk Access

Microsoft found Shrootless bug in macOS that could bypass System Integrity Protection

Security Affairs

OCTOBER 28, 2021

Get details: [link] — Microsoft Security Intelligence (@MsftSecIntel) October 28, 2021. System Integrity Protection (also referred to as rootless) is a macOS security feature introduced in OS X El Capitan (2015) (OS X 10.11). The flaw was reported to Apple through the Microsoft Security Vulnerability Research (MSVR).

Security

Security IT Information Security

It’s Still Easy for Anyone to Become You at Experian

Krebs on Security

NOVEMBER 11, 2023

Sixteen months later, Experian clearly has not addressed this gaping lack of security. A request for my Experian account username required my full Social Security number and date of birth, after which the website displayed portions of an email address I never authorized and did not recognize (the full address was redacted by Experian).

Authentication

Authentication Passwords Access Security

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

Security Affairs

FEBRUARY 18, 2021

Security researchers at Palo Alto Networks uncovered a cryptojacking botnet, tracked as WatchDog, that is targeting Windows and Linux systems. WatchDog is one of the largest and longest-lasting Monero cryptojacking operations uncovered by security experts, its name comes from the name of a Linux daemon called watchdogd.

Mining

Mining Cloud Access Security

Kaseya Left Customer Portal Vulnerable to 2015 Flaw in its Own Software

A Retrospective on the 2015 Ashley Madison Breach

Webinars

Trending Sources

New Atrium Health data breach impacts 585,000 individuals

Webinars

Microsoft Patch Tuesday security updates for September 2024 addressed four actively exploited zero-days

MI5 seized Boris Johnson’s phone over security risk fears

Zero-day in Cisco AnyConnect Secure Mobility Client yet to be fixed

The head of the Federal Cyber Security Authority (BSI) faces dismissal

France national cyber-security agency warns of a surge in Emotet attacks

Microsoft: North Korea-linked Zinc APT targets security experts

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Someone emptied a $1 billion BitCoin wallet ahead of Presidential Election

Hunters International gang claims the theft of 1.4 TB of data allegedly stolen from Tata Technologies

FBI, Dutch Police Disrupt ‘Manipulaters’ Phishing Gang

CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

Bill Looks to Close Federal Cybersecurity Loopholes

Security Affairs newsletter Round 429 by Pierluigi Paganini – International edition

Operation TOURNIQUET: Authorities shut down dark web marketplace RaidForums

D-Link confirms data breach, but downplayed the impact

Staples discloses data breach exposing customer order data

Hackers targeted the US Census Bureau network, DHS report warns

Israel announced to have foiled an attempted cyber-attack on defence firms

UberEats data leaked on the dark web

New Ttint IoT botnet exploits two zero-days in Tenda routers

Hackers hit Luxottica, production stopped at two Italian plants

Second-ever UEFI rootkit used in North Korea-themed attacks

Hackers stole $5.4 million from cryptocurrency exchange ETERBASE

Thousands of WordPress WooCommerce stores potentially exposed to hack

Russia-linked APT groups exploited Lithuanian infrastructure to launch attacks

Hackers stole a six-figure amount from Swiss universities

Researchers found alleged sensitive documents of NATO and Turkey

U.S. CISA adds Versa Director bug to its Known Exploited Vulnerabilities catalog

A data breach broker is selling account databases of 17 companies

VMware finally fixed the critical CVE-2020-3992 flaw in ESXi

Victims of ThunderX ransomware can recover their files for free

Egregor ransomware gang leaked data alleged stolen from Ubisoft, Crytek

CIRWA Project tracks ransomware attacks on critical infrastructure

CISA Named Top-Level Root CVE Numbering Authority (CNA)

New MrbMiner malware infected thousands of MSSQL DBs

Russia-linked Armageddon APT targets Ukrainian state organizations, CERT-UA warns

Google researcher found BleedingTooth flaws in Linux Bluetooth

Microsoft found Shrootless bug in macOS that could bypass System Integrity Protection

It’s Still Easy for Anyone to Become You at Experian

WatchDog botnet targets Windows and Linux servers in cryptomining campaign

Stay Connected