2017 - Information Management Today

UK FCA Fines Equifax 11 Million Pounds for 2017 Data Breach

Data Breach Today

OCTOBER 13, 2023

Chinese military hackers in 2017 exploited a well-known vulnerability in the company's online dispute portal. Fine Imposed for Failing to Protect UK Customer Data and Misleading Britons A British financial regulator fined American credit reporting agency Equifax 11 billion pounds for its role in one of the world's largest data breaches.

Data breaches

Data breaches Military IT

Sophisticated Latrodectus Malware Linked to 2017 Strain

Data Breach Today

APRIL 5, 2024

New Malware With Ties to IcedID Loader Evades Detection, Gains Persistence Security researchers are warning about a relatively new malware called Latrodectus, believed to be an evolutionary successor to the IcedID loader.

Security

Security IT

U.S. CISA adds Edimax IC-7100 IP Camera, NAKIVO, and SAP NetWeaver AS Java flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

MARCH 20, 2025

The third issue added to the KeV catalog is a directory traversal vulnerability, tracked as CVE-2017-12637 , in scheduler/ui/js/ffffffffbca41eb4/UIUtilJavaScriptJS in SAP NetWeaver Application Server Java 7.5. dot dot) in the query string, as exploited in the wild in August 2017.

IT

IT Cybersecurity Risk Security

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

I rescued my dying 2017 MacBook Pro with Ubuntu and it works like a charm (mostly)

Collaboration 2.0

JANUARY 9, 2025

If you have an older MacOS device lying around, why not install Linux to give it a new life?

IT

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Think your customers will pay more for data visualizations in your application? Five years ago they may have. But today, dashboards and visualizations have become table stakes. Discover which features will differentiate your application and maximize the ROI of your embedded analytics. Brought to you by Logi Analytics.

Analytics

COMB breach: 3.2B email and password pairs leaked online

Security Affairs

FEBRUARY 7, 2021

The database includes a script named count_total.sh, which was also included in 2017’s Breach Compilation. Much like 2017’s Breach Compilation, COMB’s data is organized by alphabetical order in a tree-like structure, and it contains the same scripts for querying emails and passwords. COMB also includes the query.sh

Passwords

Passwords Archiving Personal data Encryption

CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

Security Affairs

FEBRUARY 11, 2022

Below is the list of the vulnerabilities added to the catalog: CVE ID Description Patch Deadline CVE-2021-36934 Microsoft Windows SAM Local Privilege Escalation Vulnerability 2/24/2022 CVE-2020-0796 Microsoft SMBv3 Remote Code Execution Vulnerability 8/10/2022 CVE-2018-1000861 Jenkins Stapler Web Framework Deserialization of Untrusted Data 8/10/2022 (..)

IT

IT IoT Cybersecurity Authentication

SynAck ransomware gang releases master decryption keys for old victims

Security Affairs

AUGUST 13, 2021

The news was first reported by TheRecord website, the master decryption keys work for victims that were infected between July 2017 and early 2021. The SynAck group has been active since 2017 and at the end of July 2021, the group launched El_Cometa ransomware-as-a-service (RaaS). The gang has now rebranded as the new El_Cometa group.

Ransomware

Ransomware Authentication Security IT

Brazil’s Polícia Federal arrested the notorious hacker USDoD

Security Affairs

OCTOBER 16, 2024

CrowdStrike’s investigation reveals that USDoD’s leader, Luan BG, has been a hacktivist active since at least 2017. More precise information was not revealed to TecMundo so as not to completely expose the attacker’s identity.” However, the Brazilian national turned into more complex cybercriminal activities by 2022.

Data breaches

Data breaches Cybersecurity Risk IT

How to Package and Price Embedded Analytics

Just by embedding analytics, application owners can charge 24% more for their product. How much value could you add? This framework explains how application enhancements can extend your product offerings. Brought to you by Logi Analytics.

Analytics

Insurers Drop Bid to Exclude Merck's $1.4B NotPetya Claims

Data Breach Today

JANUARY 5, 2024

and several insurers that were appealing a 2023 court decision saying the insurance companies could not invoke "hostile warlike action" exclusions in refusing to pay drugmakers' claims filed after the 2017 NotPetya cyberattack. A proposed settlement has been reached between Merck & Co.

Insurance

Phishing attacks use an old Microsoft Office flaw to spread Agent Tesla malware

Security Affairs

DECEMBER 21, 2023

Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882, to spread the Agent Tesla malware. Threat actors are exploiting an old Microsoft Office vulnerability, tracked as CVE-2017-11882 (CVSS score: 7.8), as part of phishing campaigns to spread the Agent Tesla malware.

Phishing

Phishing Communications Cybersecurity IT

Russia-linked APT Turla used a new malware toolset named Crutch

Security Affairs

DECEMBER 2, 2020

The latter, also known as WhiteBear, was a second-stage backdoor used by Turla in 2016-2017.” Experts believe that Turla attackers used Crutch as a second stage backdoor, while first-stage implants used by the APT group includes Skipper (2017) and the open-source PowerShell Empire post-exploitation framework (from 2017).

Archiving

Archiving Communications Government Access

Russian APT28 hacker accused of the NATO think tank hack in Germany

Security Affairs

JUNE 20, 2022

The attack took place in April 2017 and the man is accused of conducting the attack for the Russian military intelligence service GRU. Kozachek hacked the computed of the NATO think tank in 2017 and installed a keylogger to spy on the organization. ” reported the Tagesschau website.

Military

Military Access Security Cybersecurity

New Study: 2018 State of Embedded Analytics Report

Why do some embedded analytics projects succeed while others fail? We surveyed 500+ application teams embedding analytics to find out which analytics features actually move the needle. Read the 6th annual State of Embedded Analytics Report to discover new best practices. Brought to you by Logi Analytics.

Analytics

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Security Affairs

AUGUST 16, 2024

Many Google Pixel devices shipped since September 2017 have included a vulnerable app that could be exploited for malicious purposes. Many Google Pixel devices shipped since September 2017 have included dormant software that could be exploited by attackers to compromise them. ” reads the report. ” reads the report.

Retail

Retail Data breaches Sales Passwords

Experts found 2 Linux Kernel flaws that can allow bypassing Spectre mitigations

Security Affairs

MARCH 30, 2021

In January 2018, White hackers from Google Project Zero disclosed vulnerabilities , affecting all modern Intel CPUs, dubbed Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715). The issue could be exploited by attackers to steal sensitive data processed by the CPU.

Access

Access Security IT Information Security

StripedFly, a complex malware that infected one million devices without being noticed

Security Affairs

OCTOBER 30, 2023

Further analysis revealed that the malware has been used since at least 2017. Kaspersky discovered that the detections between 2017 and 2022 had previously misclassified as a cryptocurrency miner. Kaspersky researchers discovered that over one million updates have been downloaded from the C2 infrastructure since 2017.

Ransomware

Ransomware Mining Communications IT

Back to the Future: Notorious AlphaBay Market Reboots

Data Breach Today

AUGUST 12, 2021

Darknet Market Only Accepts Monero, Promotes Malware and Botnets, Bans Ransomware The notorious AlphaBay darknet marketplace appears to be getting rebooted by "DeSnake," who claims to have been the security administrator for the previous iteration, which law enforcement officials took down in 2017.

Marketing

Marketing Ransomware Security IT

France agency ANSSI links Russia’s Sandworm APT to attacks on hosting providers

Security Affairs

FEBRUARY 15, 2021

The first attack spotted by ANSSI experts dates back to the end of 2017 and the campaign continued until 2020. “The first compromises identified by ANSSI date from the end of 2017 and continued until 2020. Threat actors mainly targeted IT service providers, particularly web hosting. ” reads the alert issued by the ANSSI.

Ransomware

Ransomware Security IT Information Security

Targeted operation against Ukraine exploited 7-year-old MS Office bug

Security Affairs

APRIL 28, 2024

The researchers pointed out that the use of the “script:” prefix demonstrates the exploitation of the vulnerability CVE-2017-8570 , a bypass for CVE-2017-0199. The PPSX file contains a remote link to an external OLE object. The remote script, named “widget_iframe.617766616773726468746672726a6834.html,”

Military

Military Mining Libraries Security

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

Krebs on Security

JULY 1, 2021

Equifax’s 2017 megabreach that exposed the personal and financial details of 145.5 million Americans may have shocked the public, but it did little to stop more than a million employers from continuing to sell Equifax their employee payroll data, Bloomberg found in late 2017. Intuit’s FAQ on the changes is here.

Financial Services

Financial Services Government Authentication IT

Feds Hit Health Entity With $950K Fine in Ransomware Attack

Data Breach Today

JULY 2, 2024

Department of Health and Human Services has hit a Pennsylvania-based healthcare system with a $950,000 settlement for potential HIPAA violations found during an investigation into a 2017 ransomware attack. It's HHS' third HIPAA enforcement action in a ransomware case so far.

Ransomware

Ransomware IT

US and UK details a new Python backdoor used by MuddyWater APT group

Security Affairs

FEBRUARY 24, 2022

The first MuddyWater campaign was observed in late 2017 when targeted entities in the Middle East.

Government

Government Cybersecurity Security IT

Gafgyt botnet is targeting EoL Zyxel routers

Security Affairs

AUGUST 11, 2023

A variant of the Gafgyt botnet is actively attempting to exploit a vulnerability, tracked as CVE-2017-18368 (CVSS v3: 9.8), impacting the end-of-life Zyxel P660HN-T1A router. Zyxel addressed the vulnerability in 2017 with the release of new firmware, however, the vendor warned that a Gafgyt variant was exploiting the flaw in 2019.

Access

Access IT Security Information Security

Mercedes-Benz data breach impacted roughly 1000 individuals

Security Affairs

JUNE 26, 2021

Data belongs to individuals that provided their information to Mercedez-Benz and dealer websites between 2014 and 2017. “It is our understanding the information was entered by customers and interested buyers on dealer and Mercedes-Benz websites between January 1, 2014 and June 19, 2017. The incident exposed approximately 1.6

Data breaches

Data breaches Cloud Security Government

Chinese actors behind attacks on industrial enterprises and public institutions

Security Affairs

AUGUST 9, 2022

The emails used weaponized Microsoft Word documents exploiting the CVE-2017-11882 vulnerability. The CVE-2017-11882 flaw is a memory-corruption issue that affects all versions of Microsoft Office released between 2000 and 2017. The vulnerability affects the MS Office component EQNEDT32.EXE

Encryption

Encryption Military Archiving Phishing

Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering

Security Affairs

MAY 6, 2024

Alexander Vinnik , a Russian national, pleaded guilty to conspiracy to commit money laundering for his involvement in operating the cryptocurrency exchange BTC-e from 2011 to 2017. In July 2017 law enforcement shut down the virtual currency exchange.

Computer and Electronics

Computer and Electronics Ransomware Marketing IT

Crypto security breaches cause $4.25 billion losses worth of cryptos in 2021

Security Affairs

JANUARY 2, 2022

Year Total Money Lost ($) Year Increase In Money Lost (%) 2021 4,250,000,000 2020 – 2021 185% 2020 1,490,000,000 2019 – 2020 -57% 2019 3,500,156,000 2018 – 2019 259% 2018 974,000,000 2017 – 2018 51% 2017 645,901,000 2016 – 2017 341% 2016 146,509,000 2015 – 2016 -64%. The top 5 breaches in history are: 1. Gox, $615M.

Security

Security Marketing IT Information Security

A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e

Security Affairs

FEBRUARY 6, 2024

“According to the indictment, between 2011 and July 2017, Aliaksandr Klimenka, 42, allegedly controlled BTC-e, a digital currency exchange, with Alexander Vinnik and others.” ” reads the press release published by DoJ.

IT

IT Information Security Security

U.S. CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

SEPTEMBER 10, 2024

CVE-2017-1000253 flaw was discovered by researchers with Qualys Research Labs and affects all Linux distributions that have not fixed their kernels after a commit released on April 14, 2015. ” Attackers can exploit the flaw to take over websites running the widely used image-enhancing app.

IT

IT Cybersecurity Access Risk

CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

JUNE 3, 2024

The issue, tracked as CVE-2017-3506 (CVSS score 7.4), is an OS command injection. Cybersecurity and Infrastructure Security Agency (CISA) added an Oracle WebLogic Server vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. The vulnerability resides in the Oracle WebLogic Server component of Oracle Fusion Middleware.

IT

IT Access Cybersecurity Risk

Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison

Security Affairs

FEBRUARY 2, 2024

” In July 2022, Schulte was found guilty in a New York federal court of stealing the agency’s hacking tools and leaking them to WikiLeaks in 2017. Schulte was arrested for possession of child pornography, he was charged with three counts of receipt, possession and transportation of child pornography in August 2017.

Computer and Electronics

Computer and Electronics Data breaches IoT Archiving

Google releases Spectre PoC code exploit for Chrome browser

Security Affairs

MARCH 14, 2021

” In January 2018, the expert devised two attacks dubbed Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715) , which could be conducted to steal sensitive data processed by the CPU. The Spectre proof of concept itself, leaking memory of your browser’s renderer process.”

Metadata

Metadata Encryption Authentication Security

New EwDoor Botnet is targeting AT&T customers

Security Affairs

NOVEMBER 30, 2021

The attackers are targeting Edgewater Networks’ devices by exploiting the CVE-2017-6079 vulnerability with a relatively unique mount file system command. ” reads the analysis published by Qihoo 360.

Communications

Communications Encryption Cloud Security

BotenaGo botnet targets millions of IoT devices using 33 exploits

Security Affairs

NOVEMBER 11, 2021

CVE-2017-6077 NETGEAR DGN2200 devices with firmware through 10.0.0.50 Affected models that are end-of-support: NSA210, NSA220, NSA220+, NSA221, NSA310, NSA310S, NSA320, NSA320S, NSA325 and NSA325v2 CVE-2017-18368 ZyXEL P660HN-T1A v1 TCLinux Fw $7.3.15.0 Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3

IoT

IoT Communications IT Security

SideWinder phishing campaign targets maritime facilities in multiple countries

Security Affairs

JULY 30, 2024

Upon opening the decoy file, it relies on a remote template injection technique ( CVE-2017-0199 ) to gain initial access to the target’s system. Despite the flaw was addressed by Microsoft in April 2017, attackers are exploiting the vulnerability by targeting large organizations with outdated, fragmented, or antiquated infrastructures.

Phishing

Phishing Military Access IT

Iran-Linked APT TA450 embeds malicious links in PDF attachments

Security Affairs

MARCH 25, 2024

The first MuddyWater campaign was observed in late 2017, when the APT group targeted entities in the Middle East. .” The report includes Indicators of compromise (IOCs) for this campaign.

Phishing

Phishing Archiving Government IT

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Security Affairs

JANUARY 7, 2024

The researchers believe that the Turkey-linked APT Sea Turtle has been active since at least 2017. Between 2017 and 2019, the APT group mainly used DNS hijacking in its campaigns. The Sea Turtle APT group focuses primarily on targeting organizations in Europe and the Middle East.

IT

IT Passwords Government Archiving

Previously unknown Kapeka backdoor linked to Russian Sandworm APT

Security Affairs

APRIL 18, 2024

The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. It is written in C++ and compiled with Visual Studio 2017 (15.9). “Kapeka contains a dropper that will drop and launch a backdoor on a victim’s machine and then remove itself.

Communications

Communications Ransomware IT Access

The source code of the Paradise Ransomware was leaked on XSS hacking forum

Security Affairs

JUNE 15, 2021

Paradise Ransomware has been active since September 2017, its operators offer the malware with a Ransomware-as-a-Service (RaaS) model. The analysis of the source code revealed the presence of comments in the Russian language that gives us an idea of the origin of the ransomware gang behind it.

Ransomware

Ransomware Encryption Security IT

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

CVE Number Affected devices CVE-2021-44228, CVE-2021-45046 Log4J RCE CVE-2022-1388 F5 BIG IP RCE No CVE (vulnerability published on 2022-02) Adobe ColdFusion 11 RCE CVE-2020-7961 Liferay Portal – Java Unmarshalling via JSONWS RCE No CVE (vulnerability published on 2022-04) PHP Scriptcase 9.7 LFI CVE-2018-16763 Fuel CMS 1.4.1

CMS

CMS IoT Security Passwords

MuddyWater has been spotted targeting two Israeli entities

Security Affairs

NOVEMBER 3, 2023

” The first MuddyWater campaign was observed in late 2017, when the APT group targeted entities in the Middle East. These include a new public hosting service, employing a LNK file to initiate the infection, and utilizing intermediate malware that mimics the opening of a directory while executing a new remote administration tool.”

Archiving

Archiving Phishing Government IT

Microsoft seized 240 sites used by the ONNX phishing service

Security Affairs

NOVEMBER 23, 2024

Microsoft has tracked Nady, linked to phishing services since 2017. The PhaaS was created by “MRxC0DER,” previously associated with the “ Caffeine Phishing Kit.” The researchers were among the first to discover the real identity of identity of MRxC0DER.

Phishing

Phishing Financial Services Risk Access

UK FCA Fines Equifax 11 Million Pounds for 2017 Data Breach

Sophisticated Latrodectus Malware Linked to 2017 Strain

Webinars

Trending Sources

U.S. CISA adds Edimax IC-7100 IP Camera, NAKIVO, and SAP NetWeaver AS Java flaws to its Known Exploited Vulnerabilities catalog

Webinars

I rescued my dying 2017 MacBook Pro with Ubuntu and it works like a charm (mostly)

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

COMB breach: 3.2B email and password pairs leaked online

CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

SynAck ransomware gang releases master decryption keys for old victims

Brazil’s Polícia Federal arrested the notorious hacker USDoD

How to Package and Price Embedded Analytics

Insurers Drop Bid to Exclude Merck's $1.4B NotPetya Claims

Phishing attacks use an old Microsoft Office flaw to spread Agent Tesla malware

Russia-linked APT Turla used a new malware toolset named Crutch

Russian APT28 hacker accused of the NATO think tank hack in Germany

New Study: 2018 State of Embedded Analytics Report

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Experts found 2 Linux Kernel flaws that can allow bypassing Spectre mitigations

StripedFly, a complex malware that infected one million devices without being noticed

Back to the Future: Notorious AlphaBay Market Reboots

France agency ANSSI links Russia’s Sandworm APT to attacks on hosting providers

Targeted operation against Ukraine exploited 7-year-old MS Office bug

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

Feds Hit Health Entity With $950K Fine in Ransomware Attack

US and UK details a new Python backdoor used by MuddyWater APT group

Gafgyt botnet is targeting EoL Zyxel routers

Mercedes-Benz data breach impacted roughly 1000 individuals

Chinese actors behind attacks on industrial enterprises and public institutions

Alexander Vinnik, the operator of BTC-e exchange, pleaded guilty to money laundering

Crypto security breaches cause $4.25 billion losses worth of cryptos in 2021

A man faces up to 25 years in prison for his role in operating unlicensed crypto exchange BTC-e

U.S. CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog

CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities catalog

Ex CIA employee Joshua Adam Schulte sentenced to 40 years in prison

Google releases Spectre PoC code exploit for Chrome browser

New EwDoor Botnet is targeting AT&T customers

BotenaGo botnet targets millions of IoT devices using 33 exploits

SideWinder phishing campaign targets maritime facilities in multiple countries

Iran-Linked APT TA450 embeds malicious links in PDF attachments

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Previously unknown Kapeka backdoor linked to Russian Sandworm APT

The source code of the Paradise Ransomware was leaked on XSS hacking forum

EnemyBot malware adds new exploits to target CMS servers and Android devices

MuddyWater has been spotted targeting two Israeli entities

Microsoft seized 240 sites used by the ONNX phishing service

Stay Connected