2017 and Access - Information Management Today

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

Security Affairs

APRIL 23, 2020

A security expert uncovered an old APT operation, tracked Nazar, by analyzing the NSA hacking tools included in the dump leaked by Shadow Brokers in 2017. “It’s hard to understand the scope of this operation without access to victimology (e.g.: endpoint visibility or command-and-control sinkholing).” Pierluigi Paganini.

Libraries

Libraries Cybersecurity Access IT

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Krebs on Security

FEBRUARY 10, 2020

Justice Department today unsealed indictments against four Chinese officers of the People’s Liberation Army (PLA) accused of perpetrating the 2017 hack against consumer credit bureau Equifax that led to the theft of personal data on nearly 150 million Americans. We don’t indiscriminately violate the privacy of ordinary citizens.”

Military

Military Phishing Government Sales

Russia-linked APT breached the network of Dutch police in 2017

Security Affairs

JUNE 10, 2021

Russia-linked cyberspies breached the internal network of Dutch police in 2017 while the authorities were investigating the crash of the MH-17. Russia-linked threat actors breached the internal network of Dutch police in 2017 during the investigation into the MH-17 crash. The Dutch newspaper the Volkskrant first reported the news.

Military

Military Government Ransomware Security

Webinars

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Who Is the Network Access Broker ‘Babam’?

Krebs on Security

DECEMBER 3, 2021

Rarely do cybercriminal gangs that deploy ransomware gain the initial access to the target themselves. More commonly, that access is purchased from a cybercriminal broker who specializes in acquiring remote access credentials — such as usernames and passwords needed to remotely connect to the target’s network.

Access

Access Ransomware Passwords Sales

How to Package and Price Embedded Analytics

Just by embedding analytics, application owners can charge 24% more for their product. How much value could you add? This framework explains how application enhancements can extend your product offerings. Brought to you by Logi Analytics.

Analytics

Who’s Behind the NetWire Remote Access Trojan?

Krebs on Security

MARCH 9, 2023

A Croatian national has been arrested for allegedly operating NetWire , a Remote Access Trojan (RAT) marketed on cybercrime forums since 2012 as a stealthy way to spy on infected systems and siphon passwords. ’s Companies House shows that in 2017 Mr. Zanko became an officer in a company called Godbex Solutions LTD.

Access

Access Passwords Sales Retail

IRS Will Soon Require Selfies for Online Access

Krebs on Security

JANUARY 19, 2022

After granting the IRS access to the personal data I’d shared with ID.me, I was looking at my most recent tax data on the IRS website. Perhaps in light of that 2017 megabreach, many readers will be rightfully concerned about being forced to provide so much sensitive information to a relatively unknown private company.

Access

Access Insurance Authentication Government

Experts found 2 Linux Kernel flaws that can allow bypassing Spectre mitigations

Security Affairs

MARCH 30, 2021

In January 2018, White hackers from Google Project Zero disclosed vulnerabilities , affecting all modern Intel CPUs, dubbed Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715). This flaw can be exploited to access contents from a 4Gb range of kernel memory. kernel/bpf/verifier.c

Access

Access Security IT Information Security

CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

JUNE 3, 2024

The issue, tracked as CVE-2017-3506 (CVSS score 7.4), is an OS command injection. An unauthenticated attacker with network access can exploit the flaw via HTTP to compromise Oracle WebLogic Server. An unauthenticated attacker with network access can exploit the flaw via HTTP to compromise Oracle WebLogic Server. and 12.2.1.2.

IT

IT Access Cybersecurity Risk

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Think your customers will pay more for data visualizations in your application? Five years ago they may have. But today, dashboards and visualizations have become table stakes. Discover which features will differentiate your application and maximize the ROI of your embedded analytics. Brought to you by Logi Analytics.

Analytics

CISA warns of phishing attacks delivering KONNI RAT

Security Affairs

AUGUST 17, 2020

The Cybersecurity and Infrastructure Security Agency (CISA) has issued an alert related to attacks delivering the KONNI remote access Trojan (RAT). The Cybersecurity and Infrastructure Security Agency (CISA) has published an alert to provide technical details on a new wave of attacks delivering the KONNI remote access Trojan (RAT).

Phishing

Phishing Cybersecurity Access Security

Hackers claim to have compromised 50,000 home cameras and posted footage online

Security Affairs

OCTOBER 19, 2020

Some footages were published on adult sites, experts reported that crooks are offering lifetime access to the entire collection for US$150. The news was reported by The New Paper, which also confirmed that over 70 members already paid the US$150 subscription for lifetime access to the loot. ” reported The New Paper.”

IoT

IoT Paper Access Manufacturing

Russian APT28 hacker accused of the NATO think tank hack in Germany

Security Affairs

JUNE 20, 2022

The attack took place in April 2017 and the man is accused of conducting the attack for the Russian military intelligence service GRU. Kozachek hacked the computed of the NATO think tank in 2017 and installed a keylogger to spy on the organization. ” reported the Tagesschau website. ” reported the Tagesschau website.

Military

Military Access Security Cybersecurity

NSA Equation Group tool was used by Chinese hackers years before it was leaked online

Security Affairs

FEBRUARY 22, 2021

The Chinese APT group had access to an NSA Equation Group, NSA hacking tool and used it years before it was leaked online by Shadow Brokers group. In 2017, the Shadow Brokers hacking group released a collection of hacking tools allegedly stolen from the US NSA, most of them exploited zero-day flaws in popular software.

IT

IT Access Security Information Security

U.S. CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

SEPTEMBER 10, 2024

CVE-2017-1000253 flaw was discovered by researchers with Qualys Research Labs and affects all Linux distributions that have not fixed their kernels after a commit released on April 14, 2015. An unprivileged local user with access to SUID (or otherwise privileged) PIE binary could use this flaw to escalate their privileges on the system.”

IT

IT Cybersecurity Access Risk

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Security Affairs

AUGUST 16, 2024

Many Google Pixel devices shipped since September 2017 have included a vulnerable app that could be exploited for malicious purposes. Many Google Pixel devices shipped since September 2017 have included dormant software that could be exploited by attackers to compromise them. ” reads the report. ” reads the report.

Retail

Retail Data breaches Sales Passwords

Chinese Military personnel charged with hacking into credit reporting agency Equifax

Security Affairs

FEBRUARY 10, 2020

In September 2017, Equifax Inc. They allegedly conspired with each other to hack into Equifax’s computer networks, maintain unauthorized access to those computers, and steal sensitive, personally identifiable information of approximately 145 million American victims.” The four men are still at large, residing in China.

Military

Military Data breaches Encryption Communications

Uber hacked, internal systems and confidential documents were allegedly compromised

Security Affairs

SEPTEMBER 16, 2022

Uber on Thursday disclosed a security breach, threat actors gained access to its network, and stole internal documents. Uber on Thursday suffered a cyberattack, the attackers were able to penetrate its internal network and access internal documents, including vulnerability reports. — Uber Comms (@Uber_Comms) September 16, 2022.

Data breaches

Data breaches Access Information Security Personal data

Russia-linked APT Turla used a new malware toolset named Crutch

Security Affairs

DECEMBER 2, 2020

ESET researchers speculate Crutch is not a first-stage backdoor and operators deployed it only after they have gained access to the target’s network. The latter, also known as WhiteBear, was a second-stage backdoor used by Turla in 2016-2017.” ” reads the report published by ESET.

Archiving

Archiving Communications Government Access

NSA warns of cloud attacks on authentication mechanisms

Security Affairs

DECEMBER 19, 2020

The attack techniques are abused by hackers are using to escalate access from compromised local networks into cloud-based infrastructure. Using the private keys, the actors then forge trusted authentication tokens to access cloud resources.” ” reads the advisory published by the NSA. ” continues the alert.

Authentication

Authentication Cloud Access Security

Ticketmaster will pay $10 Million fine over hacking a competitor

Security Affairs

JANUARY 2, 2021

The news is disturbing, Ticketmaster has agreed to pay a $10 million fine after being charged with illegally accessing computer systems into the computer system of the startup rival CrowdSurge. The attacks aimed at stealing information to gain an advantage over CrowdSurge, which was acquired by Warner Music Group (WMG) in 2017.

Passwords

Passwords Compliance Access Sales

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Security Affairs

JANUARY 7, 2024

The researchers believe that the Turkey-linked APT Sea Turtle has been active since at least 2017. Between 2017 and 2019, the APT group mainly used DNS hijacking in its campaigns. Sea Turtle also used code from a publicly accessible GitHub account, which is likely under the control of the threat actor.

IT

IT Passwords Government Archiving

Mercedes-Benz data breach impacted roughly 1000 individuals

Security Affairs

JUNE 26, 2021

Data belongs to individuals that provided their information to Mercedez-Benz and dealer websites between 2014 and 2017. “On June 11, 2021, a vendor informed Mercedes-Benz that sensitive personal information of less than 1,000 Mercedes-Benz customers and interested buyers was inadvertently made accessible on a cloud storage platform.”

Data breaches

Data breaches Cloud Security Government

McDonald’s discloses data breach in US, Taiwan and South Korea

Security Affairs

JUNE 12, 2021

The hackers compromised the system of the company and have stolen business contact info belonging to US employees and franchises, the company pointed out that no sensitive and financial data were accessed. In April 2017, another cyber attack hit McDonald’s Canada career website and hackers stole records of 95,000 job seekers.

Data breaches

Data breaches Personal data Phishing Cybersecurity

US agencies offer $2M in reward for Ukrainian hackers that breached the SEC

Security Affairs

JULY 22, 2020

In the second half of 2017, the United States Securities and Exchange Commission (SEC) disclosed it was the victim of a cyber-attack in 2016. The duo was accused of trading on and selling early access to sensitive information from non-public annual and quarterly reports. ” reads an advisory published by the US State Department.

Government

Government Security Access IT

NSA and ASD issue a report warning of web shells deployments

Security Affairs

APRIL 24, 2020

The web shells allow attackers to maintain access to a compromised system and execute arbitrary commands. “Malicious cyber actors have increasingly leveraged web shells to gain or maintain access on victim networks. ” states the ASD.

Cybersecurity

Cybersecurity Access Authentication Communications

The FCC imposes $200 million in fines on four US carriers for unlawfully sharing user location data

Security Affairs

APRIL 29, 2024

wireless carriers nearly $200 million for unlawfully selling access to real-time location data of their customers without consent. Hutcheson allegedly provided irrelevant documents, such as health insurance and auto insurance policies, along with pages from sheriff training manuals, as evidence of authorization to access the data.

Communications

Communications Insurance Access IT

Russian internet watchdog Roskomnadzor bans six more VPN services

Security Affairs

DECEMBER 2, 2021

Russian communications watchdog Roskomnadzor tightens the control over the Internet and blocked access to six more VPN services. In September Russian communications watchdog Roskomnadzor blocked access to Hola!VPN, The latest banned services are Betternet, Lantern, X-VPN, Cloudflare WARP, Tachyon VPN, PrivateTunnel.

Communications

Communications Access Government Security

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

Experts observed the bot attempting to gain access to the device by using a combination of eight common usernames and 130 passwords for IoT devices over SSH and telnet on ports 23 and 2323. Ensure secure configurations for devices: Change the default password to a strong one, and block SSH from external access.

IoT

IoT Passwords Access Security

Adobe fixes flaws in Connect and Reader Mobile

Security Affairs

NOVEMBER 10, 2020

In Adobe Reader Mobile for Android, the company addressed an important-severity improper access control flaw, tracked as CVE-2020-24441, that can lead to the disclosure of sensitive information. The software giant addressed the flaw with the release of Connect 11.0.5. Pierluigi Paganini. SecurityAffairs – hacking, Adobe ).

Security

Security Access IT Information Security

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

The FBI warns organizations in the higher education sector of credentials sold on cybercrime forums that can allow threat actors to access their networks. “The FBI is informing academic partners of identified US college and university credentials advertised for sale on online criminal marketplaces and publically accessible forums.

Sales

Sales Education Phishing Passwords

Nigerian National pleads guilty to participating in a millionaire BEC scheme

Security Affairs

SEPTEMBER 24, 2023

. “According to his plea agreement, from February 2017 until at least July 2017, Simon-Ebo conspired with others to perpetrate a BEC scheme.” ” reads the press release published by DoJ. ” During the same period, Simon-Ebo and his co-conspirators conspired to commit money laundering.

Agriculture

Agriculture Security Access Information Security

USCYBERCOM shares five new North Korea-linked malware samples

Security Affairs

MAY 13, 2020

v1) – North Korean Remote Access Tool: COPPERHEDGE May 12, 2020: Malware Analysis Report (1028834-2.v1) Now, USCYBERCOM shares five more samples, the older one dated 2017 while the rest has been created in 2018. ” reads the DHS CISA’s advisory. May 12, 2020: Malware Analysis Report (1028834-1.v1)

Analytics

Analytics Government Cybersecurity Authentication

Gafgyt botnet is targeting EoL Zyxel routers

Security Affairs

AUGUST 11, 2023

A variant of the Gafgyt botnet is actively attempting to exploit a vulnerability, tracked as CVE-2017-18368 (CVSS v3: 9.8), impacting the end-of-life Zyxel P660HN-T1A router. The flaw is a command injection vulnerability that resides in the Remote System Log forwarding function, which is accessible by an unauthenticated user.

Access

Access IT Security Information Security

Most ransomware attacks take place outside the working hours

Security Affairs

MARCH 17, 2020

FireEye compiled the report using data from dozens of ransomware infections that it has investigated from 2017 to 2019. The experts noticed that RDP attacks were more frequent in 2017, but declined in 2018 and 2019. 49% of the ransomware deployments take place during nighttime over the weekdays, and 27% taking place over the weekend.

Ransomware

Ransomware Phishing Cybersecurity IT

Developer of DDoS Mirai based botnets sentenced to prison

Security Affairs

JUNE 26, 2020

Schuchman, Vamp, and Drake created the Satori botnet in between July and August 2017. Between September an October 2017, Schuchman and his accomplices developed a new version of Satori named Okiru. In November 2017 the trio created a new version named Masuta , that targeted GPON routers. ” continues the DoJ.

IoT

IoT Sales Passwords IT

A cyber attack hit Nissan Oceania

Security Affairs

DECEMBER 7, 2023

Nissan is working with its global incident response team and relevant stakeholders to investigate the extent of the incident and whether any personal information has been accessed.” In December 2017, Nissan Finance Canada was hacked , personal information of 1.13 The company did not share details about the attack or its scope.

Financial Services

Financial Services Data breaches Ransomware Access

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

Krebs on Security

JULY 1, 2021

Intuit says the change is tied to an “exciting” and “free” new service that will let millions of small business employees get easy access to employment and income verification services when they wish to apply for a loan or line of credit. Financial services giant Intuit this week informed 1.4

Financial Services

Financial Services Government Authentication IT

Toyota discloses accidental leak of some customers’ personal information

Security Affairs

OCTOBER 11, 2022

Toyota Motor Corporation discloses data leak, customers’ personal information may have been exposed after an access key was exposed on GitHub. Toyota Motor Corporation warns customers that their personal information may have been accidentally exposed after an access key was publicly available on GitHub for almost five years.

Access

Access Phishing IT Risk

SideWinder phishing campaign targets maritime facilities in multiple countries

Security Affairs

JULY 30, 2024

Upon opening the decoy file, it relies on a remote template injection technique ( CVE-2017-0199 ) to gain initial access to the target’s system. Despite the flaw was addressed by Microsoft in April 2017, attackers are exploiting the vulnerability by targeting large organizations with outdated, fragmented, or antiquated infrastructures.

Phishing

Phishing Military Access IT

Emsisoft releases free SynAck ransomware decryptor

Security Affairs

AUGUST 20, 2021

The master decryption keys work for victims that were infected between July 2017 and early 2021. The SynAck group has been active since 2017 and at the end of July 2021, the group launched El_Cometa ransomware-as-a-service (RaaS). The decryptor requires access to the internet in order to retrieve the victim’s key.

Ransomware

Ransomware Encryption Authentication Access

Australian ACSC ‘s report confirms the use of Chinese malware in recent attacks

Security Affairs

JUNE 28, 2020

In many cases, attackers targeted unpatched versions of Telerik user interface (UI) by exploiting CVE-2019-18935 , CVE-2017-9248 , CVE-2017-11317 , CVE-2017-11357 vulnerabilities. The attackers’ arsenal also includes numerous web shells used to maintain access to compromised hosts.

Risk

Risk Phishing Government Security

Fashion retailer Forever 21 data breach impacted +500,000 individuals

Security Affairs

AUGUST 31, 2023

The investigation revealed that threat actors had access to certain Forever 21 systems at various times between January 5, 2023 and March 21, 2023. In November 2017, the US clothes retailer FOREVER 21 announced it had suffered a security breach, at the time the hackers stole payment card data at some locations.

Retail

Retail Data breaches Personal data Ransomware

Iran-linked APT is exploiting the Zerologon flaw in attacks

Security Affairs

OCTOBER 6, 2020

The only limitation on how to carry out a Zerologon attack is that the attacker must have access to the target network. The first MuddyWater campaign was observed in late 2017 when targeted entities in the Middle East. ” reads the analysis published by Microsoft.

Authentication

Authentication Passwords Access Security

Expert identifies new Nazar APT group referenced in 2017 Shadow Brokers leak

U.S. Charges 4 Chinese Military Officers in 2017 Equifax Hack

Webinars

Trending Sources

Russia-linked APT breached the network of Dutch police in 2017

Webinars

Who Is the Network Access Broker ‘Babam’?

How to Package and Price Embedded Analytics

Who’s Behind the NetWire Remote Access Trojan?

IRS Will Soon Require Selfies for Online Access

Experts found 2 Linux Kernel flaws that can allow bypassing Spectre mitigations

CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities catalog

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

CISA warns of phishing attacks delivering KONNI RAT

Hackers claim to have compromised 50,000 home cameras and posted footage online

Russian APT28 hacker accused of the NATO think tank hack in Germany

NSA Equation Group tool was used by Chinese hackers years before it was leaked online

U.S. CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Chinese Military personnel charged with hacking into credit reporting agency Equifax

Uber hacked, internal systems and confidential documents were allegedly compromised

Russia-linked APT Turla used a new malware toolset named Crutch

NSA warns of cloud attacks on authentication mechanisms

Ticketmaster will pay $10 Million fine over hacking a competitor

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Mercedes-Benz data breach impacted roughly 1000 individuals

McDonald’s discloses data breach in US, Taiwan and South Korea

US agencies offer $2M in reward for Ukrainian hackers that breached the SEC

NSA and ASD issue a report warning of web shells deployments

The FCC imposes $200 million in fines on four US carriers for unlawfully sharing user location data

Russian internet watchdog Roskomnadzor bans six more VPN services

A new Zerobot variant spreads by exploiting Apache flaws

Adobe fixes flaws in Connect and Reader Mobile

FBI: Compromised US academic credentials available on various cybercrime forums

Nigerian National pleads guilty to participating in a millionaire BEC scheme

USCYBERCOM shares five new North Korea-linked malware samples

Gafgyt botnet is targeting EoL Zyxel routers

Most ransomware attacks take place outside the working hours

Developer of DDoS Mirai based botnets sentenced to prison

A cyber attack hit Nissan Oceania

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

Toyota discloses accidental leak of some customers’ personal information

SideWinder phishing campaign targets maritime facilities in multiple countries

Emsisoft releases free SynAck ransomware decryptor

Australian ACSC ‘s report confirms the use of Chinese malware in recent attacks

Fashion retailer Forever 21 data breach impacted +500,000 individuals

Iran-linked APT is exploiting the Zerologon flaw in attacks

Stay Connected