2017 and Security - Information Management Today

Sophisticated Latrodectus Malware Linked to 2017 Strain

Data Breach Today

APRIL 5, 2024

New Malware With Ties to IcedID Loader Evades Detection, Gains Persistence Security researchers are warning about a relatively new malware called Latrodectus, believed to be an evolutionary successor to the IcedID loader.

Security

Security IT

U.S. CISA adds Edimax IC-7100 IP Camera, NAKIVO, and SAP NetWeaver AS Java flaws to its Known Exploited Vulnerabilities catalog

Security Affairs

MARCH 20, 2025

Cybersecurity and Infrastructure Security Agency (CISA) adds Edimax IC-7100 IP Camera, NAKIVO,and SAP NetWeaver AS Java flaws to its Known Exploited Vulnerabilities catalog. Akamai researchers discovered the vulnerability, and the cyber security firm confirmed ([ 1 ],[ 2 ]) that the flaw is actively exploited in the wild.

IT

IT Cybersecurity Risk Security

Crypto security breaches cause $4.25 billion losses worth of cryptos in 2021

Security Affairs

JANUARY 2, 2022

According to a report published by Invezz, the number of crypto security breaches increased by up 850% in the last decade. SecurityAffairs – hacking, crypto security breaches). The post Crypto security breaches cause $4.25 billion losses worth of cryptos in 2021 appeared first on Security Affairs. Gox, $615M.

Security

Security Marketing IT Information Security

Webinars

Maximizing Profit and Productivity: The New Era of AI-Powered Accounting

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

Microsoft Patches Tuesday security updates for April 2024 fixed hundreds of issues

Security Affairs

APRIL 10, 2024

Microsoft Patches Tuesday security updates for April 2024 addressed three Critical vulnerabilities, none actively exploited in the wild. Microsoft Patches Tuesday security updates for April 2024 addressed 147 vulnerabilities in multiple products. According to ZDI, three of these vulnerabilities were reported through their ZDI program.

Security

Security Authentication IT

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Think your customers will pay more for data visualizations in your application? Five years ago they may have. But today, dashboards and visualizations have become table stakes. Discover which features will differentiate your application and maximize the ROI of your embedded analytics. Brought to you by Logi Analytics.

Analytics

Experian’s Credit Freeze Security is Still a Joke

Krebs on Security

APRIL 26, 2021

In 2017, KrebsOnSecurity showed how easy it is for identity thieves to undo a consumer’s request to freeze their credit file at Experian , one of the big three consumer credit bureaus in the United States. Thomas said he’s furious that Experian only provides added account security for consumers who pay for monthly plans.

Security

Security Authentication Access Insurance

Microsoft: North Korea-linked Zinc APT targets security experts

Security Affairs

JANUARY 29, 2021

. “In recent months, Microsoft has detected cyberattacks targeting security researchers by an actor we track as ZINC. “Observed targeting includes pen testers, private offensive security researchers, and employees at security and tech companies. .” ” states the report published by Microsoft. eXplorer.

Security

Security Encryption Passwords Communications

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

Security Affairs

NOVEMBER 28, 2021

North Korea-linked threat actors posed as Samsung recruiters in a spear-phishing campaign aimed at employees at South Korean security firms. North Korea-linked APT group posed as Samsung recruiters is a spear-phishing campaign that targeted South Korean security companies that sell anti-malware solutions, Google TAG researchers reported.

Security

Security Phishing Information Security Communications

CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

Security Affairs

FEBRUARY 11, 2022

CISA has added to the catalog of vulnerabilities another 15 security vulnerabilities actively exploited in the wild. The US Cybersecurity & Infrastructure Security Agency (CISA) has added fifteen more flaws to the Known Exploited Vulnerabilities Catalog. ” reads the advisory published by Microsoft. Pierluigi Paganini.

IT

IT IoT Cybersecurity Authentication

How to Package and Price Embedded Analytics

Just by embedding analytics, application owners can charge 24% more for their product. How much value could you add? This framework explains how application enhancements can extend your product offerings. Brought to you by Logi Analytics.

Analytics

COMB breach: 3.2B email and password pairs leaked online

Security Affairs

FEBRUARY 7, 2021

The database includes a script named count_total.sh, which was also included in 2017’s Breach Compilation. Much like 2017’s Breach Compilation, COMB’s data is organized by alphabetical order in a tree-like structure, and it contains the same scripts for querying emails and passwords. COMB also includes the query.sh Pierluigi Paganini.

Passwords

Passwords Archiving Personal data Encryption

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

Cybersecurity experts at CyberNews hijacked close to 28,000 unsecured printers worldwide and forced them to print out a guide on printer security. Most of us already know the importance of using antivirus , anti-malware, and VPNs to secure our computers, phones, and other devices against potential attacks. Original post: [link].

Security

Security IoT Passwords Manufacturing

Brazil’s Polícia Federal arrested the notorious hacker USDoD

Security Affairs

OCTOBER 16, 2024

CrowdStrike’s investigation reveals that USDoD’s leader, Luan BG, has been a hacktivist active since at least 2017. The link between Luan’s hacktivism and cybercrime was established due to his bad Operational security (opsec). However, the Brazilian national turned into more complex cybercriminal activities by 2022.

Data breaches

Data breaches Cybersecurity Risk IT

Security Affairs newsletter Round 451 by Pierluigi Paganini – INTERNATIONAL EDITION

Security Affairs

DECEMBER 24, 2023

Every week the best security articles from Security Affairs are free for you in your email box. A new round of the weekly SecurityAffairs newsletter arrived! Enjoy a new round of the weekly SecurityAffairs newsletter, including the international press.

Security

Security Ransomware Marketing Risk

Strategies for Securing Your Supply Chain

IT Governance

OCTOBER 23, 2024

What to do when your ‘supply chain’ is really a ‘supply loop’ When I asked Bridget Kenyon – CISO (chief information security officer) for SSCL, lead editor for ISO 27001:2022 and author of ISO 27001 Controls – what she’d like to cover in an interview, she suggested supply chain security. How can you secure a ‘supply loop’?

Security

Security Information Security Risk Access

SynAck ransomware gang releases master decryption keys for old victims

Security Affairs

AUGUST 13, 2021

The news was first reported by TheRecord website, the master decryption keys work for victims that were infected between July 2017 and early 2021. “The keys have been verified as authentic by Michael Gillespie , a malware analyst at security firm Emsisoft and the creator of the ID-Ransomware service.” Pierluigi Paganini.

Ransomware

Ransomware Authentication Security IT

Microsoft Patches Tuesday security updates for April 2024 fixed hundreds of issues

Security Affairs

APRIL 10, 2024

Microsoft Patches Tuesday security updates for April 2024 addressed three Critical vulnerabilities, none actively exploited in the wild. Microsoft Patches Tuesday security updates for April 2024 addressed 147 vulnerabilities in multiple products. According to ZDI, three of these vulnerabilities were reported through their ZDI program.

Security

Security Authentication IT

Russian APT28 hacker accused of the NATO think tank hack in Germany

Security Affairs

JUNE 20, 2022

The attack took place in April 2017 and the man is accused of conducting the attack for the Russian military intelligence service GRU. Kozachek hacked the computed of the NATO think tank in 2017 and installed a keylogger to spy on the organization. ” reported the Tagesschau website. ” continues the post. Pierluigi Paganini.

Military

Military Access Security Cybersecurity

Mercedes-Benz data breach impacted roughly 1000 individuals

Security Affairs

JUNE 26, 2021

million customers, exposed data includes financial data and social security numbers (SSNs). Data belongs to individuals that provided their information to Mercedez-Benz and dealer websites between 2014 and 2017. The post Mercedes-Benz data breach impacted roughly 1000 individuals appeared first on Security Affairs.

Data breaches

Data breaches Cloud Security Government

US and UK details a new Python backdoor used by MuddyWater APT group

Security Affairs

FEBRUARY 24, 2022

CISA, the FBI, the US Cyber Command’s Cyber National Mission Force (CNMF), UK’s National Cyber Security Centre (NCSC-UK), and the NSA, and law enforcement agencies have published a joint advisory on new malware used by Iran-linked MuddyWater APT group (aka SeedWorm and TEMP.Zagros ) in attacks aimed at critical infrastructure worldwide.

Government

Government Cybersecurity Security IT

Russia-linked APT Turla used a new malware toolset named Crutch

Security Affairs

DECEMBER 2, 2020

The latter, also known as WhiteBear, was a second-stage backdoor used by Turla in 2016-2017.” Experts believe that Turla attackers used Crutch as a second stage backdoor, while first-stage implants used by the APT group includes Skipper (2017) and the open-source PowerShell Empire post-exploitation framework (from 2017).

Archiving

Archiving Communications Government Access

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

Security Affairs

AUGUST 16, 2024

Many Google Pixel devices shipped since September 2017 have included a vulnerable app that could be exploited for malicious purposes. Many Google Pixel devices shipped since September 2017 have included dormant software that could be exploited by attackers to compromise them. ” reads the report. ” reads the report.

Retail

Retail Data breaches Sales Passwords

France agency ANSSI links Russia’s Sandworm APT to attacks on hosting providers

Security Affairs

FEBRUARY 15, 2021

The French security agency ANSSI is warming of a series of attacks targeting Centreon monitoring software used by multiple French organizations and attributes them to the Russia-linked Sandworm APT group. The first attack spotted by ANSSI experts dates back to the end of 2017 and the campaign continued until 2020. Pierluigi Paganini.

Ransomware

Ransomware Security IT Information Security

Hackers claim to have compromised 50,000 home cameras and posted footage online

Security Affairs

OCTOBER 19, 2020

A hacker collective claims to have hacked over 50,000 home security cameras and published their footage online, some of them on adult sites. A group of hackers claims to have compromised over 50,000 home security cameras and published their private footage online. ” continues the article. Pierluigi Paganini.

IoT

IoT Paper Access Manufacturing

Targeted operation against Ukraine exploited 7-year-old MS Office bug

Security Affairs

APRIL 28, 2024

Security experts at Deep Instinct Threat Lab have uncovered a targeted campaign against Ukraine, exploiting a Microsoft Office vulnerability dating back almost seven years to deploy Cobalt Strike on compromised systems. The DLL also implements features to evade detection and avoid analysis by security experts.

Military

Military Mining Libraries Security

Experts found 2 Linux Kernel flaws that can allow bypassing Spectre mitigations

Security Affairs

MARCH 30, 2021

In January 2018, White hackers from Google Project Zero disclosed vulnerabilities , affecting all modern Intel CPUs, dubbed Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715). If you want to receive the weekly Security Affairs Newsletter for free subscribe here. Pierluigi Paganini.

Access

Access Security IT Information Security

Identity Thieves Bypassed Experian Security to View Credit Reports

Krebs on Security

JANUARY 9, 2023

Identity thieves have been exploiting a glaring security weakness in the website of Experian , one of the big three consumer credit reporting bureaus. All that was needed was the person’s name, address, birthday and Social Security number. states to place a security freeze on their credit files.

Security

Security Authentication Mining Cybersecurity

How to Create a Strong Security Culture

IT Governance

NOVEMBER 18, 2024

Getting a greater return on investment on your security measures We all have a responsibility for security. But to ensure that all staff truly take note of security and apply the knowledge gained from any staff awareness training , security should be embedded in your organisation’s culture.

Security

Security Security awareness Phishing Information Security

The source code of the Paradise Ransomware was leaked on XSS hacking forum

Security Affairs

JUNE 15, 2021

The news of the availability of the source code was first reported by Tom Malka , a senior threat intelligence analyst for security firm Security, that reported it to BleepingComputer and The Record. . Paradise Ransomware has been active since September 2017, its operators offer the malware with a Ransomware-as-a-Service (RaaS) model.

Ransomware

Ransomware Encryption Security IT

Google releases Spectre PoC code exploit for Chrome browser

Security Affairs

MARCH 14, 2021

” In January 2018, the expert devised two attacks dubbed Meltdown (CVE-2017-5754) and Spectre (CVE-2017-5753 and CVE-2017-5715) , which could be conducted to steal sensitive data processed by the CPU. We invite the security community to extend our research and develop code that makes use of other Spectre gadgets.”

Metadata

Metadata Encryption Authentication Security

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

Security Affairs

JANUARY 6, 2024

billion insurance claim for the losses caused by the NotPetya attack that took place in 2017. In August 2017, the pharmaceutical company revealed that the massive NotPetya cyberattack disrupted its worldwide operations. Merck filed a $1.4

Insurance

Insurance Healthcare Manufacturing Ransomware

New EwDoor Botnet is targeting AT&T customers

Security Affairs

NOVEMBER 30, 2021

Experts from Qihoo 360’s Network Security Research Lab discovered a new botnet, dubbed EwDoor , that targets AT&T customers using EdgeMarc Enterprise Session Border Controller (ESBC) edge devices that are publicly exposed to the Internet. ” reads the analysis published by Qihoo 360. Pierluigi Paganini.

Communications

Communications Encryption Cloud Security

U.S. CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog

Security Affairs

SEPTEMBER 10, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog. Cybersecurity and Infrastructure Security Agency (CISA) added SonicWall SonicOS, ImageMagick and Linux Kernel vulnerabilities to its Known Exploited Vulnerabilities (KEV) catalog.

IT

IT Cybersecurity Access Risk

CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

JUNE 3, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added an Oracle WebLogic Server vulnerability to its Known Exploited Vulnerabilities (KEV) catalog. The issue, tracked as CVE-2017-3506 (CVSS score 7.4), is an OS command injection. The vulnerability resides in the Oracle WebLogic Server component of Oracle Fusion Middleware.

IT

IT Access Cybersecurity Risk

StripedFly, a complex malware that infected one million devices without being noticed

Security Affairs

OCTOBER 30, 2023

Further analysis revealed that the malware has been used since at least 2017. Kaspersky discovered that the detections between 2017 and 2022 had previously misclassified as a cryptocurrency miner. Kaspersky researchers discovered that over one million updates have been downloaded from the C2 infrastructure since 2017.

Ransomware

Ransomware Mining Communications IT

Nigerian National pleads guilty to participating in a millionaire BEC scheme

Security Affairs

SEPTEMBER 24, 2023

The man was extradited from Canada to the United States on April 12, 2023. “According to his plea agreement, from February 2017 until at least July 2017, Simon-Ebo conspired with others to perpetrate a BEC scheme.” According to the US authorities, fraudulent activities caused losses of more than $6 million to the victims.

Agriculture

Agriculture Security Access Information Security

Chinese actors behind attacks on industrial enterprises and public institutions

Security Affairs

AUGUST 9, 2022

The attackers breached dozens of enterprises and in some cases compromised their IT infrastructure, taking over systems used to manage security solutions. The emails used weaponized Microsoft Word documents exploiting the CVE-2017-11882 vulnerability. ” reads the report published by Kaspersky. Pierluigi Paganini.

Encryption

Encryption Military Archiving Phishing

Uber hacked, internal systems and confidential documents were allegedly compromised

Security Affairs

SEPTEMBER 16, 2022

Uber on Thursday disclosed a security breach, threat actors gained access to its network, and stole internal documents. The attackers allegedly compromised several internal systems and provided images of email, cloud storage and code repositories to The New York Times and some cyber security researchers. Pierluigi Paganini.

Data breaches

Data breaches Access Information Security Security

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

Krebs on Security

JULY 1, 2021

Equifax’s 2017 megabreach that exposed the personal and financial details of 145.5 million Americans may have shocked the public, but it did little to stop more than a million employers from continuing to sell Equifax their employee payroll data, Bloomberg found in late 2017. Intuit’s FAQ on the changes is here.

Financial Services

Financial Services Government Authentication IT

Security experts targeted with malicious CVE PoC exploits on GitHub

Security Affairs

OCTOBER 24, 2022

The experts analyzed PoCs shared on GitHub for known vulnerabilities discovered in 2017-2021, some of these repositories were used by threat actors to spread malware. The post Security experts targeted with malicious CVE PoC exploits on GitHub appeared first on Security Affairs. Pierluigi Paganini.

Security

Security Paper IT Information Security

USCYBERCOM: MuddyWater APT is linked to Iran’s MOIS intelligence

Security Affairs

JANUARY 13, 2022

US Cyber Command (USCYBERCOM) has officially linked the Iran-linked MuddyWater APT group to Iran’s Ministry of Intelligence and Security (MOIS). USCYBERCOM has officially linked the Iran-linked MuddyWater APT group (aka SeedWorm and TEMP.Zagros ) to Iran’s Ministry of Intelligence and Security (MOIS). Pierluigi Paganini.

Security

Security Access IT Cybersecurity

Today Adobe Flash Player reached the end of life (EOL)

Security Affairs

JANUARY 1, 2021

” In July 2017, Apple , Facebook , Google , Microsoft , and Mozilla , and Adobe announced the end of the support for Flash Media Player by the end of 2020. The software was considered not secure and new software with better performance, such as HTML5, is used by web developers for their projects. Pierluigi Paganini.

Security

Security IT Information Security

NSA warns of cloud attacks on authentication mechanisms

Security Affairs

DECEMBER 19, 2020

The US National Security Agency (NSA) warns of two techniques abused by threat actors for escalating attacks from local networks to cloud infrastructure. The US National Security Agency has published a security advisory that describes two techniques abused in recent attacks against cloud infrastructure. Pierluigi Paganini.

Authentication

Authentication Cloud Access Security

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

The new variant of the bot includes exploits for the following security issues: CVE-2022-22954 : Critical RCE flaw in VMware Workspace ONE Access and VMware Identity Manager. ” Security Affairs is one of the finalists for the best European Cybersecurity Blogger Awards 2022 – VOTE FOR YOUR WINNERS. LFI CVE-2018-16763 Fuel CMS 1.4.1

CMS

CMS IoT Security Passwords

Sophisticated Latrodectus Malware Linked to 2017 Strain

U.S. CISA adds Edimax IC-7100 IP Camera, NAKIVO, and SAP NetWeaver AS Java flaws to its Known Exploited Vulnerabilities catalog

Webinars

Trending Sources

Crypto security breaches cause $4.25 billion losses worth of cryptos in 2021

Webinars

Microsoft Patches Tuesday security updates for April 2024 fixed hundreds of issues

Monetizing Analytics Features: Why Data Visualizations Will Never Be Enough

Experian’s Credit Freeze Security is Still a Joke

Microsoft: North Korea-linked Zinc APT targets security experts

North Korea-linked Zinc group posed as Samsung recruiters to target security firms

CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

How to Package and Price Embedded Analytics

COMB breach: 3.2B email and password pairs leaked online

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Brazil’s Polícia Federal arrested the notorious hacker USDoD

Security Affairs newsletter Round 451 by Pierluigi Paganini – INTERNATIONAL EDITION

Strategies for Securing Your Supply Chain

SynAck ransomware gang releases master decryption keys for old victims

Microsoft Patches Tuesday security updates for April 2024 fixed hundreds of issues

Russian APT28 hacker accused of the NATO think tank hack in Germany

Mercedes-Benz data breach impacted roughly 1000 individuals

US and UK details a new Python backdoor used by MuddyWater APT group

Russia-linked APT Turla used a new malware toolset named Crutch

Millions of Pixel devices can be hacked due to a pre-installed vulnerable app

France agency ANSSI links Russia’s Sandworm APT to attacks on hosting providers

Hackers claim to have compromised 50,000 home cameras and posted footage online

Targeted operation against Ukraine exploited 7-year-old MS Office bug

Experts found 2 Linux Kernel flaws that can allow bypassing Spectre mitigations

Identity Thieves Bypassed Experian Security to View Credit Reports

How to Create a Strong Security Culture

The source code of the Paradise Ransomware was leaked on XSS hacking forum

Google releases Spectre PoC code exploit for Chrome browser

Merck settles with insurers regarding a $1.4 billion claim over NotPetya damages

New EwDoor Botnet is targeting AT&T customers

U.S. CISA adds SonicWall SonicOS, ImageMagick and Linux Kernel bugs to its Known Exploited Vulnerabilities catalog

CISA adds Oracle WebLogic Server flaw to its Known Exploited Vulnerabilities catalog

StripedFly, a complex malware that infected one million devices without being noticed

Nigerian National pleads guilty to participating in a millionaire BEC scheme

Chinese actors behind attacks on industrial enterprises and public institutions

Uber hacked, internal systems and confidential documents were allegedly compromised

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

Security experts targeted with malicious CVE PoC exploits on GitHub

USCYBERCOM: MuddyWater APT is linked to Iran’s MOIS intelligence

Today Adobe Flash Player reached the end of life (EOL)

NSA warns of cloud attacks on authentication mechanisms

EnemyBot malware adds new exploits to target CMS servers and Android devices

Stay Connected