Security Affairs

DECEMBER 21, 2018

aka Baobeilong, aka Zhang Jianguo, aka Atreexp, both nationals of the People’s Republic of China (China), with conspiracy to commit computer intrusions, conspiracy to commit wire fraud, and aggravated identity theft was announced today. , aka Afwar, aka CVNX, aka Alayos, aka Godkiller; and Zhang Shilong (???),

Computer and Electronics 271

Computer and Electronics Healthcare Manufacturing Government 271

Krebs on Security

DECEMBER 14, 2022

men with computer crimes related to their alleged ownership of the popular DDoS-for-hire services. Miller was charged this week with conspiracy and violations of the Computer Fraud and Abuse Act (CFAA). million attacks between 2018 and 2022, and attracted some 50,000 registered users. million attacks between 2018 and 2022.

Computer and Electronics 352

Computer and Electronics Education IT Risk 352

Security Affairs

JUNE 11, 2021

million Windows systems between 2018 and 2020. The software includes illegal Adobe Photoshop 2018, a Windows cracking tool, and several cracked games.” million computers. Researchers from NordLocker have discovered an unsecured database containing 1.2-terabyte terabyte of stolen data. The database includes 6.6

Computer and Electronics 322

Computer and Electronics Archiving Encryption Passwords 322

Security Affairs

NOVEMBER 23, 2020

A team of researchers from the Computer Security and Industrial Cryptography (COSIC) group at the KU Leuven University in Belgium has demonstrated how to steal a Tesla Model X in minutes by exploiting vulnerabilities in the car’s keyless entry system. Then, they exploited the insecure update mechanism to deliver a tainted firmware to the fob.

Computer and Electronics 340

Computer and Electronics Communications Security Access 340

Security Affairs

AUGUST 18, 2020

The group has been operating since 2018, on multiple cyber criminal forums they were offering to convert cryptocurrency resulting from cybercriminal activities into fiat. Police conducted searches of the suspects’ residences and offices and seized more than $ 200,000 worth of computer equipment, weapons, ammunition and cash.

Computer and Electronics 350

Computer and Electronics Digital transformation Data science Blockchain 350

Security Affairs

JANUARY 9, 2022

Cloud Act , which applies to all electronic communication service or remote computing service providers that operate in the U.S. . “The United States enacted the Clarifying Lawful Overseas Use of Data (CLOUD) Act in March 2018 to speed access to electronic information held by U.S.-based ” states the U.S. .

FOIA 306

FOIA Computer and Electronics IT Encryption 306

Security Affairs

OCTOBER 17, 2018

That object was crafted on 2018-10-09 but it was seen only on 2018-10-12. According to VirusTotal the software was “seen in the Wild” in 2010 but submitted only on 2018-10-12! I am a computer security scientist with an intensive hacking background. Stage2: OleOBj inclusion (click to expand it).

Computer and Electronics 277

Computer and Electronics Encryption Security Military 277

Krebs on Security

FEBRUARY 1, 2019

More than 250 customers of a popular and powerful online attack-for-hire service that was dismantled by authorities in 2018 are expected to face legal action for the damage they caused, according to Europol , the European Union’s law enforcement agency. In April 2018, investigators in the U.S., According to U.S. According to U.S.

Computer and Electronics 209

Computer and Electronics IT Access Security 209

Security Affairs

NOVEMBER 14, 2018

Fincantieri who was not involved in the previous ‘MartyMcFly’ attack identified and blocked additional threats targeting their wide infrastructure intercepted on during the week of 20th August 2018, about a couple of months before the ‘MartyMcFly’ campaign. Whois data of “anchors-chain.com”.

Computer and Electronics 273

Computer and Electronics Phishing Security Encryption 273

Security Affairs

NOVEMBER 16, 2018

The downloaded PE Executable is a.NET file created by ExtendedScript Toolkit (according to compilation time) on 2018-11-13 15:21:54 and submitted a few hours later on VirusTotal. I am a computer security scientist with an intensive hacking background. Stage 3: NET file. About the author: Marco Ramilli, Founder of Yoroi.

Computer and Electronics 279

Computer and Electronics File names Security IT 279

Security Affairs

MAY 6, 2020

The crime gang was formed in 2018, it was involved in distributing stolen user credentials, developing and distributing malware and hacking tools, and fraud. . The agents seized electronic equipment, external hard drives and hardware cryptocurrency wallets, all worth around €100 000. ” concludes the Europol.

Computer and Electronics 278

Computer and Electronics Sales Access Data breaches 278

Security Affairs

AUGUST 7, 2019

group_b : from August 2017 to January 2018 3. group_c : from January 2018 to February 2018 4. I am a computer security scientist with an intensive hacking background. I do have a MD in computer engineering and a PhD on computer security from University of Bologna. group_a : from 2016 to August 2017 2.

e-Delivery 261

e-Delivery Computer and Electronics Phishing Communications 261

Security Affairs

JULY 17, 2018

has analyzed the campaign of spear-phishing on 2 april 2018 targeting the service centers of Samsung Italy.” According to a technical report published by the experts, this attack and the one against Russian service centers offering maintenance and support for various electronic goods started in the same period, in March.

Computer and Electronics 186

Computer and Electronics Phishing Security IT 186

Security Affairs

NOVEMBER 9, 2021

a and seized electronic equipment (laptops, mobile phones) and storage media. The prosecutors ordered the detention for a period of 24 hours of the 2 defendants, for illegal access to a computer system with the intent of disrupting the operation of compromised networks and conducting money laundering. .”

Ransomware 290

Ransomware Computer and Electronics Access Security 290

Security Affairs

DECEMBER 4, 2019

However most of the new attacks, qualitative speaking, happened during the time frame between 2018 to 2019. For example from 2017 to early 2018 APT28 used specific techniques such as: T1251 , T1329 , T1336 and T1319. Finally from October 2018 to late march 2019 APT28 introduced a totally different weaponization technique: the T1345.

Computer and Electronics 235

Computer and Electronics Libraries Security Military 235

Schneier on Security

SEPTEMBER 20, 2018

Of course the ESS ExpressVote voting computer will have lots of security vulnerabilities. It's a computer, and computers have lots of vulnerabilities. I am continuously amazed by how bad electronic voting machines are. Yes, they're computers. Now it's easy for a hacked machine to cheat undetectably!

Computer and Electronics 109

Computer and Electronics Paper Security Privacy 109

Security Affairs

SEPTEMBER 23, 2018

Google Android team found high severity flaw in Honeywell Android-based handheld computers. Evolution of threat landscape for IoT devices – H1 2018. Adobe issued a critical out-of-band patch to address CVE-2018-12848 Acrobat flaw. Magecart cybercrime group stole customers credit cards from Newegg electronics retailer.

Computer and Electronics 208

Computer and Electronics Security Mining Data breaches 208

Krebs on Security

NOVEMBER 22, 2019

All told, VCPI is responsible for maintaining approximately 80,000 computers and servers that assist those facilities. “But right now all we’re dealing with is getting electronic medical records back up and life-threatening situations handled first.” At around 1:30 a.m. 20, Cape Girardeau, Mo.-based

Ransomware 363

Ransomware Computer and Electronics Data breaches Access 363

Security Affairs

JULY 7, 2019

The SilentTrinity malware can take control over an infected computer, it allows attackers to execute arbitrary commands. Searching online for SILENTTRINITY the experts found a reference in the PE file debugging information, the code comes for the IronPython project uploaded on GitHub in October 2018 by Marcello Salvati.

Government 270

Government Computer and Electronics Archiving Phishing 270

Security Affairs

MAY 2, 2019

By focusing on trying to give a project date we might observe the compiled time which happens to be 9/1/2018 at 5:13:02 AM for newPanel-dbg.exe while it happens to be 9/8/2018 at 8:01:54 PM for the imported library called ToggleSwitch.dll. The used command and control has been compiled the month before ( July 2018 ).

Computer and Electronics 277

Computer and Electronics Communications Government Security 277

Security Affairs

NOVEMBER 15, 2018

The emails were disguised to look as if they come from the Central Bank of Russia and FinCERT, the Financial Sector Computer Emergency Response Team. According to Group-IB’s report published in September 2018, Silence gang members presumably were or are legally employed as pentesters and reverse engineers. About MoneyTaker.

Phishing 279

Phishing Computer and Electronics Data collection Security 279

Security Affairs

JANUARY 29, 2019

In April 2018, an international operation conducted by the European law enforcement agencies led by the UK’s National Crime Agency (NCA) and the Dutch Police, with the help of Europol, took down the world’s biggest DDoS-for-hire service. ” reads the press release published by the Europol. ” concludes the Europol.

Computer and Electronics 278

Computer and Electronics Government Security IT 278

Security Affairs

JULY 30, 2019

“A former Seattle technology company software engineer was arrested today on a criminal complaint charging computer fraud and abuse for an intrusion on the stored data of Capital One Financial Corporation, announced U.S. Thompson was charged with computer fraud and abuse in U.S. Attorney Brian T. “PAIGE A. .”

Data breaches 247

Data breaches Access Computer and Electronics IT 247

Security Affairs

JUNE 26, 2019

The authorities raided the houses of the suspects and seized a large number of electronic devices, equipment, and valuable assets. The suspects are accused to have committed computer misuse act offences and to have engaged in money laundering activities. . . ” concludes the press release.

Computer and Electronics 217

Computer and Electronics Access Security IT 217

Krebs on Security

AUGUST 7, 2018

On July 18, 2018, Pasco County authorities arrested Ricky Joseph Handschumacher , an employee of the city of Port Richey, Fla, charging him with grand theft and money laundering. ” A SIM card is the tiny, removable chip in a mobile device that allows it to connect to the provider’s network. GRAND PLANS.

Authentication 251

Authentication Computer and Electronics Passwords Retail 251

Krebs on Security

FEBRUARY 28, 2019

pleaded guilty this week to one count of conspiracy to cause damage to Internet-connected computers and for his role in owning, administering and supporting illegal “booter” or “stresser” services designed to knock Web sites offline, including exostress[.]in Usatyuk of Orland Park, Ill. in , quezstresser[.]com

Computer and Electronics 211

Computer and Electronics Government IT 211

Security Affairs

NOVEMBER 23, 2018

Fake leather bags, sunglasses, sportswear, electronics and perfumes pose risks to consumers. Most of the domain names were purchased in August 2018, and all the content – photos, product descriptions, and prices – was copied from the legitimate website. Long Beach press conference. Photo by Brad Graverson 11-28-14.

Phishing 224

Phishing Computer and Electronics Sales Communications 224

IT Governance

OCTOBER 30, 2018

The representative did a “visual review” of the buckets, as USPS’s internal policy is not to plug any USB sticks into a computer (not all bad practice, eh?), The law will apply to consumer electronics from 2020. There’s issue number two. but couldn’t see Weibrecht Law’s missing device.

Data breaches 109

Data breaches Computer and Electronics Passwords Insurance 109

IT Governance

OCTOBER 30, 2018

The representative did a “visual review” of the buckets, as USPS’s internal policy is not to plug any USB sticks into a computer (not all bad practice, eh?), The law will apply to consumer electronics from 2020. There’s issue number two. but couldn’t see Weibrecht Law’s missing device.

Data breaches 109

Data breaches Computer and Electronics Passwords Insurance 109

The Last Watchdog

NOVEMBER 4, 2021

Since it took effect in 2018, GDPR’s core guidelines have been copied by LGDP in Brazil , POPIA in South Africa , and the PDPB in India. The California Consumer Privacy Act (CCPA), soon to be superseded by the California Privacy Rights Act (CPRA) on January 1, 2023, applies to both electronic and paper records.

Personal data 237

Personal data Privacy Data Privacy Unstructured data 237

Krebs on Security

JULY 18, 2022

For the past seven years, an online service known as 911 has sold access to hundreds of thousands of Microsoft Windows computers daily, allowing customers to route their Internet traffic through PCs in virtually any country or city around the globe — but predominantly in the United States. The 911 service as it exists today.

Computer and Electronics 352

Computer and Electronics Sales Marketing Access 352

Krebs on Security

JANUARY 10, 2020

In July 2018, KrebsOnSecurity published the story Neo-Nazi Swatters Target Dozens of Journalists , which detailed the activities of a loose-knit group of individuals who had targeted hundreds of individuals for swatting attacks, including federal judges, corporate executives and almost three-dozen journalists (myself included).

Computer and Electronics 232

Computer and Electronics Cybersecurity IT Security 232

Krebs on Security

DECEMBER 20, 2018

In a complaint unsealed today, the Justice Department said that although FBI agents identified at least 60 different booter services operating between June and December 2018, they discovered not all were fully operational and capable of launching attacks. ” DOWN THEM ALL.

Computer and Electronics 230

Computer and Electronics Government Marketing IT 230

Krebs on Security

JANUARY 22, 2019

In July 2018, email users around the world began complaining of receiving spam which began with a password the recipient used at some point in the past and threatened to release embarrassing videos of the recipient unless a bitcoin ransom was paid. 13, 2018 bomb threat hoax. domaincontrol.com, and ns18.domaincontrol.com.

Computer and Electronics 269

Computer and Electronics Cloud Phishing Passwords 269

Krebs on Security

JULY 24, 2018

The email allowed the intruders to install malware on the victim’s PC and to compromise a second computer at the bank that had access to the STAR Network , a system run by financial industry giant First Data that the bank uses to handle debit card transactions for customers.

Insurance 199

Insurance Computer and Electronics Phishing Access 199

Security Affairs

AUGUST 29, 2018

In May 2107, security experts discovered a critical remote code execution (RCE) vulnerability, tracked as CVE-2017-5689, in the remote management features implemented on computers shipped with Intel Chipset in past 9 years. The Electronic Frontier Foundation asked Intel to provide a way to disable the IME.

Computer and Electronics 191

Computer and Electronics Access Security Risk 191

Krebs on Security

MARCH 22, 2021

Been active on computers since 7 years old, back in mid-80’s and have pioneered many facets of the internet and cyber security market we know today. 2018 was for two years as a “senior skunk works analyst” at an unnamed employer. Grey’s profile at RedTorch.

Computer and Electronics 329

Computer and Electronics Honeypots Archiving Marketing 329