2018 and Security - Information Management Today

Irish Data Protection Commission (DPC) fined Meta €251 million for a 2018 data breach

Security Affairs

DECEMBER 18, 2024

Meta has been fined 251M ($263M) for a 2018 data breach affecting millions in the EU, marking another penalty for violating privacy laws. The Irish Data Protection Commission (DPC) fined Meta 251 million ($263M) for a 2018 data breach impacting 29 million Facebook accounts. ” reads the press release published by DPC.

Data breaches

Data breaches GDPR Personal data Access

Increased GDPR Enforcement Highlights the Need for Data Security

Security Affairs

NOVEMBER 18, 2024

GDPR protects sensitive data like health and financial details, and its enforcement underscores the growing need for stronger data security measures. The General Data Protection Regulation ( GDPR ), enacted in 2018, has set a new standard for data privacy across the European Union (EU). What is GDPR and Why Does It Matter?

GDPR

GDPR Security Compliance Data Privacy

Norway blames China-linked APT31 for 2018 government hack

Security Affairs

JUNE 20, 2021

Norway police secret service states said that China-linked APT31 group was behind the 2018 cyberattack on the government’s IT network. Norway’s Police Security Service (PST) said that the China-linked APT31 cyberespionage group was behind the attack that breached the government’s IT network in 2018. Pierluigi Paganini.

Government

Government Access Passwords Cloud

Webinars

Maximizing Profit and Productivity: The New Era of AI-Powered Accounting

Automation, Evolved: Your New Playbook For Smarter Knowledge Work

MORE WEBINARS

From 2018: DeepMasterPrints: deceive fingerprint recognition systems with MasterPrints generated with GANs

Security Affairs

AUGUST 18, 2024

This highlights the significant security risks posed by using small, low-resolution fingerprint sensors. The technique is effective across different fingerprint matchers and datasets and has potential applications in both security and computational creativity research. false match rate, and up to 77% at a 1% false match rate.

Risk

Risk Security Information Security IT

5 Early Indicators Your Embedded Analytics Will Fail

Many application teams leave embedded analytics to languish until something—an unhappy customer, plummeting revenue, a spike in customer churn—demands change. But by then, it may be too late. In this White Paper, Logi Analytics has identified 5 tell-tale signs your project is moving from “nice to have” to “needed yesterday.".

Analytics

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

Security Affairs

DECEMBER 16, 2024

Then he requested help from Amnesty Internationals Security Lab fearing to be the target of surveillance software like other journalists in Serbia. Development traces back to at least 2018. After the police released him, Milanov noticed suspicious changes to his phone settings, such as disabled data and Wi-Fi.

Personal data

Personal data Encryption Security Privacy

New Atrium Health data breach impacts 585,000 individuals

Security Affairs

DECEMBER 6, 2024

Atrium Health launched an investigation into the security breach and discovered that from January 2015 to July 2019, certain online tracking technologies were active on its MyAtriumHealth (formerly MyCarolinas) Patient Portal, accessible via web and mobile. The company notified the US Department of Health and Human Services (HHS).

Data breaches

Data breaches Access Phishing Privacy

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

Security Affairs

MARCH 20, 2025

The use of popular instant messaging apps on both mobile and desktop devices broadens the attack surface, creating uncontrolled information exchange channels that bypass security measures. DCRat first appeared in the threat landscape in 2018, but a year later it was redesigned and relaunched.

Computer and Electronics

Computer and Electronics Archiving Passwords Government

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

Security Affairs

NOVEMBER 18, 2024

The security breach poses a major national security risk. The WSJ states that the compromise remained undisclosed due to possible impact on national security. The security breach impacted a limited number of customers, only 836 individuals. In 2018, data breach exposed personal information of up to 2 million customers.

Data breaches

Data breaches Communications Artificial Intelligence Government

News Alert: Security Risk Advisors joins Microsoft Intelligent Security Association (MISA)

The Last Watchdog

JANUARY 7, 2025

Security Risk Advisors (SRA) is a leading cybersecurity firm dedicated to providing comprehensive security solutions to businesses worldwide. With a commitment to maintaining the highest ethical standards, SRA offers a range of services including security testing, security program development, 24×7 monitoring and response.

Risk

Risk Security Cybersecurity Marketing

Security Firm COO Hacked Hospitals to Drum Up Business

Data Breach Today

NOVEMBER 17, 2023

Atlanta Man Pleads Guilty, Is Ordered to Pay $818,000 Restitution, May Avoid Prison The chief operating officer of an Atlanta-based cybersecurity firm has pleaded guilty and agreed to pay restitution of more than $818,000 in a federal criminal case in which he admitted hacking a Georgia medical center in 2018 in an effort to drum up business for his (..)

Security

Security Cybersecurity

At least 4,460 vulnerable Pulse Connect Secure hosts are exposed to the Internet

Security Affairs

DECEMBER 10, 2022

Censys researchers warn of more than 4,000 vulnerable Pulse Connect Secure hosts exposed to the Internet. Pulse Connect Secure is a widely-deployed SSL VPN solution for remote and mobile users, for this reason, it is a target of attacks by multiple threat actors. ” reads the post published by Censys. Pierluigi Paganini.

Security

Security IT Information Security

Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs

Security Affairs

NOVEMBER 22, 2020

Researchers from Bank Security first reported the availability of the list of 49,577 IPs vulnerable to Fortinet SSL VPN CVE-2018-13379. link] — Bank Security (@Bank_Security) November 20, 2020. The post Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs appeared first on Security Affairs.

Government

Government Ransomware Access Cybersecurity

Can We Stop Pretending SMS Is Secure Now?

Krebs on Security

MARCH 16, 2021

SMS text messages were already the weakest link securing just about anything online, mainly because there are tens of thousands of employees at mobile stores who can be tricked or bribed into swapping control over a mobile phone number to someone else. “Regulators really need to get involved.” ” WHAT CAN YOU DO?

Security

Security Passwords Authentication Communications

Old vulnerabilities in Cisco products actively exploited in the wild

Security Affairs

DECEMBER 19, 2022

Cisco has updated multiple security advisories to warn of the active exploitation of several old vulnerabilities impacting its products. Organizations are recommended to review the Cisco’s advisories and apply security patches released by the company. Follow me on Twitter: @securityaffairs and Facebook and Mastodon.

Security

Security Access IT Information Security

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

Krebs on Security

DECEMBER 19, 2024

The makers of Acunetix, Texas-based application security vendor Invicti Security , confirmed Silent Push’s findings, saying someone had figured out how to crack the free trial version of the software so that it runs without a valid license key. That user, “ Exorn ,” has posts dating back to August 2018.

IT

IT Data breaches Cloud Passwords

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Security Affairs

NOVEMBER 1, 2021

Positive Technologies researchers Vladimir Kononovich and Alexey Stennikov have discovered security flaws Wincor Cineo ATMs that could be exploited to bypass Black-Box attack protections and withdraw cash. The vulnerabilities discovered by the security duo impacts the Wincor Cineo ATMs with the RM3 and CMD-V5 dispensers. score of 6.8.

Encryption

Encryption Manufacturing Authentication Security

CISA adds JBoss RichFaces Framework flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

SEPTEMBER 28, 2023

US CISA added the flaw CVE-2018-14667 in Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the critical flaw CVE-2018-14667 (CVSS score 9.8) The vulnerability was discovered by the security researcher Joao Filho Matos Figueiredo.

IT

IT Cybersecurity Risk Security

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

Krebs on Security

JULY 21, 2023

Many things have changed since 2018, such as the names of the companies in the Fortune 100 list. But one aspect of that vaunted list that hasn’t shifted much since is that very few of these companies list any security professionals within their top executive ranks.

Security

Security Risk Insurance Cybersecurity

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Security Affairs

OCTOBER 29, 2020

The FBI, the DHS’s Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) has issued a joint alert to warn hospitals and healthcare providers of imminent ransomware attacks from Russia. Ryuk first appeared in the threat landscape in August 2018 as a derivative of the Hermes 2.1

Ransomware

Ransomware IoT Sales Communications

Russian national extradited to US for trading on stolen Information

Security Affairs

DECEMBER 21, 2021

The man was arrested in Switzerland on March 21, 2021, along with four other accomplices he conspired to gain unauthorized access to computers and to commit wire fraud and securities fraud. Securities and Exchange Commission (SEC).” national securities exchanges to purchase or sell the securities of those companies.

Military

Military Passwords Security Access

RansomEXX ransomware leaks files stolen from Italian luxury brand Zegna

Security Affairs

AUGUST 6, 2021

As of 2018, Ermenegildo Zegna operated 480 retail stores (267 of which company-owned) across the world. The revenge of the company was €1.159 billion as 2018. The RansomEXX gang has been active since 2018 under the name Defray, in June 2020 the group rebranded as RansomEXX. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware Archiving Retail Manufacturing

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

Security Affairs

MARCH 2, 2024

from April 29, 2018, to May 10, 2020). Security experts have detected and analyzed some of the tools in its arsenal, such as the popular Pegasus spyware (for iOS) and Chrysaor (for Android). “The The recent court ruling is an important milestone in our long-running goal of protecting WhatsApp users against unlawful attacks. .

IT

IT Government Security Information Security

Information of Air Canada employees exposed in recent cyberattack

Security Affairs

SEPTEMBER 22, 2023

The carrier confirmed that its systems are fully operational, it also announced it has implemented further security measures with the help of leading global cyber security experts. The Canadian Centre for Cyber Security published an alert warning of a Distributed Denial of Service campaign targeting multiple Canadian sectors.

Data breaches

Data breaches Access Government Security

Russia-linked threat actors targets critical infrastructure, US authorities warn

Security Affairs

JANUARY 12, 2022

US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) issued a joint alert to warn critical infrastructure operators about threats from Russian state-sponsored hackers. ” reads the joint alert. Pierluigi Paganini. Pierluigi Paganini.

Cybersecurity

Cybersecurity Risk Government Phishing

Windows Moriya rootkit used in highly targeted attacks

Security Affairs

MAY 6, 2021

Kaspersky experts who uncovered the threat speculate the attacks are likely part of an ongoing espionage campaign dubbed TunnelSnake that has been active since at least 2018. One of the tools employed in the attack was formerly used by APT1, experts estimated that the threat actor first compromised the target network in early 2018.

Security

Security Access IT Cybersecurity

Fortinet warns of a spike in attacks against TBK DVR devices

Security Affairs

MAY 2, 2023

Threat actors are attempting to exploit a five-year-old authentication bypass issue, tracked as CVE-2018-9995 (CVSS score of 9.8), in TBK DVR devices. The CVE-2018-9995 flaw is due to an error when handling a maliciously crafted HTTP cookie. At this time, the vendor has yet to release security patches to address the flaw.

Authentication

Authentication Retail Education Marketing

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

The first version of the bot exploits tens of known vulnerabilities including: CVE-2020-17456 vulnerability affecting SEOWON INTECH SLC-130 and SLR-120S routers; CVE-2018-10823 flaw an older D-Link routers (DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, DWR-111 through 1.01).

CMS

CMS IoT Security Passwords

Experts found a macOS version of the sophisticated LightSpy spyware

Security Affairs

MAY 30, 2024

ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, CVE-2018-4404) to deliver macOS implants. The experts noticed that a portion of the CVE-2018-4404 exploit is likely borrowed from the Metasploit framework. The flaw resides in WebKit and impacts macOS version 10.13.3

Access

Access Authentication Communications IT

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

The Go-based botnet spreads by exploiting two dozen security vulnerabilities in the internet of things (IoT) devices and other applications. the malware operators have removed CVE-2018-12613, a phpMyAdmin vulnerability that could allow threat actors to view or execute files. Adopt a comprehensive IoT security solution.

IoT

IoT Passwords Access Security

Feds Warn Health Sector of TimisoaraHackerTeam Threats

Data Breach Today

JUNE 19, 2023

HHS says the group was discovered by security researchers in 2018. HHS Says 'Obscure' Group Has Resurfaced, Hitting a Cancer Center Federal authorities are warning healthcare and public health sector entities of an apparent resurgence of TimisoaraHackerTeam after an attack in recent weeks by the obscure ransomware group on a U.S.

Ransomware

Ransomware Security

John McAfee found dead in prison cell ahead of extradition to US

Security Affairs

JUNE 23, 2021

The authorities claim that the McAfee failed to file tax returns for incomes related to a period between 2014 and 2018. From 2014 to 2018, McAfee allegedly failed to file tax returns, despite receiving considerable income from these sources.” reads the press release published by DoJ. Follow me on Twitter: @securityaffairs and Facebook.

Cybersecurity

Cybersecurity Security IT Information Security

Crackonosh Monero miner made $2M after infecting 222,000 Win systems

Security Affairs

JUNE 27, 2021

Later the experts discovered that Crackonosh was also able to disable antivirus software from other major security vendors to avoid detection, including Windows Defender and Windows Update. Adaware Bitdefender Escan F-secure Kaspersky Mcafee (scanner only) Norton Panda. Follow me on Twitter: @securityaffairs and Facebook.

Mining

Mining File names Security IT

CISA published 2021 Top 15 most exploited software vulnerabilities

Security Affairs

APRIL 28, 2022

Cybersecurity and Infrastructure Security Agency (CISA) published a list of 2021’s top 15 most exploited software vulnerabilities. Cybersecurity and Infrastructure Security Agency (CISA) published the list of 2021’s top 15 most exploited software vulnerabilities. To nominate, please visit:? Pierluigi Paganini.

Cybersecurity

Cybersecurity Security Risk Government

A member of the FIN7 group was sentenced to 10 years in prison

Security Affairs

APRIL 18, 2021

Hladyr was sentenced in the Western District of Washington, he was arrested in Dresden, Germany, in 2018, at the request of U.S. Hladyr was charged in 2018 with two other FIN7 members , Dmytro Fedorov and Andrii Kopakov , also Ukrainian nationals. In late June 2018, foreign authorities arrested Andrii Kolpakov in Lepe, Spain.

Systems administration

Systems administration Encryption Communications Security

MyBook Users Urged to Unplug Devices from Internet

Krebs on Security

JUNE 25, 2021

” Western Digital’s brief advisory includes a link to an entry in the National Vulnerability Database for CVE-2018-18472. Examine the CVE attached to this flaw and you’ll notice it was issued in 2018. We are actively investigating the issue and will provide an updated advisory when we have more information.”

Access

Access Marketing IT

Operation GhostShell: MalKamak APT targets aerospace and telco firms

Security Affairs

OCTOBER 7, 2021

The threat actors have been targeting the above industries since at least 2018. “Assessments as to the identity of the operators and authors of ShellClient resulted in the identification of a new Iranian threat actor dubbed MalKamak that has operated since at least 2018 and remained publicly unknown thus far.”

Military

Military Cloud IT Access

Chinese threat actor exploits old ThinkPHP flaws since October 2023

Security Affairs

JUNE 7, 2024

Akamai observed a Chinese-speaking group exploiting two flaws, tracked as CVE-2018-20062 and CVE-2019-9082, in ThinkPHP applications. Akamai researchers observed a Chinese threat actor exploiting two old remote code execution vulnerabilities, tracked as CVE-2018-20062 and CVE-2019-9082 , in ThinkPHP.

File names

File names Passwords Access Cloud

CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog

Security Affairs

MAY 25, 2022

US Critical Infrastructure Security Agency (CISA) adds 41 new vulnerabilities to its Known Exploited Vulnerabilities Catalog. Other issues impact Google, Mozilla, Facebook, Adobe, and Webkit GTK software products, the vulnerabilities range from 2018 to 2021. To nominate, please visit:?. Pierluigi Paganini.

IT

IT Cybersecurity Security Risk

CISA adds Microsoft COM for Windows bug to its Known Exploited Vulnerabilities catalog

Security Affairs

AUGUST 6, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft COM for Windows bug to its Known Exploited Vulnerabilities catalog. Talos also discovered that APT41 created a custom loader to inject a proof-of-concept for CVE-2018-0824 directly into memory.

IT

IT Data structuring Cybersecurity Risk

CISA adds Zoho, Apache, Qualcomm, Mikrotik flaws to the list of actively exploited issues

Security Affairs

DECEMBER 2, 2021

Cybersecurity and Infrastructure Security Agency (CISA) has updated its catalog of actively exploited vulnerabilities recommending federal agencies to address the flaws in Qualcomm, Mikrotik, Zoho and the Apache Software Foundation software within specific timeframes and deadlines. Follow me on Twitter: @securityaffairs and Facebook.

Cybersecurity

Cybersecurity Authentication Security Risk

Ransomware hits US Fertility the largest US fertility network

Security Affairs

NOVEMBER 26, 2020

The US Fertility (USF) network is comprised of 55 locations across 10 states that completed almost 25,000 IVF cycles in 2018 through its clinics with 130,000 babies have been born. “On September 14, 2020, USF experienced an IT security event [.] Pierluigi Paganini. SecurityAffairs – hacking, data breach).

Ransomware

Ransomware Data breaches Encryption Security

Chinese APT Actors Target WeChat Users

Data Breach Today

OCTOBER 3, 2023

APT 41 Used Android, iOS Surveillance Malware to Target APAC Victims Since 2018 Security researchers linked a surveillance toolkit called LightSpy to Chinese threat group APT41, which has a history of using surveillance malware on iOS and Android devices.

Security

US, UK, and Australian agencies warn of top routinely exploited issues

Security Affairs

JULY 28, 2021

A joint report published by US, UK, and Australian cyber security agencies warns of the top routinely exploited vulnerabilities in 2020. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S.

Cybersecurity

Cybersecurity Cloud Security Information Security

Irish Data Protection Commission (DPC) fined Meta €251 million for a 2018 data breach

Increased GDPR Enforcement Highlights the Need for Data Security

Webinars

Trending Sources

Norway blames China-linked APT31 for 2018 government hack

Webinars

From 2018: DeepMasterPrints: deceive fingerprint recognition systems with MasterPrints generated with GANs

5 Early Indicators Your Embedded Analytics Will Fail

Report claims that Serbian authorities abused Cellebrite tool to install NoviSpy spyware

New Atrium Health data breach impacts 585,000 individuals

CERT-UA warns of cyber espionage against the Ukrainian defense industry using Dark Crystal RAT

T-Mobile is one of the victims of the massive Chinese breach of telecom firms

News Alert: Security Risk Advisors joins Microsoft Intelligent Security Association (MISA)

Security Firm COO Hacked Hospitals to Drum Up Business

At least 4,460 vulnerable Pulse Connect Secure hosts are exposed to the Internet

Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs

Can We Stop Pretending SMS Is Secure Now?

Old vulnerabilities in Cisco products actively exploited in the wild

Web Hacking Service ‘Araneida’ Tied to Turkish IT Firm

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

CISA adds JBoss RichFaces Framework flaw to its Known Exploited Vulnerabilities catalog

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Russian national extradited to US for trading on stolen Information

RansomEXX ransomware leaks files stolen from Italian luxury brand Zegna

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

Information of Air Canada employees exposed in recent cyberattack

Russia-linked threat actors targets critical infrastructure, US authorities warn

Windows Moriya rootkit used in highly targeted attacks

Fortinet warns of a spike in attacks against TBK DVR devices

EnemyBot malware adds new exploits to target CMS servers and Android devices

Experts found a macOS version of the sophisticated LightSpy spyware

A new Zerobot variant spreads by exploiting Apache flaws

Feds Warn Health Sector of TimisoaraHackerTeam Threats

John McAfee found dead in prison cell ahead of extradition to US

Crackonosh Monero miner made $2M after infecting 222,000 Win systems

CISA published 2021 Top 15 most exploited software vulnerabilities

A member of the FIN7 group was sentenced to 10 years in prison

MyBook Users Urged to Unplug Devices from Internet

Operation GhostShell: MalKamak APT targets aerospace and telco firms

Chinese threat actor exploits old ThinkPHP flaws since October 2023

CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog

CISA adds Microsoft COM for Windows bug to its Known Exploited Vulnerabilities catalog

CISA adds Zoho, Apache, Qualcomm, Mikrotik flaws to the list of actively exploited issues

Ransomware hits US Fertility the largest US fertility network

Chinese APT Actors Target WeChat Users

US, UK, and Australian agencies warn of top routinely exploited issues

Stay Connected