2018 and Security - Information Management Today

Norway blames China-linked APT31 for 2018 government hack

Security Affairs

JUNE 20, 2021

Norway police secret service states said that China-linked APT31 group was behind the 2018 cyberattack on the government’s IT network. Norway’s Police Security Service (PST) said that the China-linked APT31 cyberespionage group was behind the attack that breached the government’s IT network in 2018. Pierluigi Paganini.

Government

Government Access Passwords Cloud

Threat actor has been targeting the aviation industry since at least 2018

Security Affairs

SEPTEMBER 18, 2021

Security researchers from the Cisco Talos team uncovered a spear-phishing campaign targeting the aviation industry for two years avoiding detection. Security researchers from Cisco Talos uncovered a spear-phishing campaign targeting, dubbed Operation Layover, that targeted the aviation industry for two years without being detected.

Phishing

Phishing Marketing Security Risk

From 2018: DeepMasterPrints: deceive fingerprint recognition systems with MasterPrints generated with GANs

Security Affairs

AUGUST 18, 2024

This highlights the significant security risks posed by using small, low-resolution fingerprint sensors. The technique is effective across different fingerprint matchers and datasets and has potential applications in both security and computational creativity research. false match rate, and up to 77% at a 1% false match rate.

Risk

Risk Security Information Security IT

Webinars

How to Achieve High-Accuracy Results When Using LLMs

MORE WEBINARS

Security Firm COO Charged in Attack on Medical Center

Data Breach Today

JUNE 11, 2021

Experts Say Odd Case Offers Forewarning to Others The chief operating officer of a network security firm serving the healthcare sector has been charged by federal prosecutors with crimes stemming from an alleged cyberattack on an Atlanta, Georgia-area medical center in 2018.

Security

5 Early Indicators Your Embedded Analytics Will Fail

Many application teams leave embedded analytics to languish until something—an unhappy customer, plummeting revenue, a spike in customer churn—demands change. But by then, it may be too late. In this White Paper, Logi Analytics has identified 5 tell-tale signs your project is moving from “nice to have” to “needed yesterday.".

Analytics

Security Firm COO Hacked Hospitals to Drum Up Business

Data Breach Today

NOVEMBER 17, 2023

Atlanta Man Pleads Guilty, Is Ordered to Pay $818,000 Restitution, May Avoid Prison The chief operating officer of an Atlanta-based cybersecurity firm has pleaded guilty and agreed to pay restitution of more than $818,000 in a federal criminal case in which he admitted hacking a Georgia medical center in 2018 in an effort to drum up business for his (..)

Security

Security Cybersecurity

At least 4,460 vulnerable Pulse Connect Secure hosts are exposed to the Internet

Security Affairs

DECEMBER 10, 2022

Censys researchers warn of more than 4,000 vulnerable Pulse Connect Secure hosts exposed to the Internet. Pulse Connect Secure is a widely-deployed SSL VPN solution for remote and mobile users, for this reason, it is a target of attacks by multiple threat actors. ” reads the post published by Censys. Pierluigi Paganini.

Security

Security IT Information Security

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Security Affairs

AUGUST 27, 2020

Cybersecurity experts at CyberNews hijacked close to 28,000 unsecured printers worldwide and forced them to print out a guide on printer security. Most of us already know the importance of using antivirus , anti-malware, and VPNs to secure our computers, phones, and other devices against potential attacks. Original post: [link].

Security

Security IoT Passwords Manufacturing

Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs

Security Affairs

NOVEMBER 22, 2020

Researchers from Bank Security first reported the availability of the list of 49,577 IPs vulnerable to Fortinet SSL VPN CVE-2018-13379. link] — Bank Security (@Bank_Security) November 20, 2020. The post Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs appeared first on Security Affairs.

Government

Government Ransomware Access Cybersecurity

Can We Stop Pretending SMS Is Secure Now?

Krebs on Security

MARCH 16, 2021

SMS text messages were already the weakest link securing just about anything online, mainly because there are tens of thousands of employees at mobile stores who can be tricked or bribed into swapping control over a mobile phone number to someone else. “Regulators really need to get involved.” ” WHAT CAN YOU DO?

Security

Security Passwords Authentication Communications

Old vulnerabilities in Cisco products actively exploited in the wild

Security Affairs

DECEMBER 19, 2022

Cisco has updated multiple security advisories to warn of the active exploitation of several old vulnerabilities impacting its products. Organizations are recommended to review the Cisco’s advisories and apply security patches released by the company. Follow me on Twitter: @securityaffairs and Facebook and Mastodon.

Security

Security Access IT Information Security

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

Security Affairs

NOVEMBER 1, 2021

Positive Technologies researchers Vladimir Kononovich and Alexey Stennikov have discovered security flaws Wincor Cineo ATMs that could be exploited to bypass Black-Box attack protections and withdraw cash. The vulnerabilities discovered by the security duo impacts the Wincor Cineo ATMs with the RM3 and CMD-V5 dispensers. score of 6.8.

Encryption

Encryption Manufacturing Authentication Security

CISA adds JBoss RichFaces Framework flaw to its Known Exploited Vulnerabilities catalog

Security Affairs

SEPTEMBER 28, 2023

US CISA added the flaw CVE-2018-14667 in Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the critical flaw CVE-2018-14667 (CVSS score 9.8) The vulnerability was discovered by the security researcher Joao Filho Matos Figueiredo.

IT

IT Cybersecurity Risk Security

UK ICO fines hotel chain giant Marriott over data breach

Security Affairs

NOVEMBER 2, 2020

The UK Information Commissioner’s Office fined US hotels group Marriott over the 2018 data breach that affected millions of customers worldwide. million) for multiple data breaches suffered by the company since 2018 that exposed the personal information of its customers. million ($23.5 Pierluigi Paganini.

Data breaches

Data breaches Personal data GDPR Encryption

Russian national extradited to US for trading on stolen Information

Security Affairs

DECEMBER 21, 2021

The man was arrested in Switzerland on March 21, 2021, along with four other accomplices he conspired to gain unauthorized access to computers and to commit wire fraud and securities fraud. Securities and Exchange Commission (SEC).” national securities exchanges to purchase or sell the securities of those companies.

Military

Military Passwords Security Access

RansomEXX ransomware leaks files stolen from Italian luxury brand Zegna

Security Affairs

AUGUST 6, 2021

As of 2018, Ermenegildo Zegna operated 480 retail stores (267 of which company-owned) across the world. The revenge of the company was €1.159 billion as 2018. The RansomEXX gang has been active since 2018 under the name Defray, in June 2020 the group rebranded as RansomEXX. Follow me on Twitter: @securityaffairs and Facebook.

Ransomware

Ransomware Archiving Retail Manufacturing

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Security Affairs

OCTOBER 29, 2020

The FBI, the DHS’s Cybersecurity and Infrastructure Security Agency (CISA), and the Department of Health and Human Services (HHS) has issued a joint alert to warn hospitals and healthcare providers of imminent ransomware attacks from Russia. Ryuk first appeared in the threat landscape in August 2018 as a derivative of the Hermes 2.1

Ransomware

Ransomware IoT Sales Communications

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

Krebs on Security

JULY 21, 2023

Many things have changed since 2018, such as the names of the companies in the Fortune 100 list. But one aspect of that vaunted list that hasn’t shifted much since is that very few of these companies list any security professionals within their top executive ranks.

Security

Security Risk Insurance Cybersecurity

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

Security Affairs

MARCH 2, 2024

from April 29, 2018, to May 10, 2020). Security experts have detected and analyzed some of the tools in its arsenal, such as the popular Pegasus spyware (for iOS) and Chrysaor (for Android). “The The recent court ruling is an important milestone in our long-running goal of protecting WhatsApp users against unlawful attacks. .

IT

IT Government Security Information Security

Information of Air Canada employees exposed in recent cyberattack

Security Affairs

SEPTEMBER 22, 2023

The carrier confirmed that its systems are fully operational, it also announced it has implemented further security measures with the help of leading global cyber security experts. The Canadian Centre for Cyber Security published an alert warning of a Distributed Denial of Service campaign targeting multiple Canadian sectors.

Data breaches

Data breaches Access Government Security

Windows Moriya rootkit used in highly targeted attacks

Security Affairs

MAY 6, 2021

Kaspersky experts who uncovered the threat speculate the attacks are likely part of an ongoing espionage campaign dubbed TunnelSnake that has been active since at least 2018. One of the tools employed in the attack was formerly used by APT1, experts estimated that the threat actor first compromised the target network in early 2018.

Security

Security Access IT Cybersecurity

Russia-linked threat actors targets critical infrastructure, US authorities warn

Security Affairs

JANUARY 12, 2022

US Cybersecurity and Infrastructure Security Agency (CISA), the Federal Bureau of Investigation (FBI), and the National Security Agency (NSA) issued a joint alert to warn critical infrastructure operators about threats from Russian state-sponsored hackers. ” reads the joint alert. Pierluigi Paganini. Pierluigi Paganini.

Cybersecurity

Cybersecurity Risk Phishing Government

A new Zerobot variant spreads by exploiting Apache flaws

Security Affairs

DECEMBER 22, 2022

The Go-based botnet spreads by exploiting two dozen security vulnerabilities in the internet of things (IoT) devices and other applications. the malware operators have removed CVE-2018-12613, a phpMyAdmin vulnerability that could allow threat actors to view or execute files. Adopt a comprehensive IoT security solution.

IoT

IoT Passwords Access Security

Fortinet warns of a spike in attacks against TBK DVR devices

Security Affairs

MAY 2, 2023

Threat actors are attempting to exploit a five-year-old authentication bypass issue, tracked as CVE-2018-9995 (CVSS score of 9.8), in TBK DVR devices. The CVE-2018-9995 flaw is due to an error when handling a maliciously crafted HTTP cookie. At this time, the vendor has yet to release security patches to address the flaw.

Authentication

Authentication Retail Education Marketing

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

The first version of the bot exploits tens of known vulnerabilities including: CVE-2020-17456 vulnerability affecting SEOWON INTECH SLC-130 and SLR-120S routers; CVE-2018-10823 flaw an older D-Link routers (DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, DWR-111 through 1.01).

CMS

CMS IoT Security Passwords

Experts found a macOS version of the sophisticated LightSpy spyware

Security Affairs

MAY 30, 2024

ThreatFabric observed threat actors using two publicly available exploits (CVE-2018-4233, CVE-2018-4404) to deliver macOS implants. The experts noticed that a portion of the CVE-2018-4404 exploit is likely borrowed from the Metasploit framework. The flaw resides in WebKit and impacts macOS version 10.13.3

Access

Access Authentication Communications IT

A member of the FIN7 group was sentenced to 10 years in prison

Security Affairs

APRIL 18, 2021

Hladyr was sentenced in the Western District of Washington, he was arrested in Dresden, Germany, in 2018, at the request of U.S. Hladyr was charged in 2018 with two other FIN7 members , Dmytro Fedorov and Andrii Kopakov , also Ukrainian nationals. In late June 2018, foreign authorities arrested Andrii Kolpakov in Lepe, Spain.

Systems administration

Systems administration Encryption Communications Security

John McAfee found dead in prison cell ahead of extradition to US

Security Affairs

JUNE 23, 2021

The authorities claim that the McAfee failed to file tax returns for incomes related to a period between 2014 and 2018. From 2014 to 2018, McAfee allegedly failed to file tax returns, despite receiving considerable income from these sources.” reads the press release published by DoJ. Follow me on Twitter: @securityaffairs and Facebook.

Cybersecurity

Cybersecurity Security IT Information Security

Crackonosh Monero miner made $2M after infecting 222,000 Win systems

Security Affairs

JUNE 27, 2021

Later the experts discovered that Crackonosh was also able to disable antivirus software from other major security vendors to avoid detection, including Windows Defender and Windows Update. Adaware Bitdefender Escan F-secure Kaspersky Mcafee (scanner only) Norton Panda. Follow me on Twitter: @securityaffairs and Facebook.

Mining

Mining File names Security IT

Feds Warn Health Sector of TimisoaraHackerTeam Threats

Data Breach Today

JUNE 19, 2023

HHS says the group was discovered by security researchers in 2018. HHS Says 'Obscure' Group Has Resurfaced, Hitting a Cancer Center Federal authorities are warning healthcare and public health sector entities of an apparent resurgence of TimisoaraHackerTeam after an attack in recent weeks by the obscure ransomware group on a U.S.

Ransomware

Ransomware Security

Chinese threat actor exploits old ThinkPHP flaws since October 2023

Security Affairs

JUNE 7, 2024

Akamai observed a Chinese-speaking group exploiting two flaws, tracked as CVE-2018-20062 and CVE-2019-9082, in ThinkPHP applications. Akamai researchers observed a Chinese threat actor exploiting two old remote code execution vulnerabilities, tracked as CVE-2018-20062 and CVE-2019-9082 , in ThinkPHP.

File names

File names Passwords Access Cloud

CISA adds Microsoft COM for Windows bug to its Known Exploited Vulnerabilities catalog

Security Affairs

AUGUST 6, 2024

Cybersecurity and Infrastructure Security Agency (CISA) adds a Microsoft COM for Windows bug to its Known Exploited Vulnerabilities catalog. Talos also discovered that APT41 created a custom loader to inject a proof-of-concept for CVE-2018-0824 directly into memory.

IT

IT Data structuring Cybersecurity Risk

Operation GhostShell: MalKamak APT targets aerospace and telco firms

Security Affairs

OCTOBER 7, 2021

The threat actors have been targeting the above industries since at least 2018. “Assessments as to the identity of the operators and authors of ShellClient resulted in the identification of a new Iranian threat actor dubbed MalKamak that has operated since at least 2018 and remained publicly unknown thus far.”

Military

Military Cloud IT Access

CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog

Security Affairs

MAY 25, 2022

US Critical Infrastructure Security Agency (CISA) adds 41 new vulnerabilities to its Known Exploited Vulnerabilities Catalog. Other issues impact Google, Mozilla, Facebook, Adobe, and Webkit GTK software products, the vulnerabilities range from 2018 to 2021. To nominate, please visit:?. Pierluigi Paganini.

IT

IT Cybersecurity Security Risk

MyBook Users Urged to Unplug Devices from Internet

Krebs on Security

JUNE 25, 2021

” Western Digital’s brief advisory includes a link to an entry in the National Vulnerability Database for CVE-2018-18472. Examine the CVE attached to this flaw and you’ll notice it was issued in 2018. We are actively investigating the issue and will provide an updated advisory when we have more information.”

Access

Access Marketing IT

CISA adds Zoho, Apache, Qualcomm, Mikrotik flaws to the list of actively exploited issues

Security Affairs

DECEMBER 2, 2021

Cybersecurity and Infrastructure Security Agency (CISA) has updated its catalog of actively exploited vulnerabilities recommending federal agencies to address the flaws in Qualcomm, Mikrotik, Zoho and the Apache Software Foundation software within specific timeframes and deadlines. Follow me on Twitter: @securityaffairs and Facebook.

Cybersecurity

Cybersecurity Authentication Security Risk

Ransomware hits US Fertility the largest US fertility network

Security Affairs

NOVEMBER 26, 2020

The US Fertility (USF) network is comprised of 55 locations across 10 states that completed almost 25,000 IVF cycles in 2018 through its clinics with 130,000 babies have been born. “On September 14, 2020, USF experienced an IT security event [.] Pierluigi Paganini. SecurityAffairs – hacking, data breach).

Ransomware

Ransomware Data breaches Encryption Security

China-linked APT uses a new backdoor in attacks at Russian defense contractor

Security Affairs

APRIL 30, 2021

The weaponized RTF documents generated with the exploit builder are able to trigger the CVE-2017-11882 , CVE-2018-0798 , CVE-2018-0802 vulnerabilities in Microsoft’s Equation Editor. ” The report published by the experts also includes MITRE ATT&CK Matrix, researchers could contact the security firm for IoCs.

Phishing

Phishing Encryption Security IT

US, UK, and Australian agencies warn of top routinely exploited issues

Security Affairs

JULY 28, 2021

A joint report published by US, UK, and Australian cyber security agencies warns of the top routinely exploited vulnerabilities in 2020. Cybersecurity and Infrastructure Security Agency (CISA), the Australian Cyber Security Centre (ACSC), the United Kingdom’s National Cyber Security Centre (NCSC), and the U.S.

Cybersecurity

Cybersecurity Cloud Security Information Security

Chinese APT Actors Target WeChat Users

Data Breach Today

OCTOBER 3, 2023

APT 41 Used Android, iOS Surveillance Malware to Target APAC Victims Since 2018 Security researchers linked a surveillance toolkit called LightSpy to Chinese threat group APT41, which has a history of using surveillance malware on iOS and Android devices.

Security

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

Security Affairs

OCTOBER 12, 2020

The Federal Bureau of Investigation (FBI) and the Cybersecurity and Infrastructure Security Agency (CISA) published a joint security alert to warn of attackers combining VPN and Windows Zerologon flaws to target government networks. ” reads the report. ” continues the alert. . ” continues the alert.

Government

Government Authentication Access Risk

India Calls for Stricter Actions Against Cybercriminals

Data Breach Today

JULY 12, 2022

Home Affairs Minister Seeks to Tackle Financial Fraud, Boost Security Stance Indian Home Affairs Minister Amit Shah called for stricter action against cybercriminals, vowing that the central and state governments will collaborate on a strategy to tamp down financial fraud.

Government

Government Security

WhatsApp fined €225M over GDPR issues

Security Affairs

SEPTEMBER 5, 2021

The DPC’s investigation commenced on 10 December 2018 and it examined whether WhatsApp has discharged its GDPR transparency obligations with regard to the provision of information and the transparency of that information to both users and non-users of WhatsApp’s service. said WhatsApp. Follow me on Twitter: @securityaffairs and Facebook.

GDPR

GDPR Compliance IT Security

Remotely hack a Mercedes-Benz E-Class is possible, experts demonstrated

Security Affairs

AUGUST 8, 2020

The research began in 2018 and in August 2019, the experts reported their findings to Daimler, which owns the Mercedes-Benz. In December 2019, the carmaker announced a partnership with the 360 Group to strengthen car IT security for the industry. We analyze the security of Mercedes-Benz cars. ” the paper concluded.

Paper

Paper Access Passwords Authentication

Norway blames China-linked APT31 for 2018 government hack

Threat actor has been targeting the aviation industry since at least 2018

Webinars

Trending Sources

From 2018: DeepMasterPrints: deceive fingerprint recognition systems with MasterPrints generated with GANs

Webinars

Security Firm COO Charged in Attack on Medical Center

5 Early Indicators Your Embedded Analytics Will Fail

Security Firm COO Hacked Hospitals to Drum Up Business

At least 4,460 vulnerable Pulse Connect Secure hosts are exposed to the Internet

Experts hacked 28,000 unsecured printers to raise awareness of printer security issues

Threat actor shared a list of 49,577 IPs vulnerable Fortinet VPNs

Can We Stop Pretending SMS Is Secure Now?

Old vulnerabilities in Cisco products actively exploited in the wild

How to hack Wincor Cineo ATMs to bypass black-box attack protections and withdraw cash

CISA adds JBoss RichFaces Framework flaw to its Known Exploited Vulnerabilities catalog

UK ICO fines hotel chain giant Marriott over data breach

Russian national extradited to US for trading on stolen Information

RansomEXX ransomware leaks files stolen from Italian luxury brand Zegna

FBI, CISA alert warns of imminent ransomware attacks on healthcare sector

Few Fortune 100 Firms List Security Pros in Their Executive Ranks

U.S. Judge ordered NSO Group to hand over the Pegasus spyware code to WhatsApp

Information of Air Canada employees exposed in recent cyberattack

Windows Moriya rootkit used in highly targeted attacks

Russia-linked threat actors targets critical infrastructure, US authorities warn

A new Zerobot variant spreads by exploiting Apache flaws

Fortinet warns of a spike in attacks against TBK DVR devices

EnemyBot malware adds new exploits to target CMS servers and Android devices

Experts found a macOS version of the sophisticated LightSpy spyware

A member of the FIN7 group was sentenced to 10 years in prison

John McAfee found dead in prison cell ahead of extradition to US

Crackonosh Monero miner made $2M after infecting 222,000 Win systems

Feds Warn Health Sector of TimisoaraHackerTeam Threats

Chinese threat actor exploits old ThinkPHP flaws since October 2023

CISA adds Microsoft COM for Windows bug to its Known Exploited Vulnerabilities catalog

Operation GhostShell: MalKamak APT targets aerospace and telco firms

CISA adds 41 flaws to its Known Exploited Vulnerabilities Catalog

MyBook Users Urged to Unplug Devices from Internet

CISA adds Zoho, Apache, Qualcomm, Mikrotik flaws to the list of actively exploited issues

Ransomware hits US Fertility the largest US fertility network

China-linked APT uses a new backdoor in attacks at Russian defense contractor

US, UK, and Australian agencies warn of top routinely exploited issues

Chinese APT Actors Target WeChat Users

APT groups chain VPN and Windows Zerologon bugs to attack US government networks

India Calls for Stricter Actions Against Cybercriminals

WhatsApp fined €225M over GDPR issues

Remotely hack a Mercedes-Benz E-Class is possible, experts demonstrated

Stay Connected