2007, Access and Security - Information Management Today

Patch Tuesday, May 2024 Edition

Krebs on Security

MAY 14, 2024

Microsoft today released updates to fix more than 60 security holes in Windows computers and supported software, including two “zero-day” vulnerabilities in Windows that are already being exploited in active attacks. Emerging in 2007 as a banking trojan, QakBot (a.k.a. Apple has just shipped macOS Sonoma 14.5

Libraries

Libraries Authentication Ransomware Security

Hackers Sell Access to Bait-and-Switch Empire

Krebs on Security

MARCH 4, 2019

Cybercriminals are auctioning off access to customer information stolen from an online data broker behind a dizzying array of bait-and-switch Web sites that sell access to a vast range of data on U.S. Willms’ various previous ventures reportedly extended far beyond selling access to public records.

Access

Access Marketing Passwords Risk

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Security Affairs

AUGUST 6, 2023

CDHE discovered the ransomware attack on June 19, 2023, it immediately launched an investigation into the security breach with the help of third-party specialists. The experts determined the threat actors had access to CDHE systems between June 11 and June 19, 2023 and copied data from the company systems during this time.

Education

Education Data breaches Ransomware Access

Webinars

Generative AI Deep Dive: Advancing from Proof of Concept to Production

MORE WEBINARS

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Krebs on Security

AUGUST 29, 2023

Emerging in 2007 as a banking trojan, QakBot (a.k.a. Don Alway , assistant director in charge of the FBI’s Los Angeles field office, said federal investigators gained access to an online panel that allowed cybercrooks to monitor and control the actions of the botnet. ” The DOJ said it also recovered more than 6.5

Ransomware

Ransomware Government Military Access

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Krebs on Security

JUNE 1, 2023

Megatraffer explained that malware purveyors need a certificate because many antivirus products will be far more interested in unsigned software, and because signed files downloaded from the Internet don’t tend to get blocked by security features built into modern web browsers. “Why do I need a certificate? ru in 2008.

Healthcare

Healthcare Passwords Sales Ransomware

Reddit discloses a data breach, a hacker accessed user data

Security Affairs

AUGUST 1, 2018

Reddit is warning its users of a security breach, an attacker broke into the systems of the platform and accessed user data. Reddit is warning its users of a security breach, a hacker broke into the systems of the platform and accessed user data. Reddit Warns Users of Data Breach. ” continues Reddit.

Data breaches

Data breaches Access Passwords Authentication

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

Security Affairs

APRIL 22, 2024

National Security Agency and Microsoft addressed it with the release of Microsoft October 2022 Patch Tuesday security updates. APT28 deployed GooseEgg to gain elevated access to target systems and steal credentials and sensitive information. The vulnerability CVE-2022-38028 was reported by the U.S.

Military

Military File names Education Phishing

NJ Man Hired Online to Firebomb, Shoot at Homes Gets 13 Years in Prison

Krebs on Security

OCTOBER 23, 2023

Police found a 2007 Lexus, driven by Patrick McGovern-Allen, 19, that had lost control and left the road, crashing into the eastern end of the 1600 building,” the story recounted. The car was driven through the steps that provide access to the second-floor apartments, destroying them, and also caused damage to the outer wall.”

Access

Access IT

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

Security Affairs

DECEMBER 5, 2023

It allows an attacker to provide covert, unauthorized access to email correspondence and was used after gaining access to email accounts through CVE-2023-23397 (Microsoft Outlook Vulnerability) or password-spraying.” ” reads trhe announcement published by DKWOC.

Military

Military Government Phishing Access

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Security Affairs

DECEMBER 17, 2021

VMware released security patches for a critical server-side request forgery (SSRF) vulnerability in Workspace ONE UEM console. An attacker with network access to UEM could exploit the vulnerability to access sensitive data in the management console. and above 2007 Workspace ONE UEM patch 20.7.0.17 and above. .”

Access

Access Authentication Cloud Security

Portnox Cloud: NAC Product Review

eSecurity Planet

APRIL 19, 2023

Portnox Cloud offers network access control (NAC) as a cloud-hosted SaaS solution that enables rapid deployment of basic NAC capabilities. To compare Portnox Cloud against competitors, see our complete list of top network access control (NAC) solutions. Who Is Portnox?

Cloud

Cloud Authentication IoT Access

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Krebs on Security

MARCH 10, 2020

FBI officials last week arrested a Russian computer security researcher on suspicion of operating deer.io , a vast marketplace for buying and selling stolen account credentials for thousands of popular online services and stores. Social Security Numbers, dates of birth, and victim addresses,” the indictment states.

Sales

Sales Passwords Authentication Security

Reddit locked Down accounts due to alleged security breach

Security Affairs

JANUARY 10, 2019

Reddit locked down a large number of user accounts after due to a security concern after detecting suspicious activity on them. . A large group of accounts were locked down due to a security concern. Some users reported that their accounts were locked down although the activity page shows they were the only ones accessing them.

Security

Security Passwords Data breaches Access

OWASP Names a New Top Vulnerability for First Time in Years

eSecurity Planet

SEPTEMBER 16, 2021

OWASP security researchers have updated the organization’s list of the ten most dangerous vulnerabilities – and the list has a new number one threat for the first time since 2007. The Open Web Application Security Project (OWASP) is a nonprofit foundation and an open community dedicated to security awareness.

Authentication

Authentication Access Security awareness Security

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

Krebs on Security

JULY 1, 2021

Intuit says the change is tied to an “exciting” and “free” new service that will let millions of small business employees get easy access to employment and income verification services when they wish to apply for a loan or line of credit. a data broker acquired by Equifax in 2007.

Financial Services

Financial Services Government Authentication IT

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

Security Affairs

APRIL 19, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. “Weak SNMP community strings, including the default “public,” allowed APT28 to gain access to router information.

Military

Military Access Cybersecurity Education

LockBit Ransomware operators hit Swiss helicopter maker Kopter

Security Affairs

DECEMBER 6, 2020

Kopter Group is Switzerland-based company that was founded in 2007 that was acquired by Leonardo in April 2020. LockBit ransomware operators told ZDNet that they have accessed the network of the helicopter maker via a VPN appliance that was poorly protected. Source ZDNet. ” reported ZDNet. Pierluigi Paganini.

Ransomware

Ransomware Encryption Authentication Passwords

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Krebs on Security

SEPTEMBER 17, 2020

Security firm FireEye dubbed that hacking blitz “one of the broadest campaigns by a Chinese cyber espionage actor we have observed in recent years.” Security analysts and U.S. ” At the time of story, DaiLin was 28 years old.

Government

Government Mining Big data Phishing

Russian cybercriminal Aleksandr Brovko sentenced to 8 years in jail

Security Affairs

NOVEMBER 3, 2020

For over a decade, Brovko participated in a scheme to gain access to Americans’ personal and financial information, causing more than $100 million in intended loss,” said Acting Assistant Attorney General Brian C. Brovko was involved in the illegal practice between 2007 and 2019. ” reads the press release published by the DoJ.

Data collection

Data collection Access Security IT

News Alert: Flexxon selects a Chief Technology Strategist, signals intent to expand into the US

The Last Watchdog

JUNE 26, 2023

. “Based on the strong value proposition and impact of Flexxon’s hardware-based solutions, I look forward to driving the adoption of this novel approach and supporting management, partners and customers in making this transition towards a safer and more secure digital footprint for businesses, governments and individuals globally.”

Cybersecurity

Cybersecurity Marketing Communications Government

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Security Affairs

DECEMBER 7, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , BlueDelta, and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Military

Military Government Phishing Authentication

Threat actors scan Internet for Vulnerable Microsoft Exchange Servers

Security Affairs

FEBRUARY 27, 2020

Security experts Simon Zuckerbraun from Zero Day Initiative published technical details on how to exploit the Microsoft Exchange CVE-2020-0688 along with a video PoC. ” Now the popular security researcher Kevin Beaumont reported mass scanning for the CVE-2020-0688 (Microsoft Exchange 2007+ RCE vulnerability).

Authentication

Authentication Data breaches Communications Access

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

Security Affairs

APRIL 30, 2023

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The group was involved also in the string of attacks that targeted 2016 Presidential election.

Systems administration

Systems administration Military Phishing Government

China-linked Winnti APT steals intellectual property from companies worldwide

Security Affairs

MAY 4, 2022

Winnti (aka APT41 , Axiom, Barium , Blackfly) is a cyberespionage group that has been active since at least 2007. One of the characteristics of this campaign is the abuse of the Windows CLFS mechanism and NTFS transaction manipulations to conceal their malicious payloads and evade detection by security solutions. Pierluigi Paganini.

Manufacturing

Manufacturing Archiving Cybersecurity Access

BEST PRACTICES: Why pursuing sound ‘data governance’ can be a cybersecurity multiplier

The Last Watchdog

APRIL 1, 2020

And by doing this housekeeping – i.e. by improving their data governance practices — companies can reap higher efficiencies, while also tightening data security. Lahiri Lahiri points out that it costs four times as much to access data stored in an AWS S3 bucket than it does to keep the data stored in that same S3 bucket.

Government

Government Cybersecurity Archiving Access

NEW TECH: DataLocker extends products, services to encrypt data on portable storage devices

The Last Watchdog

MAY 8, 2019

Launched as a one-man operation in 2007, DataLocker has grown into a leading manufacturer of encrypted external drives, thumb drives, flash drives and self-encrypting, recordable CDs and DVDs. This allows data to remain secure, no matter where it is stored and prevents data compromise if the external hard drive device is lost or stolen.

Encryption

Encryption Cloud Access Manufacturing

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

The Last Watchdog

JULY 30, 2018

Co-founder Jay took a business trip to South Korea in the fall of 2007. All the user needs is a strong password to access to the data. But in certain cases the cloud is not readily accessible. You need to rely on external storage to securely transport your data. Park: Any industry that requires security.

Encryption

Encryption Military Passwords Authentication

UK ICO fines Facebook with maximum for Cambridge Analytica scandal

Security Affairs

OCTOBER 25, 2018

” Social network giant announced it is reviewing the ICO’s penalty and is asking to access Cambridge Analytica servers to analyze data they collected. “Now that their investigation is complete, we are hopeful that the ICO will now let us have access to CA servers so that we are able to audit the data they received.”

GDPR

GDPR Access Privacy Security

Mutagen Astronomy Linux Kernel vulnerability affects Red Hat, CentOS, and Debian distros

Security Affairs

SEPTEMBER 26, 2018

Security researchers have discovered a new integer overflow vulnerability in Linux Kernel, dubbed Mutagen Astronomy, that affects Red Hat, CentOS, and Debian Distributions. The vulnerability could be exploited by an unprivileged user to gain superuser access to the targeted system. Security Affairs – Linux, hacking ).

Access

Access Security IT

China-linked APT41 group targets Hong Kong with Spyder Loader

Security Affairs

OCTOBER 18, 2022

Winnti (aka APT41 , Axiom, Barium , Blackfly) is a cyberespionage group that has been active since at least 2007. Once gained access to the target network, threat actors used Mimikatz to harvest credentials and used it for lateral movement. exe for the execution of the malware loader. ” continues the report.

File names

File names Encryption Manufacturing Libraries

FBI and NSA joint report details APT28’s Linux malware Drovorub

Security Affairs

AUGUST 13, 2020

The FBI and NSA have published a joint security alert containing technical details about a new piece of Linux malware, tracked as Drovorub , allegedly employed by Russia-linked the APT28 group. The post FBI and NSA joint report details APT28’s Linux malware Drovorub appeared first on Security Affairs. Pierluigi Paganini.

Military

Military IoT Phishing Government

China-linked APT41 group spotted using open-source red teaming tool GC2

Security Affairs

APRIL 17, 2023

The APT41 group, aka Winnti , Axiom, Barium , Blackfly, HOODOO) is a China-linked cyberespionage group that has been active since at least 2007. The attack took place in October 2022, threat actors sent phishing emails that contained links to a password-protected file hosted in Drive.

Phishing

Phishing Cloud Government Education

Canadian Police Raid ‘Orcus RAT’ Author

Krebs on Security

APRIL 2, 2019

Its author maintains Orcus is a legitimate R emote A dministration T ool that is merely being abused, but security experts say it includes multiple features more typically seen in malware known as a R emote A ccess T rojan. Tips from international private cyber security firms triggered the investigation.”.

Marketing

Marketing Passwords Systems administration Access

NON-STATE ACTORS IN THE CYBERSPACE: AN ATTEMPT TO A TAXONOMIC CLASSIFICATION, ROLE, IMPACT AND RELATIONS WITH A STATE’S SOCIOECONOMIC STRUCTURE

Security Affairs

JUNE 28, 2022

For this reason, the behavior of each actor in the cyber arena is becoming a national security concern for every government. Looking back at 2007, Estonia fell victim to a powerful cyber-attack that shut down government services, telecommunications, and banks in the country. Follow me on Twitter: @securityaffairs and Facebook.

Paper

Paper Military Government IT

ICO Fines International Airline Cathay Pacific GBP 500,000 (Maximum Available) for Failing to Secure Customers’ Personal Data

Hunton Privacy

MARCH 5, 2020

On March 4, 2020, the UK Information Commissioner’s Office (“ICO”) fined the international airline Cathay Pacific Airways Limited (“Cathay Pacific”) £500,000 for failing to protect the security of its customers’ personal data. There have been no confirmed cases evidencing the misuse of personal data accessed by the attackers.

Personal data

Personal data Security Authentication Access

Microsoft disrupted APT28 attacks on Ukraine through a court order

Security Affairs

APRIL 8, 2022

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The post Microsoft disrupted APT28 attacks on Ukraine through a court order appeared first on Security Affairs.

Military

Military Government Phishing Security

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Security Affairs

MARCH 20, 2020

According to security researchers from Trend Micro, the Russia-linked APT28 cyberespionage group has been scanning vulnerable email servers for more than a year. The post Russia-linked APT28 has been scanning vulnerable email servers in the last year appeared first on Security Affairs. ” concludes the report. Pierluigi Paganini.

Phishing

Phishing Military Government Passwords

Reddit Breach Highlights Limits of SMS-Based Authentication

Krebs on Security

AUGUST 1, 2018

What’s interesting about the incident is that it showcases once again why relying on mobile text messages (SMS) for two-factor authentication (2FA) can lull companies and end users into a false sense of security. SECURITY KEYS. Probably the most secure form of 2FA available involves the use of hardware-based security keys.

Authentication

Authentication Passwords Phishing Data breaches

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Security Affairs

FEBRUARY 25, 2021

The backdoor is able to bypass network segmentation and access restricted networks. “We observed how they overcame network segmentation by gaining access to an internal router machine and configuring it as a proxy server, allowing them to exfiltrate stolen data from the intranet network to their remote server. .”

Encryption

Encryption Access Phishing Passwords

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

Security Affairs

DECEMBER 10, 2020

The APT28 group (aka Fancy Bear , Pawn Storm , Sofacy Group , Sednit , and STRONTIUM ) has been active since at least 2007 and it has targeted governments, militaries, and security organizations worldwide. The lure was delivered as part of a Virtual Hard Drive (VHD) file that could be accessed only by Windows 10 users.

Phishing

Phishing Healthcare Military Data collection

North Korea-linked Lazarus APT targets the IT supply chain

Security Affairs

OCTOBER 27, 2021

This threat actor has been active since at least 2009, possibly as early as 2007, and it was involved in both cyber espionage campaigns and sabotage activities aimed to destroy data and disrupt systems. Cybersecurity and Infrastructure Security Agency (CISA) in August 2020. ” reads the report published by Kaspersky.

IT

IT Systems administration Military Cybersecurity

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

For years, security experts — and indeed, many top cybercriminals in the Spamit affiliate program — have expressed the belief that Sal and Icamis were likely the same person using two different identities. He is currently housed in a federal prison in Michigan, serving the final stretch of a 60-month sentence. w s, icamis[.]ru

Computer and Electronics

Computer and Electronics Passwords Sales Government

Sophos linked Entropy ransomware to Dridex malware. Are both linked to Evil Corp?

Security Affairs

FEBRUARY 23, 2022

. “A pair of incidents at different organizations in which attackers deployed a ransomware called Entropy were preceded by infections with tools that provided the attackers with remote access — Cobalt Strike beacons and Dridex malware — on some of the targets’ computers, before the attackers launched the ransomware.”

Ransomware

Ransomware Encryption IT Government

Lazarus malware delivered to South Korean users via supply chain attacks

Security Affairs

NOVEMBER 16, 2020

North Korea-linked Lazarus APT group is behind new campaigns against South Korean supply chains that leverage stolen security certificates. . Security experts from ESET reported that North-Korea-linked Lazarus APT (aka HIDDEN COBRA ) is behind cyber campaigns targeting South Korean supply chains.

Financial Services

Financial Services Phishing Government Security

Patch Tuesday, May 2024 Edition

Hackers Sell Access to Bait-and-Switch Empire

Webinars

Trending Sources

Colorado Department of Higher Education (CDHE) discloses data breach after ransomware attack

Webinars

U.S. Hacks QakBot, Quietly Removes Botnet Infections

Ask Fitis, the Bear: Real Crooks Sign Their Malware

Reddit discloses a data breach, a hacker accessed user data

Russia-linked APT28 used post-compromise tool GooseEgg to exploit CVE-2022-38028 Windows flaw

NJ Man Hired Online to Firebomb, Shoot at Homes Gets 13 Years in Prison

Russia-linked APT28 group spotted exploiting Outlook flaw to hijack MS Exchange accounts

VMware fixes critical SSRF flaw in Workspace ONE UEM Console

Portnox Cloud: NAC Product Review

FBI Arrests Alleged Owner of Deer.io, a Top Broker of Stolen Accounts

Reddit locked Down accounts due to alleged security breach

OWASP Names a New Top Vulnerability for First Time in Years

Intuit to Share Payroll Data from 1.4M Small Businesses With Equifax

US and UK agencies warn of Russia-linked APT28 exploiting Cisco router flaws

LockBit Ransomware operators hit Swiss helicopter maker Kopter

Chinese Antivirus Firm Was Part of APT41 ‘Supply Chain’ Attack

Russian cybercriminal Aleksandr Brovko sentenced to 8 years in jail

News Alert: Flexxon selects a Chief Technology Strategist, signals intent to expand into the US

Russia-linked APT8 exploited Outlook zero-day to target European NATO members

Threat actors scan Internet for Vulnerable Microsoft Exchange Servers

Russia-linked APT28 uses fake Windows Update instructions to target Ukraine govt bodies

China-linked Winnti APT steals intellectual property from companies worldwide

BEST PRACTICES: Why pursuing sound ‘data governance’ can be a cybersecurity multiplier

NEW TECH: DataLocker extends products, services to encrypt data on portable storage devices

NEW TECH: DataLocker introduces encrypted flash drive — with key pad

UK ICO fines Facebook with maximum for Cambridge Analytica scandal

Mutagen Astronomy Linux Kernel vulnerability affects Red Hat, CentOS, and Debian distros

China-linked APT41 group targets Hong Kong with Spyder Loader

FBI and NSA joint report details APT28’s Linux malware Drovorub

China-linked APT41 group spotted using open-source red teaming tool GC2

Canadian Police Raid ‘Orcus RAT’ Author

NON-STATE ACTORS IN THE CYBERSPACE: AN ATTEMPT TO A TAXONOMIC CLASSIFICATION, ROLE, IMPACT AND RELATIONS WITH A STATE’S SOCIOECONOMIC STRUCTURE

ICO Fines International Airline Cathay Pacific GBP 500,000 (Maximum Available) for Failing to Secure Customers’ Personal Data

Microsoft disrupted APT28 attacks on Ukraine through a court order

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Reddit Breach Highlights Limits of SMS-Based Authentication

North Korea-linked Lazarus APT targets defense industry with ThreatNeedle backdoor

Russia-linked APT28 uses COVID-19 lures to deliver Zebrocy malware

North Korea-linked Lazarus APT targets the IT supply chain

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Sophos linked Entropy ransomware to Dridex malware. Are both linked to Evil Corp?

Lazarus malware delivered to South Korean users via supply chain attacks

Stay Connected