Security Affairs

JUNE 7, 2024

Akamai observed a Chinese-speaking group exploiting two flaws, tracked as CVE-2018-20062 and CVE-2019-9082, in ThinkPHP applications. Akamai researchers observed a Chinese threat actor exploiting two old remote code execution vulnerabilities, tracked as CVE-2018-20062 and CVE-2019-9082 , in ThinkPHP.

File names 345

File names Passwords Access Cloud 345

Data Breach Today

OCTOBER 4, 2024

Nonprofit Group Hit 3 Times in 3 Weeks in 2018, Affecting PHI of 85,000 Patients Federal regulators have hit a California physician services organization with a $240,000 HIPAA civil penalty following an investigation into three ransomware attacks that occurred within a three-week span in early 2018, compromising the sensitive information of 85,000 (..)

Ransomware 289

Ransomware 289

Security Affairs

MARCH 20, 2025

DCRat first appeared in the threat landscape in 2018, but a year later it was redesigned and relaunched. The use of popular instant messaging apps on both mobile and desktop devices broadens the attack surface, creating uncontrolled information exchange channels that bypass security measures.

Computer and Electronics 266

Computer and Electronics Archiving Passwords Government 266

Data Breach Today

NOVEMBER 10, 2020

Investigators Find Encryption, Monitoring, Logging and Whitelisting Failures Inadequate database and privileged account monitoring, incomplete multi-factor authentication and insufficient use of encryption: Britain's privacy regulator has cited a raft of failures that contributed to the four-year breach of the Starwood guest reservation system discovered (..)

Cybersecurity 363

Cybersecurity Encryption Authentication Privacy 363

Security Affairs

DECEMBER 6, 2024

In November 2018, Hospital network Atrium Health suffered another data breach , hackers accessed patients’ personal information after compromising the technology solutions provider AccuDoc. Affected individuals were notified in September.

Data breaches 280

Data breaches Access Phishing Privacy 280

Security Affairs

DECEMBER 19, 2022

CVE-2018-0125 (CVSS score of 9.8) – A vulnerability in the web interface of the Cisco RV132W ADSL2+ Wireless-N VPN and RV134W VDSL2 Wireless-AC VPN Routers could allow an unauthenticated, remote attacker to execute arbitrary code and gain full control of an affected system, including issuing commands with root privileges. .

Security 363

Security Access IT Information Security 363

Security Affairs

NOVEMBER 1, 2021

A research published by Positive Technologies in 2018 revealed that 69 percent of ATMs were vulnerable to such attacks and could be easily hacked in a few minutes. The two vulnerabilities, tracked as CVE-2018-9099 and CVE-2018-9100 , resides in the firmware of the CMD-V5 dispenser and RM3/CRS dispenser respectively.

Encryption 343

Encryption Manufacturing Authentication Security 343

Security Affairs

SEPTEMBER 28, 2023

US CISA added the flaw CVE-2018-14667 in Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities catalog. US Cybersecurity and Infrastructure Security Agency (CISA) added the critical flaw CVE-2018-14667 (CVSS score 9.8) affecting Red Hat JBoss RichFaces Framework to its Known Exploited Vulnerabilities Catalog.

IT 338

IT Cybersecurity Risk Security 338

Security Affairs

DECEMBER 16, 2024

Development traces back to at least 2018. At this time, the origin of NoviSpy remains unclear. It may have been developed internally by Serbian authorities or purchased from a third party surveillance vendor. ” continues the report.

Personal data 264

Personal data Encryption Security Privacy 264

Security Affairs

JUNE 17, 2024

Two men, Thomas Pavey (aka “Dopenugget”) and Raheim Hamilton (aka “Sydney” and “Zero Angel”), have been charged in federal court in Chicago for operating the dark web marketplace “ Empire Market ” from 2018 to 2020. 1, 2018, the indictment states.” District Court in Chicago.”

Marketing 327

Marketing Access IT Information Security 327

Data Breach Today

NOVEMBER 17, 2023

Atlanta Man Pleads Guilty, Is Ordered to Pay $818,000 Restitution, May Avoid Prison The chief operating officer of an Atlanta-based cybersecurity firm has pleaded guilty and agreed to pay restitution of more than $818,000 in a federal criminal case in which he admitted hacking a Georgia medical center in 2018 in an effort to drum up business for his (..)

Security 333

Security Cybersecurity 333

Data Breach Today

AUGUST 17, 2021

Cybercrime experts say the attackers apparently involved have been tied to previous telecommunications-targeting crime since at least 2018.

Personal data 325

Personal data Communications Access IT 325

Security Affairs

OCTOBER 7, 2021

The threat actors have been targeting the above industries since at least 2018. “Assessments as to the identity of the operators and authors of ShellClient resulted in the identification of a new Iranian threat actor dubbed MalKamak that has operated since at least 2018 and remained publicly unknown thus far.”

Military 357

Military Cloud IT Access 357

Security Affairs

MAY 2, 2023

Threat actors are attempting to exploit a five-year-old authentication bypass issue, tracked as CVE-2018-9995 (CVSS score of 9.8), in TBK DVR devices. The CVE-2018-9995 flaw is due to an error when handling a maliciously crafted HTTP cookie. At this time, the vendor has yet to release security patches to address the flaw.

Authentication 246

Authentication Retail Education Marketing 246

Security Affairs

MARCH 2, 2024

from April 29, 2018, to May 10, 2020). In September 2018, a report published by Citizen Lab revealed that the NSO Pegasus spyware was used against targets across 45 countries worldwide. In September 2018, a report published by Citizen Lab revealed that the NSO Pegasus spyware was used against targets across 45 countries worldwide.

IT 360

IT Government Security Information Security 360

Data Breach Today

JUNE 19, 2023

HHS says the group was discovered by security researchers in 2018. HHS Says 'Obscure' Group Has Resurfaced, Hitting a Cancer Center Federal authorities are warning healthcare and public health sector entities of an apparent resurgence of TimisoaraHackerTeam after an attack in recent weeks by the obscure ransomware group on a U.S.

Ransomware 312

Ransomware Security 312

Security Affairs

MAY 6, 2021

Kaspersky experts who uncovered the threat speculate the attacks are likely part of an ongoing espionage campaign dubbed TunnelSnake that has been active since at least 2018. One of the tools employed in the attack was formerly used by APT1, experts estimated that the threat actor first compromised the target network in early 2018.

Security 356

Security Access IT Cybersecurity 356

Krebs on Security

DECEMBER 19, 2024

But a review of this Araneida nickname on the cybercrime forums shows they have been active in the criminal hacking scene since at least 2018. That user, “ Exorn ,” has posts dating back to August 2018. THE TURKISH CONNECTION Silent Push notes that the website where Araneida is being sold — araneida[.]co

IT 232

IT Data breaches Cloud Passwords 232

Data Breach Today

JANUARY 12, 2024

The fine of 746 million euros stems from a 2018 complaint by French privacy group La Quadrature du Net.

Privacy 305

Privacy IT 305

Security Affairs

DECEMBER 4, 2023

. — Microsoft Threat Intelligence (@MsftSecIntel) December 1, 2023 DanaBot is a multi-stage modular banking Trojan written in Delphi that first appeared on the threat landscape in 2018. The malware implements a modular structure that allows operators to support new functionalities by adding new plug-ins.

Ransomware 350

Ransomware Access IT Information Security 350

Data Breach Today

OCTOBER 3, 2023

APT 41 Used Android, iOS Surveillance Malware to Target APAC Victims Since 2018 Security researchers linked a surveillance toolkit called LightSpy to Chinese threat group APT41, which has a history of using surveillance malware on iOS and Android devices.

Security 297

Security 297

Security Affairs

DECEMBER 21, 2021

Ivan Yermakov worked for the Russian Military Unit 26165 and was indicted by the US DoJ in October 2018, along six other defendants working for the Russian Main Intelligence Directorate ( GRU ), for hacking, wire fraud, identity theft, and money laundering. For the latter service, the men were keeping for them up to 60% of the profit.

Military 317

Military Passwords Security Access 317

Data Breach Today

JULY 12, 2022

Crime statistics collected by New Delhi show reported cybercrimes nearly doubling from 2018 to 2020.

Government 295

Government Security 295

Security Affairs

MAY 6, 2024

” In July 2018, a Greek lower court agreed to extradite Vinnik to France to face charges of hacking, money laundering , extortion, and involvement in organized crime. French authorities accused Vinnik of defrauding more than 100 people in six French cities between 2016 and 2018.

Computer and Electronics 331

Computer and Electronics Ransomware Marketing IT 331

Data Breach Today

NOVEMBER 7, 2023

The alleged reshipping scheme operated between 2013 and 2018 while the three defendants lived in Russia. Alleged Operators of Russian Cyber Fraud Scheme Are Indicted U.S. federal prosecutors unsealed an indictment against three foreign nationals for allegedly participating in a $48 million fraud scheme.

286

286

Security Affairs

JUNE 6, 2021

The documents generated by the tool exploit a set of vulnerabilities in Microsoft Word’s Equation Editor, including CVE-2017-11882 , CVE-2018-0798 , and CVE-2018-0802. . Despite the fact that these vulnerabilities are few years old, they are still used by multiple attack groups, and especially popular with Chinese APT groups.

Phishing 361

Phishing Encryption Government Access 361

Security Affairs

OCTOBER 29, 2020

Ryuk first appeared in the threat landscape in August 2018 as a derivative of the Hermes 2.1 ransomware, that was first spotted in late 2017 and was available for sale on the open market as of August 2018. Several groups of experts linked both TrickBot and Ryuk threats to cybercrime gangs operating out of Russia.

Ransomware 364

Ransomware IoT Sales Communications 364

Security Affairs

MAY 30, 2022

The first version of the bot exploits tens of known vulnerabilities including: CVE-2020-17456 vulnerability affecting SEOWON INTECH SLC-130 and SLR-120S routers; CVE-2018-10823 flaw an older D-Link routers (DWR-116 through 1.06, DWR-512 through 2.02, DWR-712 through 2.02, DWR-912 through 2.02, DWR-921 through 2.02, DWR-111 through 1.01).

CMS 363

CMS IoT Security Passwords 363

Security Affairs

AUGUST 6, 2024

Cybersecurity and Infrastructure Security Agency (CISA) added a deserialization of untrusted data vulnerability in Microsoft COM for Windows, tracked as CVE-2018-0824 (CVSS score of 7.5), to its Known Exploited Vulnerabilities (KEV) catalog. The threat actors used a remote code execution vulnerability to achieve local privilege escalation.

IT 317

IT Data structuring Cybersecurity Risk 317

Schneier on Security

OCTOBER 31, 2024

Way back in 2018, people noticed that you could find secret military bases using data published by the Strava fitness app. Soldiers and other military personal were using them to track their runs, and you could look at the public data and find places where there should be no people running. Six years later, the problem remains.

Military 130

Military Data Privacy Privacy 130

Security Affairs

APRIL 18, 2021

Hladyr was sentenced in the Western District of Washington, he was arrested in Dresden, Germany, in 2018, at the request of U.S. Hladyr was charged in 2018 with two other FIN7 members , Dmytro Fedorov and Andrii Kopakov , also Ukrainian nationals. In late June 2018, foreign authorities arrested Andrii Kolpakov in Lepe, Spain.

Systems administration 345

Systems administration Encryption Communications Security 345

Data Breach Today

OCTOBER 14, 2022

million by the New York state attorney general for multiple failings tied to a massive 2018 data breach, including substandard password security as well as failing to alert users or force password resets in a timely manner.

Retail 270

Retail Passwords Data breaches Personal data 270

Security Affairs

DECEMBER 22, 2022

the malware operators have removed CVE-2018-12613, a phpMyAdmin vulnerability that could allow threat actors to view or execute files. . “Since the release of Zerobot 1.1, ” reads the analysis published by Microsoft.

IoT 320

IoT Passwords Access Security 320

Security Affairs

SEPTEMBER 22, 2023

In August 2018, Air Canada suffered another data breach. 22-24, 2018, it added that financial data was protected, but invited to remain vigilant for fraudulent credit card transactions. The company announced that the security incident may have affected 20,000 customers (1%) of its 1.7 million mobile app users.

Data breaches 348

Data breaches Access Government Security 348

Security Affairs

NOVEMBER 18, 2024

In 2018, data breach exposed personal information of up to 2 million customers. In March 2020, threat actors gained access to T-Mobile customers and employee personal info. In 2019, T-Mobile disclosed data breach affecting prepaid wireless customers.

Data breaches 283

Data breaches Communications Artificial Intelligence Government 283

Security Affairs

NOVEMBER 11, 2021

Beta, D6220, D6400, D7000 CVE-2018-10561, CVE-2018-10562 GPON home routers CVE-2013-3307 Linksys X3000 1.0.03 CVE-2018-10088 XiongMai uc-httpd 1.0.0 Ax with firmware 1.04b12 and earlier CVE-2016-1555 Netgear WN604 before 3.3.3 and WN802Tv2, WNAP210v2, WNAP320, WNDAP350, WNDAP360, and WNDAP660 before 3.5.5.0 A2pvI042j1.d26m

IoT 353

IoT Communications IT Security 353