CVE-2009-1152

Microsoft Targets Threat Group Behind Fake Accounts - Microsoft seized parts of the infrastructure of a prolific Vietnam-based threat group that the IT giant said was responsible for creating as many as 750 million fraudulent Microsoft accounts that were then sold to other bad actors and used to launch ...
1 year ago Securityboulevard.com APT29 Scattered Spider

Microsoft Disrupts Cybercrime Service That Created 750 Million Fraudulent Accounts - Microsoft on Wednesday announced the disruption of Storm-1152, a cybercrime-as-a-service ecosystem that created 750 million fraudulent Microsoft accounts in support of phishing, identity theft, and other schemes. The CaaS is believed to have made ...
1 year ago Securityweek.com Scattered Spider

Microsoft Shuts Down a Criminal Ring Responsible for Creating Over 750 Million Fake Accounts - Microsoft Corp. has shut down a cybercrime group's US-based infrastructure, which created more than 750 million fake accounts across the company's services. Microsoft carried out the takedown with the support of Arkose Labs Inc., a venture-backed ...
1 year ago Cysecurity.news Scattered Spider

Cybercrime operation that sold millions of fraudulent Microsoft accounts disrupted - Microsoft disrupted an alleged threat actor group that built viable cybercrime-as-a-service businesses. Dubbed Storm-1152 by Microsoft, the group bilked enterprises and consumers globally out of millions of dollars. Cybercrime-as-a-service is a model ...
1 year ago Helpnetsecurity.com

Unveiling Storm-1152: A Top Creator of Fake Microsoft Accounts - The Digital Crimes Unit of Microsoft disrupted a major supplier of cybercrime-as-a-service last week, dubbed Storm-1152. The attackers had registered over 750 million fake Microsoft accounts, which they planned to sell online to other cybercriminals, ...
1 year ago Cysecurity.news Scattered Spider

CVE-2009-3403 - Unspecified vulnerability in the JRockit component in BEA Product Suite R27.6.4: JRE/JDK, 1.4.2, 5, and, and 6 allows remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this issue subsumes ...
12 years ago

Microsoft Targets Prolific Outlook Fraudster Storm-1152 - Storm-1152 has made millions from the creation of an estimated 750 million fraudulent Microsoft accounts that play a key role in the cybercrime ecosystem, the Redmond giant said. As part of its disruption efforts, Microsoft obtained a court order to ...
1 year ago Infosecurity-magazine.com

Microsoft's Digital Crime Unit Goes Deep on How It Disrupts Cybercrime - Governments and the tech industry around the world have been scrambling in recent years to curb the rise of online scamming and cybercrime. Even with progress on digital defenses, enforcement, and deterrence, the ransomware attacks, business email ...
1 year ago Wired.com

How Microsoft's cybercrime unit has evolved to combat increased threats - Governments and the tech industry around the world have been scrambling in recent years to curb the rise of online scamming and cybercrime. Even with progress on digital defenses, enforcement, and deterrence, the ransomware attacks, business email ...
1 year ago Packetstormsecurity.com

Millions of Microsoft Accounts Power Lattice of Automated Cyberattacks - Microsoft's Digital Crimes Unit last week disrupted a prolific cybercrime-as-a-service purveyor that it calls Storm-1152, which registered more than 750 million fraudulent Microsoft accounts to sell online to other cybercriminals - raking in millions ...
1 year ago Darkreading.com Scattered Spider

CVE-2010-0079 - Multiple vulnerabilities in the JRockit component in BEA Product Suite R27.6.5 using JRE/JDK 1.4.2, 5, and 6 allow remote attackers to affect confidentiality, integrity, and availability via unknown vectors. NOTE: this CVE identifier overlaps ...
12 years ago

CyberCrime & Doing Time: Vietnam's Massive CAPTCHA crackers vs. Microsoft DCU - In part, the article discusses MS-DCU's case against the hackers that they call Storm-1152. According to DCU, Storm-1152 used their CAPTCHA-cracking capabilities to assist other criminals in the massive creation of Microsoft email accounts, such as ...
1 year ago Garwarner.blogspot.com

Microsoft seizes domains used to sell fraudulent Outlook accounts - Microsoft's Digital Crimes Unit seized multiple domains used by a Vietnam-based cybercrime group that registered over 750 million fraudulent accounts and raked in millions of dollars by selling them online to other cybercriminals. According to ...
1 year ago Bleepingcomputer.com

Microsoft takes down websites used to create 750 million fraudulent accounts - Microsoft seized certain websites run by a Vietnam-based group that created roughly 750 million fraudulent Microsoft accounts after the software maker received a court order a week ago from the Southern District of New York. Posting to its blog Dec. ...
1 year ago Packetstormsecurity.com

Top 7 seven Cyber Attack news headlines trending on Google - MongoDB Inc., a platform specializing in document-oriented storage, has officially disclosed falling victim to a cyber attack on December 13, 2023. This breach potentially allowed hackers to gain unauthorized access to information stored in the ...
1 year ago Cybersecurity-insiders.com Snatch Hunters

Vietnam's Massive CAPTCHA crackers vs. Microsoft DCU - In part, the article discusses MS-DCU's case against the hackers that they call Storm-1152. According to DCU, Storm-1152 used their CAPTCHA-cracking capabilities to assist other criminals in the massive creation of Microsoft email accounts, such as ...
1 year ago Securityboulevard.com

CVE-2009-3239 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-2139, CVE-2009-2140. Reason: This candidate is a duplicate of CVE-2009-2139 and CVE-2009-2140. Notes: All CVE users should reference CVE-2009-2139 and CVE-2009-2140 instead of ...
55 years ago Tenable.com

CVE-2009-4212 - Multiple integer underflows in the (1) AES and (2) RC4 decryption functionality in the crypto library in MIT Kerberos 5 (aka krb5) 1.3 through 1.6.3, and 1.7 before 1.7.1, allow remote attackers to cause a denial of service (daemon crash) or possibly ...
5 years ago

CVE-2011-1625 - Cisco IOS 12.2, 12.3, 12.4, 15.0, and 15.1, when the data-link switching (DLSw) feature is configured, allows remote attackers to cause a denial of service (device crash) by sending a sequence of malformed packets and leveraging a "narrow timing ...
13 years ago

CVE-2009-1152 - Siemens Gigaset SE461 WiMAX router 1.5-BL024.9.6401, and possibly other versions, allows remote attackers to cause a denial of service (device restart and loss of configuration) by connecting to TCP port 53, then closing the connection. ...
7 years ago

CVE-2009-0795 - Rejected reason: DO NOT USE THIS CANDIDATE NUMBER. ConsultIDs: CVE-2009-0796, CVE-2009-1265. Reason: this candidate was intended for one issue, but a typo caused it to be associated with a different issue. Notes: All CVE users should consult ...
55 years ago Tenable.com

CVE-2009-4778 - Multiple unspecified vulnerabilities in the PDF distiller in the Attachment Service component in Research In Motion (RIM) BlackBerry Enterprise Server (BES) software 4.1.3 through 4.1.7 and 5.0.0, and BlackBerry Professional Software 4.1.4, allow ...
15 years ago

CVE-2009-0888 - Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via ...
15 years ago

CVE-2009-0889 - Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via ...
15 years ago

CVE-2009-0511 - Heap-based buffer overflow in the JBIG2 filter in Adobe Reader 7 and Acrobat 7 before 7.1.3, Adobe Reader 8 and Acrobat 8 before 8.1.6, and Adobe Reader 9 and Acrobat 9 before 9.1.2 might allow remote attackers to execute arbitrary code via ...
15 years ago