2013, Accountability, Information Security and Social Engineering

Misconfigured WBSC server leaks thousands of passports

Security Affairs

SEPTEMBER 29, 2023

The WBSC, headquartered in Switzerland, was established in 2013 and currently has 141 countries as members located in Asia, Africa, the Americas, Europe, and Oceania. Malicious actors can use stolen information to engage in fraudulent activities like opening bank accounts, applying for loans, and executing other types of fraud.

Identity Theft

Identity Theft Social Engineering Banking Risk

3 of the Worst Data Breaches in the World That Could Have Been Prevented

Security Affairs

DECEMBER 1, 2022

In 2013, Yahoo suffered one of the worst data breaches in history, exposing over 3 billion user accounts. While no plaintext passwords or financial data was stolen, the hack did expose answers to security questions. This allowed hackers to breach many user accounts. Organizations must have a robust password policy.

Data breaches

Data breaches Passwords Social Engineering Encryption

Kimsuky APT poses as journalists and broadcast writers in its attacks

Security Affairs

JUNE 3, 2023

Kimsuky cyberespionage group (aka ARCHIPELAGO, Black Banshee, Thallium , Velvet Chollima, APT43 ) was first spotted by Kaspersky researcher in 2013. At the end of October 2020, the US-CERT published a report on Kimusky’s recent activities that provided information on their TTPs and infrastructure.

Social Engineering

Social Engineering Phishing System Administration Engineering

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

350 million decrypted email addresses left exposed on an unsecured server

Security Affairs

AUGUST 27, 2020

Screenshot from the latest forum discussion about RepWatch in 2013: The CSV files appear to have included the same set of 350 million unique emails, separated into three groups: hashed, hashed and salted, and unencrypted files. Enable two-factor authentication (2FA) for as many of your online accounts as possible. Pierluigi Paganini.

Social Engineering

Social Engineering Passwords Marketing Phishing

Charming Kitten Campaign involved new impersonation methods

Security Affairs

OCTOBER 13, 2019

Security experts at ClearSky analyzed attacks recently uncovered by Microsoft that targeted a US presidential candidate, government officials, journalists, and prominent expatriate Iranians. Impersonating social media websites, such as Facebook, Twitter and Instagram, as well as using these social media to spread malicious links.

Media

Media Social Engineering Phishing Advertising

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Fifteen years after the launch of the microblogging social media platform, Twitter remains a dominant public forum for instant communication with individuals and organizations worldwide on a universe of topics, including #cybersecurity. Read more: Top IT Asset Management Tools for Security. Jeremiah Grossman | @jeremiahg.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Phishing: What Everyone in Your Organization Needs to Know

NopSec

FEBRUARY 15, 2017

How Phishing Works: Social Engineering The term “phishing” is broadly defined as sending an email that falsely claims to be from a legitimate organization. All of them rely on social engineering, a term that describes methods of deception used to coerce a victim into giving up valuable information.

Phishing

Phishing Social Engineering Engineering Healthcare

Iran-linked APT42 is behind over 30 espionage attacks

Security Affairs

SEPTEMBER 11, 2022

APT42’s TTPs overlap with another Iran-linked APT group tracked as APT35 (aka ‘ Charming Kitten ‘, ‘ Phosphorus ‘, Newscaster , and Ajax Security Team) which made the headlines in 2014 when experts at iSight issued a report describing the most elaborate net-based spying campaign organized by Iranian hackers using social media.

Surveillance

Surveillance Social Engineering Phishing Government

The Hacker Mind Podcast: Bug Bounty Hunters

ForAllSecure

NOVEMBER 13, 2020

Vamosi: Like a lot of us, information security wasn’t necessarily our first line of work. Fortunately I was covering security for ZDNet from day one, and eventually got pretty good at explaining infosec to others. I started in journalism. If you're not having a sponsor to pay for you to go. So I saved a lot of money to go.

Hacking

Hacking InfoSec Internet Internet

The Hacker Mind Podcast: Bug Bounty Hunters

ForAllSecure

NOVEMBER 12, 2020

Vamosi: Like a lot of us, information security wasn’t necessarily our first line of work. Fortunately I was covering security for ZDNet from day one, and eventually got pretty good at explaining infosec to others. I started in journalism. If you're not having a sponsor to pay for you to go. So I saved a lot of money to go.

Hacking

Hacking InfoSec Internet Internet

The Hacker Mind Podcast: Bug Bounty Hunters

ForAllSecure

NOVEMBER 12, 2020

Vamosi: Like a lot of us, information security wasn’t necessarily our first line of work. Fortunately I was covering security for ZDNet from day one, and eventually got pretty good at explaining infosec to others. I started in journalism. If you're not having a sponsor to pay for you to go. So I saved a lot of money to go.

Hacking

Hacking InfoSec Internet Internet

Cyber Security Informer

Misconfigured WBSC server leaks thousands of passports

3 of the Worst Data Breaches in the World That Could Have Been Prevented

Webinars

Trending Sources

Kimsuky APT poses as journalists and broadcast writers in its attacks

Webinars

350 million decrypted email addresses left exposed on an unsecured server

Charming Kitten Campaign involved new impersonation methods

Top Cybersecurity Accounts to Follow on Twitter

Phishing: What Everyone in Your Organization Needs to Know

Iran-linked APT42 is behind over 30 espionage attacks

The Hacker Mind Podcast: Bug Bounty Hunters

The Hacker Mind Podcast: Bug Bounty Hunters

The Hacker Mind Podcast: Bug Bounty Hunters

Stay Connected