2014, Accountability, Information Security and Internet

Reading the 2019 Internet Crime Complaint Center (IC3) report

Security Affairs

FEBRUARY 12, 2020

The FBI’s Internal Crime Complaint Center (IC3) released the FBI 2019 Internet Crime Report , a document that outlines cybercrime trends over the past year. Here we are to analyze the annual FBI 2019 Internet Crime Complaint Center (IC3) , one of the most interesting documents on the crime trends observed in the last 12 months.

Internet

Internet Internet Scams Cybercrime

Europol seized 30,506 Internet domain names for IP Infringement

Security Affairs

DECEMBER 2, 2019

Europol announced another success in the fight against cybercrime, the agency shut down 30,506 Internet domain names for distributing counterfeit and pirated items. Europol announced the shutdown of 30,506 Internet domain names for distributing counterfeit and pirated items as part of the ‘In Our Sites’ (IOS) operation launched in 2014.

Internet

Internet Internet Advertising Cybercrime

TroyStealer – A new info stealer targeting Portuguese Internet users

Security Affairs

JUNE 13, 2020

There seems to be a new stealer in town called #TroyStealer , targeting Portuguese internet users EXE: [link] Exfil email address: domionhuby@gmail.com Has anyone seen this threat before? /cc The message sent in the email template is related to problems with the victim’s bank account. on Twitter, and targeting Portuguese users.

Internet

Internet Internet Malware Banking

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

GoDaddy discloses a data breach, web hosting account credentials exposed

Security Affairs

MAY 5, 2020

GoDaddy has been notifying its customers of a data breach, threat actors might have compromised their web hosting account credentials. GoDaddy has been notifying its customers of a data breach, attackers might have compromised users’ web hosting account credentials. ” reads the data breach notice submitted by the company.

Data breaches

Data breaches Accountability Advertising Internet

Experts warn of massive internet scans for SAP systems affected by RECON Vulnerability

Security Affairs

JULY 18, 2020

Hackers have been scanning the Internet for SAP systems affected by RECON vulnerability, researchers from Bad Packets warn. Researchers from Bad Packets reported that threat actors have been scanning the Internet for SAP systems affected by RECON vulnerability , , tracked as CVE-2020-6287. Pierluigi Paganini. Pierluigi Paganini.

Internet

Internet Internet Advertising Accountability

Interview With a Crypto Scam Investment Spammer

Krebs on Security

MAY 22, 2023

Social networks are constantly battling inauthentic bot accounts that send direct messages to users promoting scam cryptocurrency investment platforms. Chaput said that at one point last week the volume of bot accounts being registered for the crypto spam campaign started overwhelming the servers that handle new signups at Mastodon.social.

Scams

Scams DDOS Cryptocurrency Accountability

Slickwraps discloses data leak that impacted 850,000 user accounts

Security Affairs

FEBRUARY 24, 2020

Slickwraps has disclosed a data breach that impacted over 850,000 user accounts, data were accidentally exposed due to security vulnerabilities. Lynx0x00’s Medium and Twitter accounts have mysteriously vanished but, fortunately, the Internet never truly forgets. ” reported Slashgear. Pierluigi Paganini.

Accountability

Accountability Data breaches Passwords Advertising

INTERNET BLOCKING IN MYANMAR – SECRET BLOCK LIST AND NO MEANS TO APPEAL

Security Affairs

AUGUST 10, 2020

The mail account hostmaster@urlblocked.pw, published as contact details in DNS, bounces all incoming mails. Blocking without accountability. There are several aspects of the Internet blocking in Myanmar that raise questions. Circumvention of Internet blocking. A month later, no response has been provided.

Internet

Internet Internet Telecommunications DNS

538 Million Weibo users’ records being sold on Dark Web

Security Affairs

MARCH 23, 2020

107 million records include personal data and basic account information such as the user ID, number of Weibo tweets, number of followers and accounts users are following, account gender, geographic location and more. “Internet users found that 538 million Weibo user records are being sold on dark web marketplace.

Accountability

Accountability Passwords Advertising Internet

Parents’ Guide for Safe YouTube and Internet Streaming for Kids

Security Affairs

JULY 10, 2019

Worse, the Internet, the rise of smartphones, and the culture of social media allow us to access these things from anywhere. Fortunately, there are options available to parents when it comes to controlling YouTube and Internet access. Netflix supports kid-focused user accounts to block adult-only shows. Shockingly, 1 in 5 U.S.

Internet

Internet Internet Media Accountability

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

KrebsOnSecurity has learned that the owner of Defiant Tech, a 32-year-old Ontario man named Jordan Evan Bloom , was hired in late 2014 as a developer for the marital infidelity site AshleyMadison.com. LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals.

Hacking

Hacking Accountability Data breaches Marketing

UberEats data leaked on the dark web

Security Affairs

AUGUST 4, 2020

UberEats is an American online food ordering and delivery platform launched by Uber in 2014. “During our research process, the Cyble Research Team got hold of some informative details related to this leak.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Banking

Banking Data breaches Mobile Advertising

CVE-2019-19781 Citrix flaw exposes 80,000 companies at risk

Security Affairs

DECEMBER 23, 2019

“If that vulnerability is exploited, attackers obtain direct access to the company’s local network from the Internet. This attack does not require access to any accounts, and therefore can be performed by any external attacker.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Risk

Risk Technology Advertising Internet

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Security Affairs

MARCH 20, 2020

The nation-state hackers are scanning the entire internet, in search of vulnerable webmail and Microsoft Exchange Autodiscover servers that expose TCP ports 445 and 1433. Trend Micro investigated waves of the APT28’s targeted credential phishing attacks and collected thousands of email samples sent out by the group since 2014.

Phishing

Phishing Accountability Advertising DNS

Hackers exploit SQL injection zero-day issue in Sophos firewall

Security Affairs

APRIL 26, 2020

The data for any specific firewall depends upon the specific configuration and may include usernames and hashed passwords for the local device admin(s), portal admins, and user accounts used for remote access.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Firewall

Firewall Passwords Accountability Advertising

FBI shuts down the Russian-based hacker platform DEER.IO

Security Affairs

MARCH 26, 2020

which is a Shopify-like platform that has been hosting hundreds of online shops used for the sale of hacked accounts and stolen user data. store used by hackers to offer for sale thousands of compromised accounts, including gamer accounts and PII files containing user names, passwords, U.S. appeared first on Security Affairs.

Cybercrime

Cybercrime Advertising Hacking Accountability

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Security Affairs

OCTOBER 6, 2021

Agent Tesla , first discovered in late 2014, is an extremely popular “malware-as-a-service” Remote Access Trojan (RAT) tool used by threat actors to steal information such as credentials, keystrokes, clipboard data and other information from its operators’ targets. Los Angeles-based Resecurity, Inc.

Cyber threats

Cyber threats Engineering Financial Services Malware

Hundreds of female sports stars and celebrities have their naked photos and videos leaked online

Security Affairs

NOVEMBER 22, 2020

The attack took place in the same hours as hackers hit Manchester United and brings us back to mind the Fappening cases that exposed online cache of nude photos and videos of celebrities back in 2014. ” “It can take years to pursue, just to get it taken down from the internet. ” reported The Times. .”

Authentication

Authentication Passwords Hacking Internet

Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data

Security Affairs

JULY 10, 2020

Two security researchers have found undocumented Telnet admin account accounts in 29 FTTH devices from Chinese vendor C-Data. Two security researchers have discovered undocumented Telnet admin account accounts in 29 Fiber-To-The-Home (FTTH) devices from Chinese vendor C-Data.

Firmware

Firmware Accountability Advertising Manufacturing

US DoJ wants the funds stored by North Korea in 280 BTC and ETH

Security Affairs

AUGUST 30, 2020

US DoJ filed a civil forfeiture complaint to seize 280 Bitcoin (BTC) and Ethereum (ETH) accounts containing funds allegedly stolen by North Korea-linked hackers. ” The analysis of the blockchain allowed the US officials to follow the stolen funds from two hacked exchange back to the 280 crypto-currency accounts.

Cryptocurrency

Cryptocurrency Hacking Advertising Accountability

Hacker who disrupted Sony gaming gets a 27-months jail sentence

Security Affairs

JULY 4, 2019

The hacker who brought offline with massive DDoS attacks online gaming networks between December 2013 and January 2014 has been sentenced to 27 months in prison. Austin Thompson (23) from Utah hit the principal gamins networks in 2013 and 2014, including Sony Online Entertainment. ” reads the press release published by DoJ.

DDOS

DDOS Computers and Electronics Advertising Internet

Operation DisrupTor: police arrested 179 vendors engaged in the sale of illicit good

Security Affairs

SEPTEMBER 22, 2020

The Tor-based marketplace had more than one million registered accounts, more than 5,000 registered sellers and more than 60,000 sales offers. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. .”

Cybercrime

Cybercrime Advertising Marketing Internet

Data for 600K customers of U.S. fitness chains Town Sports leaked online

Security Affairs

SEPTEMBER 23, 2020

The database containing personal information of over 600,000 clients of the US fitness chain Town Sports was exposed on the Internet. US fitness chain Town Sports has suffered a data breach, a database belonging to the company containing the personal information of over 600,000 people was exposed on the Internet.

Data breaches

Data breaches Phishing Passwords Advertising

CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group

Security Affairs

JUNE 23, 2020

. “The current data leak includes snapshots of highly sensitive bank-related documents of the company such as account transaction details, vouchers, letters sent to bank managers, and much more.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking Ransomware Banking Mobile

Data of 21 million Mixcloud users available for sale on the dark web

Security Affairs

DECEMBER 1, 2019

The hack took place in early November and exposed data for more than 20 million user accounts. The hacker access to users’ data, including usernames , email addresses, SHA-2 hashed passwords, account sign-up dates and country, the last-login date, the internet (IP) address, and links to profile photos. Pierluigi Paganini.

Data breaches

Data breaches Passwords Advertising Hacking

Hackers leak data on hundreds of German Politicians, including Chancellor Merkel

Security Affairs

JANUARY 4, 2019

The data were leaked online via the Twitter account “G0d” (@_0rbit) that has been suspended. “The Twitter account @_0rbit published the links daily in the style of an advent calendar, with each entry representing a “door”, behind which was a link to new information.” ” reported France24.?. .

Social Engineering

Social Engineering Advertising Government Accountability

Security Affairs newsletter Round 242

Security Affairs

DECEMBER 1, 2019

Every week the best security articles from Security Affairs free for you in your email box. Iran – Government blocks Internet access in response to the protests. Facebook and Twitter warn of malicious SDK harvesting personal data from its accounts. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Ransomware Cryptocurrency Government

CISA says federal agency compromised by malicious cyber actor

Security Affairs

SEPTEMBER 25, 2020

The threat actors initially leveraged compromised credentials for Microsoft Office 365 (O365) accounts, domain administrator accounts, and credentials for the agency’s Pulse Secure VPN server. “First the threat actor logged into a user’s O365 account from Internet Protocol (IP) address 91.219.236[.]166

VPN

VPN Malware Cyber threats Accountability

Voter information for 4,934,863 Georgians leaked online

Security Affairs

MARCH 30, 2020

In August 2019, voter information of more than 14.3 million Chileans, which accounts for nearly 80% of the population, was exposed on the internet due to an unsecured Elasticsearch database. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Data breaches

Data breaches Advertising Government Hacking

Over 100 irrigation systems left exposed online without protection

Security Affairs

OCTOBER 27, 2020

The ICC PRO systems were deployed with default factory settings, which don’t have a password for the default user’s account. To worsen the situation, experts pointed out that it is quite simple to search for these devices exposed on the Internet by using IoT search engines like Shodan. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks IoT Advertising Passwords

Attunity data leak: Netflix, Ford, TD Bank data exposed by Open AWS Buckets

Security Affairs

JUNE 29, 2019

“Backups of employees’ OneDrive accounts were also present and spanned the wide range of information that employees need to perform their jobs: email correspondence, system passwords, sales and marketing contact information, project specifications, and more.” ” reads the post published by Upguard.

Banking

Banking Backups Big data Advertising

A study reveals the list of worst passwords of 2019

Security Affairs

DECEMBER 16, 2019

Over 2019, security experts reported several data breaches that affected billions of internet users, for example, the popular Collections #1-5 alone contained exposed 3 billion records. With data breaches becoming so commonplace, internet users need to step up their cybersecurity game. Adopt a password generator.

Passwords

Passwords Data breaches Password Management Advertising

Microsoft released an out-of-band patch to fix Zero-day flaw exploited in the wild

Security Affairs

SEPTEMBER 24, 2019

Microsoft released an out-of-band patch to address a Zero-day memory corruption vulnerability in Internet Explorer that has been exploited in attacks in the wild. Microsoft has released an out-of-band patch for an Internet Explorer zero-day vulnerability that was exploited in attacks in the wild. Pierluigi Paganini.

Internet

Internet Internet Engineering Advertising

Belarusian authorities seized XakFor, one of the largest Russian-speaking hacker sites

Security Affairs

SEPTEMBER 8, 2019

Ministry of Internal Affairs announced that Belarusian police have seized and shutdown XakFor, one of the largest hacking forums on the internet. According to Belarusian authorities, XakFor had more than 28,000 registered accounts at the time of seizure that took place last month. Pierluigi Paganini.

Advertising

Advertising Malware Cybercrime Hacking

5 Ways to Protect Yourself from IP Address Hacking

Security Affairs

AUGUST 20, 2019

Your IP address represents your digital identity online, hacking it not only allows attackers to access your device or your accounts, but it may cause even bigger damage. Your IP or Internet Protocol address is your digital identity on the internet. The need of the time is to be extra vigilant about your security.

Hacking

Hacking VPN Internet Internet

China-based Bronze President APT targets South and East Asia

Security Affairs

JANUARY 7, 2020

The China-based group has been active at least since 2014, it leverages both custom remote access tools and publicly available remote access and post-compromise to compromise target networks. There are several connections between a subset of the group’s operational infrastructure and PRC-based Internet service providers.

Advertising

Advertising Accountability Internet Internet

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

Security Affairs

SEPTEMBER 21, 2019

Clearly the access to the CEO account allowed the hacker to breach the company. The employee’s data wer e acquired by Nashatka that asked Gunton to help him in hijacking both EtherDelta’s Cloudflare and Dreamhost accounts. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking

Hacking DNS Cryptocurrency Accountability

Microsoft addresses three Windows issues actively exploited

Security Affairs

APRIL 14, 2020

Microsoft Patch Tuesday security updates for April 2020 address 113 flaws, including two remote code execution flaws in Windows that are actively exploited. The flaws addressed by Microsoft this month impact Windows, Edge, Internet Explorer, Office, Windows Defender, Dynamics, Apps for Android and Mac, and other products.

Internet

Internet Internet Advertising Engineering

Microsoft provides mitigation for actively exploited CVE-2020-0674 IE Zero-Day

Security Affairs

JANUARY 18, 2020

Microsoft published a security advisory to warn of an Internet Explorer (IE) zero-day vulnerability (CVE-2020-0674) that is currently being exploited in the wild. “A remote code execution vulnerability exists in the way that the scripting engine handles objects in memory in Internet Explorer. Pierluigi Paganini.

Internet

Internet Internet Advertising Engineering

Security Affairs newsletter Round 243

Security Affairs

DECEMBER 8, 2019

Twitter account of Huawei Mobile Brazil hacked. Europol seized 30,506 Internet domain names for IP Infringement. A flaw in Microsoft OAuth authentication could lead Azure account takeover. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Russia-linked Gamaredon group targets Ukraine officials.

Advertising

Advertising DDOS VPN Authentication

Microsoft’s case study: Emotet took down an entire network in just 8 days

Security Affairs

APRIL 4, 2020

Microsoft declared that an Emotet attack took down an organization’s network by overheating all the computers and bringing its Internet access down. The malware made lateral movements by stealing admin account credentials, and in just eight days after the initial infection, the Fabrikam’s entire network was shut down.

Antivirus

Antivirus Malware Phishing Advertising

Users reported problems with patches for CVE-2019-1367 IE zero-day

Security Affairs

OCTOBER 7, 2019

Patches for Internet Explorer Zero-Day Causing Problems for Many Users. Microsoft released a new set of patches for a zero-day flaw in Internet Explorer recently fixed due to problems reported by users with the previous patch. reads the security advisory published by Microsoft.

Internet

Internet Internet Engineering Advertising

Experts warn of ongoing scans for Citrix servers affected by CVE-2019-19781

Security Affairs

JANUARY 9, 2020

If that vulnerability is exploited, attackers obtain direct access to the company’s local network from the Internet. This attack does not require access to any accounts, and therefore can be performed by any external attacker.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Technology

Technology Advertising Internet Internet

Security Affairs newsletter Round 246

Security Affairs

DECEMBER 29, 2019

RuNet – Russia successfully concluded tests on its Internet infrastructure. A flaw in Twitter App for Android could have been exploited to take over the account. 173 Million Zynga accounts were impacted in the September hack. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Cyber Attacks

Cyber Attacks Surveillance Advertising Ransomware

Reading the 2019 Internet Crime Complaint Center (IC3) report

Europol seized 30,506 Internet domain names for IP Infringement

Webinars

Trending Sources

TroyStealer – A new info stealer targeting Portuguese Internet users

Webinars

GoDaddy discloses a data breach, web hosting account credentials exposed

Experts warn of massive internet scans for SAP systems affected by RECON Vulnerability

Interview With a Crypto Scam Investment Spammer

Slickwraps discloses data leak that impacted 850,000 user accounts

INTERNET BLOCKING IN MYANMAR – SECRET BLOCK LIST AND NO MEANS TO APPEAL

538 Million Weibo users’ records being sold on Dark Web

Parents’ Guide for Safe YouTube and Internet Streaming for Kids

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

UberEats data leaked on the dark web

CVE-2019-19781 Citrix flaw exposes 80,000 companies at risk

Russia-linked APT28 has been scanning vulnerable email servers in the last year

Hackers exploit SQL injection zero-day issue in Sophos firewall

FBI shuts down the Russian-based hacker platform DEER.IO

Exclusive: Researchers dumped Gigabytes of data from Agent Tesla C2Cs

Hundreds of female sports stars and celebrities have their naked photos and videos leaked online

Researchers found allegedly intentional backdoors in FTTH devices from Chinese vendor C-Data

US DoJ wants the funds stored by North Korea in 280 BTC and ETH

Hacker who disrupted Sony gaming gets a 27-months jail sentence

Operation DisrupTor: police arrested 179 vendors engaged in the sale of illicit good

Data for 600K customers of U.S. fitness chains Town Sports leaked online

CLOP Ransomware operators hacked Indian conglomerate IndiaBulls Group

Data of 21 million Mixcloud users available for sale on the dark web

Hackers leak data on hundreds of German Politicians, including Chancellor Merkel

Security Affairs newsletter Round 242

CISA says federal agency compromised by malicious cyber actor

Voter information for 4,934,863 Georgians leaked online

Over 100 irrigation systems left exposed online without protection

Attunity data leak: Netflix, Ford, TD Bank data exposed by Open AWS Buckets

A study reveals the list of worst passwords of 2019

Microsoft released an out-of-band patch to fix Zero-day flaw exploited in the wild

Belarusian authorities seized XakFor, one of the largest Russian-speaking hacker sites

5 Ways to Protect Yourself from IP Address Hacking

China-based Bronze President APT targets South and East Asia

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

Microsoft addresses three Windows issues actively exploited

Microsoft provides mitigation for actively exploited CVE-2020-0674 IE Zero-Day

Security Affairs newsletter Round 243

Microsoft’s case study: Emotet took down an entire network in just 8 days

Users reported problems with patches for CVE-2019-1367 IE zero-day

Experts warn of ongoing scans for Citrix servers affected by CVE-2019-19781

Security Affairs newsletter Round 246

Stay Connected