Security Affairs

APRIL 16, 2020

Linksys has reset passwords for all its customers’ after learning on ongoing DNS hijacking attacks aimed at delivering malware. Hackers compromise D-Link and Linksys routers and change DNS settings to redirect users to bogus sites proposing a fake COVID-19 information app from the World Health Organization. Pierluigi Paganini.

Passwords 128

Passwords DNS Malware Advertising 128

Security Affairs

MAY 6, 2020

Hackers have breached the online learning platform Unacademy and are selling the account information for close to 22 million users. Online learning platform Unacademy has suffered a data breach after a hacker gained access to their database and started selling the account information for close to 22 million users.

Accountability 105

Accountability Hacking Data breaches Advertising 105

Security Affairs

DECEMBER 16, 2019

Another year is ending and this is the right time to discover which are the worst passwords of 2019 by analyzing data leaked in various data breaches. Independent anonymous researchers, compiled and shared with security firm NordPass a list of 200 most popular passwords that were leaked in data breaches during 2019.

Passwords 93

Passwords Data breaches Password Management Advertising 93

Security Affairs

DECEMBER 10, 2019

Microsoft revealed that 44 million Microsoft Azure AD and Microsoft Services accounts were vulnerable to account hijacking. Microsoft discovered that 44 million Microsoft Azure AD and Microsoft Services accounts were vulnerable to account hijacking because of using of compromised passwords. Pierluigi Paganini.

Accountability 90

Accountability Hacking Passwords Advertising 90

Security Affairs

SEPTEMBER 2, 2019

Login details of more than 36 million Poshmark accounts are available for sale in the cybercrime underground. The company discovered unauthorized access to its servers, the intruders stole personal information of the users, including usernames , hashed passwords, first and last names, gender information, and city of residenc.

Accountability 88

Accountability Data breaches Passwords Advertising 88

Security Affairs

JUNE 10, 2020

Japanese gaming giant Nintendo has confirmed that hackers have breached 300,000 accounts since early April, financial data were not exposed. The Japanese video game giant Nintendo has admitted that threat actors have breached 300,000 accounts since early April. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Accountability 98

Accountability Advertising Passwords Hacking 98

Security Affairs

JANUARY 2, 2020

The Poloniex cryptocurrency exchange is forcing users to reset their passwords following a data leak. . Another bad news for the community of the virtual currencies communities, the Poloniex cryptocurrency exchange has forced its users to reset their passwords following a data leak. . Pierluigi Paganini.

Passwords 64

Passwords Cryptocurrency Data breaches Advertising 64

Security Affairs

AUGUST 12, 2019

Researchers discovered a dump containing 6,840,339 records associated with StockX user accounts that surfaced in the cybercrime underground. A threat actor stole details of 6 million users, the stolen data includes user names, email addresses, addresses, shoe size, purchase history, and encrypted passwords (salted MD5).

Accountability 88

Accountability Data breaches Passwords Cybercrime 88

Security Affairs

FEBRUARY 24, 2020

Slickwraps has disclosed a data breach that impacted over 850,000 user accounts, data were accidentally exposed due to security vulnerabilities. ” reads the security update published by the company. Lynx0x00’s Medium and Twitter accounts have mysteriously vanished but, fortunately, the Internet never truly forgets.

Accountability 101

Accountability Data breaches Passwords Advertising 101

Security Affairs

AUGUST 30, 2019

Foxit Software, the company behind the Foxit PDF reader app, disclosed a data breach that exposed customers’ information, including passwords. Foxit Software, the PDF software provider behind the Foxit PDF reader app disclosed a security breach that took place recently exposing customers’ information.

Data breaches 83

Data breaches Passwords Software Identity Theft 83

Security Affairs

SEPTEMBER 23, 2019

The online education platform for developers Thinkful suffered a security breach and is notifying the incident to its customers requiring them to reset their passwords. The company is notifying the incident to its users via email and is forcing a password reset in response to the incident. ” continues the notification.

Data breaches 83

Data breaches Passwords Education Advertising 83

Security Affairs

DECEMBER 28, 2019

In September Zynga, the American social game developer running social video game services suffered a data breach that 173 Million accounts. Zynga confirmed that the account login information for certain players of Draw Something and Words With Friends that may have been exposed in the data breach. ” states HIBP.

Accountability 69

Accountability Hacking Data breaches Passwords 69

Security Affairs

SEPTEMBER 6, 2019

600,000 GPS trackers left exposed online with a default password of ‘123456’ Avast researchers found at least 600,000 GPS trackers manufactured by a Chinese vendor that were exposed online with a default password of “123456.” The use of default passwords represents a serious problem also for the Chinese vendor.

Passwords 83

Passwords Manufacturing Advertising Firmware 83

Security Affairs

AUGUST 17, 2019

Trend Micro addressed 2 DLL hijacking flaws in Trend Micro Password Manager that could allow malicious actors to escalate privileges and much more. “ SafeBreach Labs discovered a new vulnerability in Trend Micro Password Manager software.” ” reads the security advisory published by Trend Micro.

Password Management 86

Password Management Passwords Advertising Authentication 86

Security Affairs

MAY 22, 2019

Google accidentally stored the passwords of its G Suite users in plain-text for 14 years allowing its employees to access them. The news is disconcerting, Google has accidentally stored the passwords of the G Suite users in plain-text for 14 years, this means that every employee in the company was able to access them.

Passwords 89

Passwords Encryption Advertising Accountability 89

Security Affairs

JULY 15, 2019

Instagram has recently addressed a critical flaw that could have allowed hackers to take over any Instagram account without any user interaction. Instagram has recently addressed a critical vulnerability that could have allowed attackers to completely take over any account without user interaction. Pierluigi Paganini.

Accountability 89

Accountability Mobile Passwords Advertising 89

Security Affairs

MAY 30, 2019

The WordPress plugin Convert Plus is affected by a critical flaw that could be exploited by an unauthenticated attacker to create accounts with administrator privileges. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Accountability 93

Accountability Firewall Passwords Advertising 93

Krebs on Security

JULY 18, 2023

com , a service that sold access to billions of passwords and other data exposed in countless data breaches. KrebsOnSecurity has learned that the owner of Defiant Tech, a 32-year-old Ontario man named Jordan Evan Bloom , was hired in late 2014 as a developer for the marital infidelity site AshleyMadison.com. Abusewith[.]us

Hacking 190

Hacking Accountability Data breaches Marketing 190

Security Affairs

MARCH 23, 2020

107 million records include personal data and basic account information such as the user ID, number of Weibo tweets, number of followers and accounts users are following, account gender, geographic location and more. The dump doesn’t include Weibo users’ passwords. 5.38?????????????? Good night.”

Accountability 121

Accountability Passwords Advertising Internet 121

Security Affairs

SEPTEMBER 21, 2020

Over 500,000 Activision accounts may have been hacked in a new data breach that the gaming firm suffered on September 20. More than 500,000 Activision accounts may have compromised as a result of a data breach suffered by the gaming firm on September 20, reported the eSports site Dexerto. ” reads the post published by Dexerto.

Hacking 118

Hacking Data breaches Accountability Passwords 118

Security Affairs

APRIL 26, 2020

The data for any specific firewall depends upon the specific configuration and may include usernames and hashed passwords for the local device admin(s), portal admins, and user accounts used for remote access.” ” “Passwords associated with external authentication systems such as AD or LDAP are unaffected.

Firewall 145

Firewall Passwords Accountability Advertising 145

Security Affairs

MARCH 10, 2020

which is a Shopify-like platform that has been hosting hundreds of online shops used for the sale of hacked accounts and stolen user data. international financial and corporate data, Personally Identifiable Information (PII), and compromised user accounts from many U.S. store ACCOUNTS-MARKET. storefront.”

Accountability 120

Accountability Advertising Passwords Hacking 120

Security Affairs

OCTOBER 30, 2019

Network Solutions, one of the world’s biggest domain registrars, disclosed a data breach that impacted 22 million accounts. Network Solutions , one of the world’s biggest domain registrars, disclosed a data breach that may have impacted 22 million accounts, no financial data was exposed. ” continues the notice.

Data breaches 58

Data breaches Accountability Advertising Encryption 58

Security Affairs

FEBRUARY 11, 2020

The bank changed 23,000 passwords in 2018 without consent. It is controversial that Woori Bank changed the p assword s of 23,000 customer dormant accounts without consent in July 2018. The accounts are deactivated if there is no transaction for one year after their opening. About the author: ??? Hyung-Joo, Choi Editor.

Banking 105

Banking Passwords Accountability Advertising 105

Security Affairs

OCTOBER 19, 2020

A threat actor has breached the forum of Albion Online and stole usernames and password hashes from its database. “The intruder was able to access forum user profiles, which include the e-mail addresses connected to those forum accounts. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking 104

Hacking Data breaches Passwords Advertising 104

Security Affairs

SEPTEMBER 16, 2020

According to security firm Tencent, the team of hackers has been active over the past few months by hacking into Microsoft SQL Servers (MSSQL) to install a crypto-miner. “Tencent Security Threat Intelligence Center detected a new type of mining Trojan family MrbMiner. Pierluigi Paganini. SecurityAffairs – hacking, MrbMiner).

Malware 140

Malware Cryptocurrency Advertising Accountability 140

Security Affairs

OCTOBER 1, 2021

The attack against Neiman Marcus Group took place in May 2020, as a result of the attack, threat actors had access to customers’ information, including payment card data. Exposed personal information includes names and contact information, usernames, passwords, and answers to security questions associated with online accounts.

Data breaches 102

Data breaches Retail Passwords Accountability 102

Security Affairs

OCTOBER 4, 2020

“These vulnerabilities may allow locally managed accounts within Device Manager to be susceptible to dictionary attacks due to weak cipher implementation (CVE-2020-6925) and allow a malicious actor to remotely gain unauthorized access to resources (CVE-2020-6926), and/or allow a malicious actor to gain SYSTEM privileges (CVE-2020-6927).”

Hacking 138

Hacking Accountability Passwords InfoSec 138

Security Affairs

AUGUST 7, 2019

Accessing an online account, users could make several actions, such as manage insurance claims and pay bills. This kind of attacks is very efficient due to the bad habit of users of reusing the same password over multiple services. In response to the attacks, State Farm reset the passwords for impacted accounts.

Insurance 91

Insurance Data breaches Financial Services Passwords 91

Security Affairs

JULY 9, 2020

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. According to the company, most of the username and password combinations are available for free, and 5 billion of the above credentials are “unique.”

Cybercrime 128

Cybercrime Antivirus Marketing Accountability 128

Security Affairs

MARCH 16, 2020

Last week, Open Exchange Rates disclosed a data breach that exposed the personal information and hashed passwords for customers of its API service. Last week, the currency data provider Open Exchange Rates has disclosed a data breach that exposed the personal information and salted and hashed passwords for customers of its API service.

Data breaches 110

Data breaches Passwords Advertising Accountability 110

Security Affairs

APRIL 12, 2020

The archive included credentials for Zoom accounts belonging to organizations in various industries, including banking, consultancy, healthcare software companies. ” reads the report published by security firm IntSights. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Healthcare 145

Healthcare Phishing Accountability Banking 145

Security Affairs

JUNE 28, 2020

” “We use Facebook and LinkedIn for account login and do not store any passwords on our system. If you use the legacy email and password login, your passwords are encrypted, but we highly encourage that you change it. We do not store any credit card or payment related information on our servers.”

Media 144

Media Hacking Passwords Data breaches 144

Security Affairs

MAY 2, 2020

billion records containing personally identifiable information (PII) of employees, reporters, and at least 42,000 users. ” Exposed data included full names, emails, home addresses (countries of residence, ZIP codes), passwords in plain text hashed using MD5, and IP addresses and tokens used for access to internal servers. .

Identity Theft 120

Identity Theft Passwords Advertising Accountability 120

Security Affairs

JULY 14, 2020

.” According to the company, attackers accessed personal details of the users, including names, email addresses, mailing addresses, phone numbers, and also encrypted passwords. In response to the incident, the bidding portal has forced a password reset for all users’ accounts, both bidder and auctioneer ones.

Hacking 106

Hacking Data breaches Identity Theft Advertising 106

Security Affairs

FEBRUARY 20, 2020

The CVE-2020-3158 flaw is related to the presence of a system account that has a default and static password in the Smart Software Manager tool. “The vulnerability is due to a system account that has a default and static password and is not under the control of the system administrator.” Pierluigi Paganini.

Software 116

Software System Administration Advertising Accountability 116

Security Affairs

DECEMBER 1, 2019

The hack took place in early November and exposed data for more than 20 million user accounts. The hacker access to users’ data, including usernames , email addresses, SHA-2 hashed passwords, account sign-up dates and country, the last-login date, the internet (IP) address, and links to profile photos. Pierluigi Paganini.

Data breaches 117

Data breaches Passwords Advertising Hacking 117