2014, Backups, Data breaches and Hacking

The team behind the Joomla CMS discloses a data breach

Security Affairs

JUNE 1, 2020

Last week a member of the Joomla Resources Directory (JRD) team left an unencrypted full backup of the JRD site ( resources.joomla.org ) on an unsecured Amazon Web Services S3 bucket operated by the company. “JRD full site backups (unencrypted) were stored in a third-party company Amazon Web Services S3 bucket.

Data breaches

Data breaches Backups Passwords Advertising

Popular OGUsers hacking forum breached for the second time in a year

Security Affairs

APRIL 5, 2020

OGUsers, one of the most popular hacking forums, was hacked again, it is the second security breach it has suffered in a year. The popular hacking forum OGUsers was hacked again, it is the second security breach it has suffered in a year, the news was first reported by ZDNet. Pierluigi Paganini.

Hacking

Hacking Data breaches Advertising Backups

Aerial Direct, the O2’s largest UK partner suffered a data breach

Security Affairs

MARCH 16, 2020

Aerial Direct’s data breach notification sent to the customers revealed that an unauthorized third party had been able to access customer data on 26 February through an external backup database. ” reads the data breach notification published by the company. Pierluigi Paganini.

Data breaches

Data breaches Telecommunications Passwords Advertising

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators

Security Affairs

AUGUST 21, 2020

Experts at threat intelligence firm Cyble came across a post published by Maze ransomware operators claiming to have breached the steel sheet giant Hoa Sen Group. “Currently, the ransomware operators claims to have published 5% of company’s total data leak.” SecurityAffairs – hacking, Maze Ransomware Operators).

Ransomware

Ransomware Hacking Advertising Backups

Frost & Sullivan databases available for sale on a hacker forum

Security Affairs

JUNE 24, 2020

business consulting firm Frost & Sullivan suffered a data breach, a threat actor is offering for sale its databases on a hacker forum. firm Frost & Sullivan suffered a data breach, data from an unsecured backup that were exposed on the Internet was sold by a threat actor on a hacker forum.

Data breaches

Data breaches Backups Advertising Hacking

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Krebs on Security

FEBRUARY 12, 2019

Email provider VFEmail has suffered what the company is calling “catastrophic destruction” at the hands of an as-yet unknown intruder who trashed all of the company’s primary and backup data in the United States. Every file server is lost, every backup server is lost. “Every VM [virtual machine] is lost.

Hacking

Hacking DDOS Backups Accountability

Backup files for Lion Air and parent airlines exposed and exchanged on forums

Security Affairs

SEPTEMBER 17, 2019

The information was left exposed online on an unsecured Amazon bucket, the records were stored in two databases in a directory containing backup files mostly for Malindo Air and Thai Lion Air. The most recent backup, dated May 25, is named ‘PaymentGateway.’ SecurityAffairs – hacking, data leak).

Backups

Backups Advertising Hacking Data breaches

Reddit discloses a data breach, a hacker accessed user data

Security Affairs

AUGUST 1, 2018

Reddit Warns Users of Data Breach. Reddit is warning its users of a security breach, an attacker broke into the systems of the platform and accessed user data. Reddit is warning its users of a security breach, a hacker broke into the systems of the platform and accessed user data. Pierluigi Paganini.

Data breaches

Data breaches Backups Passwords Authentication

Swiss rail vehicle manufacturer Stadler hit by a malware-based attack

Security Affairs

MAY 10, 2020

Stadler, a Swiss manufacturer of railway rolling stock disclosed a data breach, hackers attempted to blackmail the company. International rail vehicle manufacturer, Stadler , disclosed a security breach that might have also allowed the attackers to steal company data. SecurityAffairs – hacking, ransomware).

Manufacturing

Manufacturing Malware Data breaches Backups

The hacker behind Matrix.org hack offers advice to improve security

Security Affairs

APRIL 12, 2019

The hacker that hacked and defaced Matrix.org decided to disclose the security issues discovered during the attack and offers advice. This week, the hacker behind the hack of Matrix.org decided to disclose the vulnerabilities discovered during the attack. ” reads the data breach notification published by Matrix.org.

Hacking

Hacking DNS Passwords Data breaches

Nefilim ransomware operators leaked data alleged stolen from the Dussmann group

Security Affairs

JULY 28, 2020

During its continuous darkweb and deepweb monitoring, the Cyble Research Team came across the post of Nefilim ransomware operators in which the crew claimed to have breached The Dussmann Group and have exfiltrated sensitive data. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Data breaches Advertising Backups

SQL Dump from popular Indian BGR tech site leaked online

Security Affairs

FEBRUARY 27, 2020

The data leak was first reported by experts from the security firm Under the Breach , the full SQL backup contains , emails, hashed passwords, and other information. Hacked due to exposed s3 AWS bucket. – Full SQL backup. Hacked due to exposed s3 AWS bucket. – Full SQL backup.

Backups

Backups Advertising Passwords Hacking

DoppelPaymer Ransomware hits City of Torrance and demands a 680K+ ransom

Security Affairs

APRIL 22, 2020

. “Based on the names of the archives, this data includes city budget financials, various accounting documents, document scans, and an archive of documents belonging to the City Manager.” The group posted files from the breach as proof. pic.twitter.com/vJ1qXBPTAO — Under the Breach (@underthebreach) April 21, 2020.

Ransomware

Ransomware Advertising Backups Data breaches

Maze Ransomware gang breached the US chipmaker MaxLinear

Security Affairs

JUNE 17, 2020

The company already sent a data breach notification to the impacted individuals. ” reads the data breach notification. ” reads the data breach notification. On June 15, the gang leaked 10.3GB of accounting and financial information as proof of the hack. Source: BleepingComputer.

Ransomware

Ransomware Data breaches Advertising Insurance

Data from Airlink International UAE leaked on multiple dark web forums

Security Affairs

OCTOBER 8, 2020

Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Advertising

Advertising Insurance Backups Media

Maze Ransomware operators published data from LG and Xerox

Security Affairs

AUGUST 4, 2020

A few days ago the group released a press release in which they warned the companies to not try to recover their files from their backup, it also announced the forthcoming LG Electronics data leak. One screenshot showed that hosts on “eu.xerox.net,” managed by Xerox Corporation, was hacked. Pierluigi Paganini.

Ransomware

Ransomware Encryption Advertising Firmware

Security Affairs newsletter Round 229 – News of the week

Security Affairs

SEPTEMBER 1, 2019

Experts uncovered a hacking campaign targeting several WordPress Plugins. Hostinger disclosed a data breach that affects 14 Million customers. Imperva data Breach: WAF customers data exposed. White hat hacker demonstrated how to hack a million Instagram accounts. Remove it now from your phone!

eCommerce

eCommerce Data breaches Malware Advertising

Sodinokibi ransomware gang stole 1TB of data from Brown-Forman

Security Affairs

AUGUST 15, 2020

Sodinokibi (REvil) ransomware operators announced on Friday to have hacked Brown-Forman, one of the largest U.S. Sodinokibi (REvil) ransomware operators announced last week to have breached the network of the Brown-Forman, one of the largest U.S. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Advertising Encryption Hacking

The Difficulty of Disclosure, Surebet247 and the Streisand Effect

Troy Hunt

JANUARY 8, 2020

I've written before about how I verify breaches and it didn't take long to be pretty confident that per the subject line of the email above, Surebet247 (a Nigerian gambling website) had suffered a data breach. Suddenly, he had their attention. And they weren't happy.

Data breaches

Data breaches Backups Firewall Hacking

BEC scams, hacked accounts available from $150 up to $5,000

Security Affairs

OCTOBER 9, 2018

It is quite easy to find online AWS buckets containing backups of email archives, the same data could be found on publicly-accessible rsync, FTP, SMB, and NAS drives. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Scams

Scams Accountability Hacking Passwords

Maze ransomware operators claim to have breached LG Electronics

Security Affairs

JUNE 25, 2020

In 2014 its global sales reached $55.91 A few days ago the group released a press release in which they warned the companies to not try to recover their files from their backup, it also announced the forthcoming LG Electronics data leak. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Computers and Electronics

Computers and Electronics Ransomware Mobile Telecommunications

Attunity data leak: Netflix, Ford, TD Bank data exposed by Open AWS Buckets

Security Affairs

JUNE 29, 2019

The total size is uncertain, but the researcher downloaded a sample of about a terabyte in size, including 750 gigabytes of compressed email backups.” ” The buckets contained a vast amount of data, the expert downloaded a terabyte for analysis. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Banking

Banking Backups Big data Advertising

Security Affairs newsletter Round 201 – News of the week

Security Affairs

FEBRUARY 17, 2019

620 million accounts stolen from 16 hacked websites available for sale on the dark web. Hacker deleted all data from VFEmail Servers, including backups. Coffee Meets Bagel dating app confirms data breach. Astaroth Trojan relies on legitimate os and antivirus processes to steal data. Malicious PDF Analysis.

Advertising

Advertising Antivirus Malware Backups

Reddit locked Down accounts due to alleged security breach

Security Affairs

JANUARY 10, 2019

If confirmed this means that Reddit was the victim of a data breach. This was breach on Reddit’s part or someone managed to bruteforce my unique credentials, including strong password. The hacker accessed user data, email addresses, and a 2007 backup database containing hashed passwords managed by the platform.

Accountability

Accountability Data breaches Passwords Advertising

Travelex paid $2.3 Million ransom to restore after a ransomware attack

Security Affairs

APRIL 9, 2020

“As part of this attack, the operators behind the Sodinokibi ransomware told BleepingComputer that they had encrypted the company’s entire network, deleted backup files, and copied more than 5GB of personal data. This data allegedly contained “DOB SSN CC and other” ” reported BleepingComputer.

Ransomware

Ransomware Encryption Advertising Backups

How to Prevent Data Leaks

Spinone

NOVEMBER 30, 2018

In this article we will take a look at major cybersecurity risks and best practices how to reduce or avoid corporate data leakage. The breach was not fully disclosed until September 2016. The Hacker had discovered Zuckerberg’s password in a 2012 LinkedIn data breach and he had used the same password across several accounts.

Data breaches

Data breaches Passwords Backups Mobile

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Krebs on Security

JANUARY 8, 2024

As detailed in my 2014 book, Spam Nation , Spamdot was home to crooks controlling some of the world’s nastiest botnets, global malware contagions that went by exotic names like Rustock , Cutwail , Mega-D , Festi , Waledac , and Grum. And there were many good reasons to support this conclusion.

Cybercrime

Cybercrime Banking Computers and Electronics DDOS

Security Affairs newsletter Round 232

Security Affairs

SEPTEMBER 22, 2019

Backup files for Lion Air and parent airlines exposed and exchanged on forums. Crooks hacked other celebrity Instagram accounts to push scams. One of the hackers behind EtherDelta hack also involved in TalkTalk hack. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Adware

Adware Password Management Advertising Hacking

Happy 13th Birthday, KrebsOnSecurity!

Krebs on Security

DECEMBER 29, 2022

Also nabbed on the lam is Vyacheslav “Tank” Penchukov , a senior Ukrainian member of a transnational cybercrime group that stole tens of millions of dollars over nearly a decade from countless hacked businesses. It emerges that email marketing giant Mailchimp got hacked. Uber blames LAPSUS$ for the intrusion.

Cryptocurrency

Cryptocurrency Cybercrime Computers and Electronics Scams

ID Numbers for 120 Million Brazilians taxpayers exposed online

Security Affairs

DECEMBER 13, 2018

Experts discovered the file index.html_bkp on the Apache server (likely a backup of the index.html), which caused the web server to display the list of the files and folder stored in that folder and download them. The folder included data archives ranging in size from 27 megabytes to 82 gigabytes. . ” concludes InfoArmor.

Backups

Backups Banking Advertising Cybercrime

Minding the Data Protection for Individuals

Spinone

JANUARY 27, 2015

All the news are full of caution not to be hacked, not to put easy passwords, and so on. Definitely, security is the top priority for brand companies to defend their critical data and reputation. Acknowledging one recent IBM study , researchers tracked the number of cyber attacks and data breaches during the busiest shopping days (Nov.

Backups

Backups Cyber Attacks Passwords Antivirus

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

Krebs on Security

SEPTEMBER 4, 2018

In addition, the database included the Apple iCloud username and authentication token of mobile devices running mSpy, and what appear to be references to iCloud backup files. In May 2015, KrebsOnSecurity broke the news that mSpy had been hacked and its customer data posted to the Dark Web. In September 2014, U.S.

Spyware

Spyware Mobile Advertising Software

700,000 records belonging to Choice Hotels customer leaked online. Crooks demanded ransom

Security Affairs

AUGUST 16, 2019

Diachenko immediately reported his findings to Choice Hotels, however, crooks have already got access to the data and attempted to blackmail the business. . Likely the intruders have made a backup of the data and were going to wipe the archive before demanding the payment of the ransom. BTC ($4,000) from the company.

Advertising

Advertising Backups Engineering Internet

Experts found 540 Million Facebook user records on unprotected Amazon S3 buckets

Security Affairs

APRIL 3, 2019

This same type of collection, in similarly concentrated form, has been cause for concern in the recent past , given the potential uses of such data.” “A separate backup from a Facebook-integrated app titled “At the Pool” was also found exposed to the public internet via an Amazon S3 bucket.” Pierluigi Paganini.

Advertising

Advertising Accountability Media Passwords

SamSam Ransomware operators earned more than US$5.9 Million since late 2015

Security Affairs

JULY 31, 2018

The attackers carry on brute-force attacks on RDP of the target system, some time they leverage credentials obtained from other data breaches typically offered for sale on the dark web. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini. Securi ty Affairs – ransomware, malware).

Ransomware

Ransomware Advertising Marketing Encryption

Cybersecurity Risk Assessment: Why You Need It and How to Perform It Right

Spinone

OCTOBER 27, 2020

IBM’s “ 2019 Cost of a Data Breach Report ” details the costs that come from a data breach as a result of various cybersecurity risks. million Healthcare organizations for the 9th year in a row had the highest costs associated with data breaches – $6.45 Yes, they are. percent in 2019.

Risk

Risk Cybersecurity Penetration Testing Data breaches

Key Insights on Cybersecurity Risks for CEOs and Management Teams

Spinone

NOVEMBER 19, 2018

When looking at such high-profile events as the Sony Pictures hack in 2014 or the Equifax breach last year that exposed the personally identifiable information of millions of U.S. While public cloud vendors provide rudimentary backups, getting access to those backups is not an easy process.

Risk

Risk Cybersecurity Technology Cyber Risk

It is time to re-evaluate Cyber-defence solutions

Security Affairs

JANUARY 10, 2021

It is apparent to even the most casual observer that successful cyber-attacks are happening at an alarming frequency, and it is happening to trusted institutions where we all believed our private data was secured and impenetrable from unscrupulous fraudsters, criminals or even state sponsored hacking by some rogue Governments.

Cyber Attacks

Cyber Attacks Government Surveillance Software

The team behind the Joomla CMS discloses a data breach

Popular OGUsers hacking forum breached for the second time in a year

Webinars

Trending Sources

Aerial Direct, the O2’s largest UK partner suffered a data breach

Webinars

Steel sheet giant Hoa Sen Group hacked by Maze ransomware operators

Frost & Sullivan databases available for sale on a hacker forum

Email Provider VFEmail Suffers ‘Catastrophic’ Hack

Backup files for Lion Air and parent airlines exposed and exchanged on forums

Reddit discloses a data breach, a hacker accessed user data

Swiss rail vehicle manufacturer Stadler hit by a malware-based attack

The hacker behind Matrix.org hack offers advice to improve security

Nefilim ransomware operators leaked data alleged stolen from the Dussmann group

SQL Dump from popular Indian BGR tech site leaked online

DoppelPaymer Ransomware hits City of Torrance and demands a 680K+ ransom

Maze Ransomware gang breached the US chipmaker MaxLinear

Data from Airlink International UAE leaked on multiple dark web forums

Maze Ransomware operators published data from LG and Xerox

Security Affairs newsletter Round 229 – News of the week

Sodinokibi ransomware gang stole 1TB of data from Brown-Forman

The Difficulty of Disclosure, Surebet247 and the Streisand Effect

BEC scams, hacked accounts available from $150 up to $5,000

Maze ransomware operators claim to have breached LG Electronics

Attunity data leak: Netflix, Ford, TD Bank data exposed by Open AWS Buckets

Security Affairs newsletter Round 201 – News of the week

Reddit locked Down accounts due to alleged security breach

Travelex paid $2.3 Million ransom to restore after a ransomware attack

How to Prevent Data Leaks

Meet Ika & Sal: The Bulletproof Hosting Duo from Hell

Security Affairs newsletter Round 232

Happy 13th Birthday, KrebsOnSecurity!

ID Numbers for 120 Million Brazilians taxpayers exposed online

Minding the Data Protection for Individuals

For 2nd Time in 3 Years, Mobile Spyware Maker mSpy Leaks Millions of Sensitive Records

700,000 records belonging to Choice Hotels customer leaked online. Crooks demanded ransom

Experts found 540 Million Facebook user records on unprotected Amazon S3 buckets

SamSam Ransomware operators earned more than US$5.9 Million since late 2015

Cybersecurity Risk Assessment: Why You Need It and How to Perform It Right

Key Insights on Cybersecurity Risks for CEOs and Management Teams

It is time to re-evaluate Cyber-defence solutions

Stay Connected