2014, Cybercrime, Information Security and Passwords

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

More than 15 billion username and passwords are available on cybercrime marketplaces, including over 5 billion unique credentials, states the experts. According to the company, most of the username and password combinations are available for free, and 5 billion of the above credentials are “unique.” Pierluigi Paganini.

Cybercrime

Cybercrime Antivirus Marketing Accountability

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 10, 2020

Microsoft has uncovered Zerologon attacks that were allegedly conducted by the infamous TA505 Russia-linked cybercrime group. Microsoft spotted a series of Zerologon attacks allegedly launched by the Russian cybercrime group tracked as TA505 , CHIMBORAZO and Evil Corp. Pierluigi Paganini. SecurityAffairs – hacking, Zerologon).

Cybercrime

Cybercrime Security Intelligence Authentication Banking

Threat actor leaked data for U.S. gun exchange site on hacking forum

Security Affairs

AUGUST 13, 2020

A threat actor has released the databases of Utah-based gun exchange and hunting sites for free on a cybercrime forum. On August 10th, a hacker has leaked online the databases of Utah-based gun exchange for free on a cybercrime forum. The leaked data includes login names, hashed passwords, and email addresses.

Hacking

Hacking Data breaches Cybercrime Passwords

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Raccoon Malware, a success case in the cybercrime ecosystem

Security Affairs

FEBRUARY 24, 2020

And this goes beyond usernames and passwords to information that can get them immediate financial gain like credit card information and cryptocurrency wallets.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cybercrime

Cybercrime Malware Cryptocurrency Advertising

Asian media firm E27 hacked, attackers asked for a “donation”

Security Affairs

JUNE 28, 2020

” “We use Facebook and LinkedIn for account login and do not store any passwords on our system. If you use the legacy email and password login, your passwords are encrypted, but we highly encourage that you change it. We do not store any credit card or payment related information on our servers.”

Media

Media Hacking Passwords Data breaches

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Security Affairs

JULY 11, 2020

A jury found Russian hacker Yevgeniy Nikulin guilty for the hack of LinkedIn, Dropbox, and Formspring back in 2012 and for the sale of the stolen data on cybercrime black marketplaces. The Russian man stole roughly 117 million user records, including usernames, passwords, and emails. SecurityAffairs – hacking, cybercrime).

Hacking

Hacking Cybercrime Data breaches Advertising

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Security Affairs

SEPTEMBER 24, 2020

The recent Emotet campaign uses spam messages with password-protected attachments, experts noticed a decline in infections over the weekend, a behavior already observed in the past. Emotet joined the password-protected attachment bandwagon with a campaign starting Friday. ” states the Italian CSIRT’s alert. .

Malware

Malware Passwords Advertising Cybercrime

Watch out, your StockX account details may be available in crime forums

Security Affairs

AUGUST 12, 2019

Researchers discovered a dump containing 6,840,339 records associated with StockX user accounts that surfaced in the cybercrime underground. A threat actor stole details of 6 million users, the stolen data includes user names, email addresses, addresses, shoe size, purchase history, and encrypted passwords (salted MD5).

Accountability

Accountability Data breaches Passwords Cybercrime

Open Exchange Rates discloses a security breach

Security Affairs

MARCH 16, 2020

Last week, Open Exchange Rates disclosed a data breach that exposed the personal information and hashed passwords for customers of its API service. Last week, the currency data provider Open Exchange Rates has disclosed a data breach that exposed the personal information and salted and hashed passwords for customers of its API service.

Data breaches

Data breaches Passwords Advertising Accountability

Indian video on demand giant ZEE5 has been hacked

Security Affairs

JUNE 7, 2020

The Indian video on demand giant ZEE5 has been hacked, attackers are threatening to sell the database on the cybercrime underground markets. The huge trove of data contains data, recent transactions, passwords, emails, mobile numbers, email addresses, messages, etc. ” reads the post published by the expert. Pierluigi Paganini.

Hacking

Hacking Cybercrime Advertising Passwords

Aerial Direct, the O2’s largest UK partner suffered a data breach

Security Affairs

MARCH 16, 2020

. “We recently became aware that some of our customers’ personal information stored on one of our databases has been accessed without permission. To reassure you, the database did not include any passwords or financial details, such as bank account number or credit card information.” Pierluigi Paganini.

Data breaches

Data breaches Telecommunications Passwords Advertising

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

com , a service that sold access to billions of passwords and other data exposed in countless data breaches. KrebsOnSecurity has learned that the owner of Defiant Tech, a 32-year-old Ontario man named Jordan Evan Bloom , was hired in late 2014 as a developer for the marital infidelity site AshleyMadison.com.

Hacking

Hacking Accountability Data breaches Marketing

FBI shuts down the Russian-based hacker platform DEER.IO

Security Affairs

MARCH 26, 2020

that is hosting various cybercrime products and services were being sold. companies for customers’ personal information.” store used by hackers to offer for sale thousands of compromised accounts, including gamer accounts and PII files containing user names, passwords, U.S. SecurityAffairs – cybercrime, DEER.IO).

Cybercrime

Cybercrime Advertising Hacking Accountability

One million cracked Poshmark accounts being sold online

Security Affairs

SEPTEMBER 2, 2019

Login details of more than 36 million Poshmark accounts are available for sale in the cybercrime underground. The company discovered unauthorized access to its servers, the intruders stole personal information of the users, including usernames , hashed passwords, first and last names, gender information, and city of residenc.

Accountability

Accountability Data breaches Passwords Advertising

Enemybot, a new DDoS botnet appears in the threat landscape

Security Affairs

APRIL 17, 2022

The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. Gafgyt is a popular choice for launching large-scale DDoS attacks, it first appeared in the threat landscape in 2014. The botnet targets multiple architectures, including arm, bsd, x64, and x86.

DDOS

DDOS Architecture Malware Cybercrime

European police arrested tens of members of two SIM Hijacking Gangs

Security Affairs

MARCH 13, 2020

European authorities dismantled two cybercrime organizations responsible for stealing millions through SIM hijacking. European authorities managed to dismantle the operations of two cybercrime gangs responsible for stealing millions through SIM hijacking. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Banking

Banking Cybercrime Mobile Accountability

NightLion hacker is selling details of 142 million MGM Resorts hotel guests

Security Affairs

JULY 14, 2020

“The new finding came to light over the weekend after a hacker put up for sale the hotel’s data in an ad published on a dark web cybercrime marketplace.” The hacker claims to have obtained the database from the hack of the DataViper monitoring service operated by the security firm Night Lion Security.

Data breaches

Data breaches Advertising Hacking Cybercrime

EnemyBot malware adds new exploits to target CMS servers and Android devices

Security Affairs

MAY 30, 2022

The researchers attribute the botnet to the cybercrime group Keksec which focuses on DDoS-based extortion. Gafgyt is a popular choice for launching large-scale DDoS attacks, it first appeared in the threat landscape in 2014. The botnet targets multiple architectures, including arm, bsd, x64, and x86. LFI CVE-2018-16763 Fuel CMS 1.4.1

Malware

Malware DDOS IoT Cybercrime

Defiant Tech firm who operated LeakedSource pleads guilty

Security Affairs

MAY 20, 2019

LeakedSource was also cracking the associated passwords when it was possible. “LeakedSource.com had a database of approximately three billion personal identity records and associated passwords that could be purchased for a small fee. . Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cybercrime

Cybercrime Data breaches Advertising Passwords

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

Security Affairs

OCTOBER 30, 2020

An attacker could also exploit the flaw to disable security features in the Netlogon authentication process and change a computer’s password on the domain controller’s Active Directory. The IT giant urged Windows administrators to install the released security updates as soon as possible. Pierluigi Paganini.

Authentication

Authentication Advertising Architecture Cybercrime

Emotet campaign hits Lithuania’s National Public Health Center and several state institutions

Security Affairs

DECEMBER 31, 2020

The Emotet campaign uses malicious emails that attempt to trick recipients into opening the zipped archive with the password included in the message. Emails accessed in this way require user action: open the file, unzip it with a password. Emails accessed in this way require user action: open the file, unzip it with a password.

Passwords

Passwords Malware Telecommunications Banking

CISA’s advisory warns of notable increase in LokiBot malware

Security Affairs

SEPTEMBER 22, 2020

The malware is able to steal sensitive information (a variety of credentials, including FTP credentials, stored email passwords, passwords stored in the browser, as well as a whole host of other credentials) . If these services are required, use strong passwords or Active Directory authentication. Pierluigi Paganini.

Malware

Malware Passwords Advertising Antivirus

Silent Night Zeus botnet available for sale in underground forums

Security Affairs

MAY 23, 2020

The source code of the Zeus Trojan is available in the cybercrime underground since 2011 allowing crooks to develop their own release since. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Banking

Banking Advertising Malware Cybercrime

Retro video game website Emuparadise suffered a data breach

Security Affairs

JUNE 10, 2019

HIBP received the data from dehashed.com on June 9th, 2019, exposed info includes mail addresses, IP address, usernames and passwords stored as salted MD5 hashes. million email addresses, IP address, usernames and passwords stored as salted MD5 hashes. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Advertising Cybercrime Passwords

New Coronavirus-themed campaign spread Lokibot worldwide

Security Affairs

APRIL 4, 2020

Once opened the file, the Lokibot infection starts, the malware steals sensitive information (a variety of credentials, including FTP credentials, stored email passwords, passwords stored in the browser, as well as a whole host of other credentials) and exfiltrates them to the URL: hxxp://bslines[.]xyz/copy/five/fre.php.

Advertising

Advertising Malware Passwords Cybercrime

Maastricht University finally paid a 30 bitcoin ransom to crooks

Security Affairs

FEBRUARY 9, 2020

According to security experts at Fox-IT, the ransomware attack is compatible with other attacks carried out by the TA505 cybercrime gang. TA505 hacking group has been active since 2014 focusing on Retail and banking sectors. ” ~ Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware Cyber Attacks Architecture Backups

Security Affairs newsletter Round 253

Security Affairs

MARCH 1, 2020

FBI recommends using passphrases instead of complex passwords. Raccoon Malware, a success case in the cybercrime ecosystem. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. Lampion malware v2 February 2020.

Banking

Banking Malware Advertising Ransomware

Data from Sephora and StreetEasy data breaches added to HIBP

Security Affairs

OCTOBER 7, 2019

The StreetEasy data breach took place in the mid-2016 and exposed 988k records that included names, usernames, email addresses and SHA-1 password hashes. The data has been available for sale in the cybercrime underground since February. Impacted data includes names, usernames, email addresses and SHA-1 password hashes.

Data breaches

Data breaches Passwords Advertising Cybercrime

Neiman Marcus discloses data breach, payment card data exposed

Security Affairs

OCTOBER 1, 2021

The attack against Neiman Marcus Group took place in May 2020, as a result of the attack, threat actors had access to customers’ information, including payment card data. Exposed personal information includes names and contact information, usernames, passwords, and answers to security questions associated with online accounts.

Data breaches

Data breaches Retail Passwords Accountability

Nintendo confirms that hackers might have hijacked 160,000 user accounts

Security Affairs

APRIL 24, 2020

“This time, using a login ID and password information obtained illegally by some means other than our service, a phenomenon that seems to have been made by impersonating the “Nintendo Network ID (* 1, NNID)” from around the beginning of April We have confirmed that it is occurring.” Pierluigi Paganini.

Accountability

Accountability Passwords Data breaches Advertising

TroyStealer – A new info stealer targeting Portuguese Internet users

Security Affairs

JUNE 13, 2020

The world of cybercrime is changing, and more and more malware variants have spread every day. An information stealer (or info stealer) is a Trojan that is designed to gather information from a system. Another common form this malware is to log user keystrokes which may reveal sensitive information. h/t: abuse.ch.

Internet

Internet Internet Malware Banking

TrueFire Guitar tutoring website was hacked, financial data might have been exposed

Security Affairs

MARCH 18, 2020

TrueFire is requesting users to change passwords for their accounts. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Copyright (C) 2014 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – TrueFire, cybercrime). Pierluigi Paganini.

Hacking

Hacking Data breaches Advertising Accountability

FBI arrested a Russian citizen suspected to be the mastermind of Deer.io

Security Affairs

MARCH 10, 2020

international financial and corporate data, Personally Identifiable Information (PII), and compromised user accounts from many U.S. Individuals can also buy computer files, financial information, PII, and usernames and passwords taken from computers infected with malicious software (malware) located both in the U.S. storefront.”

Accountability

Accountability Advertising Passwords Hacking

Taiwanese vendor QNAP issues advisory on Zerologon flaw

Security Affairs

OCTOBER 22, 2020

An attacker could also exploit the flaw to disable security features in the Netlogon authentication process and change a computer’s password on the domain controller’s Active Directory. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the advisory issued by the vendor.

Authentication

Authentication Advertising Architecture Cybercrime

Crooks use weaponized coronavirus map to deliver malware

Security Affairs

MARCH 12, 2020

“Shai Alfasi, found and analyzed this malware that had weaponized coronavirus map applications in order to steal credentials such as user names, passwords, credit card numbers and other sensitive information that is stored in the users’ browser.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Malware

Malware Advertising Passwords Cryptocurrency

CERT France – Pysa ransomware is targeting local governments

Security Affairs

MARCH 19, 2020

“ “The password database was leaked shortly before the attack. ” Once compromised the target network, attackers attempt to exfiltrate the company’s accounts and passwords database. .” “On one of the compromised information systems, experts found encrypted files with the extension “ newversion.”

Government

Government Ransomware Encryption Penetration Testing

Data of Indian defence contractor Bharat Earth Movers Limited (BEML) available online

Security Affairs

JUNE 9, 2020

As part of the regular monitoring of cybercrime forums and markets in the deep-web and darkweb , Cyble researchers spotted a threat actor named as R3dr0x who leaked (BEML) internal documents. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” reads the post published by Cyble. ” concludes Cyble.

Data breaches

Data breaches Marketing Advertising Passwords

Two PoS Malware used to steal data from more than 167,000 credit cards

Security Affairs

OCTOBER 25, 2022

The crooks did not use sophisticated techniques to compromise the targets, they were able to gain access to the PoS systems through brute-force attacks on Virtual Network Computing (VNC) and Remote Desktop Protocol (RDP) services protected by easy-to-guess passwords. in” by the user cartonash.

Malware

Malware Cybercrime Banking Marketing

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

The Last Watchdog

JUNE 21, 2020

The Archiveus Trojan from 2006 was the first one to use RSA cipher, but it was reminiscent of a proof of concept and used a static 30-digit decryption password that was shortly cracked. The newsmaking emergence of CTB-Locker in 2014 and the CryptoWall ransomware in 2015 fully demonstrated this multi-pronged shift.

Ransomware

Ransomware Hacking Encryption Penetration Testing

Colocation data centers giant Equinix data hit by Netwalker Ransomware

Security Affairs

SEPTEMBER 10, 2020

The popular cybercrime gang is demanding a $4.5 “Equinix is currently investigating a security incident we detected that involves ransomware on some of our internal systems.” Only use secure networks and avoid using public Wi-Fi networks. Use two-factor authentication with strong passwords. Pierluigi Paganini.

Ransomware

Ransomware VPN Data breaches Advertising

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

Security Affairs

APRIL 2, 2020

Human-operated ransomware is a technique usually employed in nation-state attacks that is becoming very popular in the cybercrime ecosystem. Any detections from security products or anomalies found in event logs should be investigated immediately. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Ransomware

Ransomware VPN Healthcare Cyber Attacks

U.S. taxpayers hit by a phishing campaign delivering the Amadey bot

Security Affairs

SEPTEMBER 20, 2019

Security experts at Cofense uncovered a phishing campaign that is targeting taxpayers in the United States attempting to infect them with a new piece of malware named Amadey. Experts revealed that the botnet was used by the TA505 cybercrime gang to distribute the FlawedAmmy RAT and some email stealers. Pierluigi Paganini.

Phishing

Phishing Social Engineering Malware Advertising

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Security Affairs

NOVEMBER 22, 2019

The banking trojan is able to record keystrokes, to steal passwords stored on the PC, and take screenshots and videos from the victims’ machine. million stolen login credentials – including usernames, passwords, and security questions and answers – for victims’ accounts on banking and other financial websites.

Banking

Banking Malware Advertising Passwords

Customers of 7-Eleven Japan lost $500,000 due to a flaw in the mobile app

Security Affairs

JULY 7, 2019

Cyber criminals have exploited an unproperly implemented password reset process in 7-Eleven to make unwanted charges on 900 customers’ accounts. “Knowing the email address, date of birth, and phone number, it turned out that a third party could change the 7pay 7-Eleven app password. 7-Eleven Inc. Pierluigi Paganini.

Mobile

Mobile Passwords Accountability Advertising

15 billion credentials available in the cybercrime marketplaces

Russian Cybercrime group is exploiting Zerologon flaw, Microsoft warns

Webinars

Trending Sources

Threat actor leaked data for U.S. gun exchange site on hacking forum

Webinars

Raccoon Malware, a success case in the cybercrime ecosystem

Asian media firm E27 hacked, attackers asked for a “donation”

Yevgeniy Nikulin, Russian hacker behind Dropbox and LinkedIn hacks found guilty

Microsoft, Italy and the Netherlands agencies warn of EMOTET campaigns

Watch out, your StockX account details may be available in crime forums

Open Exchange Rates discloses a security breach

Indian video on demand giant ZEE5 has been hacked

Aerial Direct, the O2’s largest UK partner suffered a data breach

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

FBI shuts down the Russian-based hacker platform DEER.IO

One million cracked Poshmark accounts being sold online

Enemybot, a new DDoS botnet appears in the threat landscape

European police arrested tens of members of two SIM Hijacking Gangs

NightLion hacker is selling details of 142 million MGM Resorts hotel guests

EnemyBot malware adds new exploits to target CMS servers and Android devices

Defiant Tech firm who operated LeakedSource pleads guilty

Threat actors are actively exploiting Zerologon flaw, Microsoft warns

Emotet campaign hits Lithuania’s National Public Health Center and several state institutions

CISA’s advisory warns of notable increase in LokiBot malware

Silent Night Zeus botnet available for sale in underground forums

Retro video game website Emuparadise suffered a data breach

New Coronavirus-themed campaign spread Lokibot worldwide

Maastricht University finally paid a 30 bitcoin ransom to crooks

Security Affairs newsletter Round 253

Data from Sephora and StreetEasy data breaches added to HIBP

Neiman Marcus discloses data breach, payment card data exposed

Nintendo confirms that hackers might have hijacked 160,000 user accounts

TroyStealer – A new info stealer targeting Portuguese Internet users

TrueFire Guitar tutoring website was hacked, financial data might have been exposed

FBI arrested a Russian citizen suspected to be the mastermind of Deer.io

Taiwanese vendor QNAP issues advisory on Zerologon flaw

Crooks use weaponized coronavirus map to deliver malware

CERT France – Pysa ransomware is targeting local governments

Data of Indian defence contractor Bharat Earth Movers Limited (BEML) available online

Two PoS Malware used to steal data from more than 167,000 credit cards

SHARED INTEL: How ransomware evolved from consumer trickery to deep enterprise hacks

Colocation data centers giant Equinix data hit by Netwalker Ransomware

Microsoft issues targeted notification to hospitals vulnerable to Ransomware attacks

U.S. taxpayers hit by a phishing campaign delivering the Amadey bot

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Customers of 7-Eleven Japan lost $500,000 due to a flaw in the mobile app

Stay Connected