2015, Accountability and Information Security

Change Healthcare Breach Hits 100M Americans

Krebs on Security

OCTOBER 30, 2024

The chief information security officer for a large academic healthcare system affected by the breach told KrebsOnSecurity they participated in a call with the FBI and were told a third party partner managed to recover at least four terabytes of data that was exfiltrated from Change by the cybercriminal group. .”

Healthcare

Healthcare Insurance Computers and Electronics Data breaches

Russia-linked APT Star Blizzard targets WhatsApp accounts

Security Affairs

JANUARY 16, 2025

The Russian group Star Blizzard targets WhatsApp accounts in a new spear-phishing campaign, shifting tactics to avoid detection. In November 2024, Microsoft researchers observed the Russia-linked APT group Star Blizzard targeting WhatsApp accounts via spear-phishing, shifting tactics to avoid detection.

Accountability

Accountability Phishing Government Hacking

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

[This is Part III in a series on research conducted for a recent Hulu documentary on the 2015 hack of marital infidelity website AshleyMadison.com.] LeakedSource was advertised on a number of popular cybercrime forums as a service that could help hackers break into valuable or high-profile accounts. Abusewith[.]us

Hacking

Hacking Accountability Data breaches Marketing

New Atrium Health data breach impacts 585,000 individuals

Security Affairs

DECEMBER 6, 2024

Atrium Health launched an investigation into the security breach and discovered that from January 2015 to July 2019, certain online tracking technologies were active on its MyAtriumHealth (formerly MyCarolinas) Patient Portal, accessible via web and mobile. The company notified the US Department of Health and Human Services (HHS).

Data breaches

Data breaches Identity Theft Accountability Technology

Facebook’s official Twitter and Instagram accounts hacked by OurMine

Security Affairs

FEBRUARY 8, 2020

The social network giant Facebook is still the target of hackers, its Facebook and Instagram accounts have been hijacked by the popular hacking group Our M ine. Yesterdat the popular hacking group OurMine hacked the Twitter and Instagram accounts for Facebook and Messenger. The company accounts have been quickly restored.

Accountability

Accountability Hacking Media Advertising

A data breach broker is selling account databases of 17 companies

Security Affairs

NOVEMBER 1, 2020

A threat actor is offering for sale account databases containing an aggregate total of 34 million user records stolen from 17 companies. A data breach broker is selling account databases containing a total of 34 million user records stolen from 17 companies. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Accountability Advertising Passwords

Thousands of Canadian government accounts hacked, Treasury Board of Canada Secretariat say

Security Affairs

AUGUST 17, 2020

The Treasury Board of Canada Secretariat confirmed that thousands of user accounts for online Canadian government services were recently hacked. According to a press release issued by the Treasury Board of Canada Secretariat, thousands of user accounts for online government services were recently hacked. ” reported CBA.

Government

Government Accountability Hacking Advertising

Unacademy hacked, 22 million accounts offered for sale

Security Affairs

MAY 6, 2020

Hackers have breached the online learning platform Unacademy and are selling the account information for close to 22 million users. Online learning platform Unacademy has suffered a data breach after a hacker gained access to their database and started selling the account information for close to 22 million users.

Accountability

Accountability Hacking Data breaches Advertising

GoDaddy discloses a data breach, web hosting account credentials exposed

Security Affairs

MAY 5, 2020

GoDaddy has been notifying its customers of a data breach, threat actors might have compromised their web hosting account credentials. GoDaddy has been notifying its customers of a data breach, attackers might have compromised users’ web hosting account credentials. ” reads the data breach notice submitted by the company.

Data breaches

Data breaches Accountability Advertising Internet

Slack bugs allowed take over victims’ accounts

Security Affairs

MARCH 14, 2020

Slack addressed a critical flaw within 24 hours from its disclosure, the issue allowed attackers to carry out automate account takeover. The researcher Evan Custodio discovered a critical vulnerability in Slack that could have allowed attackers to launch automate account takeover. on slackb.com 3) A request of GET [link] HTTP/1.1

Accountability

Accountability Advertising Data breaches Hacking

Nintendo admitted that hackers have breached 300,000 accounts

Security Affairs

JUNE 10, 2020

Japanese gaming giant Nintendo has confirmed that hackers have breached 300,000 accounts since early April, financial data were not exposed. The Japanese video game giant Nintendo has admitted that threat actors have breached 300,000 accounts since early April. ” reads a post published by the CNN. Pierluigi Paganini.

Accountability

Accountability Advertising Passwords Hacking

Hacking Microsoft Teams accounts with a GIF image

Security Affairs

APRIL 27, 2020

Experts discovered how to take over Microsoft Teams accounts by just sending recipients a regular GIF, it works for both desktop and web Teams versions. s and could take over an account. After doing all of this, the attacker can steal the victim’s Teams account data.” ” reads the analysis published by CyberArk.

Accountability

Accountability Hacking Authentication Advertising

Twitter removed around 130 Iranian accounts for interference in US Presidential debate

Security Affairs

OCTOBER 1, 2020

Twitter removed around 130 Iranian accounts for attempting to disrupt the public recent US Presidential Debate. The social media giant Twitter announced to have removed around 130 Iranian Twitter accounts that attempted to disrupt the public conversation during the recent first Presidential Debate for the US 2020 Presidential Election.

Accountability

Accountability Advertising Media Hacking

4 Million Quidd account details shared on hacking forums

Security Affairs

APRIL 14, 2020

The details of around four million users are now being shared for free on underground hacking forums, according to ZDNet that has obtained samples from different sources, exposed records include usernames, email addresses, and hashed account passwords (bcrypt hashing algorithm). Pierluigi Paganini. SecurityAffairs – Quidd, data breach).

Accountability

Accountability Hacking Data breaches Passwords

FC Barcelona and the International Olympic Committee Twitter accounts hacked

Security Affairs

FEBRUARY 17, 2020

The popular hacker group OurMine has hacked the official Twitter account of the FC Barcelona, along with the accounts of Olympics and the International Olympic Committee (IOC). The popular hacker group has hacked the official Twitter account of the FC Barcelona, along with the accounts of and the International Olympic Committee (IOC).

Accountability

Accountability Hacking Advertising Media

Over 6,000 email accounts belonging to Taiwan government agencies hacked by Chinese hacked

Security Affairs

AUGUST 19, 2020

Chinese hackers have hacked thousands of Taiwan Government email accounts belonging at least 10 Taiwan government agencies, officials said. Chinese hackers have gained access to around 6,000 email accounts belonging to at least 10 Taiwan government agencies, officials said. Pierluigi Paganini. SecurityAffairs – hacking, Taiwan).

Government

Government Hacking Accountability Advertising

Havenly discloses data breach, 1.3M accounts available online

Security Affairs

AUGUST 3, 2020

As a precaution, we wanted to let you know that we recently became aware of a potential incident that may have affected the security of certain customer accounts. We are working with external security experts to investigate this matter.” Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Data breaches

Data breaches Accountability Passwords Advertising

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Security Affairs

FEBRUARY 2, 2025

Those payments would instead be redirected to a financial account the perpetrators controlled, resulting in significant losses to victims.” ” Source KrebsOnSecurity KrebsOnSecurity first wrote about the Manipulaters in May 2015 , the cybercrime group openly advertised on forums in 2015.

Cybercrime

Cybercrime Advertising Phishing Hacking

Slickwraps discloses data leak that impacted 850,000 user accounts

Security Affairs

FEBRUARY 24, 2020

Slickwraps has disclosed a data breach that impacted over 850,000 user accounts, data were accidentally exposed due to security vulnerabilities. Lynx0x00’s Medium and Twitter accounts have mysteriously vanished but, fortunately, the Internet never truly forgets. ” reported Slashgear. Pierluigi Paganini.

Accountability

Accountability Data breaches Passwords Advertising

Hackers are actively exploiting a Zero-Day in WordPress ThemeREX Plugin to create Admin Accounts

Security Affairs

FEBRUARY 19, 2020

A new flaw was discovered in a WordPress plugin, this time experts found a zero-day vulnerability in the ThemeREX Addons to create admin accounts. Security experts from WordFence have discovered a zero-day vulnerability in the ThemeREX Addons that was actively exploited by hackers in the wild to create user accounts with admin permissions.

Accountability

Accountability Advertising Account Security Authentication

A critical flaw in wpDiscuz WordPress plugin lets hackers take over hosting account

Security Affairs

AUGUST 2, 2020

A critical flaw in the wpDiscuz WordPress plugin could be exploited by remote attackers to execute arbitrary code and take over the hosting account. Security experts from Wordfence discovered a critical vulnerability impacting the wpDiscuz WordPress plugin that is installed on over 80,000 sites. Pierluigi Paganini.

Accountability

Accountability Advertising Account Security Hacking

Hackers hijacked Coincheck ‘s domain registrar account and targeted some users

Security Affairs

JUNE 4, 2020

The Japanese cryptocurrency exchange Coincheck announced that threat actors have accessed their account at the Oname.com domain registrar and hijacked one of its domain names. “The domain registration information has been amended at around 20:52 on June 1, 2020, and there is no impact on the customer’s assets at this time.”

Accountability

Accountability Phishing DNS Cryptocurrency

538 Million Weibo users’ records being sold on Dark Web

Security Affairs

MARCH 23, 2020

107 million records include personal data and basic account information such as the user ID, number of Weibo tweets, number of followers and accounts users are following, account gender, geographic location and more. When we found the security vulnerability we took measures to fix it. 5.38??????????????

Accountability

Accountability Passwords Advertising Internet

SANS Institute Email Breach – 28,000 User Records exposed

Security Affairs

AUGUST 12, 2020

for-profit company founded in 1989 that specializes in information security, cybersecurity training, and selling certificates. The staff discovered an anomalous forwarding rule on one email account, which was set to forward emails to an unknown external address. The rule was active only for a single email account.

Data breaches

Data breaches Accountability Advertising Information Security

NailaoLocker ransomware targets EU healthcare-related entities

Security Affairs

FEBRUARY 20, 2025

.” Threat actors could exploit the flaw to extract information on gateways, including password hashes for all local accounts. ShadowPad is a modular backdoor considered a hallmark of China-linked APT groupssince at least 2015. ” reads the report Orange Cyberdefense CERT.

Healthcare

Healthcare Ransomware VPN Malware

The University of Utah Health discloses security breach

Security Affairs

MARCH 23, 2020

The University of Utah Health disclosed a security breach, it has discovered malware on its systems and revealed unauthorized access to some employee email accounts. “From January 22 to February 27, 2020, we became aware that there was unauthorized access to some employees’ email accounts. . ” continues the alert.

Accountability

Accountability Advertising Malware Phishing

Alleged Activision hack, 500,000 Call Of Duty players impacted

Security Affairs

SEPTEMBER 21, 2020

Over 500,000 Activision accounts may have been hacked in a new data breach that the gaming firm suffered on September 20. More than 500,000 Activision accounts may have compromised as a result of a data breach suffered by the gaming firm on September 20, reported the eSports site Dexerto. ” reads the post published by Dexerto.

Hacking

Hacking Data breaches Accountability Passwords

Cyber Defense Magazine – November 2020 has arrived. Enjoy it!

Security Affairs

NOVEMBER 4, 2020

150 PAGESLOADED WITH EXCELLENT CONTENT Learn from the experts, cybersecurity best practices Find out about upcoming information security related conferences, expos and trade shows. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Always free, no strings attached.

InfoSec

InfoSec DNS Advertising Marketing

Twitter allows users to use 2FA without a phone number

Security Affairs

NOVEMBER 24, 2019

Twitter announced that its users can protect their accounts with 2-Factor Authentication (2FA) even if they don’t have a phone number. Twitter is going to allow its users to protect their accounts with 2-Factor Authentication (2FA) even if they don’t have a phone number. Pierluigi Paganini.

Authentication

Authentication Mobile Advertising Accountability

Hackers gained access to T-Mobile customers and employee personal info

Security Affairs

MARCH 5, 2020

. “Our Cybersecurity team recently identified and shut down a malicious attack against our email vendor that led to unauthorized access to certain T-Mobile employee email accounts, some of which contained account information for T-Mobile customers and employees.” ” reads the data breach notification.

Mobile

Mobile Data breaches Telecommunications Wireless

France Télévisions group hit by a cyber attack, its antennas were not impacted

Security Affairs

JUNE 27, 2020

In April 2015, the TV5Monde was hit by a severe cyber attack that compromised broadcasting of transmissions across its medium. The attackers also hijacked the Channel TV5Monde website and social media accounts of the French broadcaster. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cyber Attacks

Cyber Attacks Backups Advertising Media

CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

Security Affairs

FEBRUARY 11, 2022

One of the vulnerabilities is an elevation of privilege vulnerability in Microsoft Windows SAM (Security Accounts Manager) vulnerability. “An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.An ” reads the advisory published by Microsoft.

IoT

IoT Accountability Authentication Hacking

FBI arrested a Russian citizen suspected to be the mastermind of Deer.io

Security Affairs

MARCH 10, 2020

which is a Shopify-like platform that has been hosting hundreds of online shops used for the sale of hacked accounts and stolen user data. international financial and corporate data, Personally Identifiable Information (PII), and compromised user accounts from many U.S. store ACCOUNTS-MARKET. storefront.”

Accountability

Accountability Advertising Passwords Hacking

Hackers stole a six-figure amount from Swiss universities

Security Affairs

OCTOBER 5, 2020

According to the SonntagsZeitung , the Basel public prosecutor’s office confirmed that hackers compromised the systems at the universities, then the threat actors hijacked the employee salary transfers by changing the beneficiaries’ accounts. It added that part of the misappropriated funds was now in foreign accounts.”

Advertising

Advertising Phishing Cybercrime Hacking

Hackers stole €1.2m worth of cryptocurrency from 2gether

Security Affairs

AUGUST 3, 2020

2gether has disclosed a security breach, hackers have stolen roughly €1.2 million worth of cryptocurrency from cryptocurrency investment accounts. . Hackers stole roughly €1.183 million worth of cryptocurrency from investment accounts of 2gether, 26.79% of overall funds stored by the accounts. Pierluigi Paganini.

Cryptocurrency

Cryptocurrency Accountability Hacking Advertising

15 billion credentials available in the cybercrime marketplaces

Security Affairs

JULY 9, 2020

The credentials are sold for an average of $15.43, the most expensive pairs relate to banking and financial services accounts, with an average price of nearly $71. “Account accesses for antivirus programs garner the second-highest prices: around $21.67. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Cybercrime

Cybercrime Antivirus Marketing Accountability

Estonian intelligence reports foreign hackers breached Mail.ee email provider

Security Affairs

APRIL 29, 2020

State-sponsored hackers have compromised a small number of accounts of the Estonian email provider Mail.ee Alleged state-sponsored hackers have hijacked a small number of accounts at the Estonian email provider Mail.ee, they exploited a zero-day vulnerability in the attack. belonging to high-profile people.

Accountability

Accountability Advertising Hacking Phishing

Operation TOURNIQUET: Authorities shut down dark web marketplace RaidForums

Security Affairs

APRIL 12, 2022

1, 2015, and on or about Jan. ” RaidForums was launched in 2015, its community reached over half a million users. These contained information for millions of credit cards, bank account numbers and routing information, and the usernames and associated passwords needed to access online accounts.”

Cybercrime

Cybercrime Banking Accountability Hacking

Journalist Matthew Keys is now charged with an attack on a magazine

Security Affairs

APRIL 29, 2020

Matthew Keys is a former Reuters journalist who was convicted in October 2015 of supporting the Anonymous collective and that was sentenced to 24 months in prison for computer hacking charges in April 2016. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. ” states the Sacramento Bee.

Hacking

Hacking Advertising Accountability Media

Thousands Zoom credentials available on a Dark Web forum

Security Affairs

APRIL 12, 2020

The archive included credentials for Zoom accounts belonging to organizations in various industries, including banking, consultancy, healthcare software companies. ” reads the report published by security firm IntSights. ” reads the report published by security firm IntSights. Pierluigi Paganini.

Accountability

Accountability Healthcare Phishing Banking

QQAAZZ crime gang charged for laundering money stolen by malware gangs

Security Affairs

OCTOBER 18, 2020

. “Comprised of several layers of members mainly from Latvia, Georgia, Bulgaria, Romania, and Belgium, the QQAAZZ network opened and maintained hundreds of corporate and personal bank accounts at financial institutions throughout the world to receive money from cybercriminals who stole it from accounts of victims.”

Malware

Malware Banking Cryptocurrency Cybercrime

Cisco fixes a static default credential issue in Smart Software Manager tool

Security Affairs

FEBRUARY 20, 2020

The CVE-2020-3158 flaw is related to the presence of a system account that has a default and static password in the Smart Software Manager tool. “The vulnerability is due to a system account that has a default and static password and is not under the control of the system administrator.” Pierluigi Paganini.

Software

Software System Administration Advertising Accountability

New MrbMiner malware infected thousands of MSSQL DBs

Security Affairs

SEPTEMBER 16, 2020

Once the hackers gained access to a system, they downloaded an initial assm.exe file to achieve persistence and to add a backdoor account for future access. Tencent researchers observed the use of an account with the username “ Default ” and a password of “ @fg125kjnhn987.” Pierluigi Paganini.

Malware

Malware Advertising Cryptocurrency Accountability

GravityRAT malware also targets Android and macOS

Security Affairs

OCTOBER 19, 2020

The GravityRAT malware Access Trojan (RAT) is believed to be the work of Pakistani hacker groups, it is under development at least since 2015. “Today, Cisco Talos is uncovering a new piece of malware, which has remained under the radar for the past two years [since 2015] while it continues to be developed.”

Malware

Malware Computers and Electronics Spyware Advertising

Change Healthcare Breach Hits 100M Americans

Russia-linked APT Star Blizzard targets WhatsApp accounts

Trending Sources

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

New Atrium Health data breach impacts 585,000 individuals

Facebook’s official Twitter and Instagram accounts hacked by OurMine

A data breach broker is selling account databases of 17 companies

Thousands of Canadian government accounts hacked, Treasury Board of Canada Secretariat say

Unacademy hacked, 22 million accounts offered for sale

GoDaddy discloses a data breach, web hosting account credentials exposed

Slack bugs allowed take over victims’ accounts

Nintendo admitted that hackers have breached 300,000 accounts

Hacking Microsoft Teams accounts with a GIF image

Twitter removed around 130 Iranian accounts for interference in US Presidential debate

4 Million Quidd account details shared on hacking forums

FC Barcelona and the International Olympic Committee Twitter accounts hacked

Over 6,000 email accounts belonging to Taiwan government agencies hacked by Chinese hacked

Havenly discloses data breach, 1.3M accounts available online

Law enforcement seized the domains of HeartSender cybercrime marketplaces

Slickwraps discloses data leak that impacted 850,000 user accounts

Hackers are actively exploiting a Zero-Day in WordPress ThemeREX Plugin to create Admin Accounts

A critical flaw in wpDiscuz WordPress plugin lets hackers take over hosting account

Hackers hijacked Coincheck ‘s domain registrar account and targeted some users

538 Million Weibo users’ records being sold on Dark Web

SANS Institute Email Breach – 28,000 User Records exposed

NailaoLocker ransomware targets EU healthcare-related entities

The University of Utah Health discloses security breach

Alleged Activision hack, 500,000 Call Of Duty players impacted

Cyber Defense Magazine – November 2020 has arrived. Enjoy it!

Twitter allows users to use 2FA without a phone number

Hackers gained access to T-Mobile customers and employee personal info

France Télévisions group hit by a cyber attack, its antennas were not impacted

CISA adds 15 new vulnerabilities to its Known Exploited Vulnerabilities Catalog

FBI arrested a Russian citizen suspected to be the mastermind of Deer.io

Hackers stole a six-figure amount from Swiss universities

Hackers stole €1.2m worth of cryptocurrency from 2gether

15 billion credentials available in the cybercrime marketplaces

Estonian intelligence reports foreign hackers breached Mail.ee email provider

Operation TOURNIQUET: Authorities shut down dark web marketplace RaidForums

Journalist Matthew Keys is now charged with an attack on a magazine

Thousands Zoom credentials available on a Dark Web forum

QQAAZZ crime gang charged for laundering money stolen by malware gangs

Cisco fixes a static default credential issue in Smart Software Manager tool

New MrbMiner malware infected thousands of MSSQL DBs

GravityRAT malware also targets Android and macOS

Stay Connected