Security Affairs

FEBRUARY 2, 2025

A joint law enforcement operation led to the seizure of 39 domains tied to a Pakistan-based HeartSender cybercrime group (aka Saim Raza and Manipulators Team) known for selling hacking and fraud tools. Follow me on Twitter: @securityaffairs and Facebook and Mastodon Pierluigi Paganini ( SecurityAffairs hacking,HeartSender group)

Cybercrime 110

Cybercrime Advertising Phishing Hacking 110

Security Affairs

MAY 11, 2021

Court documents revealed that the infamous XcodeGhost malware, which has been active since 2015, infected 128 million iOS users. The mass hack was the result of the availability of 4000 malicious apps in the App Store, the apps were found containing the XCodeGhost Malware. SecurityAffairs – hacking, Apple). Pierluigi Paganini.

Malware 123

Malware Hacking Mobile Passwords 123

Security Affairs

FEBRUARY 24, 2020

The FBI recommends using longer passwords composed of multiple words into a long string of at least 15 characters instead of short passwords including special characters. Recent guidance from the National Institute of Standards and Technology (NIST) highlights that the password length is much more important than password complexity.

Passwords 140

Passwords Advertising Technology Hacking 140

The Last Watchdog

JUNE 21, 2020

The Archiveus Trojan from 2006 was the first one to use RSA cipher, but it was reminiscent of a proof of concept and used a static 30-digit decryption password that was shortly cracked. File encryption 2013 – 2015. RaaS rollout 2015 – 2018. None of these early threats went pro.

Ransomware 243

Ransomware Hacking Encryption Penetration Testing 243

eSecurity Planet

JULY 23, 2021

LastPass is password management software that’s been popular among business and personal users since it was initially released in 2008. in 2015, it became part of a suite of cloud-based collaboration tools. Also read: Dashlane vs LastPass: Compare Top Password Managers for 2021. LastPass disadvantages: history of hacking.

Password Management 133

Password Management Passwords Authentication Architecture 133

Krebs on Security

FEBRUARY 9, 2023

Initially a stealthy trojan horse program delivered via email and used to steal passwords, Trickbot evolved into “a highly modular malware suite that provides the Trickbot Group with the ability to conduct a variety of illegal cyber activities, including ransomware attacks,” the Treasury Department said.

Hacking 250

Hacking Cybercrime Ransomware Government 250

Security Affairs

APRIL 16, 2020

Linksys has reset passwords for all its customers’ after learning on ongoing DNS hijacking attacks aimed at delivering malware. The hacking campaigns were also detailed by researchers at Bitdefender in late March. Users will be prompted to reset the passwords the next time they log in. SecurityAffairs – Linksys, hacking).

Passwords 145

Passwords DNS Malware Advertising 145

Security Affairs

JUNE 28, 2020

Asian media firm E27 has been hacked by a hacking group identifying themselves as “Korean Hackers” and “Team Johnwick”that asked for a “donation” to provide information on the vulnerabilities they have exploited in the attack. . SecurityAffairs – hacking, E27). Pierluigi Paganini.

Media 145

Media Hacking Passwords Data breaches 145

Security Affairs

MAY 3, 2020

The hacker claims to have hacked the company in March 2020, it has stolen just a small part of the company database. The hacker has shared 15 million user records calling for action in cracking the passwords that are hashed using the SHA2-384 hashing algorithm. SecurityAffairs – Tokopedia, hacking). Pierluigi Paganini.

Accountability 144

Accountability Hacking Passwords Data breaches 144

Security Affairs

AUGUST 13, 2020

The leaked data includes login names, hashed passwords, and email addresses. It is not confirmed that all of the leaked data is legitimate, anyway, experts suggest users change their password immediately. Users that share the password at another site should also change the password. Pierluigi Paganini.

Hacking 144

Hacking Data breaches Cybercrime Passwords 144

Security Affairs

APRIL 14, 2020

Quidd , the online marketplace for trading stickers, cards, toys, and other collectibles, discloses a data breach in has suffered in 2019, it is also recommending users to change their passwords. One threat actor responded to the post stating that he has already cracked, or decrypted, nearly a million password hashes.”

Accountability 145

Accountability Hacking Data breaches Passwords 145

Security Affairs

SEPTEMBER 21, 2020

Over 500,000 Activision accounts may have been hacked in a new data breach that the gaming firm suffered on September 20. “All Call of Duty players should be on notice after a major Activision hack has left millions of accounts in limbo.” Change your Activision account passwords and add 2FA immediately.

Hacking 143

Hacking Data breaches Accountability Passwords 143

Security Affairs

APRIL 19, 2020

A hacker has leaked the usernames and passwords of nearly 23 million players of Webkinz World on a well-known hacking forum. . “ZDNet has learned that details about the vulnerability have been circulating online before today’s leak for months, both on hacking forums and on online IM chat groups.”

Hacking 143

Hacking Data breaches Passwords Advertising 143

Security Affairs

APRIL 11, 2020

San Francisco International Airport (SFO) disclosed a data breach, its websites SFOConnect.com and SFOConstruction.com were hacked last month. The SFO ITT urges anyone who even visited either website using the Internet Explorer web browser to change the device’s password. SecurityAffairs – hacking, data breach).

Data breaches 145

Data breaches Hacking Telecommunications Passwords 145

Security Affairs

AUGUST 11, 2020

A severe vulnerability impacting TeamViewer for Windows, tracked as CVE 2020-13699, could be exploited by remote attackers to steal the system password. TeamViewer has recently addressed a high-risk vulnerability ( CVE 2020-13699 ), that could be exploited by remote attackers to steal system password and potentially compromise it.

Passwords 145

Passwords Authentication Advertising Software 145

Security Affairs

AUGUST 5, 2020

ZDNet reported in exclusive that a list of passwords for 900+ enterprise VPN servers has been shared on a Russian-speaking hacker forum. ZDNet has reported in exclusive that a list of plaintext usernames and passwords for 900 Pulse Secure VPN enterprise servers, along with IP addresses, has been shared on a Russian-speaking hacker forum.

VPN 145

VPN Passwords Banking Advertising 145

CyberSecurity Insiders

OCTOBER 13, 2021

Problems arise for businesses when they base their access management programs entirely around passwords, however. Such programs overlook the burden that passwords can cause to users as well as to IT and security teams. Passwords: An unsustainable business cost. Users have too many passwords to remember on their own.

Passwords 141

Passwords Accountability Data breaches Authentication 141

Security Affairs

AUGUST 17, 2020

The Treasury Board of Canada Secretariat confirmed that thousands of user accounts for online Canadian government services were recently hacked. According to a press release issued by the Treasury Board of Canada Secretariat, thousands of user accounts for online government services were recently hacked. Pierluigi Paganini.

Government 144

Government Accountability Hacking Advertising 144

Security Affairs

JUNE 7, 2020

The Indian video on demand giant ZEE5 has been hacked, attackers are threatening to sell the database on the cybercrime underground markets. Now, Kanishk Tagade from Quickcyber confirmed the hack of the Indian video streaming giant. . “A person or a hacking group claiming to have gained access to the network of ZEE5.com,

Hacking 139

Hacking Cybercrime Advertising Passwords 139

Security Affairs

APRIL 1, 2020

The popular Zoom app is under scrutiny, experts have discovered a vulnerability that could be exploited to steal users’ Windows passwords. The attack leverages the SMBRelay technique that provides username and NTLM password hashes to a remote SMB server when connecting to it. SecurityAffairs – video communication, hacking).

Passwords 144

Passwords Advertising Hacking Software 144

Krebs on Security

JULY 10, 2022

Twice in the past month KrebsOnSecurity has heard from readers who’ve had their accounts at big-three credit bureau Experian hacked and updated with a new email address that wasn’t theirs. In both cases the readers used password managers to select strong, unique passwords for their Experian accounts.

Accountability 338

Accountability Passwords Authentication Password Management 338

Security Affairs

JANUARY 30, 2020

According to the report, attackers did not access passwords. official told the AP that the hack, which was first detected over the summer, appeared “sophisticated” and that the extent of the damage remains unclear, especially in terms of p ersonal, secret or compromising information that may have been stolen.” “One U.N.

Hacking 144

Hacking Advertising Cyber Attacks Passwords 144

Security Affairs

FEBRUARY 13, 2020

The popular Italian hacktivist collective LulzSec ITA claimed via Twitter to have hacked three Italian universities. The popular Italian hacktivist collective LulzSec ITA has announced via Twitter the hack of three Italian universities, highlighting the importance of the cybersecurity for our society. Pierluigi Paganini.

Hacking 145

Hacking Data breaches Advertising Education 145

Krebs on Security

NOVEMBER 11, 2023

I know that because my account at Experian was recently hacked, and the only way I could recover access was by recreating the account. Attempts to log in to my account directly at Experian.com also failed; the site said it didn’t recognize my username and/or password. ’ and granting full access,” @PeteMayo wrote.

Accountability 340

Accountability Authentication Passwords Identity Theft 340

Krebs on Security

DECEMBER 3, 2021

More commonly, that access is purchased from a cybercriminal broker who specializes in acquiring remote access credentials — such as usernames and passwords needed to remotely connect to the target’s network. Babam has authored more than 270 posts since joining Exploit in 2015, including dozens of sales threads.

Ransomware 354

Ransomware Passwords Accountability Cybercrime 354

Krebs on Security

JUNE 1, 2023

This post is a deep dive on “ Megatraffer ,” a veteran Russian hacker who has practically cornered the underground market for malware focused code-signing certificates since 2015. One of Megatraffer’s ads on an English-language cybercrime forum. Intel 471 shows akafitis@gmail.com was used to register another O.R.Z.

Malware 314

Malware Cybercrime Software Accountability 314

Security Affairs

APRIL 5, 2020

OGUsers, one of the most popular hacking forums, was hacked again, it is the second security breach it has suffered in a year. The popular hacking forum OGUsers was hacked again, it is the second security breach it has suffered in a year, the news was first reported by ZDNet. SecurityAffairs – OGUsers forum, hacking).

Hacking 142

Hacking Data breaches Advertising Backups 142

Krebs on Security

JULY 2, 2021

Countless Western Digital customers saw their MyBook Live network storage drives remotely wiped in the past month thanks to a bug in a product line the company stopped supporting in 2015, as well as a previously unknown zero-day flaw. But just days before the event Western Digital released MyCloud OS 5 , which eliminated the bug they found.

Firmware 363

Firmware Passwords Internet Internet 363

Security Affairs

MAY 8, 2020

Microsoft confirmed that it is investigating claims that its GitHub account has been hacked after some of its files were leaked online. Microsoft launched an investigation into the claims that its GitHub account has been hacked. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. Pierluigi Paganini.

Accountability 132

Accountability Hacking Advertising Passwords 132

Security Affairs

APRIL 3, 2020

Bad news for Apple iPhone or MacBook users, attackers could hack their device’s camera by tricking them into visiting a website. The ethical hacker Ryan Pickren demonstrated that it is possible to hack Apple iPhone or MacBook users by simply tricking them into visiting a website with the Safari browser. Pierluigi Paganini.

Hacking 145

Hacking Passwords Advertising Mobile 145

Krebs on Security

JUNE 29, 2023

Nikita Kislitsin , formerly the head of network security for one of Russia’s top cybersecurity firms, was arrested last week in Kazakhstan in response to 10-year-old hacking charges from the U.S. ”] Kislitsin was hired by Group-IB in January 2013, nearly six months after the Formspring hack. Department of Justice.

Cybersecurity 303

Cybersecurity Cybercrime Hacking Government 303

Security Affairs

APRIL 16, 2025

It is not a first time that smartphones come with pre-installed malware, earlier 2015, the security firm Bluebox discovered a preinstalled malware , many malicious apps, and a series of security holes on the Xiaomi Mi 4 smartphone. The kits analyzed by the company are commercialized by many manufacturers including Huawei, Lenovo and Xiaomi.

Malware 130

Malware Manufacturing Mobile Spyware 130

Security Affairs

MAY 6, 2020

The analysis of creation data for the records in the database revealed that the last creation date is January 26th, 2020, a circumstance that suggests that the hack took place in the same period. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->. SecurityAffairs – Unacademy, hacking).

Accountability 133

Accountability Hacking Data breaches Advertising 133

Security Affairs

OCTOBER 4, 2020

I strongly advise you, firstly, to log on to all servers running HP Device Manager and set a strong password for the "dm_postgres" user of the "hpdmdb" Postgres database on TCP port 40006 1/4 — Nicky Bloor (@nickstadb) September 29, 2020. Copyright (C) 2014-2015 Media.net Advertising FZ-LLC All Rights Reserved -->.

Hacking 144

Hacking Accountability Passwords InfoSec 144

Security Affairs

NOVEMBER 4, 2020

Yesterday almost $1 billion worth of cryptocurrency contained in a password-protected BitCoin wallet was moved to another wallet. Someone has transferred almost $1 billion worth of cryptocurrency contained in a password-protected BitCoin wallet to another wallet. 2015* apparently, maybe the owner? Pierluigi Paganini.

Cryptocurrency 145

Cryptocurrency Passwords Advertising Hacking 145

Krebs on Security

APRIL 18, 2023

Verified and other Russian language crime forums where MrMurza had a presence have been hacked over the years, with contact details and private messages leaked online. The password chosen by this user was “ 1232.” relied on the passwords asus666 and 01091987h. also used the password 24587256. and asus@mail.ru.

Malware 305

Malware Passwords Accountability Advertising 305

Krebs on Security

APRIL 22, 2019

The owner of a Swedish company behind a popular remote administration tool (RAT) implicated in thousands of malware attacks shares the same name as a Swedish man who pleaded guilty in 2015 to co-creating the Blackshades RAT , a similar product that was used to infect more than half a million computers with malware, KrebsOnSecurity has learned.

Advertising 256

Advertising Antivirus Software Malware 256