Security Affairs

SEPTEMBER 1, 2021

Securities and Exchange Commission (SEC) announced sanctions against several organizations over email account hacking. Securities and Exchange Commission (SEC) announced sanctions against eight entities belonging to three companies over email account hacking due to cybersecurity failures. Pierluigi Paganini.

Accountability 107

Accountability Hacking Financial Services Cybersecurity 107

Security Affairs

NOVEMBER 28, 2020

A credible threat actor is offering access to the email accounts of hundreds of C-level executives for $100 to $1500 per account. Access to the email accounts of hundreds of C-level executives is available on the Exploit.in for $100 to $1500 per account. Exploit.in ” reported ZDNet. Pierluigi Paganini.

Accountability 116

Accountability Cybercrime Hacking Data collection 116

Security Affairs

FEBRUARY 7, 2021

The database includes a script named count_total.sh, which was also included in 2017’s Breach Compilation. Much like 2017’s Breach Compilation, COMB’s data is organized by alphabetical order in a tree-like structure, and it contains the same scripts for querying emails and passwords. COMB also includes the query.sh

Passwords 145

Passwords Hacking Accountability Banking 145

Krebs on Security

JULY 18, 2023

LeakedSource was advertised on a number of popular cybercrime forums as a service that could help hackers break into valuable or high-profile accounts. LeakedSource also tried to pass itself off as a legal, legitimate business that was marketing to security firms and professionals. An administrator account Xerx3s on Abusewithus.

Hacking 242

Hacking Accountability Data breaches Marketing 242

Security Affairs

AUGUST 7, 2022

Microsoft is actively blocking Tutanota email addresses from registering a Microsoft Teams account. Tutanota is an end-to-end encrypted email app and a freemium secure email service, as of March 2017, Tutanota’s owners claimed to have over 2 million users. Follow me on Twitter: @securityaffairs and Facebook.

Accountability 98

Accountability Marketing Encryption Hacking 98

Security Affairs

FEBRUARY 11, 2022

One of the vulnerabilities is an elevation of privilege vulnerability in Microsoft Windows SAM (Security Accounts Manager) vulnerability. “An attacker could then install programs; view, change, or delete data; or create new accounts with full user rights.An ” reads the advisory published by Microsoft.

IoT 140

IoT Accountability Authentication Hacking 140

Security Affairs

JUNE 9, 2025

accounts to hide their origins. since 2017. citizen, hosting company laptops at his home, unauthorized software installation to facilitate access, and laundering payments for the remote work through accounts linked to North Korean and Chinese individuals. accounts include accounts associated with North Korean and Chinese actors.

Scams 95

Scams Identity Theft Cryptocurrency Accountability 95

Security Affairs

SEPTEMBER 24, 2023

. “According to his plea agreement, from February 2017 until at least July 2017, Simon-Ebo conspired with others to perpetrate a BEC scheme.” ” reads the press release published by DoJ. ” During the same period, Simon-Ebo and his co-conspirators conspired to commit money laundering. .

Accountability 137

Accountability Banking Hacking Cybercrime 137

Security Affairs

NOVEMBER 23, 2024

Multiple threat actors purchased the kits developed by Nady and used them in widespread phishing campaigns to steal credentials of Microsoft customer accounts. Microsoft has tracked Nady, linked to phishing services since 2017. .” reads the analysis published by Microsoft.

Phishing 73

Phishing Cybercrime Financial Services Media 73

Security Affairs

JANUARY 7, 2024

Researchers from Dutch security firm Hunt & Hackett observed Sea Turtle cyber espionage group (aka Teal Kurma, Marbled Dust, SILICON and Cosmic Wolf) targeting telco, media, ISPs, IT service providers, and Kurdish websites in the Netherlands. Between 2017 and 2019, the APT group mainly used DNS hijacking in its campaigns.

Media 140

Media Accountability Telecommunications Government 140

Security Affairs

JUNE 20, 2022

The attack took place in April 2017 and the man is accused of conducting the attack for the Russian military intelligence service GRU. Kozachek hacked the computed of the NATO think tank in 2017 and installed a keylogger to spy on the organization. ” reported the Tagesschau website. ” continues the post.

Hacking 144

Hacking Accountability Malware Cybersecurity 144

Security Affairs

SEPTEMBER 16, 2022

According to the New York Times , the threat actors hacked an employee’s Slack account and used it to inform internal personnel that the company had “suffered a data breach” and provided a list of allegedly hacked internal databases. “I This is not the first time that the company suffered a security breach.

Hacking 144

Hacking Data breaches Information Security Engineering 144

Security Affairs

SEPTEMBER 22, 2020

” According to the 2017 indictment , Wyatt used email and telephone accounts to send messages used to threaten the hacked companies of releasing their information. “a. WYATT registered a telephone account (Account B) used in the course of the conspiracy to send threatening and extortionate text messages to victims.“.

Identity Theft 120

Identity Theft Accountability Hacking Advertising 120

Security Affairs

MARCH 25, 2024

sender account. “Additionally, this campaign is the first time Proofpoint has observed TA450 using a sender email account that matches the lure content. For example, this campaign used an email account of salary[@]<compromisedorg>co[.]il, Some of the messages were also sent using a likely a compromised.IL

Phishing 138

Phishing Social Engineering Telecommunications Accountability 138

Security Affairs

MAY 27, 2022

This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyber attacks against individual users or affiliated organizations.” Crooks obtain the information by conducting spear-phishing and ransomware attacks, or other means.

Cybercrime 145

Cybercrime Education Accountability Phishing 145

Security Affairs

SEPTEMBER 21, 2019

US authorities have indicted two men for hacking the exchange EtherDelta in December 2017, one of them was also accused of TalkTalk hack. US authorities have indicted two men, Elliot Gunton and Anthony Tyler Nashatka, for hacking the cryptocurrency exchange EtherDelta in 2017. Six days later, on December 19, 2017.

Hacking 104

Hacking DNS Cryptocurrency Accountability 104

Security Affairs

OCTOBER 14, 2019

“Here is what we know about the situation today: On August 20, 2019, we learned from a third party of a data exposure that impacts a subset of customers of our Cloud WAF product who had accounts through September 15, 2017. Elements of our Incapsula customer database through September 15, 2017 were exposed.

Firewall 102

Firewall Passwords Accountability Data breaches 102

Security Affairs

OCTOBER 5, 2022

Narelle Devine, the company’s chief information security officer for the Asia Pacific region, added that no customer account information was stored on the third-party platform. It seems that the security breach also impacted other companies. ” reads the statement published by the company.

Data breaches 98

Data breaches Telecommunications Accountability Information Security 98

Security Affairs

FEBRUARY 27, 2021

Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts. The criminals could hijack social media accounts and bypass 2FA services based on SMS used by online services, including financial ones. .

Mobile 134

Mobile Data breaches Telecommunications Accountability 134

The Last Watchdog

JANUARY 28, 2019

Worldwide spending on information security products and services rose to $114 billion in 2018, up from $102 billion in 2017, an increase of 12.4 The perpetrators deploy botnets to automate the injection of surreptitiously obtained usernames and password pairs until they gain fraudulent access to a targeted account.

Passwords 196

Passwords Password Management Antivirus Internet 196

Security Affairs

AUGUST 7, 2019

Accessing an online account, users could make several actions, such as manage insurance claims and pay bills. “State Farm recently detected an information security incident in which a bad actor used a list of user IDs and passwords obtained from some other source, like the dark web, to attempt access to State Farm online accounts.

Insurance 110

Insurance Data breaches Financial Services Passwords 110

Security Affairs

JANUARY 2, 2022

billion from organizations in the industry and attacks against DeFi platforms accounted for $1.76 The percentage increase in the number of scams per year is up by 850% in the last decade. Threat actors stole $3.18 The top 5 breaches in history are: 1. Gox, $615M. Poly Network, $611M+. Coincheck, $534M. KuCoin, $281M.

Cryptocurrency 118

Cryptocurrency Scams Marketing Hacking 118

Security Affairs

OCTOBER 16, 2023

The researchers speculate the originating accounts of the instant messaging applications were compromised through the leaked credentials available on cybercrime forums. The message sent to the victims from a compromised Skype account contains a VBS script with a filename following the following format: <filename.pdf> www.skype[.]vbs.

Malware 138

Malware Cryptocurrency Accountability Cybercrime 138

Security Affairs

JUNE 7, 2019

In October 2017, the city of Fort Worth, Texas became the target of a phishing scam. Their accounts payable department received an email that appeared to be from Imperial Construction, a company that was doing business with the city at the time. Fadipe, requested a change of account. However, this wasn’t the case.

Cybersecurity 111

Cybersecurity Scams Banking Accountability 111

Security Affairs

AUGUST 14, 2019

A parliamentary committee in the Czech Republic revealed that the National Cyber and Information Security Agency blamed a foreign state for a cyber attack that targeted the Czech Foreign Ministry. The Czech experts discovered the security breach early January 2017.

Cyber Attacks 103

Cyber Attacks Advertising Information Security Government 103

Security Affairs

MAY 13, 2024

“The operations have primarily targeted audiences in Lithuania, Latvia, and Poland with anti-North Atlantic Treaty Organization (NATO) narratives, often leveraging website compromises or spoofed email accounts to disseminate fabricated content, including falsified correspondence from military officials” reads the report published by FireEye.

Media 142

Media Accountability Cyber Attacks Hacking 142

Security Affairs

NOVEMBER 26, 2019

According to a report published by the NUKIB Czech National Cyber and Information Security Agency (NUKIB) in September, China carried out a major cyber attack on a key government institution in the Czech Republic last year. The Czech experts discovered the security breach in early January 2017.

Cyber Attacks 128

Cyber Attacks Advertising Information Security Government 128

Security Affairs

MAY 15, 2020

million January 2017 CafeMom.com 2.6 million October 2017 ModaOperandi.com 1.3 Those who have their account exposed in one of the above incidents are recommended to change their password. million April 2018 Netlog.com (Twoo.com) 57 million November 2012 Dubsmash.com Phone numbers 47.1 million December 2018 CafePress.com 23.6

Data breaches 133

Data breaches Advertising Passwords Hacking 133

Security Affairs

AUGUST 27, 2019

. “Here is what we know about the situation today: On August 20, 2019, we learned from a third party of a data exposure that impacts a subset of customers of our Cloud WAF product who had accounts through September 15, 2017. Elements of our Incapsula customer database through September 15, 2017 were exposed.

Data breaches 111

Data breaches Firewall Passwords Advertising 111

Security Affairs

SEPTEMBER 5, 2023

Meta disrupted two influence campaigns orchestrated by China and Russia, the company blocked thousands of accounts and pages. The social network giant revealed it has blocked thousands of accounts and pages across its platform. The entities were removed for violating our policy against coordinated inauthentic behavior.

Accountability 124

Accountability Government Media Hacking 124

Security Affairs

DECEMBER 6, 2020

In January 2017, the internal cybersecurity structure of Leonardo SpA reported anomalous network traffic, outgoing from some workstations of the Pomigliano D’Arco plant. The duo has used the malware to steal the data between 2015 and 2017 and it back to a command and control server (‘fujinama.altervista.org.’).

Computers and Electronics 133

Computers and Electronics Malware Media Accountability 133

Security Affairs

NOVEMBER 3, 2020

The scripts developed by the cyber criminal were used to parse log data collected from botnet and searched for personally identifiable information (PII) and account credentials. In some cases, the man manually chacked the stolen information. ” reads the press release published by the DoJ.

Accountability 121

Accountability Banking Advertising Data collection 121

Security Affairs

OCTOBER 19, 2020

In 2017, Greek Police arrested the Russian national Alexander Vinnik and they accused the man of running the BTC-e Bitcoin exchange to launder more than US$4bn worth of the cryptocurrency. The Russian man Alexander Vinnik goes on trial in Paris for having defrauded nearly 200 victims across the world of 135M euros using ransomware.

Advertising 135

Advertising Hacking Cybercrime Cryptocurrency 135

Security Affairs

JUNE 24, 2019

industries and government agencies, the statement was also published by the CISA Director Chris Krebs via his Twitter account. ” Experts recommend to have secure working backup procedures, in case of attack, victims could simply recover data from a backup. The attacks are targeting U.S. ” continues the statement.

Backups 109

Backups Advertising Accountability Passwords 109

Security Affairs

FEBRUARY 15, 2024

The office of the South Korean President explained that the compromise of the account occurred due to the staff member utilizing commercial email services for official responsibilities. panel of experts announced an investigation into 58 suspected North Korean cyberattacks between 2017 and 2023 valued at approximately $3 billion.

Hacking 132

Hacking Government Accountability Information Security 132

Security Affairs

FEBRUARY 25, 2022

The Computer Emergency Response Team of Ukraine (CERT-UA) is warning of an ongoing spear-phishing campaign targeting private email accounts belonging to Ukrainian armed forces personnel. According to FireEye, the campaign tracked as GhostWriter, has been ongoing since at least March 2017 and is aligned with Russian security interests.

Phishing 121

Phishing Social Engineering Government Accountability 121

Security Affairs

NOVEMBER 22, 2019

Lisov was arrested in January 2017 at the Barcelona airport by the Guardia Civil. The Neverquest malware is able to log in to the victim’s online banking account and perform fraudulent transactions. The arrest is the result of the collaboration between the Spanish law enforcement and the FBI. The United States Attorney Geoffrey S.

Banking 133

Banking Malware Advertising Accountability 133