2017, Accountability, Information Security and Passwords

Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes

Security Affairs

AUGUST 6, 2022

Slack is resetting passwords for approximately 0.5% of its users after a bug exposed salted password hashes when users created or revoked a shared invitation link for their workspace. Slack announced that it is resetting passwords for about 0.5% The post Slack resets passwords for about 0.5% Pierluigi Paganini.

Passwords

Passwords Password Management Antivirus Encryption

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Security Affairs

JANUARY 7, 2024

Researchers from Dutch security firm Hunt & Hackett observed Sea Turtle cyber espionage group (aka Teal Kurma, Marbled Dust, SILICON and Cosmic Wolf) targeting telco, media, ISPs, IT service providers, and Kurdish websites in the Netherlands. Between 2017 and 2019, the APT group mainly used DNS hijacking in its campaigns.

Media

Media Accountability Telecommunications Government

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Krebs on Security

JULY 18, 2023

com , a service that sold access to billions of passwords and other data exposed in countless data breaches. LeakedSource was advertised on a number of popular cybercrime forums as a service that could help hackers break into valuable or high-profile accounts. An administrator account Xerx3s on Abusewithus. Abusewith[.]us

Hacking

Hacking Accountability Data breaches Marketing

Webinars

Reimagining Cybersecurity Training: Driving Real Impact on Security Culture

MORE WEBINARS

Alleged FruitFly malware creator ruled incompetent to stand trial

Malwarebytes

JANUARY 16, 2024

On January 4, 2017, Case Western Reserve University (CWRU), located in Cleveland, Ohio, became aware of an infection on more than 100 of its computers. The university was notified by an undisclosed third party, who provided information to help the team find and identify the malware. Who is Phillip Durachinsky?

Malware

Malware Passwords Identity Theft Data collection

FBI: Compromised US academic credentials available on various cybercrime forums

Security Affairs

MAY 27, 2022

This exposure of sensitive credential and network access information, especially privileged user accounts, could lead to subsequent cyber attacks against individual users or affiliated organizations.” Crooks obtain the information by conducting spear-phishing and ransomware attacks, or other means.

Cybercrime

Cybercrime Education Accountability Phishing

Admins of Genesis Market marketplace sold their infrastructure on a hacker forum

Security Affairs

JULY 17, 2023

In April, the FBI seized the Genesis Market , a black marketplace for stolen credentials that was launched in 2017. The price for a stolen account was very cheap, paying a few dollars crooks were able to use it for a specific period. Accounts on the forums will not be transferred, the new owner will create new accounts if necessary.”

Marketing

Marketing Accountability Cybercrime Passwords

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

The Last Watchdog

JANUARY 28, 2019

Worldwide spending on information security products and services rose to $114 billion in 2018, up from $102 billion in 2017, an increase of 12.4 Use a password manager. It’s clear that we will continue to be reliant on usernames and passwords to access online services for some time to come. Secure your phone.

Passwords

Passwords Password Management Antivirus Internet

American Insurance firm State Farm victim of credential stuffing attacks

Security Affairs

AUGUST 7, 2019

Accessing an online account, users could make several actions, such as manage insurance claims and pay bills. This kind of attacks is very efficient due to the bad habit of users of reusing the same password over multiple services. In response to the attacks, State Farm reset the passwords for impacted accounts.

Insurance

Insurance Data breaches Financial Services Passwords

China-linked threat actors have breached telcos and network service providers

Security Affairs

JUNE 8, 2022

“Upon gaining an initial foothold into a telecommunications organization or network service provider, PRC state-sponsored cyber actors have identified critical users and infrastructure including systems critical to maintaining the security of authentication, authorization, and accounting.

Telecommunications

Telecommunications Authentication Passwords Accountability

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Security Affairs

OCTOBER 17, 2023

The group is also the author of the NotPetya ransomware that hit hundreds of companies worldwide in June 2017. ’ The CERT-UA also reported that the state-sponsored hackers used compromised VPN accounts that weren’t protected by multi-factor authentication. “Note (!)

Telecommunications

Telecommunications Authentication Data collection Passwords

Ticketmaster will pay $10 Million fine over hacking a competitor

Security Affairs

JANUARY 2, 2021

The attacks aimed at stealing information to gain an advantage over CrowdSurge, which was acquired by Warner Music Group (WMG) in 2017. “Ticketmaster Used Passwords Unlawfully Retained by a Former Employee of a Competitor to Access Computer Systems in Scheme to “Choke Off” the Victim’s Business” wrote the DoJ.

Hacking

Hacking Passwords Accountability Cybercrime

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

Security Affairs

SEPTEMBER 21, 2019

US authorities have indicted two men for hacking the exchange EtherDelta in December 2017, one of them was also accused of TalkTalk hack. US authorities have indicted two men, Elliot Gunton and Anthony Tyler Nashatka, for hacking the cryptocurrency exchange EtherDelta in 2017. Six days later, on December 19, 2017.

Hacking

Hacking DNS Cryptocurrency Accountability

T-Mobile customers were hit with SIM swapping attacks

Security Affairs

FEBRUARY 27, 2021

Once hijacked a SIM, the attackers can steal money, cryptocurrencies and personal information, including contacts synced with online accounts. The criminals could hijack social media accounts and bypass 2FA services based on SMS used by online services, including financial ones. .

Mobile

Mobile Telecommunications Data breaches Identity Theft

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Security Affairs

NOVEMBER 22, 2019

Lisov was arrested in January 2017 at the Barcelona airport by the Guardia Civil. The banking trojan is able to record keystrokes, to steal passwords stored on the PC, and take screenshots and videos from the victims’ machine. The arrest is the result of the collaboration between the Spanish law enforcement and the FBI. .”

Banking

Banking Malware Advertising Passwords

Data from Sephora and StreetEasy data breaches added to HIBP

Security Affairs

OCTOBER 7, 2019

The StreetEasy data breach took place in the mid-2016 and exposed 988k records that included names, usernames, email addresses and SHA-1 password hashes. Impacted data includes names, usernames, email addresses and SHA-1 password hashes. “In approximately January 2017, the beauty store Sephora suffered a data breach.

Data breaches

Data breaches Passwords Advertising Cybercrime

Threat actors are offering for sale 550 million stolen user records

Security Affairs

MAY 15, 2020

million January 2017 CafeMom.com 2.6 million October 2017 ModaOperandi.com 1.3 Those who have their account exposed in one of the above incidents are recommended to change their password. million April 2018 Netlog.com (Twoo.com) 57 million November 2012 Dubsmash.com Phone numbers 47.1 million December 2018 OMGPop.com 21.4

Data breaches

Data breaches Advertising Passwords Hacking

US deported NeverQuest operator Stanislav Vitaliyevich Lisov to Russia

Security Affairs

JUNE 21, 2020

The United States has deported the computer programmer Stanislav Vitaliyevich Lisov (35) to Russia, he is the author of NeverQuest banking malware, Lisov was arrested in January 2017 at the Barcelona airport by the Guardia Civil. The arrest is the result of the collaboration between the Spanish law enforcement and the FBI.

Banking

Banking Malware Advertising Hacking

Mozi Botnet is responsible for most of the IoT Traffic

Security Affairs

SEPTEMBER 20, 2020

The Mozi botnet accounted for 90% of the IoT network traffic observed between October 2019 and June 2020, IBM reported. The Mozi botnet was spotted by security experts from 360 Netlab, at the time of its discovered it was actively targeting Netgear, D-Link, and Huawei routers by probing for weak Telnet passwords to compromise them.

IoT

IoT DDOS Architecture Passwords

Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges

Security Affairs

AUGUST 7, 2018

Security experts from Group-IB, an international company specializing in preventing cyberattacks and developing information security solutions, has investigated user data leaks from cryptocurrency exchanges and has analyzed the nature of these incidents. In 2017, their number increased by 369% compared to 2016.

Cryptocurrency

Cryptocurrency Passwords Authentication Accountability

QNAP urges users to update Malware Remover after QSnatch joint alert

Security Affairs

AUGUST 2, 2020

This week, the United States Cybersecurity and Infrastructure Security Agency (CISA) and the United Kingdom’s National Cyber Security Centre (NCSC) issued a joint advisory about a massive ongoing campaign spreading the QSnatch data-stealing malware. Install and update Security Counselor. ” continues the advisory.

Malware

Malware Advertising Passwords Manufacturing

How the FTC’s Amendments to the Safeguards Rule Affects Auto Dealerships

Duo's Security Blog

JUNE 28, 2022

The Safeguards Rule enhanced the regulatory power of the FTC and led to new requirements for financial institutions, including the development, implementation, and maintenance of an information security program to prevent unauthorized access to sensitive customer information.

Authentication

Authentication Financial Services Technology Information Security

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Security Affairs

APRIL 14, 2022

Change all passwords to ICS/SCADA devices and systems on a consistent schedule, especially all default passwords, to device-unique strong passwords to mitigate password brute force attacks and to give defender monitoring systems opportunities to detect common attacks. Enforce principle of least privilege.

Passwords

Passwords Architecture Backups Cyber Attacks

Xenotime threat actor now is targeting Electric Utilities in US and APAC

Security Affairs

JUNE 14, 2019

Experts at Dragos firm reported that Xenotime threat actor behind the 2017 Trisis/Triton malware attack is targeting electric utilities in the US and APAC. Xenotime threat actor is considered responsible for the 2017 Trisis/ Triton malware attack that hit oil and gas organizations. continues the report.

Malware

Malware Advertising Authentication Passwords

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Security Affairs

JANUARY 26, 2023

SEABORGIUM has been active since at least 2017, its campaigns involve persistent phishing and credential theft campaigns leading to intrusions and data theft. The UK agency reported ongoing spear-phishing campaigns carried out by Russia-based group SEABORGIUM and Iran-based group TA453 to gather intelligence on the victims.

Phishing

Phishing Media Hacking Education

Defiant Tech firm who operated LeakedSource pleads guilty

Security Affairs

MAY 20, 2019

The LeakedSource website was launched in late 2015, in January 2017 the popular data breach notification website has been raided by feds. LeakedSource was also cracking the associated passwords when it was possible. The website was very popular among the users of the HackForums.net. Defiant Tech Inc.

Cybercrime

Cybercrime Data breaches Advertising Passwords

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Security Affairs

NOVEMBER 19, 2019

Ransomware accounted for over half of all malicious mailings in H1 2019, Troldesh aka Shade being the most popular tool among cybercriminals. The first half of 2019 saw a 10-fold increase in the number of password-protected objects, such as documents and archive files, being used to deliver malware. The revival of ransomware.

Ransomware

Ransomware Antivirus Malware Banking

Fxmsp: the untold story of infamous seller of access to corporate networks who made at least USD 1.5 mln

Security Affairs

JUNE 23, 2020

Fxmsp included one of his Jabber accounts, in his contact information on the forum which helped Group-IB researchers to establish his presumed identity. In early 2017, he created accounts on several other Russian-speaking forums, including on the infamous exploit[.]in, Proxy seller.

Antivirus

Antivirus Advertising Hacking Banking

Top Cybersecurity Accounts to Follow on Twitter

eSecurity Planet

DECEMBER 3, 2021

Here are the top Twitter accounts to follow for the latest commentary, research, and much-needed humor in the ever-evolving information security space. Security technologist Bruce Schneier was respected long before the launch of Twitter. Read more: Top IT Asset Management Tools for Security. Carey | @marcusjcarey.

Accountability

Accountability Cybersecurity Penetration Testing InfoSec

Some models of Comba and D-Link WiFi routers leak admin credentials

Security Affairs

SEPTEMBER 11, 2019

.” In previous research, Kenin discovered similar flaws ( CVE-2017-5521 ) in at tens of models of Netgear routers that were potentially affecting over one million Netgear customers. “The username & password listed there are used by the user to connect to his/her ISP. ” continues the advisory. download=true.

DNS

DNS Passwords Authentication Wireless

Microsoft: North Korea-linked Zinc APT targets security experts

Security Affairs

JANUARY 29, 2021

Microsoft Threat Intelligence Center (MSTIC) attributes this campaign with high confidence to ZINC, a DPRK-affiliated and state-sponsored group, based on observed tradecraft, infrastructure, malware patterns, and account affiliations.” Attackers also employed an encrypted Chrome password-stealer hosted on ZINC domain [link]. .

Malware

Malware Antivirus Hacking Accountability

North Korea-linked APT BlueNoroff focuses on crypto theft

Security Affairs

JANUARY 14, 2022

The attackers in some attacks compromised the LinkedIn account of an employee within an organization and used it to share the link to a weaponized document on the platform. The analysis of the bait documents used in the attacks revealed that threat actors exploited a remote template injection vulnerability tracked as CVE-2017-0199.

Cryptocurrency

Cryptocurrency Banking Passwords Malware

DRBControl cyber-espionage group targets gambling, betting companies

Security Affairs

FEBRUARY 19, 2020

The arsenal of the attackers includes post-exploitation tools such as password dumpers (Quarks PwDump, modified Mimikatz, NetPwdDump), tools for bypassing UAC, and code loaders. Both backdoors implement a User Account Control mechanism bypass, they also implement a keylogging feature. is dated October, 2019.

Malware

Malware Advertising Phishing Passwords

COMB breach: 3.2B email and password pairs leaked online

Security Affairs

FEBRUARY 7, 2021

The Largest compilation of emails and passwords (COMB), more than 3.2 billion unique pairs of cleartext emails and passwords have been leaked on a popular hacking forum, the collection aggregates data from past leaks, such as Netflix, LinkedIn , Exploit.in , Bitcoin, and more. billion email and password pairs, all in plaintext.”

Passwords

Passwords Hacking Accountability Banking

Texas man sentenced to 145 months in federal prison for hacking Los Angeles Superior Court

Security Affairs

OCTOBER 23, 2019

In July 2017, Aloba and his co-conspirators compromised the email account of a court employee and used it to send the phishing emails to coworkers. The malicious messages included links to a phishing website set up to request LASC users their email addresses and passwords. .” reads the press release published by the DoJ.

Hacking

Hacking Phishing Identity Theft Advertising

Doxing in the corporate sector

SecureList

MARCH 29, 2021

The Internet can provide doxers with all kinds of helpful information, such as the names and positions of employees, including those who occupy key positions in the company. Such key positions include the CEO, HR department director, and chief accountant. The unsuspecting accountant asks the employee to send his new bank details.

Identity Theft

Identity Theft Phishing Accountability Banking

Hacking eCommerce sites based on OXID eShop by chaining 2 flaws

Security Affairs

JULY 30, 2019

The first issue, tracked as CVE-2019-13026, is an SQL injection vulnerability that could be exploited by an unauthenticated attacker to create a new administrator account. Since the underlying database driver is per default set to PDO, an attacker can make use of stacked queries to insert a brand new admin user with a password of his choice.

eCommerce

eCommerce Hacking Advertising Software

Cybercriminal greeners from Iran attack companies worldwide for financial gain

Security Affairs

AUGUST 24, 2020

In some attacks, they attempted to elevate privileges using exploit for CVE-2017-0213. As the attackers usually need several attempts to brute force passwords and gain access to the RDP, it is important to enable account lockout policies by limiting the number of failed login attempts per user.

Threat Detection

Threat Detection Ransomware Advertising Cybercrime

Op Wocao – China-linked APT20 was able to bypass 2FA

Security Affairs

DECEMBER 23, 2019

The APT20 group has been active since at least 2011, but experts did not associate any campaign with this threat actors between 2016 and 2017. In order to move laterally within the target networks, hackers used well-known techniques, such as dumping credentials from memory and accessing password managers on compromised systems.

VPN

VPN Hacking Software Advertising

Group-IB: More than 70% of Russian banks are not ready for cyberattacks

Security Affairs

FEBRUARY 19, 2019

Group-IB , an international company that specializes in preventing cyberattacks , has conducted high-tech cybercrimes research based on an analysis of responses to information security incidents carried out by Group-IB Incident Response team in 2018. According to the new research, hackers traditionally target the financial sector.

Banking

Banking Marketing Cybercrime Information Security

The Trouble with Politicians Sharing Passwords

Troy Hunt

DECEMBER 4, 2017

In this case, that secret is her password and, well, just read it: My staff log onto my computer on my desk with my login everyday. — Nadine Dorries (@NadineDorries) December 2, 2017. link] — Troy Hunt (@troyhunt) December 2, 2017. In fact I often forget my password and have to ask my staff what it is.

Passwords

Passwords Accountability Technology InfoSec

Hundreds of C-level executives credentials available for $100 to $1500 per account

Security Affairs

NOVEMBER 28, 2020

A credible threat actor is offering access to the email accounts of hundreds of C-level executives for $100 to $1500 per account. Access to the email accounts of hundreds of C-level executives is available on the Exploit.in for $100 to $1500 per account. Exploit.in ” reported ZDNet. Pierluigi Paganini.

Accountability

Accountability Cybercrime Hacking Retail

Cyber Security Awareness and Risk Management

Spinone

DECEMBER 26, 2018

In this article we will learn how to address and effectively respond to major enterprise cybersecurity threats and provide tips to mitigate IT security risk. Today, c yber security incidents lead to significant damage, alarming organizations of all types and sizes in different geographic locations.

Security Awareness

Security Awareness Risk Cyber threats Cyber Risk

Imperva explains how hackers stole AWS API Key and accessed to customer data

Security Affairs

OCTOBER 14, 2019

“Here is what we know about the situation today: On August 20, 2019, we learned from a third party of a data exposure that impacts a subset of customers of our Cloud WAF product who had accounts through September 15, 2017. Elements of our Incapsula customer database through September 15, 2017 were exposed.

Firewall

Firewall Passwords Accountability Data breaches

News alert: LayerX Security raises $24M Series A funding for its ‘enterprise browser’ security platform

The Last Watchdog

MAY 2, 2024

Early adoption by Fortune 100 companies worldwide, LayerX already secures more users than any other browser security solution and enables unmatched security, performance and experience Today’s modern enterprise employees rely heavily on browser-based services and SaaS applications.

Marketing

Marketing Technology Phishing Risk

Slack resets passwords for about 0.5% of its users due to the exposure of salted password hashes

Turkish Sea Turtle APT targets Dutch IT and Telecom firms

Webinars

Trending Sources

LeakedSource Owner Quit Ashley Madison a Month Before 2015 Hack

Webinars

Alleged FruitFly malware creator ruled incompetent to stand trial

FBI: Compromised US academic credentials available on various cybercrime forums

Admins of Genesis Market marketplace sold their infrastructure on a hacker forum

MY TAKE: 3 privacy and security habits each individual has a responsibility to embrace

American Insurance firm State Farm victim of credential stuffing attacks

China-linked threat actors have breached telcos and network service providers

Russia-linked Sandworm APT compromised 11 Ukrainian telecommunications providers

Ticketmaster will pay $10 Million fine over hacking a competitor

One of the hackers behind EtherDelta hack also involved in TalkTalk hack

T-Mobile customers were hit with SIM swapping attacks

Russian author of NeverQuest banking malware gets 4 Years in U.S. Prison

Data from Sephora and StreetEasy data breaches added to HIBP

Threat actors are offering for sale 550 million stolen user records

US deported NeverQuest operator Stanislav Vitaliyevich Lisov to Russia

Mozi Botnet is responsible for most of the IoT Traffic

Group-IB experts record a massive surge of user data leaks form cryptocurrency exchanges

QNAP urges users to update Malware Remover after QSnatch joint alert

How the FTC’s Amendments to the Safeguards Rule Affects Auto Dealerships

US gov agencies e private firms warn nation-state actors are targeting ICS & SCADA devices

Xenotime threat actor now is targeting Electric Utilities in US and APAC

UK NCSC warns of spear-phishing attacks from Russia-linked and Iran-linked groups

Defiant Tech firm who operated LeakedSource pleads guilty

Ransomware Revival: Troldesh becomes a leader by the number of attacks

Fxmsp: the untold story of infamous seller of access to corporate networks who made at least USD 1.5 mln

Top Cybersecurity Accounts to Follow on Twitter

Some models of Comba and D-Link WiFi routers leak admin credentials

Microsoft: North Korea-linked Zinc APT targets security experts

North Korea-linked APT BlueNoroff focuses on crypto theft

DRBControl cyber-espionage group targets gambling, betting companies

COMB breach: 3.2B email and password pairs leaked online

Texas man sentenced to 145 months in federal prison for hacking Los Angeles Superior Court

Doxing in the corporate sector

Hacking eCommerce sites based on OXID eShop by chaining 2 flaws

Cybercriminal greeners from Iran attack companies worldwide for financial gain

Op Wocao – China-linked APT20 was able to bypass 2FA

Group-IB: More than 70% of Russian banks are not ready for cyberattacks

The Trouble with Politicians Sharing Passwords

Hundreds of C-level executives credentials available for $100 to $1500 per account

Cyber Security Awareness and Risk Management

Imperva explains how hackers stole AWS API Key and accessed to customer data

News alert: LayerX Security raises $24M Series A funding for its ‘enterprise browser’ security platform

Stay Connected